IDaaS Open Platform

Overview

# CAS Introduction

In the CAS protocol, two entities are involved: CAS Server and CAS Client. These two entities exchange information through the user's browser. For example, the CAS Client can return a redirect with parameters to forward information to the CAS Server. After successful login verification, the CAS Server returns an XML or JSON containing user information to the CAS Client. The CAS Client, after verifying the user information, returns the accessed resource to the user.

This document describes the steps and methods for third-party applications to integrate with Zhuyun IDaaS unified authentication using the CAS 3.0 protocol, providing reference guidance for application developers conducting unified authentication integration.

# Terminology Explanation

  • CAS Server: CAS service, the identity authentication provider. In this document, it refers to the Zhuyun IDaaS authentication service.

  • CAS Client: CAS client, the resource provider, i.e., the third-party application, the target application system that users need to log into.

  • ST: Ticket sent by the CAS Server to the client. The default validity period is 5 minutes and can be modified in Service Configuration - CAS Configuration.

  • ServiceId: The unique identifier of the application. During the CAS authentication process, the value of ServiceId is the callback URL of the application.

  • Zhuyun IDaaS Unified Authentication Center: The authorization server, hereinafter referred to as Zhuyun IDaaS.

  • User Center: The portal system provided by Zhuyun IDaaS for enterprise users to centrally access third-party applications.

Process Description