CAS5 Protocol diagram with OpenID Connect and CAS protocol mixed clients

32 views
Skip to first unread message

Yan Zhou

unread,
May 2, 2019, 6:38:20 PM5/2/19
to CAS Community
Hello,

CAS has a nice diagram explains CAS protocol, how it achieves SSO, by using cookie. 

With CAS5, I can achieve SSO with two clients, one speaking CAS protocol, the other speaking OpenID Connect. 

How did CAS do that, is that by the use of cookie as well?  I do not think OpenID Connect itself uses cookie.  Any idea?

Similarly, if two clients both speak OpenID Connect, is cookie support still required for CAS to support SSO between them?

Thx!
Yan

Ray Bon

unread,
May 2, 2019, 6:54:48 PM5/2/19
to cas-...@apereo.org
Yan,

CAS creates a TGC (ticket granting cookie) that it uses to look up the SSO session. It is (typically) not available to client application.

Ray
--
Ray Bon
Programmer Analyst
Development Services, University Systems

Yan Zhou

unread,
May 2, 2019, 7:16:40 PM5/2/19
to CAS Community

Yes, I know TGC, and it is in the cookie. 

How do two clients (native Mobile Apps) using Open ID Connect  talk to CAS, and achieve SSO? Where is TGC stored? There is no cookie in native apps. 

In other words, when user is authenticated in CAS via the first client, and he goes to the 2nd client app., what is the protocol look like that SSO is achieved?

Yan
Reply all
Reply to author
Forward
0 new messages