Skip to content

Overview

CAS Introduction

In the CAS protocol, there are two entities: CAS Server and CAS Client. These two entities exchange information through the user's browser. For example, CAS Client can return a redirect with parameters to forward information to CAS Server. After successful login authentication, CAS Server returns an XML or JSON containing user information to CAS Client. After verifying the user information, CAS Client returns the accessed resource to the user.

This document describes the steps for third-party applications to integrate with BambooCloud IDaaS unified authentication using the CAS 3.0 protocol, providing reference guidance for application developers performing unified authentication integration.

Terminology

  • CAS Server: CAS service, the identity authentication provider. In this document, it refers to the BambooCloud IDaaS authentication service.

  • CAS Client: CAS client, the resource provider, i.e., the third-party application, which is the target application system that users need to log in to.

  • ST: Ticket sent by CAS Server to the client. The default validity period is 5 minutes and can be modified in Service Configuration > CAS Configuration.

  • ServiceId: The unique identifier of the application. In the CAS authentication process, the value of ServiceId is the value of the application Service address.

  • BambooCloud IDaaS Unified Authentication Center: The authorization server, hereinafter referred to as BambooCloud IDaaS.

  • User Center: The portal system provided by BambooCloud IDaaS for enterprise users to centrally access third-party applications.

BambooCloud IDaaS Open Platform