Integrate CAS authentication
About CAS
Central Authentication Service (CAS) is a Single Sign-On (SSO) protocol designed to provide centralized authentication for multiple applications. Developed by Yale University, CAS allows users to access multiple protected services with a single login, eliminating the need to re-enter credentials. It implements authentication through a "ticket" mechanism and supports various identity providers, such as databases, LDAP, and OAuth.
How to configure
Navigate to System settings > Authentication > CAS.
In the CAS field, check to enable CAS authentication.
In the Server field, type the CAS server URI, such as "https://example.com/cas".
In the Proxy server field, type the CAS proxy server URI if behind a proxy. For example, if the host listens on "http://foo.bar:8080" but requests use "https://foo.bar:8443", enter "https://foo.bar:8443", For more information, see Django CAS configuration (opens in a new tab).
In the Version field, type the CAS protocol version: 1, 2, 3, or CAS_2_SAML_1_0.
The default is "3".
In the User attribute field, type the user attribute mapping. The key represents the CAS user attribute name, while the value corresponds to the JumpServer user attribute name (available options: name, username, email, groups, phone, comment).
{
"cas:user": "username",
"cas:fullname": "name",
"cas:mail": "email",
}In the Organization field, after authentication and creation, the user will be added to the selected organization.
In the Create user field, when checked, a user will be created upon successful authentication.
When unchecked and the user does not exist, authentication will fail.
In the Logout completely field, when checked, logging out will also log the user out from the CAS service.
Click Submit.
JumpServer CAS URLs
https://jumpserver.example.com/core/auth/cas/login/https://jumpserver.example.com/core/auth/cas/callback/https://jumpserver.example.com/core/auth/cas/logout/