What is the relation between CAS vs SAML?

single-sign-on saml saml-2.0 cas
14,094

Solution 1

There is CAS, the protocol. Then there is CAS, the software implementing that protocol and many many others.

The software is located here: https://github.com/apereo/cas

Note the README: "CAS is an open and well-documented authentication protocol. The primary implementation of the protocol is an open-source Java server component by the same name, hosted here."

Many software products, like the Apereo CAS server, support more than one protocol at the same time. So the Apereo CAS software can support CAS, SAML2 and OAuth, etc protocols at the same time. The Shibboleth IdP for instance can support SAML2, SAML1 and CAS at the same time.

So your question of:

Aren't CAS and SAML different ways of how Single Sign-on can be implemented ?

Yes, they are different protocols in many ways providing or achieving the same thing.

Where exactly would CAS come in the above said set-up ?

The SAML server needs to also support the CAS protocol for that 3rd party website, or you need a separate CAS deployment that delegates authentication to the SAML server...or it's not happening.

Solution 2

While the accepted answer is accurate, it is incomplete. The CAS 3.0 (protocol) specification incorporates SAML 1.1 messages directly. They are used for interacting with the /SAMLvalidate endpoint as described here: https://apereo.github.io/cas/5.0.x/protocol/CAS-Protocol-Specification.html#42-samlvalidate-cas-30

Share:
14,094
yathirigan
Author by

yathirigan

Solution Architect currently working with Microservices, APIs, Cloud Native Architecture for PCF PaaS

Updated on June 08, 2022

Comments

  • yathirigan
    yathirigan almost 2 years

    I understand that CAS and SAML are different protocols used for Single-sign on purposes but, what confuses me is articles that say "CAS has an SAML implementation".

    Aren't CAS and SAML different ways of how Single Sign-on can be implemented ?

    Lets say, the client's enterprise has a SAML Server but, a 3rd party website says they support CAS based SSO. In this case, the end-user would have initially logged into the enterprise system. When accessing the 3rd party website will it connect to the Enterprise SAML Server looking for a SAML assertion ?

    1. What exactly is the relation between CAS and SAML ?

    2. Where exactly would CAS come in the above said set-up ?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

SimpleSamlPhp as SP redirects incorrectly
What is the correct format for SAML 2.0 Assertions?
CAS vs. SAML vs. OAuth2
What is exactly RelayState parameter used in SSO (Ex. SAML)?
What is the purpose of SAML 2 Subject Name Identifier?
Steps to implement SSO for php application
What's the difference between AWS SSO and AWS Cognito?
Keycloak "Unexpected error when handling authentication request to identity provider"
Is there a way to provide SAML sp implementation using an Apache filter?
How to decode SAML Response and get the attribute values sent by Idp in PHP