Skip to main content

CAS Provider configuration

The configuration depends on the provider, this is just a quick view, how it usually works.

Register new client and get id and secret

First, you need to register a new service (client) in CAS, if not already registered.
This registration will identify your application (the SAMO Authentication Server) as a valid CAS service.
You must add redirect URL to the list of allowed/authorized URLs in your CAS service configuration. Otherwise, CAS will reject the authentication response.

Authorized urls

Usually, you need to allow origin and redirect urls for your client app (in this case samo authentication server).

Origin url

This is the url from which the request is send.
Many times, only the general origin is required, so the value should be just url of the root context of samo authentication server.
If exact url is needed, the value is {$samo-auth-server-url}/auth/cas/authorize-client/{id}, where id is the custom identificator from you metadata (name of your metadat file), not the client id generated by provider.

Redirect url

This is the url, to which provider redirects after the successfull authentication.
The value is {$samo-auth-server-url}/auth/cas/callback.

Register new client and get id and secret
Authorized urls
- Origin url
- Redirect url