What are the differences between CAS and Keycloak?

Question

What are the differences between CAS (Central Authentication Service) and Keycloak (Identity and Access Management)?

CAS server's token must be verified by contacting the CAS server (so both user and app need to access the CAS server), while Keycloack's token are digitally signed so the app just need to verify the digital signature without contacting the Keycloack server. — Martheen, Feb 22 '16 at 08:41
CAS Service Tickets are signed and can be verified without contacting the CAS Server. https://apereo.github.io/cas/development/installation/Configure-ServiceTicket-JWT.html — mnesarco, Jul 04 '17 at 17:07
There should be many differences, but in practice both products provide centraliced Authentication and SSO with pluggable Authentication Mechanisms. One advantage of CAS over Keycloak is that you can deploy CAS on any JEE Application Server, while Keycloak is a standalone server integrated with Wildfly. So if you deploy your apps in Tomcat and want to use keycloak, you must install and run keycloak server in its own port, so you will end up running two application servers. — mnesarco, Jul 04 '17 at 17:25
Please refer to https://gist.github.com/bmaupin/6878fae9abcb63ef43f8ac9b9de8fafd — Ghasem Sadeghi, Mar 19 '20 at 16:07

score 0 · Answer 1 · answered Dec 08 '17 at 14:17

0

CAS doesn't support OAuth2 but Keycloak does. It is a big difference.

answered Dec 08 '17 at 14:17

12

It now supports OAuth2 – Toilal Dec 14 '17 at 11:51
Both are supporting Oauth2 but Keycloak is more mature – Mrityunjay Oct 31 '22 at 19:20

1 Answers1