1

We are trying to integrate apereo CAS with other authentication platform, this other platform uses SAML2 as protocol and has it own way to authenticate (can't integrate apereo CAS with this other platform using SAML2 auth).

We cannot find a way to do this, the idea that we are trying is to redirect users to this other platform website entrypoint through CAS and recolect the response through a CAS endpoint.

It is possible to create a custom endpoint in Apereo CAS?, it seems that it can't be published.

The final flow diagram is the following:

  1. User log to app A and get redirected to CAS
  2. User choose "log with other platform" and get redirected to the external platform
  3. User perform login in this platform and the callback response redirect to CAS
  4. CAS validate auth response and redirect to app

We are trying to create a CAS custom endpoint that the external platform will redirect after auth is performed.

Dr. X
  • 2,890
  • 2
  • 15
  • 37
dgcipp
  • 339
  • 3
  • 17
  • CAS Apereo documentation is not enough to understand. Developers of apereo try to get consultancy jobs!!! – Dr. X Sep 13 '22 at 20:06

1 Answers1

0

We are trying to integrate apereo CAS with other authentication platform,

Which version? Try to be accurate.

the idea that we are trying is to redirect users to this other platform website entrypoint through CAS and recolect the response through a CAS endpoint.

This is called delegated authentication, and has been around since many years, likely since CAS 5.x.

Per the documentation,

CAS can act as a client (i.e. service provider or proxy) using the Pac4j library and delegate the authentication to: CAS servers, SAML2 identity providers, etc

See this.

It is possible to create a custom endpoint in Apereo CAS?, it seems that it can't be published.

Yes, and it is also unnecessary in this case.

The final flow diagram is the following:

What I described above does exactly this flow and you do not need a custom endpoint.

We are trying to create a CAS custom endpoint that the external platform will redirect after auth is performed

It is unnecessary to do so in this case.

If you look here you will find a lot of samples/guides on how delegation works.

Here is one that talks about: "Delegated Authentication to SAML2 Identity Providers".

Misagh Moayyed
  • 4,154
  • 2
  • 15
  • 25
  • Website documentation is so bad and there is no example or tutorial. CAS needs lots of configuration and these documentation is so bad. – Dr. X Jul 03 '22 at 07:11