Main Scenario Extensions Notes References Associated Modules Implementations Advice and ExperienceContributors

Goal: Support CAS authentication to Sakai
Version: ?
DG Priority: ?
Status: partially implemented
Scope: ?
Preconditions: ?
Success end: A deployer can easily configure Sakai to offer "Log in via CAS" the or one of the ways users authenticate to Sakai.
Failed end: ?
Actors: ?
Primary Actor: ?
Trigger: ?
Security Concerns: ?
Logging: Sakai should log the login of users and record the way in which the user authenticated (awp9 logged in at TIMESTAMP via CAS).
Performance Concerns: ?

End user visits Sakai. Sakai offers a "Log in via CAS" button. User clicks button, authenticates to CAS, CAS redirects back to Sakai. Sakai validates service ticket, establishes user session, context, etc., user is authenticated to and logged into and begins using Sakai.

See CAS website / JA-SIG

AFAIK, Sakai already supports CAS authn. I enter this use case for two purposes: 1) there is potential to go beyond CAS authn to Sakai being merely possible, to make it a productized, polished, feature of the product. Enough schools need to do this that it seems worth producing the polished guide to doing it well.

2) Even if already implemented, this is an important use case to continue to consider as Sakai develops. Enterprise integration with Sakai is important to enabling other integrations.