Archives

There are several different ways for applications to integrate CAS authentication, including login and validation.

When integrating CAS authentication with your application, follow these best practices:

• Applications using CAS must operate entirely over TLS (i.e., the casurl must be an HTTPS URL).
• Enabling HTTP Strict Transport Security (HSTS) is highly recommended.
• To be sure they are authenticating to APIIT Education Group’s CAS, users must be able to see the URL https://cas.apiit.edu.my/cas/login.
• Therefore, applications must redirect to CAS and not render the login page inside an iframe or use other similar techniques.

The CAS (Central Authentication Service) login service allows you to access multiple computing systems after entering your username and password only once on a central authentication server. This is often referred to as single sign-on. For example, if you log in to PAWS, you will be able to access services such as Blackboard or wikis without having to log in again.

CAS currently supports several web applications. In the future, all other systems will use CAS as well.

You will be automatically redirected to the CAS login screen when you access one of the supported systems, unless you have already authenticated to CAS during your session. You can also reach the CAS login screen directly at https://cas.apiit.edu.my/cas/login.

CAS currently supports two types of authentication: REST, Direct. CAS clients can be deployed on a combination of platforms including Windows, Linux, and both Apache and IIS. CAS supports a variety of tools and languages.

While CAS authentication will only return a username, you can use that username to query ADS and retrieve more information.