Single Sign-on

The Central Authentication Service (CAS) is the most used single sign-on protocol for the web. It's purpose is to permit a user to access multiple applications while providing their credentials (such as userid and password) only once. It also allows web applications to authenticate users without gaining access to a user's security credentials, such as a password. The name CAS also refers to a software package that implements this protocol.

First of all you should read about how CAS works: A detailed walk through a CAS authentication

According to the CAS documentation, it only works in secured HTTPS connections. For this reasong you need to use LogicalDOC over HTTPS. Access https://localhost:8443 to check it works fine.

If you do not have a CAS server already installed for your company, we suggest to download and install this implementation: https://www.apereo.org/projects/cas

To configure the Single Sign-on in LogicalDOC enter the section Administration > Security > Single  Sign-on

In the following form you have to enable the feature and connect LogicalDOC to your CAS service:

• Application Url: the URL to be used by the CAS server to reach LogicalDOC
• CAS Url: the URL to be used by LogicalDOC server to reach the CAS server
• CAS login Url: the URL of the login form hosted by the CAS server
• Group: group assigned to new users authenticated throught the CAS
• Language: language assigned to new users authenticated throught the CAS

Once the Single Singn-on is activated you should access LogicalDOC at this url: https://localhost:8443/frontend

If you are not already authenticated, you will be routed to the login page of the CAS server.