Single Sign-on

The Central Authentication Service (CAS) is the most used single sign-on protocol for the web. It's purpose is to permit a user to access multiple applications while providing their credentials (such as userid and password) only once. It also allows web applications to authenticate users without gaining access to a user's security credentials, such as a password. The name CAS also refers to a software package that implements this protocol.

First of all you should read about how CAS works: A detailed walk through a CAS authentication

According to the CAS documentation, it only works in secured HTTPS connections. For this reasong you need to use LogicalDOC over HTTPS. Access https://localhost:8443 to check it works fine.

If you do not have a CAS server already installed for your company, we suggest to download and install this implementation:

To configure the Single Sign-on in LogicalDOC enter the section Administration > Security > Single  Sign-on

In the following form you have to enable the feature and connect LogicalDOC to your CAS service:

  • Application Url: the URL to be used by the CAS server to reach LogicalDOC
  • CAS Url: the URL to be used by LogicalDOC server to reach the CAS server
  • CAS login Url: the URL of the login form hosted by the CAS server
  • Group: group assigned to new users authenticated throught the CAS
  • Language: language assigned to new users authenticated throught the CAS

Once the Single Singn-on is activated you should access LogicalDOC at this url: https://localhost:8443/frontend

If you are not already authenticated, you will be routed to the login page of the CAS server.


Even if you enable the Single Sign-on, the standard login page at https://localhost:8443/login continues to be available and works as usual.