How to Integrate Single Sign-On Using JASIG-CAS - HashedIn Technologies

How to Integrate Single Sign-On Using JASIG-CAS

Technology - 07 Jun 2017
Sripathi Krishnan

What is CAS ?

It is a single sign-on protocol for the web. Its purpose is to permit a user to access multiple applications while providing their credentials (such as userid and password) only once. It can use multiple backed identity stores like database,ldap and In- memory. It is useful when there is centralized authentication team manages the identity.

Django CAS NG

There are some available middleware with django to integrate and the most viable one django-cas-ng is a Central Authentication Service (CAS) client implementation. This project inherits from django-cas. support Single Sign Out and Can fetch Proxy Granting Ticket.

Pre Requisites

Supports CAS versions 1.0, 2.0 and 3.0. Supports Django 1.5, 1.6, 1.7 and 1.8 with User custom model Supports Python 2.7, 3.x

How to Setup Environment and Install

The project runtime needs to be setup with right dependencies. So that, project scaffold can start referencing the dependencies.

Install with pip: pip install django-cas-ng

Install the latest code: pip install

Install from source code: python install


Single sign on always needs right filter type middlewares for intercepting the requests.It is always good practise to keep the configuration as a part of django sample project. Make sure you also have the authentication middleware installed. Here’s an example:

Sample settings file for reference with configuration:

CAS_SERVER_URL needs to be defined to configure cas runtime which is a web application dpeloyed on a http java application server. Set it to the base URL of your CAS source (e.g.

Optional Settings Include:


View-Wrappers Example

The settings.CAS_EXTRA_LOGIN_PARAMS allows you to define a static dictionary of extra parameters to be passed on to the CAS login page. But what if you want this dictionary to be dynamic (e.g. based on user session)? Our current advice is to implement simple wrappers for our default views, like these ones:

Custom Backends

The CASBackend class is heavily inspired from Django’s own RemoteUserBackend and allows for some configurability through subclassing if you need more control than django-cas-ng’s settings provide. For instance, here is an example backend that only allows some users to login through CAS:

If you need more control over the authentication mechanism of your project, then django-cas-ng’s settings provide a functionality to create your own authentication backend that inherits from django_cas_ng.backends.CASBackend and override these attributes or methods:

CASBackend.clean_username(username) CASBackend.user_can_authenticate(user) CASBackend.configure_user(user)


CAS enables single sign on and login federation for organisations and help them centrally manage identity for multiple web applications in organisations by seamlessly integrating with them over http. This enables centralisation of identity provider teams.

Free tag for commerce

E-book on Digital Business Transformation