Central Authentication Service (CAS)

CAS (Central Authentication Service) is an open-source SSO protocol to authenticate users across multiple web services.

If a client tries to access a protected resource, they are redirected to the authentication page. Once logged in, CAS will redirect the user with a ticket, allowing the service to verify the identity of the user.


CAS in PHP

I will download the PHP CAS client in a folder ../cas without composer, because I couldn't install composer (not allowed).

$ mkdir ../cas
$ git clone https://github.com/apereo/phpCAS ../cas

👮 Remove the line trigger_error('Including CAS.php is deprecated. ...', E_USER_DEPRECATED); from CAS.php.

Then, using the code below, I could get back the username:

include_once('../cas/CAS.php');

phpCAS::client(CAS_VERSION_2_0, "cas.example.com", 443, '');
phpCAS::setNoCasServerValidation();
phpCAS::forceAuthentication();
$userName = phpCAS::getUser();
var_dump($userName);