User connectivitySingle sign-on resourcesCAS-based SSO frameworkSuggestions for CAS server setup

Suggestions for CAS server setup

To use CAS with proxy support, the CAS server must have the allowedToProxy attribute of the Transact service set to true. By default, the allowedToProxy attribute is set to false.

Follow the procedure that applies to your version of the CAS server.

CAS server versions 3.4.x, 3.5.x, 3.6.x, or 4.0.x

  1. Open the deployerConfigContext.xml file.
  2. Add the allowedToProxy attribute in the registeredServicesList section and set its value to true.

CAS server versions 4.1.x and 4.2.x

  1. Open the HTTPSandIMAPS file corresponding to the Transact service.
  2. Add a regex pattern for the proxyPolicy attribute as shown: 
    “proxyPolicy” : {
"@class" : "org.jasig.cas.services.RegexMatchingRegisteredServiceProxyPolicy",
"pattern" : "^https?://.*"
    Use a proper regex pattern instead of the default pattern to further restrict access to services within your domain (including subdomains). You can find the available regex patterns using the following path: CAS installation Directory\WEB-INF\classes\services.