Session Management with a single sign on server

  1. Designing it with 
  2. CAS – Central Authentication server
  3. It needs to have three components
    • login url
    • authentication url
    • logout url
  4. All the systems needs to have a login link, where the users can enter their credentials
  5. The systems needs to call on every single request an authentication url, which will return true or false indicating that the user has been authenticated
  6. The CAS needs to do the session idle timeout. As soon as the request is answered the idle timeout is refreshed
  7. The logout URL logs the user out of all the systems.
  8. The CAS shall send a cookie with a ticket for authentication, and then all systems must send this ticket back to CAS. The purpose of the cookie is automatic re authentication. This cookie must not be a persistent cookie, i.e. it expires as soon as the user closes the browser. Also called in-memory cookie
  9. It is with help of this cookie that CAS will achieve single sign on across multiple applications without prompting the user to enter the log in details again and again. Without the cookie the user enters the username and password again and again, whenever he is redirected to CAS.
  10. The cookie expire time is reset whenever it is send back to the server. And hence the session is maintained for 20 minutes or so. As soon as the cookie is expired the session is timed out. This will take care of the inactivity timeouts.
  11. When CAS receives the authentication ticket through the validation URL, it checks to see in its internal database if it issued this ticket in the past.

3 Responses to “Session Management with a single sign on server”

  1. Mark Cohen Says:

    All that technobabble – tell us who Anu is😉

    You’ve been tagged

  2. Angus McDonald Says:


    Mark’s beaten me to it, but I’m going to tag you anyway!

  3. sandrar Says:

    Hi! I was surfing and found your blog post… nice! I love your blog. 🙂 Cheers! Sandra. R.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: