Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

There are several different ways for applications to integrate CAS authentication, including login and validation.

When integrating CAS authentication with your application, follow these best practices:

  • Applications using CAS must operate entirely over TLS (i.e., the cas url must be an HTTPS URL).
    Enabling HTTP Strict Transport Security (HSTS) is highly recommended.
    To be sure they are authenticating to APIIT Education Group’s CAS, users must be able to see the URL https://cas.apiit.edu.my/cas/login.
    Therefore, applications must redirect to CAS and not render the login page inside an iframe or use other similar techniques.

  • No labels