...
The CAS protocol requires a server-sideĀ StorageService implementation for the CAS protocol ticket store and the IdP session store if support for proxy granting tickets is a requirement. This is further relaxed in part with V4.1, with support for initial PGTs but not nested/chained PGTs.
Standard tickets can be handled using a ticket store that encodes the necessary data into the ticket, at the cost of slightly reduced ticket security due to lack of one-time-use enforcement.
CAS Quickstart
(V4.1+) Enable CAS module.
Configure suitable storage service.
Add CAS protocol profiles to the default relying party by editing conf/relying-party.xml.
Add verified CAS relying parties by editingĀ conf/cas-protocol.xml.
Configure SSL/TLS trust (optional; only required for CAS proxy support).
Enabling Module
...
Configuring and using this feature requires that you first enable the "idp.profile.CAS" module if it isn't already enabled. Systems upgraded from older releases generally come pre-enabled due to the prior state of the configuration tree.
...