Unverified Commit 3637004f authored by Jon Pugh's avatar Jon Pugh Committed by GitHub
Browse files

Rewrite CAS documentation for clarity, add links to more info (#1165)

* Rewrite CAS documentation for clarity.

* Fix link markdown

* Resolve folder structure
Co-authored-by: default avatarJonas Friedmann <j@frd.mn>
parent 29cfeab8
Central Authentication Service \(CAS\) allows users to use one set of credentials to sign into many sites. Rocket.Chat comes preloaded with an easy-to-use method of integration with an existing CAS server.
Central Authentication Service (CAS) allows users to use one set of credentials to sign into many sites over many different protocols.
## Set up
Rocket.Chat includes a CAS plugin that allows you to use your existing CAS server for user authentication.
These settings are in the `CAS` setting page under `Administration`.
For more information on CAS, see [github.com/apereo/cas](https://github.com/apereo/cas).
**NOTE**: CAS by ja-sig requires SSL/TLS for all connections.
## Rocket.Chat CAS Administration
* SSO Base URL: `https://<<CAS_website_url>>/cas`
These settings are in the `CAS` settings page under `Administration`:
The SSO Base URL should point towards the URL of the CAS service. When in doubt, navigate to the CAS service and remove 'login' \(if existing\) from the end of the URL.
1. Visit https://my.rocket.chat.url/admin/CAS
* SSO Login URL: `https://<<CAS_website_url>>/cas/login`
The SSO Login URL should point towards the CAS service login page. This is usually the SSO base URL with the suffix `/login`
1. Log into your Rocket.Chat instance as a user with administrator privileges.
2. Click the "Options" button (3 dots at the top left of the screen)
3. Click the "Administration" link that drops down. (If you do not see one of these links, you are not logged in as a user with enough privileges. Log out and back in with an admin user.)
3. Click the "CAS" link on the left side of the administration section.
* CAS Version: `(1.0|2.0)`
Your Rocket.Chat instance is the *CAS client*. You must provide a compatible *CAS Server*.
Select the CAS version used by your CAS provider. Most modern providers use `CAS 2.0`
Once you know your CAS server's URL, enter it into the Rocket.Chat CAS Administration page:
**NOTE**: You may have to allow your Rocket.Chat site to connect to your CAS, so the best approach is to use the CAS Management Service.
- **SSO Base URL**: `https://<<CAS_server_url>>/cas`
- **SSO Login URL**: `https://<<CAS_server_url>>/cas/login`
- **CAS Version**: `(1.0|2.0)`
The `/cas` and `/cas/login` URLs are the standard, but not required. Check with your CAS server provider if the defaults do not work.
The **CAS Version** must be matched to the *CAS Server* provider. Most modern providers will use `CAS 2.0`.
# Notes
1. CAS by ja-sig requires ssl/tls for all connections.
2. Any Drupal 7 or 8 site can serve as a compatible CAS Server. See [drupal.org/project/cas](https://www.drupal.org/project/cas).
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment