Explore CAS at Cyber Mixology

Introduction We recently encountered issues when replacing an older CAS server with a new system. The new server wouldn’t forward users to the requested service after authentication, and the service couldn’t verify the service ticket. To resolve this, we implemented HAProxy as a front-end load balancer, allowing us to switch back-end services seamlessly while maintaining high …

Recently, Mark Stanislav gave a talk on holistic authentication security for companies who have implemented two-factor authentication. He developed a scoring system, MASSACRE, which quantifies the presence of several different security features on a web site; cookie flags, response headers, etc.. This inspired me to see if I could get our Jasig CAS server with Duo 2FA to the top of the charts. As …

Understanding CAS and Its Importance Central Authentication Service (CAS) is widely used in enterprises and educational institutions to provide single sign-on (SSO) authentication. Tracking which CAS services are most frequently accessed can offer valuable insights into user behavior, application usage, and potential security concerns. Splunk is a powerful tool that can analyze authentication logs …