> For the complete documentation index, see [llms.txt](https://docs.xibosignage.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.xibosignage.com/cms-configuration-and-integration/cas-as-an-authentication-provider.md).

# CAS as an Authentication Provider

> *The **Central Authentication Service** ( **CAS** ) is a single sign-on protocol for the web. Its purpose is to permit a user to access multiple applications while providing their credentials (such as userid and password) only once. It also allows web applications to authenticate users without gaining access to a user’s security credentials, such as a password. Wikipedia*

CAS integration is enabled via the `settings.php` file in the CMS installation. If Docker has been used `settings.php` will not be accessible, however, it is possible to create a `settings-custom.php` file in the `/custom` mount point. The below Configuration can be added to that file instead.

The purpose of the integration is to configure a CAS enabled IdP (identity provider) for authentication with the Xibo CMS.

A User already authenticated with the IdP will automatically be logged into the CMS. If the User does not exist they will optionally be created with a set of default credentials.

## Configuration

CAS integration is configured in the `settings.php` file of the CMS installation. This file can be found in your `/web` folder.

There are two sections to adjust, the `$authentication` middleware and the `$samlSettings` configuration array.

* ### Middleware

The authentication middleware should be changed to `CASAuthentication` , shown below:

```
$authentication = new \Xibo\Middleware\CASAuthentication();
```

* ### CAS Settings

The CAS settings array contains all the necessary information for the CMS to connect and use a CAS enabled IdP. The configuration is split into 3 main sections:

* `server` : options for the server provider (these are used by the CMS to identify and communicate with the identity provider).
* `port` : specify which port to use.
* `uri` : the location of the CAS application at the `server` specified above.

### Example Settings

```
$authentication = new \Xibo\Middleware\CASAuthentication();
$casSettings = array(
    'config' => array (
       'service_base_url' => 'https://*url of xibo server*',
        'server' => 'your.cas.server',
        'port' => '443',
        'uri' => '/cas',
    )
);
```


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.xibosignage.com/cms-configuration-and-integration/cas-as-an-authentication-provider.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
