The Central Authentication Service
The Central Authentication Service (CAS) enables the user to make avail of a group of web services that require authorization. When logging in to one of such services the user is redirected to the CAS site, where after logging in he/she gains unencumbered access to all the services that cooperate with CAS. CAS utilizes a single repository of accounts, one shared by all services.
One significant advantage of this system is its increased security, since:
- data that allow logging in are always sent to a single site, and that is where they are verified (i.e., the user’s password does not pass through the web service and thus cannot be stolen);
- there is no need to create independent accounts in the service, as one account opens the way to all the services that rely on the central authorization.
When using the Central Authentication Service you must remember that:
- the log-in page must always have the same form. Any change in appearance should prompt heightened caution;
- the page must be “secure”, evidence of which is the prefix https://
- the page must be protected with a certificate of the home university.
- If you encounter the log-in form on a page that does not meet the above conditions, this may indicate that someone has created a counterfeit service in the aim of stealing user passwords. In such case you must refrain from logging in and inform the service administrator of the problem at once.
If the page address and its form are correct, you need to type in your user ID and password. At the University of Warsaw the user ID is that of one’s PESEL number. In the case of persons not having one, a “substitute” PESEL number will be issued in the course of opening an account.
If after logging in you see a message reading Unauthorized. User