Skip to content

CAS Authentication⚓︎


  • Using CAS users as JumpServer login users.

1 Operation Process⚓︎

  • Update the config fie of JumpServer and enable the CAS authentication.

vi /opt/jumpserver/config/config.txt

  • Make saving after moidfication and then restart JumpServer process.

2 Parameter Description⚓︎

  • CAS Parameters Description:
name explain
AUTH_CAS Whether to open CAS authentication.
CAS_SERVER_URL This is the only setting you must explicitly define. Set it to the base URL of your CAS source (e.g.
CAS_ROOT_PROXIED_AS Useful if behind a proxy server. If host is listening on but request is Add CAS_ROOT_PROXIED_AS = to your settings.
CAS_LOGOUT_COMPLETELY If False, logging out of the application won’t log the user out of CAS as well.
CAS_VERSION The CAS protocol version to use.
CAS_USERNAME_ATTRIBUTE The CAS user name attribute from response. If set with a value other than uid when CAS_VERSION is not 'CAS_2_SAML_1_0', this will be handled by the CASBackend, in which case if the user lacks that attribute then authentication will fail. Note that the attribute is checked before CAS_RENAME_ATTRIBUTES is applied.
CAS_APPLY_ATTRIBUTES_TO_USER If True any attributes returned by the CAS provider included in the ticket will be applied to the User model returned by authentication. This is useful if your provider is including details about the User which should be reflected in your model.
CAS_RENAME_ATTRIBUTES A dict used to rename the (key of the) attributes that the CAS server may retrun. For example, if CAS_RENAME_ATTRIBUTES = {"casUserUid": "username", "casUser": "name", "casUserEmail", "email"} the ln attribute returned by the cas server will be renamed as last_name. Used with CAS_APPLY_ATTRIBUTES_TO_USER = True, this provides an easy way to fill in Django Users’ info independently from the attributes’ keys returned by the CAS server.
CAS_CREATE_USER Create a user when the CAS authentication is successful. The default is True.


  • CAS_VERSION Optional 123CAS_2_SAML_1_0