Multi-factor Authentication with CAS
Jasig CAS is a free and open source platform for extensible Web single sign on. Extending CAS to implement multi-factor authentication enables CASified applications to benefit from stronger end-user authentication and may enable an institution adopting CAS to achieve higher Level of Assurance in authenticating their users on the Web. This session will briefly review the reasons for interest in multi-factor authentication, enumerate the benefits of supplementing static passwords with dynamic passwords such as those generated by physical tokens, and then outline implementing multi-factor authentication in CAS, highlighting the extensible CAS login web flow and CAS authentication API starting points for doing this. As a case study of accomplishing multi-factor authentication in CAS, integration with VASCO one-time-password generating physical tokens will be demonstrated, highlighting the extension points in CAS APIs that make this integration possible.