Central Authentication and Authorization Services (CAAS)
ITS currently offers two Central Authentication and Authentication Services (CAAS). These services allow web applications on campus to authenticate and authorize against a central system that is updated live throughout the day as changes to students, grad students, faculty and staff occur. It also provides an opportunity to use a single NetID and password for all Queen's applications that currently use SSO (such as my.queensu.ca).
There are currently two service offerings for CAAS:
- Single Sign-On (SSO) provides the best level of protection for web applications. It places an intermediate layer between the client and your web application. That layer can then force the user to authenticate before continuing to the web application.
- Common Sign-On (CSO) is heavily used on campus. It allows each application to control when and if they will enforce authentication, at which point the application would connect directly to the central LDAP or Active Directory server.
We offer both options to encourage Queen's application owners and developers to avoid the hassle of managing their own user databases. By using CAAS, you can let ITS manage the data and let you focus on the application.
For more details on which CAAS option is best for you, see the comparison chart on the Which Solution Is Best For Us? page.