Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
This module provide single sign-on capability for your Drupal site by implementing the CAS protocol.
When using this module, local Drupal user accounts are still used, but the authentication process is not handled by Drupal's standard login form. Instead, users are redirected to your institution's CAS server to collect credentials. Your Drupal site just receives the username (and optionally some other attributes) from the CAS server after a successful authentication.
This module does not allow your site to act as a CAS server for other websites. There is a separate module that provides that support.
Here are some features of this module:
- Supports integration with CAS servers that implement protocol version 1.x, 2.x, 3.x.
- Optionally automatically register users that log in via CAS for the first time.
- Optionally force anonymous users to authenticate via CAS for a specific set of pages by path.
- Optionally configure Drupal's log out behavior to also end a user's CAS session.
- Optionally use your Drupal site as a CAS proxy, allowing you to authenticate to other services on behalf of the user.
- Optionally assign roles and field values to user accounts based on CAS attributes using the CAS Attributes module.
- For developers, there's many events you can subscribe to in a custom module to influence many behaviors of the login process.
Installation & Versions
Please refer to the README file for specific installation and configuration instructions.
The 8.x-1.x branch of this module no longer receives updates.
2.1.x adds Drupal 10 support.
2.0.x is otherwise the same as 2.1.x but everyone should upgrade to 2.1.x.
Security Note
It's critical that you ensure your site is not vulnerable to Host header injection attacks. There is documentation on how to protect against such attacks.
Dependencies
The light-weight External Auth module is required as it facilitates the mapping of CAS usernames to Drupal usernames.
CAS Attributes
Many CAS servers expose a set of attributes (e.g. email, name, etc) for each user during the login process. This module does not use these attributes by default, aside from specifying which attribute to pull a user's email from during auto-registration. To make full use of these attributes, use the companion CAS Attributes module, which allows mapping these attributes to user fields, assigning roles based on the value of some attribute, and exposing these attributes as Drupal tokens for other uses like Webforms.
Project information
- Module categories: Integrations, Access Control
20,814 sites report using this module- Created by metzlerd on , updated
Stable releases for this project are covered by the security advisory policy.
Look for the shield icon below.
Releases
2.2.0
released 14 September 2023
released 14 September 2023
Works with Drupal: ^9 || ^10
✓ Recommended by the project’s maintainer.
Install:
Development version: 2.x-dev updated 14 Sep 2023 at 16:37 UTC
2.1.0
released 3 October 2022
released 3 October 2022
Works with Drupal: ^9 || ^10
Drupal 10 compatibility
Install:
Development version: 2.x-dev updated 14 Sep 2023 at 16:37 UTC
7.x-1.8
released 16 December 2022
released 16 December 2022
Works with Drupal: 7.x
Development version: 7.x-1.x-dev updated 18 Nov 2022 at 16:39 UTC
