CAS SSO Terms Of Service

SSO Terms Of Service

Users will be able to initiate Single Sign On (SSO) from ANY CAS protected application throughout the University. This means that once a person logs into an application via CAS, that person can enter new applications without the need to provide his/her credentials again.

As a good security practice, applications are recommended to provide an application log-out and have an inactive session time-out. Upon a user session end with an application, the application should provide a security notice to the user: “For security purposes, please close your web browser when you are done accessing services that require authentication”. This security notice will also be added to the CAS log-in page.

Note: Rutgers computing environments should follow the security standards regarding insuring University computers have a password protected screen saver while unattended, https://rusecure.rutgers.edu/content/minimum-security-standards-data-protection. Please review these recommendations with your departments.

If an application owner believes their CAS protected application should not participate in Single Sign-on, justification for an exception can be submitted for review and an executive management decision at this web page, using Request SSO opt-out approval request category-type: Request Access.

Related Articles