For administrators and developers alike, there are some important bits of information you should
familiarize yourself with before starting out. This document serves as a brief introduction
to some of the concepts and terminology behind the JCas server. As well, where to go when you
In the course of reading these documents, you'll run across a number of terms; some specific to
JCas, and others defined by the CAS specifications.
- Scheme - Defines all methods and parameters that will be used when a
specific user wishes to be authorized. Schemes are the main item in
- Cookie - A piece of information (usually a string) that has specific
meaning to a CAS server when authorizing a user. Cookies are sent along
with responses to a client. Subsequent requests can contain such cookies
to enable the server speeding up the authorization phase.
- Agent - Software product that connect with a CAS server.
- System Authorization - Specific method for authorization. System
Authorization uses the mechanism a backend JDBC database provides
to authorize users. Basically, user authorization is forwarded to
the database system.
- Custom Authorization - Specific method for authorization. Custom
Authorization is performed by JCas and uses tables in a database
that contain user information. Opposit of System Authorization.
- Extended Authorization - Additional method for authorization.
Administrators can define customized queries on a JDBC database that
validates a user's authorization. Extended authorization does NOT
replace System or Custom Authorization but extends those.
- JAAS Authorization - Specific, standardized Java Authentication
and Authorization method. JAAS
was defined by the Java Community Process and is the Java implementation
of the Pluggable Authentication Module (PAM).
- Instance - Defines all parameters of a JDBC data source, such as
JDBC driver, DDL related tables, access queries etc. Instances are
used for System and Custom Authorization methods.
- Request - XML message coming from a CAS client. It contains
user name and password and the scheme the user should be authorized against.
Requests can contain additional information such as agent name and cookies.
- Response - XML message sent to a CAS client containing the result
of the authorization attempt. It can contain error codes and messages as well
as cookies and server related information.
- Thread - A sequence of a program which runs a certain function within a program.
As an application runs, it spawns off functions within the program as a thread.
For example, your CAS server may need to handle a request from a client, that
function could be a thread. Some operating systems can run multiple threads at
one time, allowing for fast execution of an application. JCas makes use of
the Java threads.
This section will acquaint you with the basic information used during the configuration
of the container. All of the information in the XML configuration file is read at
startup, meaning that any change to the file necessitates a restart of the server.
Where to go for help
While we've done our best to ensure that these documents are clearly written and easy to
understand, we may have missed something. Provided below are various web sites and mailing lists
in case you get stuck.
- Current document - most documents will list potential hangups. Be sure to fully
read the relevant documentation as it will save you much time and effort.
There's nothing like scouring the web only to find out that the answer was
right in front of you all along!
- JCas FAQ - as maintained by the developers.
- JCas Help Forum -
Get help from the community itself. The forum is maintained by the developers
and they keep a strong eye on it to get your questions answered quickly.
- JCas-users mailing list, which you can subscribe to
If you don't get a reply, then there's a good chance that your question was
probably answered in the
archives or FAQ. Although questions about application development in general
are sometimes asked and answered, please focus your questions on JCas-specific