Central Authentication Service (https://www.apereo.org/projects/cas) is a Web Initial Sign-on (WebISO) system designed by Yale ITS. CAS facilitates single sign-on across multiple web applications and provides these web services with the ability to authenticate users without having access to their passwords. From an end-user point of view, all protected pages show a standardized CAS challenge page where the user types in their NetID (a unique username of sorts assigned to everyone affiliated with Yale) and password.
Much to our delight, we were able to make Tiki interface with CAS without any customization. Yale ITS provides mod_cas, an Apache modules that protect webpages through CAS. Since mod_cas is an Apache module, it behaves like standard HTTP authentication. Tiki supports HTTP authentication. When a user is logged in through HTTP authentication, and the username matches one of the usernames in the Tiki database, Tiki automatically logs the user in. That way, when a user logs in through CAS, Tikiwiki matches the NetID (username) of the user with a pre-created account in its database, and logs the user in.