Skip to content


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
A CAS OmniAuth Strategy
Failed to load latest commit information.
lib Version bump to v1.1.0
spec Merge branch 'master' of into chamill…
.gitignore Fix option code for failing test
.ruby-version Update ruby to 2.1.3
.travis.yml Adds Ruby 2.0 as a testable version of Ruby in Travis
Gemfile Revert "Added ruby version identifier to Gemfile"
LICENSE Laid down the foundation by using `omniauth-facebook` as a guide to t… [Close #21] Document undocumented options
Rakefile Updated spec task to include the spec_helper so that Travis tests wil…
omniauth-cas.gemspec Update rspec

OmniAuth CAS Strategy Gem Version Build Status

This is a OmniAuth 1.0 compatible port of the previously available OmniAuth CAS strategy that was bundled with OmniAuth 0.3.


Add this line to your application's Gemfile:

gem 'omniauth-cas'

And then execute:

$ bundle

Or install it yourself as:

$ gem install omniauth-cas


Use like any other OmniAuth strategy:

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :cas, host: ''

Configuration Options


OmniAuth CAS requires at least one of the following two configuration options:

  • url - Defines the URL of your CAS server (i.e.
  • host - Defines the host of your CAS server (i.e.


Other configuration options:

  • port - The port to use for your configured CAS host. Optional if using url.
  • ssl - TRUE to connect to your CAS server over SSL. Optional if using url.
  • service_validate_url - The URL to use to validate a user. Defaults to '/serviceValidate'.
  • callback_url - The URL custom URL path which CAS uses to call back to the service. Defaults to /users/auth/cas/callback.
  • logout_url - The URL to use to logout a user. Defaults to '/logout'.
  • login_url - Defines the URL used to prompt users for their login information. Defaults to /login If no host is configured, the host application's domain will be used.
  • uid_field - The user data attribute to use as your user's unique identifier. Defaults to 'user' (which usually contains the user's login name).
  • ca_path - Optional when ssl is true. Sets path of a CA certification directory. See Net::HTTP for more details.
  • disable_ssl_verification - Optional when ssl is true. Disables verification.
  • on_single_sign_out - Optional. Callback used when a CAS 3.1 Single Sign Out request is received.
  • fetch_raw_info - Optional. Callback used to return additional "raw" user info from other sources.

    provider :cas,
             fetch_raw_info: lambda { |strategy, options, ticket, user_info|

Configurable options for values returned by CAS:

  • uid_key - The user ID data attribute to use as your user's unique identifier. Defaults to 'user' (which usually contains the user's login name).
  • name_key - The data attribute containing user first and last name. Defaults to 'name'.
  • email_key - The data attribute containing user email address. Defaults to 'email'.
  • nickname_key - The data attribute containing user's nickname. Defaults to 'user'.
  • first_name_key - The data attribute containing user first name. Defaults to 'first_name'.
  • last_name_key - The data attribute containing user last name. Defaults to 'last_name'.
  • location_key - The data attribute containing user location/address. Defaults to 'location'.
  • image_key - The data attribute containing user image/picture. Defaults to 'image'.
  • phone_key - The data attribute containing user contact phone number. Defaults to 'phone'.

Migrating from OmniAuth 0.3

Given the following OmniAuth 0.3 configuration:

provider :CAS, cas_server: ''

Your new settings should look similar to this:

provider :cas,
         host:      '',
         login_url: '/cas/login',
         service_validate_url: '/cas/serviceValidate'

If you encounter problems wih SSL certificates you may want to set the ca_path parameter or activate disable_ssl_verification (not recommended).


  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Added some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create new Pull Request


Special thanks go out to the following people

  • Phillip Aldridge (@iterateNZ) and JB Barth (@jbbarth) for helping out with Issue #3
  • Elber Ribeiro (@dynaum) for Ubuntu SSL configuration support
  • @rbq for README updates and OmniAuth 0.3 migration guide
Something went wrong with that request. Please try again.