Discourse as a CAS Server


Hi everyone,

I’m exploring different paths to integrate discourse with other webapps.

One interesting use case that I’m finding, is to use Discourse and it’s excellent identity management capabilities, as a cetral point to id management.

The current features (user creation flow, email validation, email invitacion, oAuth support, etc) makes Discourse as a great core place to hav identity implemented.

In the case that I need to develop a new app, and I want to use discourse’s user base as Identity, what’s the best approach should I take?

I don’t want to directly read the postgres database (or using ActiveRecord). In fact, I don’t know how to read passwords or validate facebook logged users.

Do you think that having a feauture that transforms Discourses as e CAS Server it would be a good way?

Tks! appreciate your ideas!

(Ernest Lee) #2

My plan is to integrate casino with an activerecord gem for reading discourse’s database. Anyone have suggestions?

(Ernest Lee) #3

I was able to tell the Casino CAS server to read the user database of Discourse and log in. However, I am stuck getting discourse to call casino after login.

Any ideas?

(Kane York) #4

It is recommneded to use your other webapp as the authentication provider, and Discourse as the consumer. See the official SSO guide here:

(Ernest Lee) #5

I don’t have a separate webapp provider and do not wish to install a new app for login as I have to migrate users.

I need to call cas after login and call logout on logout.

(Kane York) #6

What’s the Casino CAS server then?

(Ernest Lee) #7

It’s a CAS server that can either read ldap or the user table. I modified it so it can check the user password.

The goal of this so I can log into discourse once and also log onto the authentication service. Currently, to use a third party app I have to separately authenticate to Casino.


I recently integrate CASino as SSO service with my Discourse as well, but I then realize that Discourse append sso and sig instead of service on query string, which makes it extremely difficult to integrate with CASino.

Here is a document about CAS protocol: http://jasig.github.io/cas/4.1.x/protocol/CAS-Protocol.html

(eriko) #9

You might find this useful. It sits between a CAS server and Discourse. It uses Discourses SSO and translates CAS info into Discourse SSO. It developed it using Casino but deploy it against Jasig CAS.


I found another Discourse SSO translator as a gem. I need to integrate the Discourse SSO into my existing application, so the gem version would fit my demand better.

(eriko) #11

Sorry I was mistaken about the direction you needed to move auth. The link I provided was for going the other direction. Good luck.