William & Mary
Close menu Resources for... William & Mary
Popular Topics
Suggested Results
News Events
Apply Visit Request Info
W&M menu close William & Mary
Information Technology

One Secure Tribe, One Secure Family

by Patrick Williams, Student Communications Intern January 9, 2015

The CAS login page for William & Mary.Last semester, Blackboard became one of the latest web services to gain an extra layer of security by transitioning logins  to the Central Authentication Service (CAS). While CAS might be a familiar login screen to many in the William & Mary community, the changes to Blackboard are the latest development of an IT initiative to streamline login services through CAS.

Why the Change?

CAS provides secure access to many W&M web-based services as well as other services on external websites. "With more data increasingly being shared through our web services, we recognized the need to better protect W&M users," says Corinne Picataggi, IT's Innovation Project Manager.

The development of CAS across W&M web services will increase security for users.CAS allows W&M to minimize the data exchanged when authenticating to services. Creating a unified login system not only better protects user data, but hopefully creates a familiar login for the W&M community, which will reduce the risk of phishing attempts. "Plus, there's the convenience factor that once you log into CAS, you won't have to re-enter any passwords to W&M sites during your session," adds Picataggi. 

A More Secure System

"There are a lot of advantages to CAS," explains Chris Peck, W&M's Unix Engineering Manager, "the biggest of which is web authentication. Outside services now never see your WMuserid or password." CAS is primarily an authentication service which creates a cookie for you after a successful login. While the cookie is active, you may access various CAS-enabled services without the need to log in again. Work orders, residence hall room selection, TouchNet and Events Management System are just some of the many services with logins through CAS. With the CAS login cookie, all verification and user information is secure.

CAS is an open-sourced software, which allowed the IT engineers like Chris Peck (pictured) to tailor the service for W&M's needs.This Changes Everything?

These changes will appear minimal to users of W&M web services, but the transition to CAS logins has been a major initiative for the IT department. William & Mary began using CAS in 2011 and has continued to develop the service since. "Back in 2011, we recognized that CAS solved an upcoming problem - we would soon need a secure login," explains Peck. "We realized it was sort of a 'if you build it, they will come' opportunity."

CAS is an open-source software, which allowed the IT engineers to tailor the service for W&M's needs. After installing new servers to support the system, IT has been able to better manage user information security.With the new system in place, IT engineers began adding services that work in unison with CAS, such as CBORD, which manages services related to your Tribe Card.

Further Information

When you end your CAS  session by logging out of CAS, CAS attempts to log you out of all the services that you visited during your session. While this is usually successful, we strongly recommended that you close your browser after logging out of CAS, particularly when using a shared/public computer.

If you experience trouble logging into a W&M service that uses CAS, be sure that you are entering the correct WMuserid and password. If you continue to experience problems, please contact support@wm.edu.