Diese Version von GitHub Enterprise Server wurde eingestellt am 2026-03-17. Es wird keine Patch-Freigabe vorgenommen, auch nicht für kritische Sicherheitsprobleme. Für bessere Leistung, verbesserte Sicherheit und neue Features aktualisiere auf die neueste Version von GitHub Enterprise Server. Wende dich an den GitHub Enterprise-Support, um Hilfe zum Upgrade zu erhalten.

CAS verwenden

Wenn du den zentralen Authentifizierungsdienst (Central Authentication Service, CAS) verwendest, um den Zugriff auf mehrere Webanwendungen zu zentralisieren, kannst du GitHub Enterprise Server integrieren, indem du die CAS-Authentifizierung für deine Instanz konfigurierst.

In diesem Artikel

About CAS authentication for GitHub Enterprise Server

CAS is a single sign-on (SSO) protocol that centralizes authentication to multiple web applications. For more information, see Central Authentication Service on Wikipedia.

After you configure CAS, people who use your GitHub Enterprise Server instance must use a personal access token to authenticate API or Git requests over HTTP(S). CAS credentials cannot be used to authenticate these requests. For more information, see Managing your personal access tokens.

If you configure CAS, people with accounts on your identity provider (IdP) do not consume a user license until the person signs into your GitHub Enterprise Server instance.

If you want to allow authentication for some people who don't have an account on your external authentication provider, you can allow fallback authentication to local accounts on your GitHub Enterprise Server instance. For more information, see Allowing built-in authentication for users outside your provider.

Username considerations with CAS

GitHub normalizes a value from your external authentication provider to determine the username for each new personal account on your GitHub Enterprise Server instance. For more information, see Username considerations for external authentication.

CAS attributes

The username attribute is required and should be set to the GitHub Enterprise Server username.

No other attributes are available.

Configuring CAS

  1. From an administrative account on GitHub Enterprise Server, in the upper-right corner of any page, click .

  2. If you're not already on the "Site admin" page, in the upper-left corner, click Site admin.

  3. In the " Site admin" sidebar, click Management Console.

  4. In the "Settings" sidebar, click Authentication.

  5. Under "Authentication", select CAS.

  6. Optionally, to allow people without an account on your external authentication system to sign in with built-in authentication, select Allow built-in authentication. For more information, see Allowing built-in authentication for users outside your provider.

  7. In the Server URL field, type the full URL of your CAS server. If your CAS server uses a certificate that can't be validated by GitHub Enterprise Server, you can use the ghe-ssl-ca-certificate-install command to install it as a trusted certificate. For more information, see Command-line utilities.

  8. To apply the configuration, run the following command.

    Hinweis

    During a configuration run, services on your GitHub Enterprise Server instance may restart, which can cause brief downtime for users.

    Shell
    ghe-config-apply

  9. Wait for the configuration run to complete.