diff --git a/admin/deco.php b/admin/deco.php
index 079036f..4957f70 100644
--- a/admin/deco.php
+++ b/admin/deco.php
@@ -2,5 +2,8 @@
 session_start();
 $_SESSION = array();
 session_destroy();
-header("Location: index.php");
+require_once("../phpCAS-1.3.6/CAS.php");
+phpCAS::client(CAS_VERSION_2_0, "cas.insa-toulouse.fr", 443, 'cas', true);
+phpCAS::setNoCasServerValidation();
+phpCAS::logout();
 ?>
\ No newline at end of file
diff --git a/admin/gestion_des_acces.php b/admin/gestion_des_acces.php
index 17e5217..19f04b0 100644
--- a/admin/gestion_des_acces.php
+++ b/admin/gestion_des_acces.php
@@ -70,11 +70,10 @@ if(isset($_GET['adm']) AND !empty($_GET['adm']))
 
 
 if(isset($_POST['send'])) {
-	if(isset($_POST['pseudo']) AND !empty($_POST['pseudo']) AND isset($_POST['mdp']) AND !empty($_POST['mdp']) AND isset($_POST['perm']) AND !empty($_POST['perm'])) {
+	if(isset($_POST['pseudo']) AND !empty($_POST['pseudo']) AND isset($_POST['perm']) AND !empty($_POST['perm'])) {
 
 		if($user['perm'] >= 2) {
 			$pseudo = htmlspecialchars($_POST['pseudo']);
-			$mdp = htmlspecialchars($_POST['mdp']);
 			$perm = htmlspecialchars($_POST['perm']);
 
 			switch ($perm) {
@@ -94,8 +93,8 @@ if(isset($_POST['send'])) {
 	            $req->execute(array($pseudo));
 	            $pseudo_exist = $req->rowCount();
 	            if ($pseudo_exist == 0) {
-					$req = $db->prepare("INSERT INTO admin(pseudo, mdp, perm) VALUES(?, ?, ?)");
-					$req->execute(array($pseudo, password_hash($mdp, PASSWORD_DEFAULT), $perm_int));
+					$req = $db->prepare("INSERT INTO admin(pseudo, perm) VALUES(?, ?)");
+					$req->execute(array($pseudo, $perm_int));
 					header('refresh:0');
 				} else {
 					$error = "pseudo déja utilisé";
@@ -119,8 +118,7 @@ if(isset($_POST['send'])) {
 <body>
 	<main>
 		<form method="POST">
-			<input type="text" placeholder="identifiant" name="pseudo" class="input_inline">
-			<input type="password" placeholder="mot de passe" name="mdp" class="input_inline">
+			<input type="text" placeholder="identifiant INSA" name="pseudo" class="input_inline">
 			<select name="perm" class="input_inline">
 				<option value="v0">GDA - Perm 0</option>
 				<option value="v1">Bureau - Perm 1</option>
@@ -137,7 +135,7 @@ if(isset($_POST['send'])) {
 		<table class="acces">
 			<tr>
 				<th width="10%">ID (db)</td>
-				<th width="40%">Identifiant</td>
+				<th width="40%">Identifiant INSA</td>
 				<th width="40%">Perm</td>
 				<th width="10%">Actions</td>
 			</tr>
diff --git a/admin/index.php b/admin/index.php
index c9ab73f..1128a70 100644
--- a/admin/index.php
+++ b/admin/index.php
@@ -1,31 +1,48 @@
 <?php
 $page = "index";
 include "script.php";
-if(isset($_POST['login'])) {
-    if (!empty($_POST['pseudo']) and !empty($_POST['password'])) {
-        $pseudo = htmlspecialchars($_POST['pseudo']);
-        $password = htmlspecialchars($_POST['password']);
+//CAS
+require_once("../phpCAS-1.3.6/CAS.php");
 
-        $req = $db->prepare("SELECT id, mdp FROM admin WHERE pseudo = ?");
-        $req->execute(array($pseudo));
-        $user_exist = $req->rowcount();
-        if ($user_exist == 1) {
+// Initialize phpCAS
+phpCAS::client(CAS_VERSION_2_0, "cas.insa-toulouse.fr", 443, 'cas', true);
+
+// For production use set the CA certificate that is the issuer of the cert
+// on the CAS server and uncomment the line below
+// phpCAS::setCasServerCACert($cas_server_ca_cert_path);
+
+// For quick testing you can disable SSL validation of the CAS server.
+// THIS SETTING IS NOT RECOMMENDED FOR PRODUCTION.
+// VALIDATING THE CAS SERVER IS CRUCIAL TO THE SECURITY OF THE CAS PROTOCOL!
+phpCAS::setNoCasServerValidation();
+
+// force CAS authentication
+phpCAS::forceAuthentication();
+
+// at this step, the user has been authenticated by the CAS server
+// and the user's login name can be read with phpCAS::getUser().
+$pseudo = phpCAS::getUser();
+
+if(!isset($_SESSION['id'])) {
+    $req = $db->prepare("SELECT id FROM admin WHERE pseudo = ?");
+    $req->execute(array($pseudo));
+    $user_exist = $req->rowcount();
+    if ($user_exist == 1) {
             while ($user_login = $req->fetch()) {
-                $passwd = $user_login['mdp'];
-                if ((password_verify($password, $passwd)) == 1) {
-                	$_SESSION['id'] = $user_login['id'];
-                	header('Refresh:0');
-                } else {
-                    $error = "Mot de passe invalide !";
-                }
-            }
-        } else {
-            $error = "Identifiant invalide !";
+        	$_SESSION['id'] = $user_login['id'];
+        	header('Refresh:0');
         }
     } else {
-        $error = "Tout les champs doivent être complétés";
+        $error = "Identifiant invalide !";
     }
 }
+
+if(isset($_POST['login'])) {
+    session_start();
+    $_SESSION = array();
+    session_destroy();
+    header('Refresh:0');
+}
 ?>
 <!DOCTYPE html>
 <html>
@@ -54,8 +71,6 @@ if(isset($_POST['login'])) {
     } else {
     ?>
 	<form method="POST">
-		<input type="text" placeholder="Identifiant" name="pseudo" class="input">
-		<input type="password" placeholder="mot de passe" name="password" class="input">
 		<input type="submit" name="login" value="Se connecter" class="submit">
 	</form>
 	<?php