Hi Jason,
Even though not directly answering to your question (specific authentication to a CAS server) the CAS protocol is very similar to a SAML or OAuth token exchange based authentication. As such, you might want to take a look at the following Forge components:

• iDP connector - for SAML authentication. Works with most cloud identity providers that support SAML authentication (Okta connector is one specific example). From what I know, most CAS providers also support some kind of SAML authentication.
• oAuth connectors - for oAuth based authentication. Again, this is a very similar protocol that exchanges and stores tokens as users authenticate. 

The fundamental change you'll have to do is, on your applications login flow, check if the user is authenticated and, if not, redirect him to the CAS login page, and handle the POSTs and setting the required cookies. The builtin HttpRequestHandler extension and ardoHttp component have the required actions to do that.

Hope this gives some direction... anyhow it would be great if someone in the community had already developed a specific CAS server example :)