The comment above is incorrect - CAS clients do not have access to the cookie, only the CAS Server does - CAS is not a shared-cookie protocol.
If you only have a single site, you can just create a session on the client, using the standard mechanisms for Java, Ruby, whatever platform you're using.
If you want to create an SSO session for login to multiple applications, basically you need to:
- Create a SSO session (via the CAS server)
- Redirect to the CAS Server
- Have the user redirected back to your application.
To accomplish the first one, you likely will want to modify the CAS LoginFlow to allow you to authenticate the user, either via one-time token or a similar mechanism.