mod_auth_cas

Short example on how to use CAS with Apache and mod_auth_cas. On Fedora 14 you have to make sure to inlcude SSL before trying to load mod_auth_cas.so.

In the file /etc/httpd/conf.d/x_auth_cas.conf add:

LoadModule auth_cas_module modules/mod_auth_cas.so
CASVersion 2
CASDebug On
CASValidateDepth 15
CASCookiePath /var/www/cas/
CASLoginURL https://login.kth.se/login
CASValidateURL https://login.kth.se/serviceValidate
CASCertificatePath /etc/httpd/conf/login.kth.se.crt
CASValidateServer on
CASTimeout 172800
CASIdleTimeout 36000

Create directory for cas cookies mkdir /var/www/cas/ && chown apache.apache /var/www/cas/ and store the certificate in /etc/httpd/conf/login.kth.se.crt.

Example config from ssl.conf where the url /cas with files in /var/www/html.ssl/cas will be protected by cas:

Alias /cas /var/www/html.ssl/cas

<Directory "/var/www/html.ssl/cas">
AllowOverride All
AuthType CAS
AuthName "Auth"
require valid-user
CASScope /cas
</Directory>

If the Apache httpd server can't write to /var/www/cas make sure you don't have a permission problem with SELinux, AppArmor or similar security tool.

Red Hat Enterprise Linux

For RHEL you can find mod_auth_cas in EPEL, http://fedoraproject.org/wiki/EPEL.

Feedback New