Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

Please follow these instructions to install and configure the CAS ISAPI Filter for IIS Web Sites and ASP applications.

Download and Install the CAS ISAPI Filter

  1. Download the CAS ISAPI Installer from https://confluence.ucdavis.edu:8443/confluence/x/eFY
  2. Run the installer.
  3. When prompted, enter the following values:
  4. The installer will then ask you to setup what paths are to be protected. The default path '/' will protect all pages in the web site. Note: These values are not physical path values. The CAS ISAPI filter will compare incoming URLs against the values in this string and enforce authentication if any part of the incoming URL matches the string value.

Deploy the CAS Filter to your Web Site

  1. Configure IIS to use the CAS Authentication Filter
  2. The Web Server and IIS Admin service must be stopped. Check the services dialog box and stop these services if they are running.
  3. Start the IIS Administrator Console
  4. Click on your Web server instance in your Console. The default title of your Web server instance is "Default Web Site", unless you changed it. It maybe hidden under "Console Root/Internet Information Server/NAME", where "NAME" is the name of your computer.
  5. Hold the right mouse button down on top of the line for your Web server instance and select "Properties" from the pop up menu.
  6. When the new window appears, Click on the "ISAPI Filters" tab.
  7. Another new window will appear. Click on the "Add..." button on it.
  8. In the Add window enter "CASAuthN" as the "Filter Name".
  9. Enter the following path: "C:\WINDOWS\system32\inetsrv\CASAuthN.dll".
  10. Click the "Ok" button on the "Filter Properties" dialog box.
  11. Click the "Ok" button on the "Web Site Properties" dialog box.
  12. Restart the IIS Web Service.
    1. Right click on the local computer in the IIS Adminstrator.
    2. Select All Tasks->Restart IIS.


Done!

That's it! Test your new protection scheme by using a Web browser to try and access a URL on your Web server with one of the protected path settings you set in this installer. It should redirect you to your CAS authentication server. You can also verify that the dll was loaded correctly by following steps a-f above and checking the status of the recently entered filter. It should have a green arrow to the left pointing up. If not, something would not let the filter load. Check the configuration file and all relevant files listed therein, as well as the location of the dll.

Accessing the authenticated user id

Currently, the CAS ISAPI module sets a header variable called "CAS-User" before passing the request on to IIS. In any server-side processing script (ASP, ASP.NET, .NET, Cold Fusion) you will be able to access this variable to get the authenticated user id.

  • No labels