Example TAMUCC CAS Login via Apache mod_auth_cas:

To protect any web directory via the TAMUCC CAS, go into that particular web folder and add the following to a .htaccess file:

  SSLRequireSSL
  AuthType CAS
  AuthName "Restricted Area - CAS Login Required"
  Require valid-user (or require user IslandID [IslandID IslandID....])
  Require cas-attribute role:staff
  Require cas-attribute role:faculty

Explanation of Fields:

• SSLRequireSSL -> The page must be accessed via SSL (https://vhost.tamucc.edu).
• AuthType CAS -> This tells Apache to use the mod_auth_cas module for authentication.
• AuthName "" -> The Login prompt title. Can be any string inside the quotes.
• require valid-user -> This line tells Apache it can let in any valid user.
  You can also use:
  require user IslandID IslandID... -> The list of valid IslandIDs of users, separated by spaces.
• require cas-attribute -> This line tells Apache to allow a user based on a CAS attribute that is being returned along with the valid login.
  It can be used with or without a valid-user (implied) and you can stack multiple Require cas-attribute lines to match multiple values.
  Format is "attribute:value".
  List of possible attributes returned by our CAS servers (Can be limited by Site):
  
  • BannerID
  • emailaddress
  • givenname
  • name
  • role
  • surname
  • UDC_IDENTIFIER
  • UIN
  • upn