CAS Apache Web Server Setup

We've modified a mod_perl module available from CPAN for use with WebISO. This client has been tested on Apache2 with mod_perl2.

Module Setup

Setup a Database

The Apache WebISO module requires a database to store session data. Any type of database should work, Postgres, MySQL, etc. Once a database is installed, the tables need to be setup. A file called 'schema.sql' is included with the download and contains the sql to create the database tables. This file should work with Postgres and MySQL, but may need to be altered for other databases. The command to run the sql for Postgres is:

psql -h <dbhost> -U <dbuser> -f schema.sql <dbname>

Where <dbhost>, <dbuser>, and <dbname> should be replaced with the settings that match the environment.


This module requires these other modules and libraries:

  • Net::SSLeay - module required for SSL communication with the WebISO server
  • DBI - module required so that mod_perl can talk to the database
  • DBD::<database type> (i.e. DBD::Pg for Postgres) - Driver module for the database of your choice

To install the module, type the following:

perl Makefile.PL
make install

Configure the module for one of the sites-available files or in .htaccess files.

AuthType Apache::AuthCAS
AuthName "CAS"
PerlAuthenHandler Apache::AuthCAS->authenticate
require valid-user
Available Configuration Options
Name Use Example
CASHost Host name of the WebISO server.
CASPort Port number for the WebISO Server. 443
CASDatabaseDriver Name of the DBI database driver. Pg
CASDatabaseHost Host name of the database server.
CASDatabasePort Port number for the database server. 5433
CASDatabaseName Name of the database. cas
CASDatabaseUser User to connect to the database with. dbuser
CASDatabasePass Password used to connect to the database. dbpass
CASLoginURI URI on the WebISO server where the login servlet lives. /WebISO/login
CASServiceValidateURI URI on the WebISO server where the service validate servlet lives. /WebISO/serviceValidate
OptInSingleSignOut Value stating that this service uses single sign out. true, 1
MyServiceName The name of the service that will be shown on the logout page. My Service Name
Single Sign Out

You must include this under the AuthHandler code as single sign out is required:

SetHandler perl-script
PerlHandler Apache::AuthCAS->handler