Using CAS on a VCU Website

In order to use CAS on a website, your website must be stored on a CAS-enabled server.

HTML pages and corresponding documents (pdfs, etc) can be protected by CAS. If a user tries to access a URL with CAS protected directory, they will be prompted to log in with their VCU eID to view the site's content.

Access for Any eID

In the directory, you would like to protect, create a .htaccess file. An .htaccess can be created by using Notepad or any text editor, and saving the document as .htaccess. Add the following text to your .htaccess file:

AuthName "CAS"
AuthType CAS
require valid-user

Access for Individual eIDs

Create a .htaccess file as described above. In the file, paste the following text - replace foo with any group name, and the AuthGroupFile path to a path where you will store your group_file document:

AuthType CAS
AuthGroupFile /www/www.ts.vcu.edu/etc/group_file
require group foo

The group file document should contain a list of eIDs with access and is formatted. This file can be saved with the extension of .htpswrd and should contain a list of eIDs as in the following example:

foo: eID1 eID2

All the eids need to be on the same line. If you would like to use multiple lines, add additional groups

require group foo foo1
foo: eID1 eID2
foo1: eID3 eID3

If you are only managing a few users, you can put all the information in a single .htaccess file on your root.

AuthName "CAS"
AuthType CAS
require user eID1 eID2 eID3 eID4 eID5

Note: Predefined groups by departments and employee type are not currently available in CAS.

This article was updated: 01/30/2018