Now that the mod_auth_cas plugin has been built and installed, it can be configured, and some web content can be created to secure with it.

Configure mod_auth_cas settings

Create the file /etc/httpd/conf.d/cas.conf with the following contents to configure the mod_auth_cas module:

LoadModule auth_cas_module modules/mod_auth_cas.so

<Directory "/var/www/html/secured-by-cas">
    <IfModule mod_auth_cas.c>
        AuthType CAS
    </IfModule>

    Require valid-user
</Directory>

<IfModule mod_auth_cas.c>
    CASLoginUrl           https://casdev.newschool.edu/cas/login
    CASValidateUrl        https://casdev.newschool.edu/cas/serviceValidate
    CASCookiePath         /var/cache/httpd/mod_auth_cas/
    CASSSOEnabled         On
    CASDebug              Off
</IfModule>

If the CAS server is using a self-signed TLS/SSL certificate, the following line will also be needed:

    CASCertificatePath    /etc/pki/tls/certs/casdev.crt

and a copy of the public certificate should be installed in /etc/pki/tls/certs/casdev.crt.

Run the commands

casdev-casapp# mkdir /var/cache/httpd/mod_auth_cas
casdev-casapp# chown apache.apache /var/cache/httpd/mod_auth_cas
casdev-casapp# chmod 700 /var/cache/httpd/mod_auth_cas

to create the directory specified in the CASCookiePath directive above.

Restart HTTPD

Run the command

casdev-casapp# systemctl restart httpd

to restart the HTTPD server with the new configuration. Check the log files in /var/log/httpd for errors.

Create example content

Edit the file /var/www/html/index.php and replace the call to phpinfo() with a link to another file, like this:

<!DOCTYPE html>
<html lang="en">
  <head>
    <title>Hello, World!</title>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
  </head>
  <body>
    <div class="container">
      <h1>Hello, World!</h1>
        <p><big>The quick brown fox jumped over the lazy dogs.</big></p>
        <p><big>Click <a href="secured-by-cas/index.php">here</a> for some secure content.</big></p>
    </div>
  </body>
</html>

Then create a directory, /var/www/html/secured-by-cas, and create the file /var/www/html/secured-by-cas/index.php with the following contents:

<!DOCTYPE html>
<html lang="en">
  <head>
    <title>Hello, World!</title>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
  </head>
  <body>
    <div class="container">
      <h1>Secured Content</h1>
      <p><big>This is some secure content. You should not be able to see it until you have entered your username
        and password.</big></p>
      <h2>Attributes Returned by CAS</h2>
      <?php
        echo "<pre>";

        if (array_key_exists('REMOTE_USER', $_SERVER)) {
            echo "REMOTE_USER = " . $_SERVER['REMOTE_USER'] . "<br>";
        }

        $headers = getallheaders();
        foreach ($headers as $key => $value) {
            if (strpos($key, 'CAS_') === 0) {
                echo substr($key, 4) . " = " . $value . "<br>";
            }
        }

        echo "</pre>";
      ?>
    </div>
  </body>
</html>

The PHP code here will display environment variables and HTTP headers that are used by mod_auth_cas to pass attributes returned by the CAS server along to the web application.