The last time I talked to the UC Davis folks, they indicated that they wouldn't be supporting it anymore even though it had been fixed.
BTW, they were great in getting it fixed in the first place. Use this as a starting point: https://wiki.jasig.org/pages/viewpage.action?pageId=35389878 Don't worry about PHP or FastCGI. If you basically read through the instructions, you end up with the server variables being passed to the application. I had it working with a test version of a .net app that didn't have any setup with CAS. Unfortunately, I have taken down the system where I did my testing. -John -----Original Message----- From: Paul B. Henson [mailto:[email protected]] Sent: Wednesday, September 10, 2014 3:09 PM To: [email protected] Subject: RE: [cas-user] CAS ISAPI filter configuration > From: Ourada, John > Sent: Wednesday, September 10, 2014 8:47 AM > > Beware of the CAS ISAPI filters that exist... They don't terminate > headers correctly and Chrome will complain and not continue. > > UC Davis had the best one out there (IMO), but aren't able to support > it anymore. Actually, version 2.2 was released on Nov 25, 2013, with a change list of "Chrome interoperability issue fixed". I'm not sure what their long-term plans are as for supporting it, but I believe they have fixed at least the issue with chrome. > If the IIS version is high enough (7 and 8, I believe), you can use > the .net CAS client to perform the authentication. I did this on a > test server and was in the process of convincing the vendor to try it, > but they were able to switch to use ezproxy. You can use the .net client without cooperation from the application actually being authenticated? > There is some documentation on jasig on how to make this work. What documentation are you referring to? The only documentation I see for the .net client says "The .NET CAS client integrates with ASP.NET applications by customizing the application web.config file" and "Ensure it is deployed to the /Bin directory of the Web application", both of which seem like things that would require the cooperation of the actual application, as opposed to the ISAPI filter, in which the authentication is completely handled by IIS itself? Thanks... -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | [email protected] California State Polytechnic University | Pomona CA 91768 -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
