Use mod_auth_cas on CentOS 8

Intro

For me, who loves CAS authentication moderately, I am sad that the ** mod_auth_cas ** provided in the EPEL repository in CentOS 6 and CentOS 7 has disappeared in the CentOS 8 (and RHEL 8) environment.

At the moment, it seems impossible to pick up rpm and install it, so I can not help it, so I will build it myself.

How to do

Based on the explanation on the following site, it is changed according to the environment when # yum install mod_auth_cas is done on CentOS 7. https://iam.uconn.edu/mod_auth_cas-installation-and-configuration/

Preparation

# yum install httpd httpd-devel
# yum install gcc libcurl-devel openssl-devel pcre-devel
# yum install autoconf automake make libtool redhat-rpm-config
# yum install wget tar

Build

# cd /usr/local/src
# wget https://github.com/apereo/mod_auth_cas/archive/v1.2.tar.gz
# tar xvzf v1.2.tar.gz
# cd mod_auth_cas-1.2
# autoreconf -iv
# ./configure --with-apxs=/usr/bin/apxs
# make
# make check
# make install

Settings for httpd

# mkdir /var/cache/httpd/mod_auth_cas
# chown apache:apache /var/cache/httpd/mod_auth_cas

# vi /etc/httpd/conf.d/auth_cas.conf
LoadModule auth_cas_module modules/mod_auth_cas.so
CASCookiePath /var/cache/httpd/mod_auth_cas/
CASCertificatePath /etc/pki/tls/certs/ca-bundle.crt
CASLoginURL https://sso.yourdomain/cas/login
CASValidateURL https://sso.yourdomain/cas/serviceValidate

# systemctl restart httpd

.htaccess installation

# vi /var/www/html/.htaccess
AuthType CAS
Require valid-user

Support for SELinux

If SELinux is enabled, a 401 error will occur after CAS authentication, so when using SELinux with Enforcing, check the error screen once and then execute the following.

# yum install policycoreutils-python-utils
# grep "httpd" /var/log/audit/audit.log | audit2allow --module=mod_auth_cas -all

module mod_auth_cas 1.0;

require {
        type http_port_t;
        type httpd_t;
        class tcp_socket name_connect;
}

#============= httpd_t ==============

#!!!! This avc can be allowed using one of the these booleans:
#     httpd_can_network_connect, httpd_graceful_shutdown, httpd_can_network_relay, nis_enabled
allow httpd_t http_port_t:tcp_socket name_connect;


# grep "httpd" /var/log/audit/audit.log | audit2allow --module=mod_auth_cas -all
# semodule -i mod_auth_cas.pp

Recommended Posts

Use mod_auth_cas on CentOS 8
Use bat on Centos.
Use the iostat command on CentOS 8
Use Docker CE (official) on CentOS 8
OpenVPN on CentOS 8
Maven on CentOS 7 tutorial
Install Golang on CentOS 8
Use Flutter on Ubuntu
Install Neo4j 4.1.3 on centOS
Tomcat v8 on CentOS7
Install Vertica 10.0 on CentOS 6.10
Zabbix 5 installation on CentOS 8
Use CentOS with LXD
Install PostgreSQL 12 on Centos8
Install nginx on centOS7
Install Python 3 on CentOS 7
Install kuromoji on CentOS7
Jetty v8 on CentOS7
OpenJDK installation on CentOS 7
Install Mattermost on CentOS 7
Install PostGIS 2.5.5 on CentOS7
Use mkdir on ubuntu
Install jpndistrict on CentOS 7
Use Corretto 11 on Heroku
Use cpplapack on ubuntu
Install Redmine 4.1.1 on CentOS 7
Smokeping Install on CentOS7
Install PostgreSQL 13 on CentOS 7.5
Try RabbitMQ + PHP on CentOS
Make exFat available on CentOS 7
Use serial communication on Android
Use Swift Package on Playground
Install OpenFOAM v2006 on CentOS
Set up Gitolite on CentOS 7
Install Jenkins on Docker's CentOS
Install Apache on CentOS on VirtualBox
Use devise on multiple models
Use native code on Android
Introducing Let's Encrypt on CentOS 7
Java version change on CentOS
Install Ruby 2.7 on CentOS 7 (SCL)
Perform log rotation on centos
Use PG Backups on Heroku
Try DPDK20 SDK on CentOS7 â‘ Install
How to deploy Laravel on CentOS 7
Enable Openjdk10 and maven on CentOS
Use Docker Compose on Windows 10 Home
Install Ruby 2.5 on CentOS 7 using SCL
How to use Ruby on Rails
Try putting CentOS 8 on Raspberry Pi 3
How to use Bio-Formats on Ubuntu 20.04
WordPress with Docker Compose on CentOS 8
Upgrade from MYSQL5.7 to 8.0 on CentOS 6.7
How to install MariaDB 10.4 on CentOS 8
Use Docker on your M1 Mac
Install apache 2.4.46 from source on CentOS7
Steps to install MySQL 8 on CentOS 8
Preparing to use electron-react-boilerplate on Ubuntu 20.4
Use completion in Eclipse on mac
Programs that use io_uring do not work with Docker on CentOS 8
I tried installing CentOS 8 on ESXi 6.7