ARCHIVED: About the IUauth retirement on Webserve
In 2015, IUauth will be retired on Webserve. Following is a brief overview of the retirement and instructions for migrating to CAS authentication.
Overview
Webserve currently supports IUauth to restrict access to IU users via .htaccess
on the secure server only (see Control web page access for Pages). IUauth is being retired, and the replacement authentication method will be CAS. CAS authentication will work similarly to IUauth, giving the ability to restrict access to IU users via .htaccess
, but should be much more familiar to users.
CAS allows a user to log in once and access any CAS-based websites without having to log in again, as long as the session remains active. CAS also gives users a familiar IU-branded screen that they can trust while logging in. Developers will find it easier to integrate CAS into websites using .htaccess
, rather than hard coding each restricted page.
CAS and IUauth will co-exist through September 2014 to permit you to make the necessary updates, but IUauth will be retired in October 2014. This change will have no noticeable effect on your account other than users logging in through CAS rather than the old pop-up login.
To stay informed or provide feedback about IU Login, or to ask questions about developing with it, use the auth-discuss-l
mailing list. To subscribe, send email to auth-discuss-l-subscribe@iu.edu
.
Migrating from IUauth to CAS
Edit the .htaccess
file:
- If you are using IUauth in
.htaccess
, it may look like this:AuthUserFile IUauth AuthGroupFile /dev/null AuthType Basic AuthName "IU Network ID" <Limit GET POST> require valid-user </Limit>
- Make the following changes:
- Remove the line
AuthUserFile IUauth
. - Replace
AuthType Basic
withAuthType CAS
.
- Remove the line
- Your new
.htaccess
file should look like this:AuthGroupFile /dev/null AuthType CAS AuthName "IU Network ID" <Limit GET POST> require valid-user </Limit>
Locate and manage IUauth methods in your account
You can use an application utility to identify all locations within the wwws
directory where an .htaccess
file uses the IUauth method.
- You can run this command from any directory within your account. Regardless of where you run it, the utility will search your entire
wwws
directory. (Since IU authentication can't be done in thewww
directory, the only files impacted by this change are those within thewwws
directory of the account.) - You must use a command line program to run this utility, such as PuTTY; see ARCHIVED: Use PuTTY to connect to Webserve Mac users can connect to Webserve via a command line prompt by using the Terminal program; see ARCHIVED: Use Terminal to connect to Webserve
- To run the utility:
- Log into your Webserve account, and type
find_htaccess_problems
. - The application will display a list of path names that identify where in your account these
.htaccess
files are and will provide you with a total number of.htaccess
files that are using IUAuth in thewwws
directory. A file will also be created with all of the output text. The file will be located in your login directory, and namedWebtech_htaccess_log.txt
.
- Log into your Webserve account, and type
- The application is also capable of converting standard IUauth
.htaccess
files to use CAS.- To do so, type the following:
find_htaccess_problems modify
- The application will make a backup copy of each
.htaccess
file. It will also report any files it is unable to convert with the following:### You must modify this non-standard .htaccess file manually ###
- At this point you should test your website(s) and make sure that CAS authentication is working correctly for each
.htaccess
file.
- To do so, type the following:
- Should you encounter any issues, you can revert to the backup copies by running the following:
find_htaccess_problems revert
- If everything tests appropriately, you can remove the backup files by running the following:
find_htaccess_problems cleanup
Important:This action will permanently delete the backup files. Make sure everything is working correctly before completing this action.
This is document bexs in the Knowledge Base.
Last modified on 2021-09-08 10:19:15.