Traditional web-based reporting with SAS BI tools

Problem with Web Authentication in SAS 9.4 EBI

Frequent Contributor
Posts: 84

Problem with Web Authentication in SAS 9.4 EBI

We have a couple of test installs using web authentication where the authentication method is CAS and the apache (was vFabric now is pivotal) re-writes the request header to authenticate as per web authentication guidlines. Now my problem is if I au5thenticate in the browser then log out then re-authenticate (I know I am logged out of CAS as I am prompted for CAS credentials again) when I reenter

using the same browser and same session but as another user the original user is still shown in the environment. I clear the cache in the broweser and even disable browser caching but still get the originally logged in user


any ideas on if the internals of web-authentication are malfunctioning for me?



(I also confirmed that the request header is being reset in the appache rewrite log)


httpd.conf settings

LoadModule auth_cas_module "D:/SASHome/SASWebServer/9.4/httpd-2.2/modules/"
CASCertificatePath D:/SASHome/SASWebServer/9.4/httpd-2.2/ssl/certs/GeoTrustGlobalCA.pem
CASCookiePath c:/temp/

RewriteLog "D:\SASConfig\Lev1\Web\WebServer\logs\rewrite.log"
RewriteLogLevel 9


<Location /SASLogon/login>
AuthType CAS
require valid-user

RewriteEngine On
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule . - [E=RU:%1,NS]
RequestHeader set X-Remote-User "usask\%{RU}e" env=RU




from D:\SASConfig\Lev1\Web\WebServer\logs\rewrite.log - tes759 [05/Jul/2016:09:59:09 --0600] [][rid#1812e00/initial] (5) [perdir /SASLogon/login/] lookahead: path=/SASLogon/login/proxy:balancer://bitest01.usask.ca_cluster/SASLogon/login? var=REMOTE_USER -> val=tes759 - tes759 [05/Jul/2016:09:59:09 --0600] [][rid#1812e00/initial] (4) [perdir /SASLogon/login/] RewriteCond: input='tes759' pattern='(.+)' => matched - tes759 [05/Jul/2016:09:59:09 --0600] [][rid#1812e00/initial] (5) setting env variable 'RU' to 'tes759'
. - sae325 [05/Jul/2016:10:00:15 --0600] [][rid#198e1b0/initial] (5) [perdir /SASLogon/login/] lookahead: path=/SASLogon/login/proxy:balancer://bitest01.usask.ca_cluster/SASLogon/login? var=REMOTE_USER -> val=sae325 - sae325 [05/Jul/2016:10:00:15 --0600] [][rid#198e1b0/initial] (4) [perdir /SASLogon/login/] RewriteCond: input='sae325' pattern='(.+)' => matched - sae325 [05/Jul/2016:10:00:15 --0600] [][rid#198e1b0/initial] (5) setting env variable 'RU' to 'sae325' - sae325 [05/Jul/2016:10:00:15 --0600] [][rid#198e1b0/initial] (1) [perdir /SASLogon/login/] pass through proxy:balancer://bitest01.usask.ca_cluster/SASLogon/login?

Ask a Question
Discussion stats
  • 0 replies
  • 1 in conversation