Traditional web-based reporting with SAS BI tools

Problem with Web Authentication in SAS 9.4 EBI

Reply
Frequent Contributor
Posts: 84

Problem with Web Authentication in SAS 9.4 EBI

We have a couple of test installs using web authentication where the authentication method is CAS and the apache (was vFabric now is pivotal) re-writes the request header to authenticate as per web authentication guidlines. Now my problem is if I au5thenticate in the browser then log out then re-authenticate (I know I am logged out of CAS as I am prompted for CAS credentials again) when I reenter

using the same browser and same session but as another user the original user is still shown in the environment. I clear the cache in the broweser and even disable browser caching but still get the originally logged in user

 

any ideas on if the internals of web-authentication are malfunctioning for me?

 

 

(I also confirmed that the request header is being reset in the appache rewrite log)

 

httpd.conf settings

LoadModule auth_cas_module "D:/SASHome/SASWebServer/9.4/httpd-2.2/modules/mod_auth_cas.so"
#CAS
CASLoginURL https://cas.usask.ca/cas/login
CASValidateURL https://cas.usask.ca/cas/serviceValidate
CASCertificatePath D:/SASHome/SASWebServer/9.4/httpd-2.2/ssl/certs/GeoTrustGlobalCA.pem
CASCookiePath c:/temp/

RewriteLog "D:\SASConfig\Lev1\Web\WebServer\logs\rewrite.log"
RewriteLogLevel 9

 


<Location /SASLogon/login>
AuthType CAS
require valid-user

RewriteEngine On
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule . - [E=RU:%1,NS]
RequestHeader set X-Remote-User "usask\%{RU}e" env=RU
</Location>

 

 

 

from D:\SASConfig\Lev1\Web\WebServer\logs\rewrite.log

10.80.84.9 - tes759 [05/Jul/2016:09:59:09 --0600] [bitest01.usask.ca/sid#13178f0][rid#1812e00/initial] (5) [perdir /SASLogon/login/] lookahead: path=/SASLogon/login/proxy:balancer://bitest01.usask.ca_cluster/SASLogon/login?service=https%3A%2F%2Fuviewtest.usask.ca%2FSASPortal%2Fj_spring_cas_security_check var=REMOTE_USER -> val=tes759
10.80.84.9 - tes759 [05/Jul/2016:09:59:09 --0600] [bitest01.usask.ca/sid#13178f0][rid#1812e00/initial] (4) [perdir /SASLogon/login/] RewriteCond: input='tes759' pattern='(.+)' => matched
10.80.84.9 - tes759 [05/Jul/2016:09:59:09 --0600] [bitest01.usask.ca/sid#13178f0][rid#1812e00/initial] (5) setting env variable 'RU' to 'tes759'
.
.
.
10.80.84.9 - sae325 [05/Jul/2016:10:00:15 --0600] [bitest01.usask.ca/sid#13178f0][rid#198e1b0/initial] (5) [perdir /SASLogon/login/] lookahead: path=/SASLogon/login/proxy:balancer://bitest01.usask.ca_cluster/SASLogon/login?service=https%3A%2F%2Fuviewtest.usask.ca%2FSASPortal%2Fj_spring_cas_security_check var=REMOTE_USER -> val=sae325
10.80.84.9 - sae325 [05/Jul/2016:10:00:15 --0600] [bitest01.usask.ca/sid#13178f0][rid#198e1b0/initial] (4) [perdir /SASLogon/login/] RewriteCond: input='sae325' pattern='(.+)' => matched
10.80.84.9 - sae325 [05/Jul/2016:10:00:15 --0600] [bitest01.usask.ca/sid#13178f0][rid#198e1b0/initial] (5) setting env variable 'RU' to 'sae325'
10.80.84.9 - sae325 [05/Jul/2016:10:00:15 --0600] [bitest01.usask.ca/sid#13178f0][rid#198e1b0/initial] (1) [perdir /SASLogon/login/] pass through proxy:balancer://bitest01.usask.ca_cluster/SASLogon/login?service=https%3A%2F%2Fuviewtest.usask.ca%2FSASPortal%2Fj_spring_cas_security_check

Ask a Question
Discussion stats
  • 0 replies
  • 184 views
  • 0 likes
  • 1 in conversation