This solution works by using EMS's Portal Authentication. The CasAuth.aspx file should be linked to from external resources, and when it is called it retrieve's the username from CAS Server and puts it into the "UserId" session and redirects to the app's homepage. Virtual EMS reads the session parameter and associates it with the Virtual EMS session.
Note: This method uses the .NET CAS Client in a raw form, but not the standard Forms Auth method. When we implemented setting permissions (deny to anonymous) on the CasAuth.aspx we were not getting the desired results... so you'll noticed that the web.conf is missing some of the parts from the standard .NET CAS Client configuration because they are not needed for this implementation.
The following are the instructions for CASifying DEA's Virtual EMS app:
- From the attached zip file, copy the CasAuth.aspx file into the "C:\inetpub\wwwroot\VirtualEms" directory.
- Following the web.config file in the attached zip file as a guide, update the web.config file in "C:\inetpub\wwwroot\VirtualEms" merging in the changes. Search for "CAS Authentication".
Using the EMS client, enable SSO w Within the Virtual EMS Parameters area of EMS (System Administration > Settings > Parameters (Virtual tab) :
- Set the Portal Authentication Method parameter to "Session".
- Set the Portal Authentication Variable parameter to "UserId".
- Follow the instructions for clearing the parameters cache.
- Test by browsing to "http://<servername>/VirtualEms/CasAuth.aspx".
- If you get an ASP.NET "medium trust" error, open the IIS Manager (via Administrative Tools), browse to the Application Pools, highlight the "DefaultAppPool", open the "Advanced Settings", and set "Load User Profile" setting (under Process Model) to "True".
- Test again.