Thanks Dave,
Doing the single-sign on at the apache layer has the advantage for us of handling a wide assortment of applications - this approach works w/ mediawiki, gallery, drupal and many others that already have a basic auth module written.
The drupal specific CAS module might be interesting though if it handles roles mapping - that might make it worth it for us to port it to our local CAS variation (WIND).
Does your module do any roles mapping? (CAS 2 supports affiliations, I believe. Adding affiliations was pretty much why Columbia forked long ago).
How does your module allow users to see some pages and not others? Also, can you simultaneously support CAS authenticated users as well as local drupal users w/in the same site? That is a common use case for us that is sometimes tricky to handle with our apache auth (we basically have to create a different url for guests with different auth rules).
thanks, /Jonah
I tried this with drupal to first, but because of the desire to protect some pages, but not all within drupal I abandoned it later.
FYI: I maintain a CAS module which may or may not be of interest to you. It handles cas authentication within drupal.
Dave