MOD_CAS and .htaccess files

You can use .htaccess files on Pantheon, Elsinore, and other MOD_CAS-enabled web servers at Yale to declare access control policies restricting among users authenticated via Yale CAS NetID authentication. Of course, if the content isn't being served via SSL it's still not secure, but it's better than completely publicly accesible pages.