Authen::TacacsPlus.3pm

Langue: en

Version: 2008-03-15 (debian - 07/07/09)

Section: 3 (Bibliothèques de fonctions)

Sommaire

NAME

Authen::TacacsPlus - Perl extension for authentication using tacacs+ server

SYNOPSIS

   use Authen::TacacsPlus;
 
   $tac = new Authen::TacacsPlus(Host=>$server,
                         Key=>$key,
                         [Port=>'tacacs'],
                         [Timeout=>15]);
 
   $tac->authen($username,$passwords);
 
   Authen::TacacsPlus::errmsg(); 
 
   $tac->close();

DESCRIPTION

Authen::TacacsPlus allows you to authenticate using tacacs+ server. 
   $tac = new Authen::TacacsPlus(Host=>$server,      
                         Key=>$key,          
                         [Port=>'tacacs'],   
                         [Timeout=>15]);

Opens new session with tacacs+ server on host $server, encrypted with key $key. Undefined object is returned if something wrong (check errmsg()).

   Authen::TacacsPlus::errmsg();

Returns last error message.

   $tac->authen($username,$password,$authen_type);

Tries an authentication with $username and $password. 1 is returned if authenticaton succeded and 0 if failed (check errmsg() for reason).

$authen_type is an optional argument that specifies what type of authentication to perform. Allowable options are: Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_ASCII (default) Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_PAP Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_CHAP

ASCII uses Tacacs+ version 0, and will authenticate against the ``login'' or ``global'' password on the Tacacs+ server. If no authen_type is specified, it defaults to this type of authentication.

PAP uses Tacacs+ version 1, and will authenticate against the ``pap'' or ``global'' password on the Tacacs+ server.

CHAP uses Tacacs+ version 1, and will authenticate against the ``chap'' or ``global'' password on the Tacacs+ server. With CHAP, the password if formed by the concatenation of
  chap id + chap challenge + chap response

Ther is example code in test.pl

   $tac->close();

Closes session with tacacs+ server.

EXAMPLE

   use Authen::TacacsPlus;                                             
                                                               
                                                               
   $tac = new Authen::TacacsPlus(Host=>'foo.bar.ru',Key=>'9999');  
   unless ($tac){                                              
           print "Error: ",Authen::TacacsPlus::errmsg(),"\n";          
           exit(1);                                            
   }                                                           
   if ($tac->authen('john','johnpass')){                   
           print "Granted\n";                                  
   } else {                                                    
           print "Denied: ",Authen::TacacsPlus::errmsg(),"\n";         
   }                                                           
   $tac->close();

AUTHOR

Mike Shoyher, msh@corbina.net, msh@apache.lexa.ru

Mike McCauley, mikem@open.com.au

BUGS

only authentication is supported

only one session may be active (you have to close one session before opening another one)

SEE ALSO

perl(1).