GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  AUTHEN::TACACSPLUS (3)

.ds Aq ’

NAME

Authen::TacacsPlus - Perl extension for authentication using tacacs+ server

CONTENTS

SYNOPSIS



  use Authen::TacacsPlus;

  $tac = new Authen::TacacsPlus(Host=>$server,
                        Key=>$key,
                        [Port=>tacacs],
                        [Timeout=>15]);

  or

  $tac = new Authen::TacacsPlus(
     [ Host=>$server1, Key=>$key1, [Port=>tacacs], [Timeout=>15] ],
     [ Host=>$server2, Key=>$key2, [Port=>tacacs], [Timeout=>15] ],
     [ Host=>$server3, Key=>$key3, [Port=>tacacs], [Timeout=>15] ],
     ...  );

  $tac->authen($username,$passwords);

  Authen::TacacsPlus::errmsg();

  $tac->close();



DESCRIPTION

Authen::TacacsPlus allows you to authenticate using tacacs+ server.



  $tac = new Authen::TacacsPlus(Host=>$server,     
                        Key=>$key,         
                        [Port=>tacacs],  
                        [Timeout=>15]);



Opens new session with tacacs+ server on host $server, encrypted with key $key. Undefined object is returned if something wrong (check errmsg()).

With a list of servers the order is relevant. It checks the availability of the Tacacs+ service using the order you defined.



  Authen::TacacsPlus::errmsg();



Returns last error message.



  $tac->authen($username,$password,$authen_type);



Tries an authentication with $username and $password. 1 is returned if authenticaton succeded and 0 if failed (check errmsg() for reason).

$authen_type is an optional argument that specifies what type of authentication to perform. Allowable options are: Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_ASCII (default) Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_PAP Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_CHAP

ASCII uses Tacacs+ version 0, and will authenticate against the login or global password on the Tacacs+ server. If no authen_type is specified, it defaults to this type of authentication.

PAP uses Tacacs+ version 1, and will authenticate against the pap or global password on the Tacacs+ server.

CHAP uses Tacacs+ version 1, and will authenticate against the chap or global password on the Tacacs+ server. With CHAP, the password if formed by the concatenation of
chap id + chap challenge + chap response

There is example code in test.pl

If you use a list of servers you can continue using $tac->authen if one of them goes down or become unreachable.



  $tac->close();



Closes session with tacacs+ server.

EXAMPLE



  use Authen::TacacsPlus;                                            
                                                             
                                                             
  $tac = new Authen::TacacsPlus(Host=>foo.bar.ru,Key=>9999); 
  unless ($tac){                                             
          print "Error: ",Authen::TacacsPlus::errmsg(),"\n";         
          exit(1);                                           
  }                                                          
  if ($tac->authen(john,johnpass)){                  
          print "Granted\n";                                 
  } else {                                                   
          print "Denied: ",Authen::TacacsPlus::errmsg(),"\n";        
  }                                                          
  $tac->close();



AUTHOR

Mike Shoyher, msh@corbina.net, msh@apache.lexa.ru

Mike McCauley, mikem@airspayce.com

BUGS

only authentication is supported

only one session may be active (you have to close one session before opening another one)

SEE ALSO

perl(1).
Search for    or go to Top of page |  Section 3 |  Main Index


perl v5.20.3 TACACSPLUS (3) 2013-03-21

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.