GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  LWP::AUTHEN::NEGOTIATE (3)

.ds Aq ’

NAME

LWP::Authen::Negotiate - GSSAPI based Authentication Plugin for LWP

CONTENTS

SYNOPSIS



   #! /usr/bin/perl -w

   use strict;
   require LWP::UserAgent;

   # uncomment if you want see what is going wrong messages
   #
   #use LWP::Debug qw(+);

   my $ua = LWP::UserAgent->new;
   my $response = $ua->get(http://testwurst.grolmsnet.lan:8090/geheim/);
   if ($response->is_success) {
      print $response->content;  # or whatever
   }
   else {
       die $response->status_line;
   }



just install LWP::Authen::Negotiate, LWP uses it as authentication plugin. Use your LWP::UserAgent Scripts as usual. Authentication is done transparent based on your GSSAPI installation (MIT Kerberos or Heimdal)

WWW-Negotiate Webservers are IIS or Apache with mod_auth_kerb for example.

DESCRIPTION

To see what ist going on add



   use LWP::Debug qw(+);



to yor LWP using Scripts.

(e.g. too see what is going wrong with GSSAPI...)

DEBUGGING

To see what ist going on (and going wrong) add



   use LWP::Debug qw(+);



to yor LWP using Scripts.

(e.g. too see what is going wrong with GSSAPI...)

the output will look like this:



   LWP::UserAgent::new: ()
   LWP::UserAgent::request: ()
   LWP::UserAgent::send_request: GET http://testwurst.grolmsnet.lan:8090/geheim/
   LWP::UserAgent::_need_proxy: Not proxied
   LWP::Protocol::http::request: ()
   LWP::Protocol::collect: read 478 bytes
   LWP::UserAgent::request: Simple response: Unauthorized
   LWP::Authen::Negotiate::authenticate: authenticate() called
   LWP::Authen::Negotiate::authenticate: target hostname testwurst.grolmsnet.lan
   LWP::Authen::Negotiate::authenticate: GSSAPI servicename     HTTP/moerbsen.grolmsnet.lan@GROLMSNET.LAN
   LWP::Authen::Negotiate::authenticate:  Miscellaneous failure (see text)
   LWP::Authen::Negotiate::authenticate: open(/tmp/krb5cc_1000): file not found



In this case the credentials cache was empty. Run kinit first ;-)

ENVIRONMENT

LWP_AUTHEN_NEGOTIATE_DELEGATE Define to enable ticket forwarding to webserver.

SEE ALSO

http://www.kerberosprotocols.org/index.php/Draft-brezak-spnego-http-03.txt Description of WWW-Negotiate protol
http://modauthkerb.sourceforge.net/ the Kerberos and SPNEGO Authentication module for Apache mod_auth_kerb
http://perlgssapi.sourceforge.net/ Module Homepage
http://www.kerberosprotocols.org/index.php/Web Sofware and APIs related to WWW-Negotiate
http://www.grolmsnet.de/kerbtut/ describes how to let mod_auth_kerb play together with Internet Explorer and Windows2003 Server

BUGS

As default Kerberos 5 is selected as GSSAPI mechanism. a later veriosn will make that configureable.

AUTHOR

Achim Grolms, <achim@grolmsnet.de>

http://perlgssapi.sourceforge.net/

Thanks to
Leif Johansson who has conributed a lot of code from his implementation of the module and send a lot of input, ideas and feedback
Harald Joerg helped with Kerberos knowledge and does testing on cygwin against IIS and mod_auth_kerb
Christopher Odenbach does a lot of testing on Linux and Solaris
Dax Kelson does a lot of testing on Linux
Karsten Kuenne helped with advice

COPYRIGHT AND LICENSE

Copyright (C) 2006 by Achim Grolms <perl@grolmsnet.de>

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.4 or, at your option, any later version of Perl 5 you may have available.

Search for    or go to Top of page |  Section 3 |  Main Index


perl v5.20.3 LWP::AUTHEN::NEGOTIATE (3) 2009-10-29

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.