GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  NET::RADIUS::SERVER::MATCH::LDAP (3)

.ds Aq ’

NAME

Net::Radius::Server::Match::LDAP - Interaction with LDAP servers for RADIUS

CONTENTS

SYNOPSIS



  use Net::Radius::Server::Match::LDAP;

  my $match = Net::Radius::Server::Match::LDAP->new({ ... });
  my $match_sub = $match->mk;



DESCRIPTION

Net::Radius::Server::Match::LDAP is a packet match method factory. This allows a Net::Radius::Server(3) RADIUS server to process requests based on information stored in an LDAP directory. Additionally, information obtained from LDAP remains available for further rule methods to process.

See Net::Radius::Server::Match for general usage guidelines. The matching of RADIUS requests is controlled through arguments passed to the constructor, to specific accessors or to the factory method. There are generally, two types of arguments:
<B>ExtendableB> Those are arguments that are passed directly to a Net::LDAP(3) method. Those arguments can receive either a scalar or a code ref.

If a scalar is supplied, this value is simply passed as-is to the undelying Net::LDAP(3) method.

If a code ref is supplied, it will be called as in



    $sub->($obj, $hashref);



Where $obj is the Net::Radius::Server::Match::LDAP object and $hashref is the invocation hashref, as described in Net::Radius::Server(3). Whatever is returned by this sub will be used as the value for this attribute.

<B>Indirect ExtendableB> The options that will be passed as named arguments to an underlying Net::LDAP(3) method. Generally speaking, those are attribute - value tuples specified within a listref, as in the following example.



    ->bind_opts([ password => mySikritPzwrd ]);



Arguments are filtered to provide increased functionality. By prepending ’_nrs_’ to the argument name, Net::Radius::Server::Match::LDAP will use the return value of the supplied code ref as the value of the argument. The following example illustrates this:



    ->bind_ops([ _nrs_password => sub { mySikritPzwrd } ]);



The code ref is invoked as in



    $sub->($obj, $hashref)



Where $obj is the Net::Radius::Server::Match::LDAP object and $hashref is the invocation hashref, as described in Net::Radius::Server(3). Whatever is returned by this sub will be used as the value for this attribute.

The following arguments control the invocation of the Net::LDAP(3) underlying methods:
<B>ldap_uriB> The URI or host specification passed as the first argument of Net::LDAP-new()>. See Net::LDAP(3) for more information.
<B>ldap_optsB> (Indirect Extendable) The additional, named parameters passed to Net::LDAP-new()>. See Net::LDAP(3) for more information.
<B>bind_dnB> (Extendable) The DN specification passed as the first argument of Net::LDAP-bind()>. See Net::LDAP(3) for more information.
<B>bind_optsB> (Indirect Extendable) The additional, named parameters passed to Net::LDAP-bind()>. See Net::LDAP(3) for more information.
<B>authenticate_fromB> Specify an optional RADIUS attribute from which to extract the password for binding to the LDAP directory. A <B>password =B> $pass> argument tuple will be added to whatever was specified with <B>bind_optsB>.

Optionally, this parameter can also be a code ref, in which case it will be called as in



    $obj->authenticate_from->($hashref)



Where $hashref is the shared invocation hash. The return value of the function will be used as the actual password to use in the LDAP binding.

<B>search_optsB> (Indirect Extendable) The named paramenters passed to Net::LDAP-search()>. See Net::LDAP(3) for more information.
The underlying Net::LDAP(3) object first attempts to ->bind() when ->mk() is called. This binding is re-attempted later, when errors are seen, depending on the configuration arguments specified.

The match method will return NRS_MATCH_OK if no error results from the LDAP ->search().

The following methods control other aspects of the Net::Radius::Server::Match::LDAP:
<B>store_resultB> When this argument is specified, the Net::LDAP::Result(3) object returned by the ->search() method in Net::LDAP(3) will be stored in the invocation hashref. The value of this argument controls the name of the hash key where this result will be stored.

This allows further methods (either on the same rule or in following rules) to use the information returned from an LDAP query for multiple purposes. You could, for example, locate a user’s profile and allow later rules to translate that profile into RADIUS attributes in the response packet.

<B>max_triesB> When attempting LDAP queries, a failure will cause the re-attempt to issue the ->bind() call. This paramenter controls how many attempts are made. 2 attempts are made by default.

    EXPORT

None by default.

HISTORY



  $Log$
  Revision 1.9  2006/12/14 16:33:17  lem
  Rules and methods will only report failures in log level 3 and
  above. Level 4 report success and failure, for deeper debugging

  Revision 1.8  2006/11/15 03:11:22  lem
  Minor indentation tweak

  Revision 1.7  2006/11/15 01:57:37  lem
  Fix CVS log in the docs



SEE ALSO

Perl(1), NetAddr::IP(3), Net::Radius::Server(3), Net::Radius::Server::Match(3), Net::LDAP(3).

AUTHOR

Luis E. Munõz, <luismunoz@cpan.org>

COPYRIGHT AND LICENSE

Copyright (C) 2006 by Luis E. Munõz

This library is free software; you can redistribute it and/or modify it under the same terms as Perl 5.8.6 itself.

POD ERRORS

Hey! <B>The above document had some coding errors, which are explained below:B>
Around line 372: Non-ASCII character seen before =encoding in ’Munõz,’. Assuming UTF-8
Search for    or go to Top of page |  Section 3 |  Main Index


perl v5.20.3 NET::RADIUS::SERVER::MATCH::LDAP (3) 2009-09-20

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.