GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
TacacsPlus(3) User Contributed Perl Documentation TacacsPlus(3)

Authen::TacacsPlus - Perl extension for authentication using tacacs+ server

  use Authen::TacacsPlus;

  $tac = new Authen::TacacsPlus(Host=>$server,
                        Key=>$key,
                        Port=>'tacacs',
                        Timeout=>15);

  or

  $tac = new Authen::TacacsPlus(
     [ Host=>$server1, Key=>$key1, Port=>'tacacs', Timeout=>15 ],
     [ Host=>$server2, Key=>$key2, Port=>'tacacs', Timeout=>15 ],
     [ Host=>$server3, Key=>$key3, Port=>'tacacs', Timeout=>15 ],
     ...  );

  $tac->authen($username,$passwords);

  Authen::TacacsPlus::errmsg(); 

  $tac->close();

Authen::TacacsPlus allows you to authenticate using tacacs+ server.

  $tac = new Authen::TacacsPlus(Host=>$server,      
                        Key=>$key,          
                        Port=>'tacacs',   
                        Timeout=>15);

Opens new session with tacacs+ server on host $server, encrypted with key $key. Undefined object is returned if something wrong (check errmsg()).

With a list of servers the order is relevant. It checks the availability of the Tacacs+ service using the order you defined.

  Authen::TacacsPlus::errmsg();

Returns last error message.

  $tac->authen($username,$password,$authen_type);

Tries an authentication with $username and $password. 1 is returned if authenticaton succeded and 0 if failed (check errmsg() for reason).

$authen_type is an optional argument that specifies what type of authentication to perform. Allowable options are: Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_ASCII (default) Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_PAP Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_CHAP

ASCII uses Tacacs+ version 0, and will authenticate against the "login" or "global" password on the Tacacs+ server. If no authen_type is specified, it defaults to this type of authentication.

PAP uses Tacacs+ version 1, and will authenticate against the "pap" or "global" password on the Tacacs+ server.

CHAP uses Tacacs+ version 1, and will authenticate against the "chap" or "global" password on the Tacacs+ server. With CHAP, the password if formed by the concatenation of chap id + chap challenge + chap response

There is example code in test.pl

If you use a list of servers you can continue using $tac->authen if one of them goes down or become unreachable.

  $tac->close();

Closes session with tacacs+ server.

  use Authen::TacacsPlus;                                             
                                                              
                                                              
  $tac = new Authen::TacacsPlus(Host=>'foo.bar.ru',Key=>'9999');  
  unless ($tac){                                              
          print "Error: ",Authen::TacacsPlus::errmsg(),"\n";          
          exit(1);                                            
  }                                                           
  if ($tac->authen('john','johnpass')){                   
          print "Granted\n";                                  
  } else {                                                    
          print "Denied: ",Authen::TacacsPlus::errmsg(),"\n";         
  }                                                           
  $tac->close();

Mike Shoyher, msh@corbina.net, msh@apache.lexa.ru

Mike McCauley, mikem@airspayce.com

only authentication is supported

only one session may be active (you have to close one session before opening another one)

perl(1).
2020-03-14 perl v5.32.1

Search for    or go to Top of page |  Section 3 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.