GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
LWP::Authen::Negotiate(3) User Contributed Perl Documentation LWP::Authen::Negotiate(3)

LWP::Authen::Negotiate - GSSAPI based Authentication Plugin for LWP

   #! /usr/bin/perl -w

   use strict;
   require LWP::UserAgent;

   # uncomment if you want see what is going wrong messages
   #
   #use LWP::Debug qw(+);

   my $ua = LWP::UserAgent->new;
   my $response = $ua->get('http://testwurst.grolmsnet.lan:8090/geheim/');
   if ($response->is_success) {
      print $response->content;  # or whatever
   }
   else {
       die $response->status_line;
   }

just install LWP::Authen::Negotiate, LWP uses it as authentication plugin. Use your LWP::UserAgent Scripts as usual. Authentication is done transparent based on your GSSAPI installation (MIT Kerberos or Heimdal)

WWW-Negotiate Webservers are IIS or Apache with mod_auth_kerb for example.

To see what ist going on add

   use LWP::Debug qw(+);

to yor LWP using Scripts.

(e.g. too see what is going wrong with GSSAPI...)

To see what ist going on (and going wrong) add

   use LWP::Debug qw(+);

to yor LWP using Scripts.

(e.g. too see what is going wrong with GSSAPI...)

the output will look like this:

   LWP::UserAgent::new: ()
   LWP::UserAgent::request: ()
   LWP::UserAgent::send_request: GET http://testwurst.grolmsnet.lan:8090/geheim/
   LWP::UserAgent::_need_proxy: Not proxied
   LWP::Protocol::http::request: ()
   LWP::Protocol::collect: read 478 bytes
   LWP::UserAgent::request: Simple response: Unauthorized
   LWP::Authen::Negotiate::authenticate: authenticate() called
   LWP::Authen::Negotiate::authenticate: target hostname testwurst.grolmsnet.lan
   LWP::Authen::Negotiate::authenticate: GSSAPI servicename     HTTP/moerbsen.grolmsnet.lan@GROLMSNET.LAN
   LWP::Authen::Negotiate::authenticate:  Miscellaneous failure (see text)
   LWP::Authen::Negotiate::authenticate: open(/tmp/krb5cc_1000): file not found

In this case the credentials cache was empty. Run kinit first ;-)

LWP_AUTHEN_NEGOTIATE_DELEGATE
Define to enable ticket forwarding to webserver.

http://www.kerberosprotocols.org/index.php/Draft-brezak-spnego-http-03.txt
Description of WWW-Negotiate protol
http://modauthkerb.sourceforge.net/
the Kerberos and SPNEGO Authentication module for Apache mod_auth_kerb
http://perlgssapi.sourceforge.net/
Module Homepage
http://www.kerberosprotocols.org/index.php/Web
Sofware and APIs related to WWW-Negotiate
http://www.grolmsnet.de/kerbtut/
describes how to let mod_auth_kerb play together with Internet Explorer and Windows2003 Server

As default Kerberos 5 is selected as GSSAPI mechanism. a later veriosn will make that configureable.

Achim Grolms, <achim@grolmsnet.de>

http://perlgssapi.sourceforge.net/

Thanks to

Leif Johansson
who has conributed a lot of code from his implementation of the module and send a lot of input, ideas and feedback
Harald Joerg
helped with Kerberos knowledge and does testing on cygwin against IIS and mod_auth_kerb
Christopher Odenbach
does a lot of testing on Linux and Solaris
Dax Kelson
does a lot of testing on Linux
Karsten Kuenne
helped with advice

Copyright (C) 2006 by Achim Grolms <perl@grolmsnet.de>

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.4 or, at your option, any later version of Perl 5 you may have available.

2009-10-29 perl v5.32.1

Search for    or go to Top of page |  Section 3 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.