krb_get_lrealm(3krb)krb_get_lrealm(3krb)Name
krb_get_lrealm - Host/realm identification routines.
Syntax
#include <krb.h>
#include <des.h>
krb_get_lrealm (realm, n)
char *realm;
int n;
char *krb_get_phost (alias)
char *alias;
Arguments
alias Identifies a host whose name is to be converted to an instance name. The alias string is overwritten with the instance name. The
alias string must be stored in a buffer of at least INST_SZ characters.
realm Identifies a specific realm.
n Specifies a specific position in a series of Kerberos hosts; must be set to 0.
Description
The routines of allow an application to obtain information on host/realm relationships in a Kerberos network. The routines of this library
are:
krb_get_phost
Converts the hostname pointed to by alias, which can be either an official name or an alias, into the instance name to be used in
obtaining Kerberos tickets.
krb_get_lrealm
Initializes realm with the nth realm of the local host. The argument realm should be large enough to contain the maximum realm name
determined by the constant REALM_SZ. The local realm name is stored in the file. See the reference page.
Files
See Also
kerberos(3krb), krb.conf(5krb)krb_get_lrealm(3krb)
Check Out this Related Man Page
Authen::Krb5::Simple(3pm) User Contributed Perl Documentation Authen::Krb5::Simple(3pm)NAME
Authen::Krb5::Simple - Basic user authentication using Kerberos 5
SYNOPSIS
use Authen::Krb5::Simple;
# Create a new Authen::Krb5::Simple object using
# the system default realm.
#
my $krb = Authen::Krb5::Simple->new();
# Authenticate a user.
#
my $authen = $krb->authenticate($user, $password);
unless($authen) {
my $errmsg = $krb->errstr();
die "User: $user authentication failed: $errmsg
";
}
# Get the current default realm.
#
my $realm = $krb->realm();
# Set the current realm
#
$krb->realm('MY.NEW.REALM');
# Create a new object pointing to another realm.
#
my $alt_krb = Authen::Krb5::Simple->new(realm => 'OTHER.REALM');
...
DESCRIPTION
The "Authen::Krb5::Simple" module provides a means to authenticate a user/password using Kerberos 5 protocol. The module's authenticate
function takes a username (or user@kerberos_realm) and a password, and authenticates that user using the local Kerberos 5 installation. It
was initially created to allow perl scripts to perform authentication against a Microsoft Active Directory (AD) server configured to accept
Kerberos client requests.
It is important to note: This module only performs simple authentication. It does not get, grant, use, or retain any kerberos tickets. It
will check user credentials against the Kerberos server (as configured on the local system) each time the authenticate method is called.
CONSTRUCTOR
new
The new method creates the Authen::Krb5::Simple object. It can take an optional argument hash. At present the only recognized
argument is "realm".
If no realm is specified, the default realm for the local host will be assumed. Once set, the specified realm will be used for all
subsequent authentication calls. The realm can be changed using the realm function (see below).
Examples:
Using the default realm:
my $krb = Authen::Krb5::Simple->new();
specifying a realm:
my $krb = Authen::Krb5::Simple->new(realm => 'another.realm.net');
METHODS
authenticate($user[@realm], $password)
the authenticate method takes the user (or user@realm) and a password, and uses kerberos 5 (the local systems installation) to
authenticate the user.
if the user/password is good, authenticate will return a true value. Otherwise, a false value is returned and the error code is stored
in the object.
if($krb->authenticate($user, $pw)) {
print "$user authentication successful
";
} else {
print "$user authentication failed: ", $krb->errstr(), "
";
}
realm( )
realm(NEW.REALM)
The realm method is used to set or get the current default realm. If an argument is passed to this method, the default realm is set to
that value. If no argument is supplied, the current realm is returned.
errstr
The errstr method will return the error message from the most recent authentication call.
errcode
The errstr method will return the krb5 error code from the most recent authentication call. This value will not be very useful. Use
the errstr method to get a meaningful error message.
BUGS
This version of Authen::Krb5::Simple does not support null or empty passwords. If you pass an undefined value or empty string ('') as a
password, authenticate return false and set the error to indicate that null or empty passwords are not supported.
AUTHOR
Damien S. Stuart, <dstuart@dstuart.org>
SEE ALSO
perl, Kerberos5 documentation.
perl v5.14.2 2012-01-08 Authen::Krb5::Simple(3pm)