Query: authen::tacacsplus
OS: debian
Section: 3pm
Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar
TacacsPlus(3pm) User Contributed Perl Documentation TacacsPlus(3pm)NAMEAuthen::TacacsPlus - Perl extension for authentication using tacacs+ serverSYNOPSISuse Authen::TacacsPlus; $tac = new Authen::TacacsPlus(Host=>$server, Key=>$key, [Port=>'tacacs'], [Timeout=>15]); or $tac = new Authen::TacacsPlus( [ Host=>$server1, Key=>$key1, [Port=>'tacacs'], [Timeout=>15] ], [ Host=>$server2, Key=>$key2, [Port=>'tacacs'], [Timeout=>15] ], [ Host=>$server3, Key=>$key3, [Port=>'tacacs'], [Timeout=>15] ], ... ); $tac->authen($username,$passwords); Authen::TacacsPlus::errmsg(); $tac->close();DESCRIPTIONAuthen::TacacsPlus allows you to authenticate using tacacs+ server. $tac = new Authen::TacacsPlus(Host=>$server, Key=>$key, [Port=>'tacacs'], [Timeout=>15]); Opens new session with tacacs+ server on host $server, encrypted with key $key. Undefined object is returned if something wrong (check errmsg()). With a list of servers the order is relevant. It checks the availability of the Tacacs+ service using the order you defined. Authen::TacacsPlus::errmsg(); Returns last error message. $tac->authen($username,$password,$authen_type); Tries an authentication with $username and $password. 1 is returned if authenticaton succeded and 0 if failed (check errmsg() for reason). $authen_type is an optional argument that specifies what type of authentication to perform. Allowable options are: Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_ASCII (default) Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_PAP Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_CHAP ASCII uses Tacacs+ version 0, and will authenticate against the "login" or "global" password on the Tacacs+ server. If no authen_type is specified, it defaults to this type of authentication. PAP uses Tacacs+ version 1, and will authenticate against the "pap" or "global" password on the Tacacs+ server. CHAP uses Tacacs+ version 1, and will authenticate against the "chap" or "global" password on the Tacacs+ server. With CHAP, the password if formed by the concatenation of chap id + chap challenge + chap response There is example code in test.pl If you use a list of servers you can continue using $tac->authen if one of them goes down or become unreachable. $tac->close(); Closes session with tacacs+ server.EXAMPLEuse Authen::TacacsPlus; $tac = new Authen::TacacsPlus(Host=>'foo.bar.ru',Key=>'9999'); unless ($tac){ print "Error: ",Authen::TacacsPlus::errmsg()," "; exit(1); } if ($tac->authen('john','johnpass')){ print "Granted "; } else { print "Denied: ",Authen::TacacsPlus::errmsg()," "; } $tac->close();AUTHORMike Shoyher, msh@corbina.net, msh@apache.lexa.ru Mike McCauley, mikem@open.com.auBUGSonly authentication is supported only one session may be active (you have to close one session before opening another one)SEE ALSOperl(1). perl v5.14.2 2012-01-17 TacacsPlus(3pm)