345 lines
8.4 KiB
HTML
345 lines
8.4 KiB
HTML
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
|
<HTML><HEAD><TITLE>Man page of Authen::SASL</TITLE>
|
|
</HEAD><BODY>
|
|
<H1>Authen::SASL</H1>
|
|
Section: User Contributed Perl Documentation (3pm)<BR>Updated: 2012-09-04<BR><A HREF="#index">Index</A>
|
|
<A HREF="/cgi-bin/man/man2html">Return to Main Contents</A><HR>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<A NAME="lbAB"> </A>
|
|
<H2>NAME</H2>
|
|
|
|
Authen::SASL - SASL Authentication framework
|
|
<A NAME="lbAC"> </A>
|
|
<H2>SYNOPSIS</H2>
|
|
|
|
|
|
|
|
|
|
|
|
<PRE>
|
|
use Authen::SASL;
|
|
|
|
$sasl = Authen::SASL->new(
|
|
mechanism => 'CRAM-MD5 PLAIN ANONYMOUS',
|
|
callback => {
|
|
pass => \&fetch_password,
|
|
user => $user,
|
|
}
|
|
);
|
|
|
|
</PRE>
|
|
|
|
|
|
<A NAME="lbAD"> </A>
|
|
<H2>DESCRIPTION</H2>
|
|
|
|
|
|
|
|
<FONT SIZE="-1">SASL</FONT> is a generic mechanism for authentication used by several
|
|
network protocols. <B>Authen::SASL</B> provides an implementation
|
|
framework that all protocols should be able to share.
|
|
<P>
|
|
|
|
The framework allows different implementations of the connection
|
|
class to be plugged in. At the time of writing there were two such
|
|
plugins.
|
|
<DL COMPACT>
|
|
<DT id="1">Authen::SASL::Perl<DD>
|
|
|
|
|
|
This module implements several mechanisms and is implemented
|
|
entirely in Perl.
|
|
<DT id="2">Authen::SASL::XS<DD>
|
|
|
|
|
|
This module uses the Cyrus <FONT SIZE="-1">SASL</FONT> C-library (both version 1 and 2
|
|
are supported).
|
|
<DT id="3">Authen::SASL::Cyrus<DD>
|
|
|
|
|
|
This module is the predecessor to Authen::SASL::XS. It is reccomended
|
|
to use Authen::SASL::XS
|
|
</DL>
|
|
<P>
|
|
|
|
By default the order in which these plugins are selected is
|
|
Authen::SASL::XS, Authen::SASL::Cyrus and then Authen::SASL::Perl.
|
|
<P>
|
|
|
|
If you want to change it or want to specifically use one
|
|
implementation only simply do
|
|
<P>
|
|
|
|
|
|
|
|
<PRE>
|
|
use Authen::SASL qw(Perl);
|
|
|
|
</PRE>
|
|
|
|
|
|
<P>
|
|
|
|
or if you have another plugin module that supports the Authen::SASL <FONT SIZE="-1">API</FONT>
|
|
<P>
|
|
|
|
|
|
|
|
<PRE>
|
|
use Authen::SASL qw(My::SASL::Plugin);
|
|
|
|
</PRE>
|
|
|
|
|
|
<A NAME="lbAE"> </A>
|
|
<H3><FONT SIZE="-1">CONTRUCTOR</FONT></H3>
|
|
|
|
|
|
|
|
<DL COMPACT>
|
|
<DT id="4">new ( <FONT SIZE="-1">OPTIONS </FONT>)<DD>
|
|
|
|
|
|
The constructor may be called with or without arguments. Passing arguments is
|
|
just a short cut to calling the <TT>"mechanism"</TT> and <TT>"callback"</TT> methods.
|
|
<DL COMPACT><DT id="5"><DD>
|
|
<DL COMPACT>
|
|
<DT id="6">callback => { <FONT SIZE="-1">NAME</FONT> => <FONT SIZE="-1">VALUE, NAME</FONT> => <FONT SIZE="-1">VALUE, ... </FONT>}<DD>
|
|
|
|
|
|
Set the callbacks.
|
|
See the callback method for details.
|
|
<DT id="7">mechanism => <FONT SIZE="-1">NAMES</FONT><DD>
|
|
|
|
|
|
|
|
<DT id="8">mech => <FONT SIZE="-1">NAMES</FONT><DD>
|
|
|
|
|
|
|
|
Set the list of mechanisms to choose from.
|
|
See the mechanism method for details.
|
|
<DT id="9">debug => <FONT SIZE="-1">VALUE</FONT><DD>
|
|
|
|
|
|
Set the debug level bit-value to <TT>"VALUE"</TT>
|
|
|
|
|
|
<P>
|
|
|
|
|
|
Debug output will be sent to <TT>"STDERR"</TT>. The
|
|
bits of this value are:
|
|
|
|
|
|
<P>
|
|
|
|
|
|
|
|
|
|
<PRE>
|
|
1 Show debug messages in the Perl modules for the mechanisms.
|
|
(Currently only used in GSSAPI)
|
|
4 With security layers in place show information on packages read.
|
|
8 With security layers in place show information on packages written.
|
|
|
|
</PRE>
|
|
|
|
|
|
|
|
|
|
<P>
|
|
|
|
|
|
The default value is 0.
|
|
</DL>
|
|
</DL>
|
|
|
|
<DL COMPACT><DT id="10"><DD>
|
|
</DL>
|
|
|
|
</DL>
|
|
<A NAME="lbAF"> </A>
|
|
<H3><FONT SIZE="-1">METHODS</FONT></H3>
|
|
|
|
|
|
|
|
<DL COMPACT>
|
|
<DT id="11">mechanism ( )<DD>
|
|
|
|
|
|
Returns the current list of mechanisms
|
|
<DT id="12">mechanism ( <FONT SIZE="-1">NAMES </FONT>)<DD>
|
|
|
|
|
|
Set the list of mechanisms to choose from. <TT>"NAMES"</TT> should be a space separated string
|
|
of the names.
|
|
<DT id="13">callback ( <FONT SIZE="-1">NAME </FONT>)<DD>
|
|
|
|
|
|
Returns the current callback associated with <TT>"NAME"</TT>.
|
|
<DT id="14">callback ( <FONT SIZE="-1">NAME</FONT> => <FONT SIZE="-1">VALUE, NAME</FONT> => <FONT SIZE="-1">VALUE, ... </FONT>)<DD>
|
|
|
|
|
|
Sets the given callbacks to the given values
|
|
<DT id="15">client_new ( <FONT SIZE="-1">SERVICE, HOST, SECURITY </FONT>)<DD>
|
|
|
|
|
|
Creates and returns a new connection object for a client-side connection.
|
|
<DT id="16">server_new ( <FONT SIZE="-1">SERVICE, HOST, OPTIONS </FONT>)<DD>
|
|
|
|
|
|
Creates and returns a new connection object for a server-side connection.
|
|
<DT id="17">error ( )<DD>
|
|
|
|
|
|
Returns any error from the last connection
|
|
</DL>
|
|
<A NAME="lbAG"> </A>
|
|
<H2>The Connection Class</H2>
|
|
|
|
|
|
|
|
<DL COMPACT>
|
|
<DT id="18">server_start ( <FONT SIZE="-1">CHALLENGE </FONT>)<DD>
|
|
|
|
|
|
server_start begins the authentication using the chosen mechanism.
|
|
If the mechanism is not supported by the installed <FONT SIZE="-1">SASL</FONT> it fails.
|
|
Because for some mechanisms the client has to start the negotiation,
|
|
you can give the client challenge as a parameter.
|
|
<DT id="19">server_step ( <FONT SIZE="-1">CHALLENGE </FONT>)<DD>
|
|
|
|
|
|
server_step performs the next step in the negotiation process. The
|
|
first parameter you give is the clients challenge/response.
|
|
<DT id="20">client_start ( )<DD>
|
|
|
|
|
|
The initial step to be performed. Returns the initial value to pass to the server
|
|
or an empty list on error.
|
|
<DT id="21">client_step ( <FONT SIZE="-1">CHALLENGE </FONT>)<DD>
|
|
|
|
|
|
This method is called when a response from the server requires it. <FONT SIZE="-1">CHALLENGE</FONT>
|
|
is the value from the server. Returns the next value to pass to the server or an
|
|
empty list on error.
|
|
<DT id="22">need_step ( )<DD>
|
|
|
|
|
|
Returns true if the selected mechanism requires another step before completion
|
|
(error or success).
|
|
<DT id="23">answer ( <FONT SIZE="-1">NAME </FONT>)<DD>
|
|
|
|
|
|
The method will return the value returned from the last call to the callback <FONT SIZE="-1">NAME</FONT>
|
|
<DT id="24">property ( <FONT SIZE="-1">NAME </FONT>)<DD>
|
|
|
|
|
|
Returns the property value associated with <TT>"NAME"</TT>.
|
|
<DT id="25">property ( <FONT SIZE="-1">NAME</FONT> => <FONT SIZE="-1">VALUE, NAME</FONT> => <FONT SIZE="-1">VALUE, ... </FONT>)<DD>
|
|
|
|
|
|
Sets the named properties to their associated values.
|
|
<DT id="26">service ( )<DD>
|
|
|
|
|
|
Returns the service argument that was passed to *_new-methods.
|
|
<DT id="27">host ( )<DD>
|
|
|
|
|
|
Returns the host argument that was passed to *_new-methods.
|
|
<DT id="28">mechanism ( )<DD>
|
|
|
|
|
|
Returns the name of the chosen mechanism.
|
|
<DT id="29">is_success ( )<DD>
|
|
|
|
|
|
Once <I>need_step()</I> returns false, then you can check if the authentication
|
|
succeeded by calling this method which returns a boolean value.
|
|
</DL>
|
|
<A NAME="lbAH"> </A>
|
|
<H3>Callbacks</H3>
|
|
|
|
|
|
|
|
There are three different ways in which a callback may be passed
|
|
<DL COMPACT>
|
|
<DT id="30"><FONT SIZE="-1">CODEREF</FONT><DD>
|
|
|
|
|
|
If the value passed is a code reference then, when needed, it will be called
|
|
and the connection object will be passed as the first argument. In addition
|
|
some callbacks may be passed additional arguments.
|
|
<DT id="31"><FONT SIZE="-1">ARRAYREF</FONT><DD>
|
|
|
|
|
|
If the value passed is an array reference, the first element in the array
|
|
must be a code reference. When the callback is called the code reference
|
|
will be called with the connection object passed as the first argument
|
|
and all other values from the array passed after.
|
|
<DT id="32"><FONT SIZE="-1">SCALAR</FONT><DD>
|
|
|
|
|
|
All other values passed will be used directly. ie it is the same as
|
|
passing an code reference that, when called, returns the value.
|
|
</DL>
|
|
<A NAME="lbAI"> </A>
|
|
<H2>SEE ALSO</H2>
|
|
|
|
|
|
|
|
Authen::SASL::Perl, Authen::SASL::XS, Authen::SASL::Cyrus
|
|
<A NAME="lbAJ"> </A>
|
|
<H2>AUTHOR</H2>
|
|
|
|
|
|
|
|
Graham Barr <<A HREF="mailto:gbarr@pobox.com">gbarr@pobox.com</A>>
|
|
<P>
|
|
|
|
Please report any bugs, or post any suggestions, to the perl-ldap mailing list
|
|
<<A HREF="mailto:perl-ldap@perl.org">perl-ldap@perl.org</A>>
|
|
<A NAME="lbAK"> </A>
|
|
<H2>COPYRIGHT</H2>
|
|
|
|
|
|
|
|
Copyright (c) 1998-2005 Graham Barr. All rights reserved. This program is
|
|
free software; you can redistribute it and/or modify it under the same
|
|
terms as Perl itself.
|
|
<P>
|
|
|
|
<HR>
|
|
<A NAME="index"> </A><H2>Index</H2>
|
|
<DL>
|
|
<DT id="33"><A HREF="#lbAB">NAME</A><DD>
|
|
<DT id="34"><A HREF="#lbAC">SYNOPSIS</A><DD>
|
|
<DT id="35"><A HREF="#lbAD">DESCRIPTION</A><DD>
|
|
<DL>
|
|
<DT id="36"><A HREF="#lbAE"><FONT SIZE="-1">CONTRUCTOR</FONT></A><DD>
|
|
<DT id="37"><A HREF="#lbAF"><FONT SIZE="-1">METHODS</FONT></A><DD>
|
|
</DL>
|
|
<DT id="38"><A HREF="#lbAG">The Connection Class</A><DD>
|
|
<DL>
|
|
<DT id="39"><A HREF="#lbAH">Callbacks</A><DD>
|
|
</DL>
|
|
<DT id="40"><A HREF="#lbAI">SEE ALSO</A><DD>
|
|
<DT id="41"><A HREF="#lbAJ">AUTHOR</A><DD>
|
|
<DT id="42"><A HREF="#lbAK">COPYRIGHT</A><DD>
|
|
</DL>
|
|
<HR>
|
|
This document was created by
|
|
<A HREF="/cgi-bin/man/man2html">man2html</A>,
|
|
using the manual pages.<BR>
|
|
Time: 00:05:36 GMT, March 31, 2021
|
|
</BODY>
|
|
</HTML>
|