NAME
SYNOPSIS
DESCRIPTION
LIST OF TOKENS
CONFIGURATION
PREREQUISITES
SEE ALSO
AUTHORS
COPYRIGHT

NAME

Apache2::AuthenRadius - Authentication via a Radius server

SYNOPSIS

 # Configuration in httpd.conf

 PerlModule Apache2::AuthenRadius

 # Authentication in .htaccess

 AuthName Radius
 AuthType Basic

 # authenticate via Radius
 PerlAuthenHandler Apache2::AuthenRadius

 PerlSetVar Auth_Radius_host1 radius1.foo.com
 PerlSetVar Auth_Radius_port1 1812
 PerlSetVar Auth_Radius_secret1 MySharedSecret
 PerlSetVar Auth_Radius_host2 radius2.foo.com
 PerlSetVar Auth_Radius_port2 1812
 PerlSetVar Auth_Radius_secret2 MySharedSecret
 PerlSetVar Auth_Radius_timeout 5
 PerlSetVar Auth_Radius_prependToUsername REALM/
 PerlSetVar Auth_Radius_postfixToUsername @REALM

 require valid-user

DESCRIPTION

This module allows authentication against a Radius server.

LIST OF TOKENS

Auth_Radius_hostN
The Radius server host: either its name or its dotted quad IP number. The parameter is passed as the PeerHost option to IO::Socket::INET->new. You can have up to 2 RADIUS hosts configured, each with it own port & secret parameters.
Auth_Radius_portN
The port on which the Radius server is listening: either its service name or its actual port number. This parameter defaults to "1647" which is the official service name for Radius servers. The parameter is passed as the PeerPort option to IO::Socket::INET->new.
Auth_Radius_secretN
The shared secret for connection to the Radius server.
Auth_Radius_timeout
The timeout in seconds to wait for a response from the Radius server.
Auth_Radius_prependToUsername
Prefix's a string to the beginning of the user name that is sent to the Radius Server. This would typically be in the form of REALM/ or REALM%. Most Radius servers support prefixed or suffixed realms and so allow for different user name / password lists.

You can both postfix and prefix a realm at the same time. Your radius server might not deal with it very well.
Auth_Radius_postfixToUsername
Postfix's a string to the end of the user name that is sent to the Radius Server. This would typically be in the form of @REALM or %REALM. Most Radius servers support prefixed or suffixed realms and so allow for different user name / password lists.

You can both postfix and prefix a realm at the same time. Your radius server might not deal with it very well.

CONFIGURATION

The module should be loaded upon startup of the Apache daemon. Add the following line to your httpd.conf:

 PerlModule Apache2::AuthenRadius

PREREQUISITES

For AuthenRadius you need to enable the appropriate call-back hook when making mod_perl:

  perl Makefile.PL PERL_AUTHEN=1

AUTHORS

mod_perl by Doug MacEachern <dougm@osf.org>
Authen::Radius by Carl Declerck <carl@miskatonic.inbe.net>
Apache::AuthenRadius by Daniel Sully <daniel-cpan-authenradius@electricrain.com>
Apache2::AuthenRadius 0.4 modified from original Apache::AuthenRadius by Jose Dominguez <jad@ns.uoregon.edu>

COPYRIGHT

The Apache2::AuthenRadius module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

CPAN RT