Luis Muñoz > Net-Radius-Server > Net::Radius::Server::PAM

Download:
Net-Radius-Server-1.116.tar.gz

Dependencies

Annotate this POD

CPAN RT

New  1
Open  1
View/Report Bugs
Module Version: 1.075   Source  

NAME ^

Net::Radius::Server::PAM - Authenticate users using the Linux-PAM framework

SYNOPSIS ^

  use Net::Radius::Server::PAM;
  my $pam = new Net::Radius::Server({@args});

  # As match-method factory
  $pam->fmatch();

  # As set-method factory
  $pam->fset();

DESCRIPTION ^

Net::Radius::Server::PAM uses the PAM framework to authenticate and populate a RADIUS response within the Net::Radius::Server framework. The interface with the PAM infraestructure is provided by Authen::PAM(3).

The following methods are supported:

->fmatch

Equivalent to invoking ->mk on a Net::Radius::Server::Match(3) - derived class. This will return a sub providing match functionality to Net::Server::Radius(3).

->fset

Equivalent to invoking ->mk on a Net::Radius::Server::Set(3) - derived class. This will return a sub providing set functionality to Net::Server::Radius(3).

The match method will attempt authentication via username and password against the PAM framework. Succesful authentication causes the match method to return NRS_MATCH_OK. Failure, as expected, causes the return of NRS_MATCH_FAIL.

The Authen::PAM object is left in the shared invocation hash at the specified key.

The set method attempts to fetch the environment provided by the PAM framework, translating any environment variables matching an attribute in the current dictionary into RADIUS attribute/value pairs within the response.

The set method will only perform its task if the account can be authenticated by PAM. Otherwise, a NRS_SET_CONTINUE will be returned, causing the execution of the rules to continue.

The following properties or arguments can be specified to either the constructor or any factory:

auto

Causes the RADIUS identifier and authenticator from the request to be copied into the response.

code

Sets the code of the RADIUS response. Defaults to 'Access-Accept'.

result

What value to return when a succesful authentication occurs.

description

Description of this rule, used for logging purposes.

store_result

Specifies which key in the shared invocation hashref will be used to store the Authen::PAM object. Defaults to _pamh.

service

Defines the PAM service that must be used to authenticate. This attribute defaults to login.

Note that this class inherits from Net::Radius::Server::Set::Simple(3), so all its attributes are available as well.

EXPORT

None by default.

HISTORY ^

  $Log$
  Revision 1.6  2006/12/14 16:33:17  lem
  Rules and methods will only report failures in log level 3 and
  above. Level 4 report success and failure, for deeper debugging

  Revision 1.5  2006/11/15 05:54:04  lem

  NRS::PAM now inherits from NRS::Set::Simple to increase functionality.

  Revision 1.4  2006/11/15 05:39:15  lem

  Corrected invocation of the factories


  Revision 1.2  2006/11/15 05:23:57  lem

  service now can be left unspecified. Defaults to 'login'

  Revision 1.1  2006/11/15 05:14:54  lem

  NRS::PAM has basic functionality.

SEE ALSO ^

Perl(1), Net::Radius::Server(3), Net::Radius::Server::Match(3), Net::Radius::Server::Set(3), Net::Radius::Server::Set::Simple(3), Authen::PAM(3).

AUTHOR ^

Luis E. Muñoz, <luismunoz@cpan.org>

COPYRIGHT AND LICENSE ^

Copyright (C) 2006 by Luis E. Muñoz

This library is free software; you can redistribute it and/or modify it under the same terms as Perl 5.8.6 itself.

syntax highlighting: