TacacsPlus(3pm)

NAME

Authen::TacacsPlus - Perl extension for authentication using tacacs+
server

SYNOPSIS

use Authen::TacacsPlus;

$tac = new Authen::TacacsPlus(Host=>$server,
                      Key=>$key,
                      [Port=>'tacacs'],
                      [Timeout=>15]);

$tac->authen($username,$passwords);

Authen::TacacsPlus::errmsg();

$tac->close();

DESCRIPTION

Authen::TacacsPlus allows you to authenticate using tacacs+ server.
$tac = new Authen::TacacsPlus(Host=>$server,
Key=>$key,
[Port=>'tacacs'],
[Timeout=>15]);
Opens new session with tacacs+ server on host $server, encrypted with
key $key. Undefined object is returned if something wrong (check
errmsg()).

Authen::TacacsPlus::errmsg();
Returns last error message.

$tac->authen($username,$password,$authen_type);
Tries an authentication with $username and $password. 1 is returned if authenticaton succeded and 0 if failed (check errmsg() for reason).
$authen_type is an optional argument that specifies what type of
authentication to perform. Allowable options are:
Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_ASCII (default)
Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_PAP
Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_CHAP
ASCII uses Tacacs+ version 0, and will authenticate against the "login" or "global" password on the Tacacs+ server. If no authen_type is
specified, it defaults to this type of authentication.
PAP uses Tacacs+ version 1, and will authenticate against the "pap" or "global" password on the Tacacs+ server.
CHAP uses Tacacs+ version 1, and will authenticate against the "chap"
or "global" password on the Tacacs+ server. With CHAP, the password if formed by the concatenation of
chap id + chap challenge + chap response
Ther is example code in test.pl

$tac->close();
Closes session with tacacs+ server.

EXAMPLE

use Authen::TacacsPlus;

$tac = new Authen::TacacsPlus(Host=>'foo.bar.ru',Key=>'9999');
unless ($tac){
print "Error: ",Authen::TacacsPlus::errmsg(),"\n";
exit(1);
}
if ($tac->authen('john','johnpass')){
print "Granted\n";
} else {
print "Denied: ",Authen::TacacsPlus::errmsg(),"\n";
}
$tac->close();

AUTHOR

Mike Shoyher, msh@corbina.net, msh@apache.lexa.ru

Mike McCauley, mikem@open.com.au

BUGS

only authentication is supported

only one session may be active (you have to close one session before
opening another one)

SEE ALSO

perl(1).

perl v5.10.0 2009-07-09 TacacsPlus(3pm)

Copyright © 2010-2025 Platon Technologies, s.r.o.           Home | Man pages | tLDP | Documents | Utilities | About
Design by styleshout