Authen-SASL
view release on metacpan or search on metacpan
Authen-SASL 2.16 -- Tue Sep 4 11:01:18 CDT 2012
* SASL.pod: fix typo [Peter Marschall]
* Perl.pm: avoid warning on "uninitialized value" [Peter Marschall]
Authen-SASL 2.15 -- Wed Jun 2 13:47:41 CDT 2010
* Makes sure that user callbacks are called [Yann Kerherve]
Authen-SASL 2.1401 -- Mon Mar 29 14:22:54 CDT 2010
* Add META.yml to release
Authen-SASL 2.14 -- Thu Mar 11 08:21:07 CST 2010
* Documentation updates [Yann Kerherve]
* Added server API description [Yann Kerherve]
* Bugfixes to LOGIN, PLAIN and DIGEST_MD5 [Yann Kerherve]
Client API
----------
Basically the Authen::SASL module gathers some info. When ->client_new
is called the plugin is called to create a $conn object. At that point
it should query the Authen::SASL object for mechanisms and callbacks
Properties are then set on the $conn object by calling $conn->property
Then client_start is called
Then we call client_step with a challenge string to get a response
string. need_step can be called to check that this step is actually
necessary for the selected mechanism.
server_step
need_step # returns true if client_step needs to be called
property # set/get for properties
mechanism # returns the name of the chosen mechanism
service # the service name passed to client_new
host # the hostname passed to client_new
is_success # returns true if authentication suceeded
Callbacks
---------
properties and callbacks are passed by name, so you will need to convert
them to numbers.
There are three types of call back
user => 'fred'
When the user callback is called, it will just return the string 'fred'
user => \&subname
lib/Authen/SASL.pod view on Meta::CPAN
=item new ( OPTIONS )
The constructor may be called with or without arguments. Passing arguments is
just a short cut to calling the C<mechanism> and C<callback> methods.
=over 4
=item callback =E<gt> { NAME => VALUE, NAME => VALUE, ... }
Set the callbacks.
See the L<callback|/callback> method for details.
=item mechanism =E<gt> NAMES
=item mech =E<gt> NAMES
Set the list of mechanisms to choose from.
See the L<mechanism|/mechanism> method for details.
=item debug =E<gt> VALUE
lib/Authen/SASL.pod view on Meta::CPAN
Set the list of mechanisms to choose from. C<NAMES> should be a space separated string
of the names.
=item callback ( NAME )
Returns the current callback associated with C<NAME>.
=item callback ( NAME => VALUE, NAME => VALUE, ... )
Sets the given callbacks to the given values
=item client_new ( SERVICE, HOST, SECURITY )
Creates and returns a new connection object for a client-side connection.
=item server_new ( SERVICE, HOST, OPTIONS )
Creates and returns a new connection object for a server-side connection.
=item error ( )
lib/Authen/SASL.pod view on Meta::CPAN
=head2 Callbacks
There are three different ways in which a callback may be passed
=over
=item CODEREF
If the value passed is a code reference then, when needed, it will be called
and the connection object will be passed as the first argument. In addition
some callbacks may be passed additional arguments.
=item ARRAYREF
If the value passed is an array reference, the first element in the array
must be a code reference. When the callback is called the code reference
will be called with the connection object passed as the first argument
and all other values from the array passed after.
=item SCALAR
lib/Authen/SASL/Perl/ANONYMOUS.pm view on Meta::CPAN
},
);
=head1 DESCRIPTION
This method implements the client part of the ANONYMOUS SASL algorithm,
as described in RFC 2245 resp. in IETF Draft draft-ietf-sasl-anon-XX.txt.
=head2 CALLBACK
The callbacks used are:
=over 4
=item authname
email address or UTF-8 encoded string to be used as
trace information for the server
=back
lib/Authen/SASL/Perl/CRAM_MD5.pm view on Meta::CPAN
},
);
=head1 DESCRIPTION
This method implements the client part of the CRAM-MD5 SASL algorithm,
as described in RFC 2195 resp. in IETF Draft draft-ietf-sasl-crammd5-XX.txt.
=head2 CALLBACK
The callbacks used are:
=over 4
=item user
The username to be used for authentication
=item pass
The user's password to be used for authentication
lib/Authen/SASL/Perl/DIGEST_MD5.pm view on Meta::CPAN
my $cb = shift || sub {};
$self->{need_step} = 1;
$self->{error} = undef;
$self->{nonce} = md5_hex($NONCE || join (":", $$, time, rand));
$self->init_sec_layer;
my $qop = [ sort keys %{$self->{supported_qop}} ];
## get the realm using callbacks but default to the host specified
## during the instantiation of the SASL object
my $realm = $self->_call('realm');
$realm ||= $self->host;
my %response = (
nonce => $self->{nonce},
charset => 'utf-8',
algorithm => 'md5-sess',
realm => $realm,
maxbuf => $self->property('maxbuf'),
lib/Authen/SASL/Perl/DIGEST_MD5.pm view on Meta::CPAN
},
);
=head1 DESCRIPTION
This method implements the client and server parts of the DIGEST-MD5 SASL
algorithm, as described in RFC 2831.
=head2 CALLBACK
The callbacks used are:
=head3 client
=over 4
=item authname
The authorization id to use after successful authentication
=item user
lib/Authen/SASL/Perl/EXTERNAL.pm view on Meta::CPAN
},
);
=head1 DESCRIPTION
This method implements the client part of the EXTERNAL SASL algorithm,
as described in RFC 2222.
=head2 CALLBACK
The callbacks used are:
=over 4
=item user
The username to be used for authentication
=back
=head1 SEE ALSO
lib/Authen/SASL/Perl/GSSAPI.pm view on Meta::CPAN
the `pass' key.
Please note that this module does not currently implement a SASL
security layer following authentication. Unless the connection is
protected by other means, such as TLS, it will be vulnerable to
man-in-the-middle attacks. If security layers are required, then the
L<Authen::SASL::XS> GSSAPI module should be used instead.
=head2 CALLBACK
The callbacks used are:
=over 4
=item authname
The authorization identity to be used in SASL exchange
=item gssmech
The GSS mechanism to be used in the connection
lib/Authen/SASL/Perl/LOGIN.pm view on Meta::CPAN
},
);
=head1 DESCRIPTION
This method implements the client and server part of the LOGIN SASL algorithm,
as described in IETF Draft draft-murchison-sasl-login-XX.txt.
=head2 CALLBACK
The callbacks used are:
=head3 Client
=over 4
=item user
The username to be used for authentication
=item pass
lib/Authen/SASL/Perl/OAUTHBEARER.pm view on Meta::CPAN
},
);
=head1 DESCRIPTION
This module implements the client side of the OAUTHBEARER SASL mechanism,
which is used for OAuth 2.0-based authentication.
=head2 CALLBACK
The callbacks used are:
=head3 Client
=over 4
=item user
The username to be used for authentication.
=item pass
lib/Authen/SASL/Perl/PLAIN.pm view on Meta::CPAN
},
);
=head1 DESCRIPTION
This method implements the client and server part of the PLAIN SASL algorithm,
as described in RFC 2595 resp. IETF Draft draft-ietf-sasl-plain-XX.txt
=head2 CALLBACK
The callbacks used are:
=head3 Client
=over 4
=item authname
The authorization id to use after successful authentication (client)
=item user
lib/Authen/SASL/Perl/XOAUTH2.pm view on Meta::CPAN
},
);
=head1 DESCRIPTION
This module implements the client side of the XOAUTH2 SASL mechanism,
which is used for OAuth 2.0-based authentication.
=head2 CALLBACK
The callbacks used are:
=head3 Client
=over 4
=item user
The username to be used for authentication.
=item pass
( run in 3.929 seconds using v1.01-cache-2.11-cpan-9b1e4054eb1 )