Apache-AppSamurai
8 results

 view release on metacpan or  search on metacpan

lib/Apache/AppSamurai/AuthRadius.pm  view on Meta::CPAN 

# Apache::AppSamurai::AuthRadius - AppSamurai Radius authentication plugin

# $Id: AuthRadius.pm,v 1.15 2008/04/30 21:40:06 pauldoom Exp $

##
# Copyright (c) 2008 Paul M. Hirsch (paul@voltagenoir.org).
# All rights reserved.
#
# This program is free software; you can redistribute it and/or modify it under
# the same terms as Perl itself.
##

package Apache::AppSamurai::AuthRadius;
use strict;
use warnings;

use vars qw($VERSION @ISA);
$VERSION = substr(q$Revision: 1.15 $, 10, -1);

use Carp;
use Apache::AppSamurai::AuthBase;
use Authen::Radius;

@ISA = qw( Apache::AppSamurai::AuthBase );

sub Configure {
    my $self = shift;

    # Pull defaults from AuthBase and save.
    $self->SUPER::Configure();
    my $conft = $self->{conf};
    
    # Initial configuration.  Put defaults here before the @_ args are
    # pulled in.
    $self->{conf} = { %{$conft},
	              Connect => '127.0.0.1:1812', # IP:port of RADIUS server
		      Secret => 'defaultisstupid', # RADIUS secret for this
                                                   # client
		      Timeout => 5, # Timeout for RADIUS auth to return
		      @_,
		  };
    return 1;
}

sub Initialize {
    my $self = shift;
    # Create our Authen::Radius instance
    $self->{radius} = new Authen::Radius(Host => $self->{conf}{Connect},
					 Secret => $self->{conf}{Secret},
					 TimeOut => $self->{conf}{Timeout}
					 );
    ($self->{radius}) || ($self->AddError("Initialization of Authen::Radius failed: $!") && return 0);

    $self->{init} = 1;
    return 1;
}


# Query the Radius server
sub Authenticator {
    my $self = shift;
    my $user = shift;
    my $pass = shift;
    my $error;

    # Amazingly enough, this actually sends the authentication request to the
    # RADIUS server.  Bet you couldn't figure THAT one out.
    ($self->{radius}->check_pwd($user, $pass)) && (return 1);

    # Save an error message if there is one, else assume a normal login failure
    $error = $self->{radius}->get_error();
    if ($error ne 'ENONE') {
	$self->AddError('error', "Special authentication failure: \"$user\": $error, " . $self->{radius}->strerror());
    } else {
	$self->AddError('warn', "Authentication failure: \"$user\": " . $self->{radius}->strerror());
    }

    # DEFAULT DENY # 
    return 0;
}
    
1; # End of Apache::AppSamurai::AuthRadius

__END__

=head1 NAME

Apache::AppSamurai::AuthRadius - Check credentials against RADIUS service

=head1 SYNOPSIS



( run in 1.971 second using v1.01-cache-2.11-cpan-98e64b0badf )