view release on metacpan or  search on metacpan

lib/Apache2/SiteControl/Radius.pm  view on Meta::CPAN

package Apache2::SiteControl::Radius;

use 5.008;
use strict;
use warnings;
use Carp;
use Authen::Radius;
#use Apache2::Connection;
#use Apache2::RequestRec;
#use APR::SockAddr;

sub check_credentials
{
   my $r    = shift;  # Apache request object
   my $username = shift;
   my $password = shift;
   my $host = $r->dir_config("RadiusSiteControlHost") || "localhost";
   my $secret = $r->dir_config("RadiusSiteControlSecret") || "unknown";
   my $radius;

   # Get my IP address to pass as the
   # Source IP and NAS IP Address
   # TODO: Only works with apache 2...uncommented for now
   #my $c = $r->connection;
   #my $sockaddr = $c->local_addr if defined($c);
   my $nas_ip_address = undef; # $sockaddr->ip_get if defined($sockaddr);

   $r->log_error("WARNING: Shared secret is not set. Use RadiusSiteControlSecret in httpd.conf") if $secret eq "unknown";

   $radius = new Authen::Radius(Host => $host, Secret => $secret);
   if(!$radius) {
      $r->log_error("Could not contact radius server!");
      return 0;
   }
   if($radius->check_pwd($username, $password, $nas_ip_address)) {
      return 1;
   }
   $r->log_error("User $username failed authentication:" . $radius->strerror);
   return 0;
}

1;

__END__

=head1 NAME

Apache2::SiteControl::Radius - Raduis authentication module for SiteControl

=head1 SYNOPSIS

In Apache/mod_perl's configuration:

=over 4

   PerlModule Apache2::SiteControl

   <Location /sample>
   ...
      PerlSetVar SiteControlMethod Apache2::SiteControl::Radius
   ...
   </Location>

   <FilesMatch "\.pl$">
    ...
    PerlSetVar RadiusSiteControlHost "localhost"
    PerlSetVar RadiusSiteControlSecret "mysecret"
    ...
   </FilesMatch>

   <Location /SampleLogin>
    ...