view release on metacpan or  search on metacpan

pod/v2/afsperlkas.pod  view on Meta::CPAN

the Authentication Server.  Internally an AFS::KAS object is a pointer
to a ubik_client structure, although this may change and the value
returned should always be treaded as an opaque handle.  A TOKEN may or
may not be needed depending on the SERVICE.  TOKEN must be an instance
of AFS::KTC_TOKEN.  Possible values for SERVICE are

   &AFS::KA_MAINTENANCE_SERVICE

It calls the AFS system library function 'ka_SingleServerConn'.

=item B<DESTRUCTOR>

=item S< >

=item B<$kas-E<gt>DESTROY;>

Destroys the ubik connection to the Authentication Server and frees the
ubik connection structure.

=item B<INSTANCE METHODS>

Nearly all instance methods come in two flavors. The KAM_* methods
are essentially the same as the low-level AFS KAS APIs.  The other
methods are simply just wrappers around the KAM_* methods.  These have
been introduced in order to offer a more perlish interface :-)

=item S< >

=item B<$token = $kas-E<gt>Authenticate(UNAME, UINST, SERVICE, EKEY, STIME, ETIME [, PWEXP]);>

Returns a token for the user entry UNAME.UINST for the specified
SERVICE.  The desired ticket lifetime is specified by STIME and ETIME
(given in 5 minute intervals). This ticket is referred to as the
AuthTicket.  EKEY contains the encrypted user password and must be an
instance of AFS::KTC_EKEY.  It assumes that a connection to the
AuthServer has already been established.  Possible values for SERVICE
are

    &AFS::KA_TICKET_GRANTING_SERVICE
    &AFS::KA_MAINTENANCE_SERVICE

It calls the AFS system library function 'ka_Authenticate'

=item B<$ok = $kas-E<gt>ChangePassword(UNAME, UINST, OKEY, NKEY);>

Changes the password for the user entry UNAME.UINST in the
Authentication Database to NKEY. OKEY and NKEY must be instances of
AFS::KTC_EKEY.  OEKY is never used, so you can put in any key
(randomkey).  It calls the AFS system library function
'ka_ChangePassword'.

=item B<$ok = $kas-E<gt>create(UNAME, UINST, NKEY);>

=item B<$ok = $kas-E<gt>KAM_CreateUser(UNAME, UINST, NKEY);>

Adds the user entry UNAME.UINST to the Authentication Database and sets
its password key to NKEY.  NKEY must be an instance of AFS::KTC_EKEY.
This call requires a connection encrypted with an AdminTicket.  It calls
the AFS system library function 'KAM_CreateUser'.

=item B<$entry = $kas-E<gt>debug;>

=item B<$entry = $kas-E<gt>KAM_Debug(VERSION);>

Returns information about the Authentication Database, the key cache,
and the state of the AuthServer.  The return value is a reference to a
hash table containing the values from the C structure C<ka_debugInfo>.
Possible values for VERSION are

   &AFS::KAMAJORVERSION

It calls the AFS system library function'KAM_Debug'.

=item B<$ok = $kas-E<gt>delete(UNAME, UINST);>

=item B<$ok = $kas-E<gt>KAM_DeleteUser(UNAME, UINST);>

Removes the user entry UNAME.UINST from the Authentication Database. It
requires a connection encrypted with an AdminTicket.
It calls the AFS system library function 'KAM_DeleteUser'.

=item B<$entry = $kas-E<gt>getentry(UNAME, UINST);>

=item B<$entry = $kas-E<gt>KAM_Getentry(UNAME, UINST);>

Returns information from the Authentication Database entry for the
user entry UNAME.UINST.  The return value is a reference to a hash
table containing the values from the C structure C<kaentryinfo>.  The
hash table has the following keys

    change_password_time    flags                  keyCheckSum
    key_version             max_ticket_lifetime    minor_version
    misc_auth_bytes         modification_time      modification_user
    user_expiration

It calls the AFS system library function 'KAM_GetEntry'.

=item B<($num_admins, $kasstats, $kadstats) = $kas-E<gt>getstats;>

=item B<($num_admins, $kasstats, $kadstats) = $kas-E<gt>KAM_GetStats(VERSION);>

Returns statistics about the AuthServer and its database. If VERSION
does not match that used by the server, the call returns an error
code. The return values are references to the hash tables containing
the values from the C structures C<kasstats> and C<kadstats>.  This
call requires a connection encrypted with an AdminTicket.  Possible
values for VERSION are

   &AFS::KAMAJORVERSION

It calls the AFS system library function 'KAM_Getstats'.

=item B<$token = $kas-E<gt>GetToken(SNAME, SINST, STIME, ETIME, AUTH_TOKEN [, AUTH_CELL]);>

Return a token for the specified service SNAME.SINST.  The desired
ticket lifetime is specified by STIME and ETIME (given in 5 minute
intervals). AUTH_TOKEN must be a ticket for the ticket­granting
service (an instance of AFS::KTC_TOKEN) in the cell AUTH_CELL (default
null). It assumes that a connection to the AuthServer has already been
established.  It calls the AFS system library function 'ka_GetToken'.

=item B<($name, $inst) = $kas-E<gt>listentry(PREV, INDX, COUNT);>

=item B<($name, $inst) = $kas-E<gt>KAM_ListEntry(PREV, INDX, COUNT);>

Returns the name and instance of an entry in the database.  It provides
a way to step through all the entries in the database. The first call