1Authen::SASL(3)       User Contributed Perl Documentation      Authen::SASL(3)
2
3
4

NAME

6       Authen::SASL - SASL Authentication framework
7

SYNOPSIS

9        use Authen::SASL;
10
11        $sasl = Authen::SASL->new(
12          mechanism => 'CRAM-MD5 PLAIN ANONYMOUS',
13          callback => {
14            pass => \&fetch_password,
15            user => $user,
16          }
17        );
18

DESCRIPTION

20       SASL is a generic mechanism for authentication used by several network
21       protocols. Authen::SASL provides an implementation framework that all
22       protocols should be able to share.
23
24       The framework allows different implementations of the connection class
25       to be plugged in. At the time of writing there were two such plugins.
26
27       Authen::SASL::Perl
28           This module implements several mechanisms and is implemented
29           entirely in Perl.
30
31       Authen::SASL::XS
32           This module uses the Cyrus SASL C-library (both version 1 and 2 are
33           supported).
34
35       Authen::SASL::Cyrus
36           This module is the predecessor to Authen::SASL::XS. It is
37           reccomended to use Authen::SASL::XS
38
39       By default the order in which these plugins are selected is
40       Authen::SASL::XS, Authen::SASL::Cyrus and then Authen::SASL::Perl.
41
42       If you want to change it or want to specifically use one implementation
43       only simply do
44
45        use Authen::SASL qw(Perl);
46
47       or if you have another plugin module that supports the Authen::SASL API
48
49        use Authen::SASL qw(My::SASL::Plugin);
50
51   CONTRUCTOR
52       new ( OPTIONS )
53           The constructor may be called with or without arguments. Passing
54           arguments is just a short cut to calling the "mechanism" and
55           "callback" methods.
56
57           callback => { NAME => VALUE, NAME => VALUE, ... }
58               Set the callbacks.  See the callback method for details.
59
60           mechanism => NAMES
61           mech => NAMES
62               Set the list of mechanisms to choose from.  See the mechanism
63               method for details.
64
65           debug => VALUE
66               Set the debug level bit-value to "VALUE"
67
68               Debug output will be sent to "STDERR". The bits of this value
69               are:
70
71                1   Show debug messages in the Perl modules for the mechanisms.
72                    (Currently only used in GSSAPI)
73                4   With security layers in place show information on packages read.
74                8   With security layers in place show information on packages written.
75
76               The default value is 0.
77
78   METHODS
79       mechanism ( )
80           Returns the current list of mechanisms
81
82       mechanism ( NAMES )
83           Set the list of mechanisms to choose from. "NAMES" should be a
84           space separated string of the names.
85
86       callback ( NAME )
87           Returns the current callback associated with "NAME".
88
89       callback ( NAME => VALUE, NAME => VALUE, ... )
90           Sets the given callbacks to the given values
91
92       client_new ( SERVICE, HOST, SECURITY )
93           Creates and returns a new connection object for a client-side
94           connection.
95
96       server_new ( SERVICE, HOST, OPTIONS )
97           Creates and returns a new connection object for a server-side
98           connection.
99
100       error ( )
101           Returns any error from the last connection
102

The Connection Class

104       server_start ( CHALLENGE )
105           server_start begins the authentication using the chosen mechanism.
106           If the mechanism is not supported by the installed SASL it fails.
107           Because for some mechanisms the client has to start the
108           negotiation, you can give the client challenge as a parameter.
109
110       server_step ( CHALLENGE )
111           server_step performs the next step in the negotiation process. The
112           first parameter you give is the clients challenge/response.
113
114       client_start ( )
115           The initial step to be performed. Returns the initial value to pass
116           to the server or an empty list on error.
117
118       client_step ( CHALLENGE )
119           This method is called when a response from the server requires it.
120           CHALLENGE is the value from the server. Returns the next value to
121           pass to the server or an empty list on error.
122
123       need_step ( )
124           Returns true if the selected mechanism requires another step before
125           completion (error or success).
126
127       answer ( NAME )
128           The method will return the value returned from the last call to the
129           callback NAME
130
131       property ( NAME )
132           Returns the property value associated with "NAME".
133
134       property ( NAME => VALUE, NAME => VALUE, ... )
135           Sets the named properties to their associated values.
136
137       service ( )
138           Returns the service argument that was passed to *_new-methods.
139
140       host ( )
141           Returns the host argument that was passed to *_new-methods.
142
143       mechanism ( )
144           Returns the name of the chosen mechanism.
145
146       is_success ( )
147           Once need_step() returns false, then you can check if the
148           authentication succeeded by calling this method which returns a
149           boolean value.
150
151   Callbacks
152       There are three different ways in which a callback may be passed
153
154       CODEREF
155           If the value passed is a code reference then, when needed, it will
156           be called and the connection object will be passed as the first
157           argument. In addition some callbacks may be passed additional
158           arguments.
159
160       ARRAYREF
161           If the value passed is an array reference, the first element in the
162           array must be a code reference. When the callback is called the
163           code reference will be called with the connection object passed as
164           the first argument and all other values from the array passed
165           after.
166
167       SCALAR
168           All other values passed will be used directly. ie it is the same as
169           passing an code reference that, when called, returns the value.
170

SEE ALSO

172       Authen::SASL::Perl, Authen::SASL::XS, Authen::SASL::Cyrus
173

AUTHOR

175       Graham Barr <gbarr@pobox.com>
176
177       Please report any bugs, or post any suggestions, to the perl-ldap
178       mailing list <perl-ldap@perl.org>
179
181       Copyright (c) 1998-2005 Graham Barr. All rights reserved. This program
182       is free software; you can redistribute it and/or modify it under the
183       same terms as Perl itself.
184
185
186
187perl v5.36.0                      2023-01-20                   Authen::SASL(3)
Impressum