SYNOPSIS
use Authen::TacacsPlus;
$tac = new Authen::TacacsPlus(Host=>$server,
Key=>$key,
[Port=>'tacacs'],
[Timeout=>15]);
or
$tac = new Authen::TacacsPlus(
[ Host=>$server1, Key=>$key1, [Port=>'tacacs'], [Timeout=>15] ],
[ Host=>$server2, Key=>$key2, [Port=>'tacacs'], [Timeout=>15] ],
[ Host=>$server3, Key=>$key3, [Port=>'tacacs'], [Timeout=>15] ],
... );
$tac->authen($username,$passwords);
Authen::TacacsPlus::errmsg();
$tac->close();
DESCRIPTION
Authen::TacacsPlus allows you to authenticate using tacacs+ server.
$tac = new Authen::TacacsPlus(Host=>$server, Key=>$key, [Port=>'tacacs'], [Timeout=>15]);
Opens new session with tacacs+ server on host $server, encrypted with key $key. Undefined object is returned if something wrong (check errmsg()).
With a list of servers the order is relevant. It checks the availability of the Tacacs+ service using the order you defined.
Authen::TacacsPlus::errmsg();
Returns last error message.
$tac->authen($username,$password,$authen_type);
Tries an authentication with $username and $password. 1 is returned if authenticaton succeded and 0 if failed (check errmsg() for reason).
$authen_type is an optional argument that specifies what type of authentication to perform. Allowable options are: Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_ASCII (default) Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_PAP Authen::TacacsPlus::TAC_PLUS_AUTHEN_TYPE_CHAP
ASCII uses Tacacs+ version 0, and will authenticate against the ``login'' or ``global'' password on the Tacacs+ server. If no authen_type is specified, it defaults to this type of authentication.
PAP uses Tacacs+ version 1, and will authenticate against the ``pap'' or ``global'' password on the Tacacs+ server.
CHAP uses Tacacs+ version 1, and will authenticate against
the ``chap'' or ``global'' password on the Tacacs+ server. With CHAP,
the password if formed by the concatenation of
chap id + chap challenge + chap response
There is example code in test.pl
If you use a list of servers you can continue using $tac->authen if one of them goes down or become unreachable.
$tac->close();
Closes session with tacacs+ server.
EXAMPLE
use Authen::TacacsPlus; $tac = new Authen::TacacsPlus(Host=>'foo.bar.ru',Key=>'9999'); unless ($tac){ print "Error: ",Authen::TacacsPlus::errmsg(),"\n"; exit(1); } if ($tac->authen('john','johnpass')){ print "Granted\n"; } else { print "Denied: ",Authen::TacacsPlus::errmsg(),"\n"; } $tac->close();
BUGS
only authentication is supportedonly one session may be active (you have to close one session before opening another one)