LWP::Authen::Negotiate(3) GSSAPI based Authentication Plugin for LWP

SYNOPSIS


#! /usr/bin/perl -w
use strict;
require LWP::UserAgent;
# uncomment if you want see what is going wrong messages
#
#use LWP::Debug qw(+);
my $ua = LWP::UserAgent->new;
my $response = $ua->get('http://testwurst.grolmsnet.lan:8090/geheim/');
if ($response->is_success) {
print $response->content; # or whatever
}
else {
die $response->status_line;
}

just install LWP::Authen::Negotiate, LWP uses it as authentication plugin. Use your LWP::UserAgent Scripts as usual. Authentication is done transparent based on your GSSAPI installation (MIT Kerberos or Heimdal)

WWW-Negotiate Webservers are IIS or Apache with mod_auth_kerb for example.

DESCRIPTION

To see what ist going on add 

   use LWP::Debug qw(+);

to yor LWP using Scripts.

(e.g. too see what is going wrong with GSSAPI...)

DEBUGGING

To see what ist going on (and going wrong) add 

   use LWP::Debug qw(+);

to yor LWP using Scripts.

(e.g. too see what is going wrong with GSSAPI...)

the output will look like this: 

   LWP::UserAgent::new: ()
   LWP::UserAgent::request: ()
   LWP::UserAgent::send_request: GET http://testwurst.grolmsnet.lan:8090/geheim/
   LWP::UserAgent::_need_proxy: Not proxied
   LWP::Protocol::http::request: ()
   LWP::Protocol::collect: read 478 bytes
   LWP::UserAgent::request: Simple response: Unauthorized
   LWP::Authen::Negotiate::authenticate: authenticate() called
   LWP::Authen::Negotiate::authenticate: target hostname testwurst.grolmsnet.lan
   LWP::Authen::Negotiate::authenticate: GSSAPI servicename     HTTP/[email protected]
   LWP::Authen::Negotiate::authenticate:  Miscellaneous failure (see text)
   LWP::Authen::Negotiate::authenticate: open(/tmp/krb5cc_1000): file not found

In this case the credentials cache was empty. Run kinit first ;-)

ENVIRONMENT

LWP_AUTHEN_NEGOTIATE_DELEGATE
Define to enable ticket forwarding to webserver.

BUGS

As default Kerberos 5 is selected as GSSAPI mechanism. a later veriosn will make that configureable.

AUTHOR

Achim Grolms, <[email protected]>

http://perlgssapi.sourceforge.net/

Thanks to

Leif Johansson
who has conributed a lot of code from his implementation of the module and send a lot of input, ideas and feedback
Harald Joerg
helped with Kerberos knowledge and does testing on cygwin against IIS and mod_auth_kerb
Christopher Odenbach
does a lot of testing on Linux and Solaris
Dax Kelson
does a lot of testing on Linux
Karsten Kuenne
helped with advice

COPYRIGHT AND LICENSE

Copyright (C) 2006 by Achim Grolms <[email protected]>

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.4 or, at your option, any later version of Perl 5 you may have available.

LAST SEARCHED