|
|
Authen::SASL::Perl::GSSAPI - GSSAPI (Kerberosv5) Authentication class
use Authen::SASL qw(Perl);
$sasl = Authen::SASL->new( mechanism => 'GSSAPI' );
$sasl->client_start( $service, $host );
This method implements the client part of the GSSAPI SASL algorithm.
With a valid Kerberos 5 credentials cache (aka TGT) it allows
to connect to service@host given as the first two parameters
to Authen::SASL's client_start() method.
Please note that this module does not currently implement a SASL security layer following authentication. Unless the connection is protected by other means, such as TLS, it will be vulnerable to man-in-the-middle attacks. If security layers are required, then the Authen::SASL::Cyrus GSSAPI module should be used instead.
The callbacks used are:
The username to be used in the response
the Authen::SASL manpage, the Authen::SASL::Perl manpage
Written by Simon Wilkinson, with patches and extensions by Achim Grolms and Peter Marschall.
Please report any bugs, or post any suggestions, to the perl-ldap mailing list <perl-ldap@perl.org>
Copyright (c) 2006 Simon Wilkinson, Achim Grolms and Peter Marschall. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.