Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
Net::Radius::Server::MUser:Contributed PerlNet::Radius::Server::Match::LDAP(3)

NAME
       Net::Radius::Server::Match::LDAP	- Interaction with LDAP	servers	for
       RADIUS

SYNOPSIS
	 use Net::Radius::Server::Match::LDAP;

	 my $match = Net::Radius::Server::Match::LDAP->new({ ... });
	 my $match_sub = $match->mk;

DESCRIPTION
       "Net::Radius::Server::Match::LDAP" is a packet match method factory.
       This allows a Net::Radius::Server(3) RADIUS server to process requests
       based on	information stored in an LDAP directory. Additionally,
       information obtained from LDAP remains available	for further rule
       methods to process.

       See "Net::Radius::Server::Match"	for general usage guidelines. The
       matching	of RADIUS requests is controlled through arguments passed to
       the constructor,	to specific accessors or to the	factory	method.	There
       are generally, two types	of arguments:

       Extendable
	   Those are arguments that are	passed directly	to a Net::LDAP(3)
	   method. Those arguments can receive either a	scalar or a code ref.

	   If a	scalar is supplied, this value is simply passed	as-is to the
	   undelying Net::LDAP(3) method.

	   If a	code ref is supplied, it will be called	as in

	       $sub->($obj, $hashref);

	   Where $obj is the "Net::Radius::Server::Match::LDAP"	object and
	   $hashref is the invocation hashref, as described in
	   Net::Radius::Server(3). Whatever is returned	by this	sub will be
	   used	as the value for this attribute.

       Indirect	Extendable
	   The options that will be passed as named arguments to an underlying
	   Net::LDAP(3)	method.	Generally speaking, those are attribute	-
	   value tuples	specified within a listref, as in the following
	   example.

	       ->bind_opts([ password => 'mySikritPzwrd' ]);

	   Arguments are filtered to provide increased functionality. By
	   prepending '_nrs_' to the argument name,
	   "Net::Radius::Server::Match::LDAP" will use the return value	of the
	   supplied code ref as	the value of the argument. The following
	   example illustrates this:

	       ->bind_ops([ _nrs_password => sub { 'mySikritPzwrd' } ]);

	   The code ref	is invoked as in

	       $sub->($obj, $hashref)

	   Where $obj is the "Net::Radius::Server::Match::LDAP"	object and
	   $hashref is the invocation hashref, as described in
	   Net::Radius::Server(3). Whatever is returned	by this	sub will be
	   used	as the value for this attribute.

       The following arguments control the invocation of the Net::LDAP(3)
       underlying methods:

       ldap_uri
	   The URI or host specification passed	as the first argument of
	   "Net::LDAP-"new()>. See Net::LDAP(3)	for more information.

       ldap_opts (Indirect Extendable)
	   The additional, named parameters passed to "Net::LDAP-"new()>. See
	   Net::LDAP(3)	for more information.

       bind_dn (Extendable)
	   The DN specification	passed as the first argument of
	   "Net::LDAP-"bind()>.	See Net::LDAP(3) for more information.

       bind_opts (Indirect Extendable)
	   The additional, named parameters passed to "Net::LDAP-"bind()>. See
	   Net::LDAP(3)	for more information.

       authenticate_from
	   Specify an optional RADIUS attribute	from which to extract the
	   password for	binding	to the LDAP directory. A password = $pass>
	   argument tuple will be added	to whatever was	specified with
	   bind_opts.

	   Optionally, this parameter can also be a code ref, in which case it
	   will	be called as in

	       $obj->authenticate_from->($hashref)

	   Where $hashref is the shared	invocation hash. The return value of
	   the function	will be	used as	the actual password to use in the LDAP
	   binding.

       search_opts (Indirect Extendable)
	   The named paramenters passed	to "Net::LDAP-"search()>. See
	   Net::LDAP(3)	for more information.

       The underlying Net::LDAP(3) object first	attempts to "->bind()" when
       "->mk()"	is called. This	binding	is re-attempted	later, when errors are
       seen, depending on the configuration arguments specified.

       The match method	will return "NRS_MATCH_OK" if no error results from
       the LDAP	"->search()".

       The following methods control other aspects of the
       "Net::Radius::Server::Match::LDAP":

       store_result
	   When	this argument is specified, the	Net::LDAP::Result(3) object
	   returned by the "->search()"	method in Net::LDAP(3) will be stored
	   in the invocation hashref. The value	of this	argument controls the
	   name	of the hash key	where this result will be stored.

	   This	allows further methods (either on the same rule	or in
	   following rules) to use the information returned from an LDAP query
	   for multiple	purposes. You could, for example, locate a user's
	   profile and allow later rules to translate that profile into	RADIUS
	   attributes in the response packet.

       max_tries
	   When	attempting LDAP	queries, a failure will	cause the re-attempt
	   to issue the	"->bind()" call. This paramenter controls how many
	   attempts are	made. 2	attempts are made by default.

   EXPORT
       None by default.

HISTORY
	 $Log$
	 Revision 1.9  2006/12/14 16:33:17  lem
	 Rules and methods will	only report failures in	log level 3 and
	 above.	Level 4	report success and failure, for	deeper debugging

	 Revision 1.8  2006/11/15 03:11:22  lem
	 Minor indentation tweak

	 Revision 1.7  2006/11/15 01:57:37  lem
	 Fix CVS log in	the docs

SEE ALSO
       Perl(1),	NetAddr::IP(3),	Net::Radius::Server(3),
       Net::Radius::Server::Match(3), Net::LDAP(3).

AUTHOR
       Luis E. MuA+-oz,	<luismunoz@cpan.org>

COPYRIGHT AND LICENSE
       Copyright (C) 2006 by Luis E. MuA+-oz

       This library is free software; you can redistribute it and/or modify it
       under the same terms as Perl 5.8.6 itself.

POD ERRORS
       Hey! The	above document had some	coding errors, which are explained
       below:

       Around line 372:
	   Non-ASCII character seen before =encoding in	'MuA+-oz,'. Assuming
	   UTF-8

perl v5.32.0			  2009-09-2Net::Radius::Server::Match::LDAP(3)

NAME | SYNOPSIS | DESCRIPTION | HISTORY | SEE ALSO | AUTHOR | COPYRIGHT AND LICENSE | POD ERRORS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=Net::Radius::Server::Match::LDAP&sektion=3&manpath=FreeBSD+12.2-RELEASE+and+Ports>

home | help