Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
Net::Radius::Server(3)User Contributed Perl DocumentatioNet::Radius::Server(3)

NAME
       Net::Radius::Server - Framework for RADIUS Servers

SYNOPSIS
	 use Net::Radius::Server;

DESCRIPTION
       "Net::Radius::Server" provides an extensible framework to create	RADIUS
       servers suitable	for non-standard scenarios where authentication	needs
       to consider multiple factors. The RADIUS	responses may be created by
       arbitrarily complex rules that process the request packet as well as
       any external data accessible to Perl.

       RADIUS request processing can as	well include custom -- and sometimes
       complex -- processes. For instance, you could want to record a copy of
       every RADIUS request received by	the server for audit purposes.

       The following modules or	module hierarchies are included	in this
       distribution as well:

       "Net::Radius::Server::NS"
	   This	class uses Net::Server(3) to construct a complete RADIUS
	   server.

       "Net::Radius::Server::Base"
	   A general base class	that contains exported constants and methods
	   for the framework.

       "Net::Radius::Server::DBStore"
	   Provide access to an	underlying Berkeley DB Database	for storing
	   attributes received in the RADIUS requests or in any	tuple provided
	   at transaction processing time.

       "Net::Radius::Server::Match"
	   The base model for match methods. Match methods are used to decide
	   whether a given rule	can be applied.	Match methods usually operate
	   on the RADIUS request as well as the	peer data and other
	   environmental factors.

       "Net::Radius::Server::Match::Simple"
	   This	is a simplistic	match-method factory that can test for a
	   variety of conditions (peer address and port, RADIUS	request	type,
	   presence and	contents of specific attribues).

       "Net::Radius::Server::Set"
	   The base model for set methods. Set methods are expected to craft a
	   response packet and instruct	the RADIUS server how/when/if respond
	   to the given	request.

       "Net::Radius::Server::Set::Simple"
	   An example of set-method factory class. It allows for setting
	   specific RADIUS attributes, both standard and vendor-specific and
	   setting packet codes.

       As you might have guessed by now, implementation	of new features	is
       done through subclassing	and overriding of selected functions. This
       provides	for an isolated	yet well integrated environment.

   The invocation hashref
       "Net::Radius::Server::Match" "->match()"	methods,
       "Net::Radius::Server::Set" "->set()" methods and	the secret, dictionary
       and rule	subs described in "Net::Radius::Server::NS" are	invoked
       passing a single	hash reference as argument. This hash reference	is
       shared through all the calls, providing an effective means to have
       those objects share some	space on a per-request basis.

       The hashref contains the	following entries:

       packet
	   The RADIUS packet data received with	no conversions.

       peer_addr
	   The address of the peer that	sent the RADIUS	packet.

       peer_host
	   If available, the reverse of	peer_addr.

       peer_port
	   The socket port used	by our peer to send the	RADIUS packet.

       port
	   The local socket port through which the RADIUS packet was received.

       server
	   Only	available under	"Net::Radius::Server::NS", this	is the
	   "Net::Server" object	used to	service	requests.

       secret
	   Only	available after	calling	the method returned by the
	   "nrs_secret_script" under "Net::Radius::Server::NS".	This is	the
	   RADIUS shared secret	used to	encode and decode valid	requests.

       dict
	   Only	available after	calling	the method returned by the
	   "nrs_dictionary_script" under "Net::Radius::Server::NS". This is
	   the RADIUS dictionary used to encode	and decode valid requests.

       request
	   After succesful decoding, that requires both	a correct secret and a
	   dictionary, this entry contains the RADIUS request in a
	   "Net::Radius::Packet" object.

       response
	   After succesful decoding, that requires both	a correct secret and a
	   dictionary, this entry contains an empty RADIUS packet as a
	   "Net::Radius::Packet" object. "->set()" methods are expected	to
	   modify this packet to craft a suitable response.

   Using Linux-PAM and LDAP
       The accompanying	modules	can use	LDAP and Linux-PAM to authenticate
       users or	otherwise, make	more complex choices. An example used by the
       author, uses an LDAP attribute to decide	if the username	must be
       authenticated through RADIUS proxying or	against	an LDAP	server.

       Other uses are possible,	such as	adding specific	RADIUS attributes to
       the responses based on LDAP attributes.

   EXPORT
       None by default.

HISTORY
	 $Log$
	 Revision 1.4  2007/01/02 23:27:11  lem
	 Added missing prerequisites. Also documented what can be done with
	 LDAP and Linux-PAM

	 Revision 1.3  2006/12/14 15:52:25  lem
	 Fix CVS tags

SEE ALSO
       Perl(1),	Net::Radius::Packet(3),	Net::Radius::Server::NS(3),
       Net::Server(3).

AUTHOR
       Luis E. MuA+-oz,	<luismunoz@cpan.org>

COPYRIGHT AND LICENSE
       Copyright (C) 2006 by Luis E. MuA+-oz

       This library is free software; you can redistribute it and/or modify it
       under the same terms as Perl 5.8.6 itself.

POD ERRORS
       Hey! The	above document had some	coding errors, which are explained
       below:

       Around line 182:
	   Non-ASCII character seen before =encoding in	'MuA+-oz,'. Assuming
	   UTF-8

perl v5.32.0			  2009-10-15		Net::Radius::Server(3)

NAME | SYNOPSIS | DESCRIPTION | HISTORY | SEE ALSO | AUTHOR | COPYRIGHT AND LICENSE | POD ERRORS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=Net::Radius::Server&sektion=3&manpath=FreeBSD+12.2-RELEASE+and+Ports>

home | help