GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
Net::Radius::Server::Match::LDAP(3) User Contributed Perl Documentation Net::Radius::Server::Match::LDAP(3)

Net::Radius::Server::Match::LDAP - Interaction with LDAP servers for RADIUS 

  use Net::Radius::Server::Match::LDAP;

  my $match = Net::Radius::Server::Match::LDAP->new({ ... });
  my $match_sub = $match->mk;

"Net::Radius::Server::Match::LDAP" is a packet match method factory. This allows a Net::Radius::Server(3) RADIUS server to process requests based on information stored in an LDAP directory. Additionally, information obtained from LDAP remains available for further rule methods to process.

See "Net::Radius::Server::Match" for general usage guidelines. The matching of RADIUS requests is controlled through arguments passed to the constructor, to specific accessors or to the factory method. There are generally, two types of arguments:

Extendable
Those are arguments that are passed directly to a Net::LDAP(3) method. Those arguments can receive either a scalar or a code ref.

If a scalar is supplied, this value is simply passed as-is to the undelying Net::LDAP(3) method.

If a code ref is supplied, it will be called as in

    $sub->($obj, $hashref);

Where $obj is the "Net::Radius::Server::Match::LDAP" object and $hashref is the invocation hashref, as described in Net::Radius::Server(3). Whatever is returned by this sub will be used as the value for this attribute.

Indirect Extendable
The options that will be passed as named arguments to an underlying Net::LDAP(3) method. Generally speaking, those are attribute - value tuples specified within a listref, as in the following example. 

    ->bind_opts([ password => 'mySikritPzwrd' ]);

Arguments are filtered to provide increased functionality. By prepending '_nrs_' to the argument name, "Net::Radius::Server::Match::LDAP" will use the return value of the supplied code ref as the value of the argument. The following example illustrates this:

    ->bind_ops([ _nrs_password => sub { 'mySikritPzwrd' } ]);

The code ref is invoked as in

    $sub->($obj, $hashref)

Where $obj is the "Net::Radius::Server::Match::LDAP" object and $hashref is the invocation hashref, as described in Net::Radius::Server(3). Whatever is returned by this sub will be used as the value for this attribute.

The following arguments control the invocation of the Net::LDAP(3) underlying methods:

ldap_uri
The URI or host specification passed as the first argument of "Net::LDAP-"new()>. See Net::LDAP(3) for more information.
ldap_opts (Indirect Extendable)
The additional, named parameters passed to "Net::LDAP-"new()>. See Net::LDAP(3) for more information.
bind_dn (Extendable)
The DN specification passed as the first argument of "Net::LDAP-"bind()>. See Net::LDAP(3) for more information.
bind_opts (Indirect Extendable)
The additional, named parameters passed to "Net::LDAP-"bind()>. See Net::LDAP(3) for more information.
authenticate_from
Specify an optional RADIUS attribute from which to extract the password for binding to the LDAP directory. A password = $pass> argument tuple will be added to whatever was specified with bind_opts.

Optionally, this parameter can also be a code ref, in which case it will be called as in

    $obj->authenticate_from->($hashref)

Where $hashref is the shared invocation hash. The return value of the function will be used as the actual password to use in the LDAP binding.

search_opts (Indirect Extendable)
The named paramenters passed to "Net::LDAP-"search()>. See Net::LDAP(3) for more information.

The underlying Net::LDAP(3) object first attempts to "->bind()" when "->mk()" is called. This binding is re-attempted later, when errors are seen, depending on the configuration arguments specified.

The match method will return "NRS_MATCH_OK" if no error results from the LDAP "->search()".

The following methods control other aspects of the "Net::Radius::Server::Match::LDAP":

store_result
When this argument is specified, the Net::LDAP::Result(3) object returned by the "->search()" method in Net::LDAP(3) will be stored in the invocation hashref. The value of this argument controls the name of the hash key where this result will be stored.

This allows further methods (either on the same rule or in following rules) to use the information returned from an LDAP query for multiple purposes. You could, for example, locate a user's profile and allow later rules to translate that profile into RADIUS attributes in the response packet.

max_tries
When attempting LDAP queries, a failure will cause the re-attempt to issue the "->bind()" call. This paramenter controls how many attempts are made. 2 attempts are made by default.

None by default. 

  $Log$
  Revision 1.9  2006/12/14 16:33:17  lem
  Rules and methods will only report failures in log level 3 and
  above. Level 4 report success and failure, for deeper debugging

  Revision 1.8  2006/11/15 03:11:22  lem
  Minor indentation tweak

  Revision 1.7  2006/11/15 01:57:37  lem
  Fix CVS log in the docs

Perl(1), NetAddr::IP(3), Net::Radius::Server(3), Net::Radius::Server::Match(3), Net::LDAP(3).

Luis E. Muñoz, <luismunoz@cpan.org>

Copyright (C) 2006 by Luis E. Muñoz

This library is free software; you can redistribute it and/or modify it under the same terms as Perl 5.8.6 itself.

Hey! The above document had some coding errors, which are explained below:
Around line 372:
Non-ASCII character seen before =encoding in 'Muñoz,'. Assuming UTF-8
2009-09-20 perl v5.32.1
Search for    or go to Top of page |  Section 3 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.