The Perl Toolchain Summit needs more sponsors. If your company depends on Perl, please support this very important event.
 / 
Net-TacacsPlus-1.10_01
River stage one • 1 direct dependent • 2 total dependents
2 ++
/ Net::TacacsPlus::Client

NAME

Net::TacacsPlus::Client - Tacacs+ client library

SYNOPSIS

        use Net::TacacsPlus::Client;
        use Net::TacacsPlus::Constants;
        
        my $tac = new Net::TacacsPlus::Client(
                                host => 'localhost',
                                key => 'secret');
        
        if ($tac->authenticate($username, $password, TAC_PLUS_AUTHEN_TYPE_PAP)){                   
                print "Authentication successful.\n";                                  
        } else {                                                    
                print "Authentication failed: ".$tac->errmsg()."\n";         
        }                                                           

        my @args = ( 'service=shell', 'cmd=ping', 'cmd-arg=10.0.0.1' );
        my @args_response;
        if($tac->authorize($username, \@args, \@args_response))
        {
                print "Authorization successful.\n";
                print "Arguments received from server:\n";
                print join("\n", @args_response);
        } else {
                print "Authorization failed: " . $tac->errmsg() . "\n";
        }

        @args = ( 'service=shell', 'cmd=ping', 'cmd-arg=10.0.0.1' );
        if($tac->account($username, \@args))
        {
                print "Accounting successful.\n";
        } else {
                print "Accounting failed: " . $tac->errmsg() . "\n";
        }

DESCRIPTION

Currently only PAP and ASCII authentication can be used agains Tacacs+ server.

Tested agains Cisco ACS 3.3 and Cisco (ftp://ftp-eng.cisco.com/pub/tacacs/) tac-plus server.

METHODS

new( somekey => somevalue )

required parameters: host, key

        host    - tacacs server
        key     - ecryption secret

optional parameters: timeout, port

        timeout - tcp timeout
        port    - tcp port
close()

Close socket connection.

init_tacacs_session()

Inititalize socket connection to tacacs server.

errmsg()

Returns latest error message

authenticate(username, password, authen_type)

username - tacacs+ username password - tacacs+ user password authen_type - TAC_PLUS_AUTHEN_TYPE_ASCII | TAC_PLUS_AUTHEN_TYPE_PAP rem_addr - remote client address (optional, default is 127.0.0.1) port - remote client port (optional, default is Virtual00) new_password - if set (other than undef) will trigger password change

authorize(username, args, args_response)

username - tacacs+ username args - tacacs+ authorization arguments args_response - updated by tacacs+ authorization arguments returned by server (optional) rem_addr - remote client address (optional, default is 127.0.0.1) port - remote client port (optional, default is Virtual00)

check_args([])

Check if the arguments comply with RFC.

account(username, args)

username - tacacs+ username args - tacacs+ authorization arguments flags - optional: tacacs+ accounting flags default: TAC_PLUS_ACCT_FLAG_STOP rem_addr - remote client address (optional, default is 127.0.0.1) port - remote client port (optional, default is Virtual00)

recv_reply(type)

method for receiving TAC+ reply packet from the server.

type is a Net::TacacsPlus::Packet type.

AUTHOR

Jozef Kutej - <jkutej@cpan.org>

Authorization and Accounting contributed by Rubio Vaughan <rubio@passim.net>

VERSION

1.07

SEE ALSO

tac-rfc.1.78.txt, Net::TacacsPlus::Packet

Complete client script Net-TacacsPlus/examples/client.pl.

TODO

        tacacs+ CHAP, ARAP, MSCHAP authentication

COPYRIGHT AND LICENSE

Copyright (C) 2006 by Jozef Kutej

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.4 or, at your option, any later version of Perl 5 you may have available.