NAME

Apache::AuthenRadius - Authentication via a Radius server

SYNOPSIS

# Configuration in httpd.conf

PerlModule Apache::AuthenRadius

# Authentication in .htaccess

AuthName Radius

AuthType Digest or AuthType Basic

# authenticate via Radius
PerlAuthenHandler Apache::AuthenRadius

PerlSetVar Auth_Radius_host radius.foo.com
PerlSetVar Auth_Radius_port 1647
PerlSetVar Auth_Radius_secret MySharedSecret
PerlSetVar Auth_Radius_timeout 5

# This allows you to append something to the user name that
# is sent to the RADIUS server
# usually a realm so the RADIUS server can use it to
# discriminate between users
PerlSetVar Auth_Radius_appendToUsername @some.realm.com

require valid-user

DESCRIPTION

This module allows Basic and Digest authentication against a Radius server.

PUBLIC METHODS

handler( $r )

The mod_perl handler.

LIST OF TOKENS

Auth_Radius_host

The Radius server host: either its name or its dotted quad IP number. The parameter is passed as the PeerHost option to IO::Socket::INET->new.
Auth_Radius_port

The port on which the Radius server is listening: either its service name or its actual port number. This parameter defaults to "1647" which is the official service name for Radius servers. The parameter is passed as the PeerPort option to IO::Socket::INET->new.
Auth_Radius_secret

The shared secret for connection to the Radius server.
Auth_Radius_timeout

The timeout in seconds to wait for a response from the Radius server.
Auth_Radius_algorithm

For Digest authentication, this is the algorithm to use. Defaults to 'MD5'. For Basic authentication, it is ignored. If Digest authentication is set, unauthenticated requests will be sent a Digest challenge, including a nonce. Authenticated requests will have the nonce checked against Auth_Radius_nonce_lifetime, then the whole Authentication header sent as the password to RADIUS.
Auth_Radius_appendToUsername

Appends a string to the end of the user name that is sent to RADIUS. This would normally be in the form of a realm (i.e. @some.realm.com) This is useful where you might want to discriminate between the same user in several contexts. Clever RADIUS servers such as Radiator can use the realm to let the user in or no depending on which protected Apache directory they are trying to access.
Auth_Radius_nonce_lifetime

Specifies the maximum nonce lifetime in seconds for Digest authentication. This parameter allows you to change the nonce lifetime for Digest authentication. Digest authentications whose nonce exceeds the maximum lifetime are declined. Defaults to 300 seconds.

CONFIGURATION

The module should be loaded upon startup of the Apache daemon. Add the following line to your httpd.conf:

PerlModule Apache::AuthenRadius

PREREQUISITES

For AuthenRadius you need to enable the appropriate call-back hook when making mod_perl:

perl Makefile.PL PERL_AUTHEN=1

For Digest authentication, you will need Authen::Radius version 0.06 or better. Version 0.05 only permits 16 byte passwords

AUTHORS

Authen::Radius by Carl Declerck carl@miskatonic.inbe.net

Apache::AuthenRadius by Dan Sully <daniel | AT | cpan.org>

COPYRIGHT

The Apache::AuthenRadius module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

To install Apache::AuthenRadius, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Apache::AuthenRadius

CPAN shell

perl -MCPAN -e shell
install Apache::AuthenRadius

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)