Authen::PAAS::Subject - represents an authenticated party
use Authen::PAAS::Subject; ####### Creating a populating a subject.. # Create a new anonymous subject with no credentials my $subject = Authen::PAAS::Subject->new(); # Add a principal eg a UNIX username, or a Kerberos # principal, or some such my $prin = SomePrincipal->new(); $subject->add_principal($prin) # Add a credential. eg some form of magic token # representing a previously added principal my $cred = SomeCredential->new($principal) $subject->add_credential($cred); ######## Fetching and querying a subject # Create a context module for performing auth my $context = Context->new($config, "myapp"); # Attempt to login my $subject = $context->login($callbacks); if ($subject) { # Retrieve set of all principals my @princs = $subject->principals; # Or only get principal of particular class my $princ = $subject->principal("SomePrincipal"); # Retrieve set of all credentials my @cred = $subject->credentials; # Or only get credential of particular class my $cred = $subject->credential("SomeCredential"); } else { die "login failed"; }
The Authen::PAAS::Subject module provides a representation of an authenticated party, be they a human user, or a independantly operating computing service. An authenticated subject will have one of more principals associated with them, which can be thought of as their set of names. These are represented by the Authen::PAAS::Principal module. Some authentication mechanisms will also associate some form of security related token with a subject, thus an authenticated subject may also have zero or more credentials. These are represented by the Authen::PAAS::Credential module.
Authen::PAAS::Subject
names
An authenticated subject is typically obtained via the login method on the Authen::PAAS::Context module. This creates an anonymous subject, and invokes a set of login modules (Authen::PAAS::LoginModule), which in turn populate the subject with principals and credentials.
login
Create a new subject, with no initial principals or credentials.
Adds a principal to the subject. The $owner parameter should be the class name of the login module owning the principal. The principal parameter must be a subclass of the Authen::PAAS::Principal class.
$owner
Removes a previously added principal from the subject. The $id parameter is the index of the principal previously added via the add_principal method.
$id
add_principal
Retrieves a list of all the principals for the subject associated with the owner specified in the $owner parameter. The value of the $owner parameter is the class name of a login module
Retrieves the first matching principal of a given type. The $type parameter should be the Perl module name of the principal implementation.
$type
Retrieves a list of all the principals for the subject.
Adds a credential to the subject. The $owner parameter should be the class name of the login module owning the credential. The credential parameter must be a subclass of the Authen::PAAS::Credential class.
Removes a previously added credential from the subject. The $id parameter is the index of the credential previously added via the add_credential method.
add_credential
Retrieves a list of all the credentials for the subject associated with the owner specified in the $owner parameter. The value of the $owner parameter is the class name of a login module
Retrieves the first matching credential of a given type. The $type parameter should be the Perl module name of the credential implementation.
Retrieves a list of all the credentials for the subject.
Daniel Berrange <dan@berrange.com>
Copyright (C) 2004-2006 Daniel Berrange
Authen::PAAS::Context, Authen::PAAS::Credential, Authen::PAAS::Principal
To install Authen::PAAS, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Authen::PAAS
CPAN shell
perl -MCPAN -e shell install Authen::PAAS
For more information on module installation, please visit the detailed CPAN module installation guide.