Provided by: liblwp-authen-negotiate-perl_0.08-2_all
NAME
LWP::Authen::Negotiate - GSSAPI based Authentication Plugin for LWP
SYNOPSIS
#! /usr/bin/perl -w use strict; require LWP::UserAgent; # uncomment if you want see what is going wrong messages # #use LWP::Debug qw(+); my $ua = LWP::UserAgent->new; my $response = $ua->get('http://testwurst.grolmsnet.lan:8090/geheim/'); if ($response->is_success) { print $response->content; # or whatever } else { die $response->status_line; } just install LWP::Authen::Negotiate, LWP uses it as authentication plugin. Use your LWP::UserAgent Scripts as usual. Authentication is done transparent based on your GSSAPI installation (MIT Kerberos or Heimdal) WWW-Negotiate Webservers are IIS or Apache with mod_auth_kerb for example.
DESCRIPTION
To see what ist going on add use LWP::Debug qw(+); to yor LWP using Scripts. (e.g. too see what is going wrong with GSSAPI...)
DEBUGGING
To see what ist going on (and going wrong) add use LWP::Debug qw(+); to yor LWP using Scripts. (e.g. too see what is going wrong with GSSAPI...) the output will look like this: LWP::UserAgent::new: () LWP::UserAgent::request: () LWP::UserAgent::send_request: GET http://testwurst.grolmsnet.lan:8090/geheim/ LWP::UserAgent::_need_proxy: Not proxied LWP::Protocol::http::request: () LWP::Protocol::collect: read 478 bytes LWP::UserAgent::request: Simple response: Unauthorized LWP::Authen::Negotiate::authenticate: authenticate() called LWP::Authen::Negotiate::authenticate: target hostname testwurst.grolmsnet.lan LWP::Authen::Negotiate::authenticate: GSSAPI servicename HTTP/moerbsen.grolmsnet.lan@GROLMSNET.LAN LWP::Authen::Negotiate::authenticate: Miscellaneous failure (see text) LWP::Authen::Negotiate::authenticate: open(/tmp/krb5cc_1000): file not found In this case the credentials cache was empty. Run kinit first ;-)
ENVIRONMENT
LWP_AUTHEN_NEGOTIATE_DELEGATE Define to enable ticket forwarding to webserver.
SEE ALSO
http://www.kerberosprotocols.org/index.php/Draft-brezak-spnego-http-03.txt Description of WWW-Negotiate protol http://modauthkerb.sourceforge.net/ the Kerberos and SPNEGO Authentication module for Apache mod_auth_kerb http://perlgssapi.sourceforge.net/ Module Homepage http://www.kerberosprotocols.org/index.php/Web Sofware and APIs related to WWW-Negotiate http://www.grolmsnet.de/kerbtut/ describes how to let mod_auth_kerb play together with Internet Explorer and Windows2003 Server
BUGS
As default Kerberos 5 is selected as GSSAPI mechanism. a later veriosn will make that configureable.
AUTHOR
Achim Grolms, <achim@grolmsnet.de> http://perlgssapi.sourceforge.net/ Thanks to Leif Johansson who has conributed a lot of code from his implementation of the module and send a lot of input, ideas and feedback Harald Joerg helped with Kerberos knowledge and does testing on cygwin against IIS and mod_auth_kerb Christopher Odenbach does a lot of testing on Linux and Solaris Dax Kelson does a lot of testing on Linux Karsten Kuenne helped with advice
COPYRIGHT AND LICENSE
Copyright (C) 2006 by Achim Grolms <perl@grolmsnet.de> This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.4 or, at your option, any later version of Perl 5 you may have available.