Provided by: libwebauth-perl_4.7.0-8build1_amd64 bug

NAME

       WebAuth::Token::WebKDCService - WebAuth webkdc-service tokens

SYNOPSIS

           my $token = WebAuth::Token::WebKDCService->new;
           $token->subject ('user');
           $token->session_key ($key);
           $token->expiration (time + 3600);
           print $token->encode ($keyring), "\n";

DESCRIPTION

       A WebAuth webkdc-service token, sent by the WebKDC to a WAS and returned by the WAS to the
       WebKDC as part of the request token.  The purpose of this token is to store the session
       key used for encrypting the request token and its responses.  It's encrypted in the
       WebKDC's long-term key, and is therefore used by the WebKDC to recover the session key
       without having local state.

CLASS METHODS

       new ()
           Create a new, empty WebAuth::Token::WebKDCService.  At least some attributes will have
           to be set using the accessor methods described below before the token can be used.

INSTANCE METHODS

       As with WebAuth module functions, failures are signaled by throwing WebAuth::Exception
       rather than by return status.

General Methods

       encode (KEYRING)
           Generate the encoded and encrypted form of this token using the provided KEYRING.  The
           encryption key used will be the one returned by the best_key() method of
           WebAuth::Keyring on that KEYRING.

Accessor Methods

       subject ([SUBJECT])
           Get or set the subject, which holds the authenticated identity of the bearer of this
           token.  This will normally be "krb5:" followed by the fully-qualified Kerberos
           principal of the WebAuth Application Server that requested this token.

       session_key ([KEY])
           Get or set the session key, which will be used for encrypted communication with the
           entity presenting this token.  This contains only the raw key data, not a full
           WebAuth::Key object.

       creation ([TIMESTAMP])
           Get or set the creation timestamp for this token in seconds since epoch.  If not set,
           the encoded token will have a creation time set to the time of encoding.

       expiration ([TIMESTAMP])
           Get or set the expiration timestamp for this token in seconds since epoch.

AUTHOR

       Russ Allbery <eagle@eyrie.org>

SEE ALSO

       WebAuth(3), WebAuth::Keyring(3), WebAuth::Token(3)

       This module is part of WebAuth.  The current version is available from
       <http://webauth.stanford.edu/>.