NAME
Catalyst::Authentication::Credential::Kerberos
SYNOPSIS
__PACKAGE__->config(
'Plugin::Authentication' => {
default_realm => 'your_realm',
realms => {
your_realm => {
credential => {
class => 'Kerberos',
password_field => 'password',
username_field => 'windows_username',
kerberos_realm => 'YOUR.REALM.HERE',
},
},
},
},
);DESCRIPTION
This module allows you to authenticate your users against a Kerberos server.
CONFIG
class (required)
Must be set to Kerberos so that this module is used for auth.
username_field (optional)
The name of the username field - defaults to username.
password_field (optional)
The name of the password field - defaults to password.
kerberos_realm (optional)
If not specified then the default for the local machine will be used. Note that this is the Kerberos realm, which has nothing to do with the Catalyst::Authentication realm.
METHODS
new
Checks that the config is complete by setting defaults if needed.
authenticate
Find the user and check their password. Returns the user if success, false otherwise. Will produce debug log output if in debug mode.
check_password
Returns true if the username and password were accepted by the kerberos server, false otherwise.
SEE ALSO
Catalyst::Authentication::Credential::Password, Authen::Krb5::Simple
GOTCHAS
Remember that once authenticated your users will have a session created for them. If you want to block them from the system you will need to not only change their password / disable their accounts in kerberos, but also invalidate their sessions.
BUGS
Test suite is minimal.
AUTHOR
Edmund von der Burg <evdb@ecclestoad.co.uk>
Bug reports and suggestions very welcome.
ACKNOWLEDGMENTS
Developed whilst working at Foxtons - http://www.foxtons.co.uk. Thank you for letting me open source this code.
COPYRIGHT
Copyright (C) 2008 Edmund von der Burg. All rights reserved.
This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
THERE IS NO WARRANTY.