NAME

Net::TacacsPlus::Client - Tacacs+ client library

SYNOPSIS

use Net::TacacsPlus::Client;
use Net::TacacsPlus::Constants;

my $tac = new Net::TacacsPlus::Client(
			host => 'localhost',
			key => 'secret');

if ($tac->authenticate($username, $password, TAC_PLUS_AUTHEN_TYPE_PAP)){                   
	print "Authentication successful.\n";                                  
} else {                                                    
	print "Authentication failed: ".$tac->errmsg()."\n";         
}                                                           

my @args = ( 'service=shell', 'cmd=ping', 'cmd-arg=10.0.0.1' );
my @args_response;
if($tac->authorize($username, \@args, \@args_response))
{
	print "Authorization successful.\n";
	print "Arguments received from server:\n";
	print join("\n", @args_response);
} else {
	print "Authorization failed: " . $tac->errmsg() . "\n";
}

@args = ( 'service=shell', 'cmd=ping', 'cmd-arg=10.0.0.1' );
if($tac->account($username, \@args))
{
	print "Accounting successful.\n";
} else {
	print "Accounting failed: " . $tac->errmsg() . "\n";
}

DESCRIPTION

Currently only PAP and ASCII authentication can be used agains Tacacs+ server.

Tested agains Cisco ACS 3.3 and Cisco (ftp://ftp-eng.cisco.com/pub/tacacs/) tac-plus server.

METHODS

new( somekey => somevalue )

required parameters: host, key

host	- tacacs server
key	- ecryption secret

optional parameters: timeout, port

timeout	- tcp timeout
port	- tcp port

close()

Close socket connection.

init_tacacs_session()

Inititalize socket connection to tacacs server.

errmsg()

Returns latest error message

authenticate(username, password, authen_type)

username - tacacs+ username password - tacacs+ user password authen_type - TAC_PLUS_AUTHEN_TYPE_ASCII | TAC_PLUS_AUTHEN_TYPE_PAP rem_addr - remote client address (optional, default is 127.0.0.1) port - remote client port (optional, default is Virtual00) new_password - if set (other than undef) will trigger password change

authorize(username, args, args_response)

username - tacacs+ username args - tacacs+ authorization arguments args_response - updated by tacacs+ authorization arguments returned by server (optional) rem_addr - remote client address (optional, default is 127.0.0.1) port - remote client port (optional, default is Virtual00)

check_args([])

Check if the arguments comply with RFC.

account(username, args)

username - tacacs+ username args - tacacs+ authorization arguments flags - optional: tacacs+ accounting flags default: TAC_PLUS_ACCT_FLAG_STOP rem_addr - remote client address (optional, default is 127.0.0.1) port - remote client port (optional, default is Virtual00)

recv_reply(type)

method for receiving TAC+ reply packet from the server.

type is a Net::TacacsPlus::Packet type.

AUTHOR

Jozef Kutej - <jkutej@cpan.org>

Authorization and Accounting contributed by Rubio Vaughan <rubio@passim.net>

VERSION

1.07

TODO

tacacs+ CHAP, ARAP, MSCHAP authentication

COPYRIGHT AND LICENSE

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.4 or, at your option, any later version of Perl 5 you may have available.

To install Net::TacacsPlus, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Net::TacacsPlus

CPAN shell

perl -MCPAN -e shell
install Net::TacacsPlus

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)