Apache2::AuthenRadius - Authentication via a Radius server

Apache2-AuthenRadius documentation  | view source Contained in the Apache2-AuthenRadius distribution.

Index

NAME

Top

Apache2::AuthenRadius - Authentication via a Radius server

SYNOPSIS

Top

 # Configuration in httpd.conf

 PerlModule Apache2::AuthenRadius

 # Authentication in .htaccess

 AuthName Radius
 AuthType Basic

 # authenticate via Radius
 PerlAuthenHandler Apache2::AuthenRadius

 PerlSetVar Auth_Radius_host1 radius1.foo.com
 PerlSetVar Auth_Radius_port1 1812
 PerlSetVar Auth_Radius_secret1 MySharedSecret
 PerlSetVar Auth_Radius_host2 radius2.foo.com
 PerlSetVar Auth_Radius_port2 1812
 PerlSetVar Auth_Radius_secret2 MySharedSecret
 PerlSetVar Auth_Radius_timeout 5
 PerlSetVar Auth_Radius_prependToUsername REALM/
 PerlSetVar Auth_Radius_postfixToUsername @REALM

 require valid-user

DESCRIPTION

Top

This module allows authentication against a Radius server.

LIST OF TOKENS

Top

The Radius server host: either its name or its dotted quad IP number. The parameter is passed as the PeerHost option to IO::Socket::INET->new. You can have up to 2 RADIUS hosts configured, each with it own port & secret parameters.

The port on which the Radius server is listening: either its service name or its actual port number. This parameter defaults to "1647" which is the official service name for Radius servers. The parameter is passed as the PeerPort option to IO::Socket::INET->new.

The shared secret for connection to the Radius server.

The timeout in seconds to wait for a response from the Radius server.

Prefix's a string to the beginning of the user name that is sent to the Radius Server. This would typically be in the form of REALM/ or REALM%. Most Radius servers support prefixed or suffixed realms and so allow for different user name / password lists.

You can both postfix and prefix a realm at the same time. Your radius server might not deal with it very well.

Postfix's a string to the end of the user name that is sent to the Radius Server. This would typically be in the form of @REALM or %REALM. Most Radius servers support prefixed or suffixed realms and so allow for different user name / password lists.

You can both postfix and prefix a realm at the same time. Your radius server might not deal with it very well.

CONFIGURATION

Top

The module should be loaded upon startup of the Apache daemon. Add the following line to your httpd.conf:

 PerlModule Apache2::AuthenRadius

PREREQUISITES

Top

For AuthenRadius you need to enable the appropriate call-back hook when making mod_perl: 

  perl Makefile.PL PERL_AUTHEN=1

SEE ALSO

Top

Apache, mod_perl, Authen::Radius

AUTHORS

Top

COPYRIGHT

Top

The Apache2::AuthenRadius module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

Apache2-AuthenRadius documentation  | view source Contained in the Apache2-AuthenRadius distribution.