.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.14 .\" .\" Standard preamble: .\" ======================================================================== .de Sh \" Subsection heading .br .if t .Sp .ne 5 .PP \fB\\$1\fR .PP .. .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. | will give a .\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to .\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C' .\" expand to `' in nroff, nothing in troff, for use with C<>. .tr \(*W-|\(bv\*(Tr .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' 'br\} .\" .\" If the F register is turned on, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . nr % 0 . rr F .\} .\" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .hy 0 .if n .na .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. . \" fudge factors for nroff and troff .if n \{\ . ds #H 0 . ds #V .8m . ds #F .3m . ds #[ \f1 . ds #] \fP .\} .if t \{\ . ds #H ((1u-(\\\\n(.fu%2u))*.13m) . ds #V .6m . ds #F 0 . ds #[ \& . ds #] \& .\} . \" simple accents for nroff and troff .if n \{\ . ds ' \& . ds ` \& . ds ^ \& . ds , \& . ds ~ ~ . ds / .\} .if t \{\ . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' .\} . \" troff and (daisy-wheel) nroff accents .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' .ds 8 \h'\*(#H'\(*b\h'-\*(#H' .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] .ds ae a\h'-(\w'a'u*4/10)'e .ds Ae A\h'-(\w'A'u*4/10)'E . \" corrections for vroff .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' . \" for low resolution devices (crt and lpr) .if \n(.H>23 .if \n(.V>19 \ \{\ . ds : e . ds 8 ss . ds o a . ds d- d\h'-1'\(ga . ds D- D\h'-1'\(hy . ds th \o'bp' . ds Th \o'LP' . ds ae ae . ds Ae AE .\} .rm #[ #] #H #V #F C .\" ======================================================================== .\" .IX Title "Authen::SASL::Perl 3" .TH Authen::SASL::Perl 3 "2008-04-21" "perl v5.8.4" "User Contributed Perl Documentation" .SH "NAME" Authen::SASL::Perl \-\- Perl implementation of the SASL Authentication framework .SH "SYNOPSIS" .IX Header "SYNOPSIS" .Vb 1 \& use Authen::SASL qw(Perl); .Ve .PP .Vb 7 \& $sasl = Authen::SASL->new( \& mechanism => 'CRAM-MD5 PLAIN ANONYMOUS', \& callback => { \& user => $user, \& pass => \e&fetch_password \& } \& ); .Ve .SH "DESCRIPTION" .IX Header "DESCRIPTION" \&\fBAuthen::SASL::Perl\fR is the pure Perl implementation of \s-1SASL\s0 mechanisms in the \fBAuthen::SASL\fR framework. .PP At the time of this writing it provides the client part implementation for the following \s-1SASL\s0 mechanisms: .IP "\s-1ANONYMOUS\s0" 4 .IX Item "ANONYMOUS" The Anonymous \s-1SASL\s0 Mechanism as defined in \s-1RFC\s0 2245 resp. in \s-1IETF\s0 Draft draft\-ietf\-sasl\-anon\-03.txt from February 2004 provides a method to anonymously access internet services. .Sp Since it does no authentication it does not need to send any confidential information such as passwords in plain text over the network. .IP "\s-1CRAM\-MD5\s0" 4 .IX Item "CRAM-MD5" The \s-1CRAM\-MD5\s0 \s-1SASL\s0 Mechanism as defined in \s-1RFC2195\s0 resp. in \s-1IETF\s0 Draft draft\-ietf\-sasl\-crammd5\-XX.txt offers a simple challenge-response authentication mechanism. .Sp Since it is a challenge-response authentication mechanism no passwords are transferred in clear-text over the wire. .Sp Due to the simplicity of the protocol \s-1CRAM\-MD5\s0 is susceptible to replay and dictionary attacks, so \s-1DIGEST\-MD5\s0 should be used in preferrence. .IP "\s-1DIGEST\-MD5\s0" 4 .IX Item "DIGEST-MD5" The \s-1DIGEST\-MD5\s0 \s-1SASL\s0 Mechanism as defined in \s-1RFC\s0 2831 resp. in \s-1IETF\s0 Draft draft\-ietf\-sasl\-rfc2831bis\-XX.txt offers the \s-1HTTP\s0 Digest Access Authentication as \s-1SASL\s0 mechanism. .Sp Like \s-1CRAM\-MD5\s0 it is a challenge-response authentication method that does not send plain text passwords over the network. .Sp Compared to \s-1CRAM\-MD5\s0, \s-1DIGEST\-MD5\s0 prevents chosen plaintext attacks, and permits the use of third party authentication servers, so that it is recommended to use \s-1DIGEST\-MD5\s0 instead of \s-1CRAM\-MD5\s0 when possible. .IP "\s-1EXTERNAL\s0" 4 .IX Item "EXTERNAL" The \s-1EXTERNAL\s0 \s-1SASL\s0 mechanism as defined in \s-1RFC\s0 2222 allows the use of external authentication systems as \s-1SASL\s0 mechanisms. .IP "\s-1GSSAPI\s0" 4 .IX Item "GSSAPI" The \s-1GSSAPI\s0 \s-1SASL\s0 mechanism as defined in \s-1RFC\s0 2222 resp. \s-1IETF\s0 Draft draft\-ietf\-sasl\-gssapi\-XX.txt allows using the Generic Security Service Application Program Interface [\s-1GSSAPI\s0] \s-1KERBEROS\s0 V5 as as \s-1SASL\s0 mechanism. .Sp Although \s-1GSSAPI\s0 is a general mechanism for authentication it is almost exlusively used for Kerberos 5. .IP "\s-1LOGIN\s0" 4 .IX Item "LOGIN" The \s-1LOGIN\s0 \s-1SASL\s0 Mechanism as defined in \s-1IETF\s0 Draft draft\-murchison\-sasl\-login\-XX.txt allows the combination of username and clear-text password to be used in a \s-1SASL\s0 mechanism. .Sp It does does not provide a security layer and sends the credentials in clear over the wire. Thus this mechanism should not be used without adequate security protection. .IP "\s-1PLAIN\s0" 4 .IX Item "PLAIN" The Plain \s-1SASL\s0 Mechanism as defined in \s-1RFC\s0 2595 resp. \s-1IETF\s0 Draft draft\-ietf\-sasl\-plain\-XX.txt is another \s-1SASL\s0 mechanism that allows username and clear-text password combinations in \s-1SASL\s0 environments. .Sp Like \s-1LOGIN\s0 it sends the credentials in clear over the network and should not be used without sufficient security protection. .SH "SEE ALSO" .IX Header "SEE ALSO" Authen::SASL, Authen::SASL::Perl::ANONYMOUS, Authen::SASL::Perl::CRAM_MD5, Authen::SASL::Perl::DIGEST_MD5, Authen::SASL::Perl::EXTERNAL, Authen::SASL::Perl::GSSAPI, Authen::SASL::Perl::LOGIN, Authen::SASL::Perl::PLAIN .SH "AUTHOR" .IX Header "AUTHOR" Peter Marschall .PP Please report any bugs, or post any suggestions, to the perl-ldap mailing list .SH "COPYRIGHT" .IX Header "COPYRIGHT" Copyright (c) 2004\-2006 Peter Marschall. All rights reserved. This document is distributed, and may be redistributed, under the same terms as Perl itself.