On Apache/2.0.61 (Unix) PHP/4.4.7 mod_ssl/2.0.61 OpenSSL/0.9.7e mod_fastcgi/2.4.2 DAV/2 SVN/1.4.2
Under GNU General Public License
2009-01-06 17:36 @38.103.63.57 Crawled by CCBot/1.0 (+http://www.commoncrawl.org/bot.html)
Authen::SASL::Perl(3pm) User Contributed Perl Documentation Authen::SASL::Perl(3pm)
NAME
Authen::SASL::Perl -- Perl implementation of the SASL Authentication framework
SYNOPSIS
use Authen::SASL qw(Perl);
$sasl = Authen::SASL->new(
mechanism => 'CRAM-MD5 PLAIN ANONYMOUS',
callback => {
user => $user,
pass => \&fetch_password
}
);
DESCRIPTION
Authen::SASL::Perl is the pure Perl implementation of SASL mechanisms in the Authen::SASL
framework.
At the time of this writing it provides the client part implementation for the following
SASL mechanisms:
ANONYMOUS
The Anonymous SASL Mechanism as defined in RFC 2245 resp. in IETF Draft
draft-ietf-sasl-anon-03.txt from February 2004 provides a method to anonymously access
internet services.
Since it does no authentication it does not need to send any confidential information
such as passwords in plain text over the network.
CRAM-MD5
The CRAM-MD5 SASL Mechanism as defined in RFC2195 resp. in IETF Draft
draft-ietf-sasl-crammd5-02.txt from January 2004 offers a simple challenge-response
authentication mechanism.
Since it is a challenge-response authentication mechanism no passwords are transferred
in clear-text over the wire.
Due to the simplicity of the protocol CRAM-MD5 is susceptible to replay and dictionary
attacks, so DIGEST-MD5 should be used in preferrence.
DIGEST-MD5
The DIGEST-MD5 SASL Mechanism as defined in RFC 2831 resp. in IETF Draft
draft-ietf-sasl-rfc2831bis-03.txt from February 2004 offers the HTTP Digest Access
Authentication as SASL mechanism.
Like CRAM-MD5 it is a challenge-response authentication method that does not send
plain text passwords over the network.
Compared to CRAM-MD5, DIGEST-MD5 prevents chosen plaintext attacks, and permits the
use of third party authentication servers, so that it is recommended to use DIGEST-MD5
instead of CRAM-MD5 when possible.
EXTERNAL
The EXTERNAL SASL mechanism as defined in RFC 2222 allows the use of external authen-
tication systems as SASL mechanisms.
LOGIN
The LOGIN SASL Mechanism as defined in IETF Draft draft-murchison-sasl-login-00.txt
from August 2003 allows the combination of username and clear-text password to be
used in a SASL mechanism.
It does does not provide a security layer and sends the credentials in clear over the
wire. Thus this mechanism should not be used without adequate security protection.
PLAIN
The Plain SASL Mechanism as defined in RFC 2595 resp. IETF Draft
draft-ietf-sasl-plain-04.txt from February 2004 is another SASL mechanism that allows
username and clear-text password combinations in SASL environments.
Like LOGIN it sends the credentials in clear over the network and should not be used
without sufficient security protection.
SEE ALSO
Authen::SASL, Authen::SASL::Cyrus::ANONYMOUS, Authen::SASL::Cyrus::CRAM_MD5,
Authen::SASL::Cyrus::DIGEST_MD5, Authen::SASL::Cyrus::EXTERNAL,
Authen::SASL::Cyrus::LOGIN, Authen::SASL::Cyrus::PLAIN
AUTHOR
Peter Marschall <peter AT adpm.de>
Please report any bugs, or post any suggestions, to the perl-ldap mailing list
<perl-ldap AT perl.org>
COPYRIGHT
Copyright (c) 2004 Peter Marschall. All rights reserved. This document is distributed,
and may be redistributed, under the same terms as Perl itself.
perl v5.8.4 2005-04-09 Authen::SASL::Perl(3pm)
Generated by $Id: phpMan.php,v 4.49 2006/02/26 13:18:18 chedong Exp $ Author: Che Dong
On Apache/2.0.61 (Unix) PHP/4.4.7 mod_ssl/2.0.61 OpenSSL/0.9.7e mod_fastcgi/2.4.2 DAV/2 SVN/1.4.2
Under GNU General Public License
2009-01-06 17:36 @38.103.63.57 Crawled by CCBot/1.0 (+http://www.commoncrawl.org/bot.html)