AFS::KAS is a Perl class to communicate with the AFS Authentication Server.
SYNOPSIS
use AFS::KAS;
use AFS::KTC_PRINCIPAL;
use AFS::KTC_TOKEN;
use AFS::KTC_EKEY;
my $admin = AFS::KTC_PRINCIPAL->new('admin');
my $key = AFS::KTC_EKEY->ReadPassword($admin->name."'s Password:");
my $token = AFS::KTC_TOKEN->GetAdminToken($admin, $key, 300);
my $kas = AFS::KAS->AuthServerConn($token, &AFS::KA_MAINTENANCE_SERVICE);
my $user = AFS::KTC_PRINCIPAL->new('xyz');
my $ukey = AFS::KTC_EKEY->ReadPassword($user->name."'s Password:");
my $ok = $kas->create($user->name, $user->instance, $ukey);
my $flags = 1; # (1 = normal, 4 = admin)
my $expire = 925715000;# epoch time => 03 May 1999 07:03
my $maxassoc = 0;
my $lifetime = 48*60*60; #unit is secs; => 48 hrs
my $pwexpire = 10; #number of days
my $pw_reuse = 2; #pwreuse allowed: [ 2 = no ]
my $nfail = 4; #(nfail - 1) tries are allowed; => 3 tries
my $locktime = 3; #unit is 8.5 min => 3 * (8.5)
my $spare2 = 0;
my $packed = (($pwexpire instance, $flags,
$expire, $lifetime, $maxassoc, $packed);
my $entry = $kas->getentry($user->name, $user->instance);
$packed = $$entry{'misc_auth_bytes'};
$pwexpire = (($packed >> 24) & 0xff);
$pw_reuse = (($packed >> 16) & 0xff);
$nfail = (($packed >> 8) & 0xff);
$locktime = (($packed >> 0) & 0xff);
$kas->DESTROY; # destroy server connection
NOTE: these forms are deprecated !!!
use AFS; # import all AFS names
use AFS @AFS::KA; # import just the ka names
use AFS @AFS::KTC; # import just the ktc names
This class is used to communicate with the AFS Authentication Server. It verifies user identities and provides the facilities through which participants in transactions prove their identities to one another (mutually authenticate). It maintains the Authentication Database, in which it stores user passwords converted into encryption key form as well as the AFS server encryption key. It has methods to query the information held for any given AFS user and to create, modify, and delete the records in the DB where the above information is held.
Before you can access any DB record you must establish a connection to the Authentication Server. This is done by the constructor methods SingleServerConn and AuthServerConn which return a KAS object. A KAS object is essentially a handle to talk to an Authentication Server in a given cell. Such a KAS object is required before any of the other KAS instance methods can be called.
Product's homepage
Requirements:
· Perl
Find us on Google+
