NAME

       Wallet::ACL::Krb5 - Simple wallet ACL verifier for Kerberos principals

SYNOPSIS

           my $verifier = Wallet::ACL::Krb5->new;
           my $status = $verifier->check ($principal, $acl);
           if (not defined $status) {
               die "Something failed: ", $verifier->error, "\n";
           } elsif ($status) {
               print "Access granted\n";
           } else {
               print "Access denied\n";
           }

DESCRIPTION

       Wallet::ACL::Krb5 is the simplest wallet ACL verifier, used to verify ACL lines of type "krb5".  The
       value of such an ACL is a simple Kerberos principal in its text display form, and the ACL grants access
       to a given principal if and only if the principal exactly matches the ACL.

METHODS

       new()
           Creates a new ACL verifier.  For this verifier, there is no setup work.

       check(PRINCIPAL, ACL)
           Returns true if PRINCIPAL matches ACL, false if not, and undef on an error (see "DIAGNOSTICS" below).

       error()
           Returns the error if check() returned undef.

DIAGNOSTICS

       malformed krb5 ACL
           The  ACL parameter to check() was malformed.  Currently, this error is only given if ACL is undefined
           or the empty string.

       no principal specified
           The PRINCIPAL parameter to check() was undefined or the empty string.

SEE ALSO

       Wallet::ACL(3), Wallet::ACL::Base(3), wallet-backend(8)

       This  module   is   part   of   the   wallet   system.    The   current   version   is   available   from
       <https://www.eyrie.org/~eagle/software/wallet/>.

AUTHOR

       Russ Allbery <eagle@eyrie.org>

perl v5.38.2                                       2024-08-01                             Wallet::ACL::Krb5(3pm)