i did this (authenticate via Kerberos using CGI) not too long ago. i couldn't find a Module that easily did exactly what i wanted. the closest was Authen::Krb5::Easy, but it used the /etc/krb5.keytab file instead of passwords to get a principal. so i hacked it to do what i wanted... just a change from calling krb5_get_init_creds_keytab to krb5_get_init_creds_password in the Easy.xs file and tweaking the arglist and documentation.

WARNING: since i only used this module in one application (with it's own private /lib/perl) i didn't get around to renaming it to something like Authen::Krb5::Easy::Password or the like. should you use it, be warned... i wouldn't put it where another Perl user could use it thinking it was the real Authen::Krb5::Easy module...

# simple useage
use Authen::Krb5::Easy;

my ($user, $password) = @ARGV;
if ( Authen::Krb5::Easy::kinit( $user, $password ) ) {
  print "Authentication success!$/";
} else {
  print "Authentication failure!$/";
}
[download]

you can try it if you like ... Authen-Krb5-Easy-0.90-hacked.tgz