当前位置: 首页>>代码示例>>Python>>正文


Python kerberos.authGSSServerStep方法代码示例

本文整理汇总了Python中kerberos.authGSSServerStep方法的典型用法代码示例。如果您正苦于以下问题:Python kerberos.authGSSServerStep方法的具体用法?Python kerberos.authGSSServerStep怎么用?Python kerberos.authGSSServerStep使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在kerberos的用法示例。


在下文中一共展示了kerberos.authGSSServerStep方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: _gssapi_authenticate

# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import authGSSServerStep [as 别名]
def _gssapi_authenticate(token):
    state = None
    ctx = stack.top
    try:
        return_code, state = kerberos.authGSSServerInit(_KERBEROS_SERVICE.service_name)
        if return_code != kerberos.AUTH_GSS_COMPLETE:
            return None
        return_code = kerberos.authGSSServerStep(state, token)
        if return_code == kerberos.AUTH_GSS_COMPLETE:
            ctx.kerberos_token = kerberos.authGSSServerResponse(state)
            ctx.kerberos_user = kerberos.authGSSServerUserName(state)
            return return_code
        if return_code == kerberos.AUTH_GSS_CONTINUE:
            return kerberos.AUTH_GSS_CONTINUE
        return None
    except kerberos.GSSError:
        return None
    finally:
        if state:
            kerberos.authGSSServerClean(state) 
开发者ID:apache,项目名称:airflow,代码行数:22,代码来源:kerberos_auth.py

示例2: authenticate

# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import authGSSServerStep [as 别名]
def authenticate(self, handler, data):
        '''
            Performs GSSAPI Negotiate Authentication
            @param token: GSSAPI Authentication Token
            @type token: str
            @returns gssapi return code or None on failure
            @rtype: int or None
            '''
        state = None
        try:
            rc, state = kerberos.authGSSServerInit(self.service_name)
            self.log.info("kerberos.authGSSServerInit")
            if rc != kerberos.AUTH_GSS_COMPLETE:
                return None

            rc = kerberos.authGSSServerStep(state, data)
            self.log.info("kerberos.authGSSServerStep")
            if rc == kerberos.AUTH_GSS_COMPLETE:
                user = kerberos.authGSSServerUserName(state)
                self.log.info("Extracted User = " + user)
                return "kerberos.AUTH_GSS_COMPLETE:" + user
            elif rc == kerberos.AUTH_GSS_CONTINUE:
                return "kerberos.AUTH_GSS_CONTINUE"
            else:
                self.log.info("return None")
                return None
        except kerberos.GSSError as err:
            self.log.info("kerberos.GSSError: {0}".format(err))
            return None
        finally:
            if state:
                kerberos.authGSSServerClean(state) 
开发者ID:bloomberg,项目名称:jupyterhub-kdcauthenticator,代码行数:34,代码来源:kdcauthenticator.py

示例3: auth_negotiate

# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import authGSSServerStep [as 别名]
def auth_negotiate(self, auth_header, callback):
        """
        Perform Negotiate (GSSAPI/SSO) authentication via Kerberos.
        """
        auth_str = auth_header.split()[1]
        # Initialize Kerberos Context
        context = None
        try:
            result, context = kerberos.authGSSServerInit(
                self.settings['sso_service'])
            if result != 1:
                raise tornado.web.HTTPError(500, _("Kerberos Init failed"))
            result = kerberos.authGSSServerStep(context, auth_str)
            if result == 1:
                gssstring = kerberos.authGSSServerResponse(context)
            else: # Fall back to Basic auth
                self.auth_basic(auth_header, callback)
            # NOTE: The user we get from Negotiate is a full UPN (user@REALM)
            user = kerberos.authGSSServerUserName(context)
        except kerberos.GSSError as e:
            logging.error(_("Kerberos Error: %s" % e))
            raise tornado.web.HTTPError(500, _("Kerberos Init failed"))
        finally:
            if context:
                kerberos.authGSSServerClean(context)
        self.set_header('WWW-Authenticate', "Negotiate %s" % gssstring)
        callback(user) 
开发者ID:jimmy201602,项目名称:django-gateone,代码行数:29,代码来源:sso.py

示例4: authenticate

# 需要导入模块: import kerberos [as 别名]
# 或者: from kerberos import authGSSServerStep [as 别名]
def authenticate(self, request):
        import kerberos

        auth_header = request.headers.get("Authorization")
        if not auth_header:
            raise unauthorized("Negotiate")

        auth_type, auth_key = auth_header.split(" ", 1)
        if auth_type != "Negotiate":
            raise unauthorized("Negotiate")

        gss_context = None
        try:
            # Initialize kerberos context
            rc, gss_context = kerberos.authGSSServerInit(self.service_name)

            # NOTE: Per the pykerberos documentation, the return code should be
            # checked after each step. However, after reading the pykerberos
            # code no method used here will ever return anything but
            # AUTH_GSS_COMPLETE (all other cases will raise an exception).  We
            # keep these checks in just in case pykerberos changes its behavior
            # to match its docs, but they likely never will trigger.

            if rc != kerberos.AUTH_GSS_COMPLETE:
                self.raise_auth_error("GSS server init failed, return code = %r" % rc)

            # Challenge step
            rc = kerberos.authGSSServerStep(gss_context, auth_key)
            if rc != kerberos.AUTH_GSS_COMPLETE:
                self.raise_auth_error("GSS server step failed, return code = %r" % rc)
            gss_key = kerberos.authGSSServerResponse(gss_context)

            # Retrieve user name
            fulluser = kerberos.authGSSServerUserName(gss_context)
            user = fulluser.split("@", 1)[0]
        except kerberos.GSSError as err:
            self.raise_auth_error(err)
        finally:
            if gss_context is not None:
                kerberos.authGSSServerClean(gss_context)

        return User(user), gss_key 
开发者ID:dask,项目名称:dask-gateway,代码行数:44,代码来源:auth.py


注:本文中的kerberos.authGSSServerStep方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。