geert at boskant.nl
Fri Dec 7 09:07:27 CET 2007
Michael Ströder wrote:
> Geert Jansen wrote:
>> On a related note, you may be interested in my current project
>> Python-AD: http://www.boskant.nl/trac/python-ad/
> How are you using Kerberos? Do you expect the user to run MIT's kinit
> before sending a SASL/GSSAPI bind request? Does it also work with
> heimdal? Do you make use of a Windows logon when running on Windows?
The user doesn't need to run kinit (but he can do so and in that case
those credentials can be picked up). I provide a class called "Creds"
that the user can use to acquire credentials:
from ad import Creds, activate
creds = Creds(domain)
Behind the scenes a new private ccache and Kerberos configuration are
installed using the $KRB5CCNAME and $KRB5_CONFIG environment variables.
I have not tested this with Heimdal so far. If it supports the
environment variables above it should work. Also I haven't tested
windows but I think that the Creds interface should be portable to that
platform as well.
More information about the python-ldap