Kerberos authentication for IMAP?
Alan Hoyle
alanh at unc.edu
Sat Jun 7 19:11:29 EDT 2003
I recently discovered IMAP Spam Begone, a python client script which
accesses IMAP mailboxes, downloads mails, runs them through a local
spam filter, and moves them to a Remote spam folder if appropriate.
http://www.rogerbinns.com/isbg/
The authentication method it uses is standard username/password, and
my local IMAP server doesn't support SSL. However, it does support
Kerberos 4.
I was wondering if it would be possible to modify the script so that
it could use my Kerberos tokens instead. I glanced at the
documentation for the python IMAP client library:
http://www.python.org/doc/current/lib/imap4-objects.html
and that seems to indicate that the authenticate function won't work.
| authenticate(func)
| Authenticate command -- requires response processing. This is
| currently unimplemented, and raises an exception.
However, glancing at the actual source code in my python subdirectory
(/usr/lib/python2.2/imaplib.py), and found the following code snippet:
def authenticate(self, mechanism, authobject):
"""Authenticate command - requires response processing.
'mechanism' specifies which authentication mechanism is to
be used - it must appear in <instance>.capabilities in the
form AUTH=<mechanism>.
'authobject' must be a callable object:
data = authobject(response)
It will be called to process server continuation responses.
It should return data that will be encoded and sent to server.
It should return None if the client abort response '*' should
be sent instead.
"""
mech = mechanism.upper()
cap = 'AUTH=%s' % mech
if not cap in self.capabilities:
raise self.error("Server doesn't allow %s authentication." % mech)
self.literal = _Authenticator(authobject).process
typ, dat = self._simple_command('AUTHENTICATE', mech)
if typ != 'OK':
raise self.error(dat[-1])
self.state = 'AUTH'
return typ, dat
Which seems a bit more promising than the how can I set this up to use
my Kerberos tokens or TGT? I don't want it to generate entirely new
tokens on its own.....
-alan
--
Alan Hoyle - alanh at unc.edu - http://www.alanhoyle.com/
"I don't want the world, I just want your half." -TMBG
Get Horizontal, Play Ultimate.
More information about the Python-list
mailing list