[python-win32] SSPI memory problems with Kerberos?
Matt Hamilton
matth at netsight.co.uk
Fri Apr 15 10:23:14 CEST 2011
Hi all, I've been trying to use the win32 SSPI API to do some Kerberos auth
stuff. After a lot of banging my head against the wall I've now pared the
problem right down to the very basics and this is what I'm getting:
# sspitest.py
import sspi
data = 'bogus'
sa = sspi.ServerAuth('Kerberos')
err, sec_buffer = sa.authorize(data)
C:\krbtest>c:\Python26\python.exe sspitest.py
Traceback (most recent call last):
File "sspitest.py", line 5, in <module>
err, sec_buffer = sa.authorize(data)
File "c:\Python26\lib\site-packages\win32\lib\sspi.py", line 196, in
authorize
self.datarep, self.ctxt, sec_buffer_out)
pywintypes.error: (-2146893056, 'AcceptSecurityContext', 'Not enough
memory is available to complete this request')
Originally I was passing it a valid Kerberos ticket, but no matter what it
would still give me that memory error. So I decided to pass in some bogus
data to at least get a different error... but no dice. I always just get this
memory error.
Whereas if I use NTLM instead, I get the error I would expect:
# sspitest.py
import sspi
data = 'bogus'
sa = sspi.ServerAuth('NTLM')
err, sec_buffer = sa.authorize(data)
C:\krbtest>c:\Python26\python.exe sspitest.py
Traceback (most recent call last):
File "sspitest.py", line 5, in <module>
err, sec_buffer = sa.authorize(data)
File "c:\Python26\lib\site-packages\win32\lib\sspi.py", line 196, in
authorize
self.datarep, self.ctxt, sec_buffer_out)
pywintypes.error: (-2146893048, 'AcceptSecurityContext', 'The token
supplied to the function is invalid')
Any ideas? I've tried searching various windows forums about that
error message in general as I'm guessing the python lib is just a thin
wrapper around the win32 call, but can't find anything useful there either.
I'm running this on a Windows 2003 SP2 server using Python 2.6.6
and pywin32-216.
-Matt
More information about the python-win32
mailing list