-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
reuse kerberos ticket from Operating system cache #86
Comments
Yep, just don’t specify an explicit username/password and it will use the cached credential (if present). Typically what |
I'm sorry, |
It’s the exact same way you call it normally but without setting the username/password kwarg. |
Hi , Source code : import spnego
def exchange_data(data: bytes) -> bytes:
# Insert code to send to acceptor and receive token
return b""
def main() -> None:
client = spnego.client(service="krbtgt/XXXX.LOCAL@XXXX.LOCAL")
in_token = None
while client.complete:
out_token = client.step(in_token)
if not out_token:
break
in_token = exchange_data(out_token)
print("Negotiated protocol: %s" % client.negotiated_protocol)
data = b"my secret"
enc_data = client.wrap(data)
resp = exchange_data(enc_data.data)
dec_data = client.unwrap(resp)
print("Server response: %s" % dec_data.data.decode("utf-8"))
if __name__ == "__main__":
main() ##################################################### Ticket cache: KCM:1208801129:25868 Valid starting Expires Service principal |
A few things to note
|
Good Morning,
I would like to understand if with pyspnego is possible to reuse kerberos tickets coming from Operating system cache , in the case of Linux from the KEYRING kernel cache (is where sssd is storing such stuff by default).
Thanks
Kind Regards
The text was updated successfully, but these errors were encountered: