-
-
Notifications
You must be signed in to change notification settings - Fork 9.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Kerberos support #47
Comments
I'm looking into adding this, thanks for the suggestion! |
Someone was working on this, but I haven't heard from him in a while. I'd love to see a |
Was there a published tree with a starting point for this? Else if it's free I may take a stab. |
Release v0.13.4 includes this (just add auth=requests.auth.HTTPKerberosAuth() to the keyword args to requests.get()) so perhaps this can be closed now... |
🍰 |
Said code appears to have been ripped out in 377078b |
correct, there is now a requests-keroberos project which will contain this functionality |
Which doesn't work, and when fixed will continue to rot when you change an interface. Which isn't packaged by anyone and will be that much more effort to get into e.g. debian or ubuntu. Security should never be a secondary feature that you have to go to extra lengths to enable. |
The interface will never change. It was removed because I cannot maintain it. |
(I apologize if this is coming across a bit confrontational, but I was unreasonably annoyed by the functionality I was wanting and expecting being removed in a commit labelled "hooks and such") |
refactors are brutal :) |
I say this about interfaces from the perspective of having made the code work again; some of the details of how the response hook is called appears to have changed since it was written. I appreciate that this sort of thing is hard to maintain, but that's a reason to say "hey can someone write me a test" not quietly delete it in the apparent hope that nobody notices. |
this was not quietly removed, requests was basically fully rewritten and stripped down of everything unnccesary. http://kennethreitz.org/exposures/announcing-requests-v1-0-0 |
Oops, I completely failed to find that. I apologize for my implication. Still, authentication methods ought to be core functionality and tested along with everything else; anything more complex than Basic is going to end up having to fiddle around behind the scenes. |
The authentication interface and mechanism is a first-class citizen. Basic and Digest is all that will be supported in core. |
"Security is hard, batteries not included" |
Pull request for requests_kerberos sent. |
@kcr: The biggest problem requests-kerberos has is a lack of tests. If you want to contribute a test suite (or even just a couple of tests), that will greatly improve our ability to keep it up to date. =) |
@Lukasa I suspect we'll be able to repurpose at least the setup parts of the Zephyr test suite we're working on over the next couple of weekends, we'll definitely be in touch about that :) |
@eichin, link for the curious? |
Also, can we move this over to requests/requests-kerberos#1? |
A simple way to authenticate using Kerberos is blatantly missing from urllib/urllib2
Having (optional) Kerberos support in Requests would be awesome... here is a code example that does pretty much everything is needed http://bretm.wordpress.com/2010/09/03/python-kerberos-urllib2/
Thank you!
The text was updated successfully, but these errors were encountered: