ciecplib.kerberos module¶
Kerberos utilities for ciecplib
- ciecplib.kerberos.find_principal()¶
Determine the principal for an active kerberos credential.
- Returns:
name (
str
) – Thestr
representation of the Kerberos principal.- Raises:
RuntimeError – If no credential is found.
- ciecplib.kerberos.has_credential(**store_kw)¶
Return
True
if an active Kerberos (GSSAPI) credential is available.- Parameters:
store_kw – Keyword arguments to pass to the credentials store extension of the underlying GSSAPI implementation. See https://pythongssapi.github.io/python-gssapi/credstore.html for more details.
- Returns:
True – If a valid Kerberos credential is found with a lifetime of more than 1 second.
False – Otherwise.
Examples
>>> has_credential() False >>> has_credential( ... ccache="mykrb5cc", ... client_keytab="/home/user/.kerberos/me.keytab", ... ) True
Notes
This function will always return
False
if the requests-gssapi Kerberos Auth plugin required by requests-ecp is not found.See also
gssapi.Credentials
For more details on how credentials are accessed using Python-GSSAPI.
- ciecplib.kerberos.realm(principal)¶
Return the kerbeos realm name from a principal
- Parameters:
principal (
str
) – the kerberos principal to parse- Returns:
realm (
str
) – the realm name- Raises:
IndexError – If the input principal cannot be parsed properly (normally if it doesn’t contain an
@
character).
Examples
>>> realm('marie.curie@EXAMPLE.ORG') 'EXAMPLE.ORG'