s4u2p

Release 0.2

Kerberos high-level interface to the s4u kerberos functionality

Homepage PyPI Python

License
Apache-2.0
Install
pip install s4u2p==0.2

Documentation

=========================================================
s4u2p Package

Copyright (c) 2012 Norman Krämer. All rights reserved.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

=========================================================

This Python package is a high-level wrapper for the impersonation Kerberos (GSSAPI) operations.

Most of the code is based on the kerberos 1.1.1 python package
and from http://k5wiki.kerberos.org/wiki/Projects/Services4User.

========
CONTENTS
========

    src/               : directory in which C source code resides.
    setup.py           : Python distutils extension build script.
    README.txt         : what you are reading
    s4u2p.py        : Python api documentation/stub implementation.

=====
BUILD
=====

In this directory, run:

    python setup.py build

=======
TESTING
=======

For a setup read this:

http://k5wiki.kerberos.org/wiki/Manual_Testing#Services4User_testing  (*)

(n.b.: i had to include the REALM in the upn of the computer account)

To test the whole thing i created a simple website "username" which when called simply replies with a Hello <authenticated user>.
It is deployed on an IIS 7.5 webserver with windows authentication enabled as the only authentication method.

So i have the following parts:

The website i visit as an impersonated user: http://webserver/username/
A service principalname, which is created with IIS installation (otherwise use setspn.exe): http@webserver  (or http/webserver.fqdn)
The server keytab file which contains the keys of the computeraccount as created in (*): server.keytab
The upn of the computeraccount: host/server.fqdn
The (kerberos) user i want to impersonate: otheruser

With that i do:

1) kinit -kt ./server.keytab host/server.fqdn
2) PYTHONPATH=build/lib.xxx python test.py --user otheruser --host webserver --servicename HTTP@webserver --path /username/ --keytab ./server.keytab

===========
Python APIs
===========

See s4u2p.py.

Stats

Dependencies
0
Dependent packages
0
Dependent repositories
0
Total releases
1
Latest release
First release
Stars
4
Forks
0
Watchers
1
Contributors
1
Repository size
145 KB
SourceRank
6

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

0.2

Contributors

may-day


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2021-12-15 13:59:41 UTC

Login to resync this project