Closed nmariz closed 1 year ago
When you run this interactively you can see an actual prompt from the MIT kfw program appear
Clicking cancel gives you the same error you have in your error description. Running it through a non-interactive session stops this pop up from appearing and giving you the error straight away as MIT kfw acts like cancel was pressed. I also tried gss_acquire_cred_from
but that suffers from the same problem
import gssapi
import gssapi.raw
kerberos = gssapi.OID.from_int_seq("1.2.840.113554.1.2.2")
name = gssapi.Name(base="vagrant-domain@DOMAIN.TEST", name_type=gssapi.NameType.user)
res = gssapi.raw.acquire_cred_from({b"password": b"VagrantPass1"}, name=name, mechs=[kerberos], usage="initiate")
Unfortunately this library just calls the C API of the linked GSSAPI library and any behaviour it has is based on the C lib and not this Python module. So while the lib has this function it seems like it just doesn't work so cannot be used.
Is there a reason why you need MIT GSSAPI on Windows, you can utilise SSPI through various libraries like pywin32
or pyspnego
.
What went wrong?
Authenticating using
gssapi.raw.acquire_cred_with_password()
fails on Windows when there's no ticket in the cache. It raises aMatching credential not found
error.The same code block is working on Linux.
How do we reproduce?
1) Empty ticket cache
3) Run the following code block
Result:
Component versions (python-gssapi, Kerberos, OS / distro, etc.)
The installation made using
pip install gssapi
.