[CalendarServer-dev] Implementation of credential delegation in pyKerberos
message.adams at gmail.com
Tue Apr 8 14:22:30 PDT 2014
I've been trying to investigate how to get delegation working in the
Python-Kerberos project for a little while now and today I noticed your
recent changes. Thanks so much.
However, I was wondering if you had some example code to demonstrate
your changes? I have successfully saved the client's delegating ticket
to the temporary cache using your code, but was wondering the best way
to get the Python-Kerberos project to use the temporary cache?
Using the "kerberos->authGSSClientInit" function, the principal of the
delegating client can be assigned, but the kerberos calls do not "know"
about the new temporary cache. The ONLY way I could get the
authentication working, is to temporarily change the KRB5CCNAME env
variable to point to the temporary cache.
However, this is problematic as my application has multiple threads...
If you have any advice on accessing the temporary cache via the Kerberos
libraries, please let me know - I'd be very grateful!
More information about the calendarserver-dev