Auth-Kerberos

Install

安装Kerberos环境

sudo yum install -y krb5-devel krb5-server krb5-workstation

安装Python运行环境

pip3 install -r requirements.txt

BackUp

备份Kerberos配置文件

sudo cp /etc/krb5.conf /etc/krb5.conf.bk
sudo cp /var/kerberos/krb5kdc/kdc.conf /var/kerberos/krb5kdc/kdc.conf.bk
sudo cp /var/kerberos/krb5kdc/kadm5.acl /var/kerberos/krb5kdc/kadm5.acl.bk

Config

样例配置文件位于Sample文件夹内

创建Kerberos数据库

sudo kdb5_util create -s -r EXAMPLE.COM

配置防火墙

sudo firewall-cmd --permanent --add-service kerberos
sudo firewall-cmd --reload

配置principle

sudo kadmin.local

addprinc HTTP/kerberos.example.com@EXAMPLE.COM

导出管理员keytab

xst -norandkey -k /var/kerberos/krb5kdc/kadm5.keytab kadmin/admin kadmin/changepw

导出HTTP认证 http.keytab

xst -norandkey -k http.keytab HTTP/kerberos.example.com@EXAMPLE.COM

Test

测试流程如下：

申请票据

kinit -kt http.keytab HTTP/kerberos.example.com@EXAMPLE.COM

单元测试

KRB5_KTNAME=/home/admin/PycharmProjects/auth-kerberos/http.keytab pytest

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
sample		sample
tests		tests
web_service		web_service
.gitignore		.gitignore
README.md		README.md
application.py		application.py
conf.env		conf.env
requirements.txt		requirements.txt

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

sample

sample

tests

tests

web_service

web_service

.gitignore

.gitignore

README.md

README.md

application.py

application.py

conf.env

conf.env

requirements.txt

requirements.txt

Repository files navigation

Auth-Kerberos

Install

BackUp

Config

Test

About

Releases

Packages

Languages

wangqian0306/auth-kerberos

Folders and files

Latest commit

History

Repository files navigation

Auth-Kerberos

Install

BackUp

Config

Test

About

Resources

Stars

Watchers

Forks

Languages