def auth(self):
tried = []
# We've seen some problems that make me think that the kerberos library or
# krb5_util aren't thread-safe.
_global_lock.acquire()
try:
# First, if they have a valid TGT, we're done.
tried.append("existing credentials cache")
if krb5_util.have_tgt():
return True
# Second, try to avoid prompting for a password if they gave a
# keytab.
if self.krb_keytab and self.cluster:
tried.append("keytab")
try:
krb5_util.acquire_tgt(name = "%s/%s" % (self.user, self.cluster),
keytab_path = self.krb_keytab)
return True
except RuntimeError, e:
# Couldn't load the keytab, fall through to try interactive.
pass
# If we're at a TTY and we're allowed to prompt the user, acquire
# a new TGT
if self._interactive and self.prompt_user:
tried.append("password")
if krb5_util.acquire_tgt():
return True
def auth(self):
tried = []
# First, if they have a valid TGT, we're done.
tried.append("existing credentials cache")
if krb5_util.have_tgt():
return True
# Second, try to avoid prompting for a password if they gave a
# keytab.
if self.krb_keytab and self.cluster:
tried.append("keytab")
try:
krb5_util.acquire_tgt(name = "%s/%s" % (self.user, self.cluster),
keytab_path = self.krb_keytab)
return True
except RuntimeError, e:
# Couldn't load the keytab, fall through to try interactive.
pass