def auth(self):
        tried = []
    
        # We've seen some problems that make me think that the kerberos library or
        # krb5_util aren't thread-safe.
        _global_lock.acquire()
        
        try:
            # First, if they have a valid TGT, we're done.
            tried.append("existing credentials cache")
            if krb5_util.have_tgt():
                return True

            # Second, try to avoid prompting for a password if they gave a 
            # keytab.
            if self.krb_keytab and self.cluster:
                tried.append("keytab")
                try:
                    krb5_util.acquire_tgt(name = "%s/%s" % (self.user, self.cluster),
                                        keytab_path = self.krb_keytab)
                    return True
                except RuntimeError, e:
                    # Couldn't load the keytab, fall through to try interactive.
                    pass
            
            # If we're at a TTY and we're allowed to prompt the user, acquire
            # a new TGT
            if self._interactive and self.prompt_user:
                tried.append("password")
                if krb5_util.acquire_tgt():
                    return True
Esempio n. 2
0
    def auth(self):
        tried = []
    
        # First, if they have a valid TGT, we're done.
        tried.append("existing credentials cache")
        if krb5_util.have_tgt():
            return True

        # Second, try to avoid prompting for a password if they gave a 
        # keytab.
        if self.krb_keytab and self.cluster:
            tried.append("keytab")
            try:
                krb5_util.acquire_tgt(name = "%s/%s" % (self.user, self.cluster),
                                      keytab_path = self.krb_keytab)
                return True
            except RuntimeError, e:
                # Couldn't load the keytab, fall through to try interactive.
                pass