def get_current_principal(): try: # krbV isn't necessarily available on client machines, fail gracefully import krbV return unicode( krbV.default_context().default_ccache().principal().name) except ImportError: raise RuntimeError('python-krbV is not available.') except krbV.Krb5Error: #TODO: do a kinit? raise errors.CCacheError()
def get_current_principal(): try: import kerberos rc, vc = kerberos.authGSSClientInit("notempty") rc = kerberos.authGSSClientInquireCred(vc) username = kerberos.authGSSClientUserName(vc) kerberos.authGSSClientClean(vc) return unicode(username) except ImportError: raise RuntimeError('python-kerberos is not available.') except kerberos.GSSError, e: #TODO: do a kinit? raise errors.CCacheError()
def _handle_exception(self, e, service=None): minor = e.min_code if minor == KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN: raise errors.ServiceError(service=service) elif minor == KRB5_FCC_NOFILE: raise errors.NoCCacheError() elif minor == KRB5KRB_AP_ERR_TKT_EXPIRED: raise errors.TicketExpired() elif minor == KRB5_FCC_PERM: raise errors.BadCCachePerms() elif minor == KRB5_CC_FORMAT: raise errors.BadCCacheFormat() elif minor == KRB5_REALM_CANT_RESOLVE: raise errors.CannotResolveKDC() elif minor == KRB5_CC_NOTFOUND: raise errors.CCacheError() else: raise errors.KerberosError(message=unicode(e))
def get_principal(ccache_name=None): ''' Gets default principal name from given credentials cache. :parameters: ccache_name string specifying Kerberos credentials cache name or None for the default :returns: Default principal name as string :raises: errors.CCacheError if the principal cannot be retrieved from given ccache ''' try: creds = get_credentials(ccache_name=ccache_name) return unicode(creds.name) except ValueError as e: raise errors.CCacheError(message=unicode(e))