Over a million developers have joined DZone.

Announcing WinKerberos

DZone's Guide to

Announcing WinKerberos

Check out this new Python extension module, WinKerberos. It provides native Kerberos support to Python applications on Windows.

Free Resource

Learn how to build modern digital experience apps with Crafter CMS. Download this eBook now. Brought to you in partnership with Crafter Software


My colleague Bernie Hackett has published a new Python extension module called WinKerberos. It provides native Kerberos support to Python applications on Windows. It's a drop-in replacement for the popular PyKerberos package, but it uses Microsoft's own Kerberos implementation, the Security Support Provider Interface (SSPI), and supports some Windows specific options.


A number of MongoDB customers have requested support for GSSAPI authentication with PyMongo on Windows, so they can use Kerberos with Python and MongoDB.

Why not PyKerberos? PyKerberos works great on Unix, and PyMongo uses PyKerberos there. But it doesn't give us access to Microsoft's SSPI on Windows. If you want to use PyKerberos on Windows you could first install the MIT Kerberos library, but this is a finicky setup and we've had trouble proving that PyKerberos even works this way. Better to use SSPI, the standard way to do Kerberos on Windows.

But how can we use SSPI in Python? The existing kerberos-sspi is a nice library to do this, but a segfault that we reported prevents us from using it in PyMongo. Besides, we need some features it lacks, like the ability to authenticate as a different user than the process owner.


Bernie decided to write a new Python extension in pure C to work around the segfault. The package he made has some additional advantages over kerberos-sspi:

  • Authenticating as a different user than the process owner
  • Tiny library, no dependencies, whereas kerberos-sspi depends on the giant pywin32

Try It!

We haven't published to PyPI yet. We need you to try it out first. Please, if you're using Kerberos in Python on Windows, give our new WinKerberos package a try and let us know—tweet at me @jessejiryudavis or open an issue on GitHub and tell us if it works for you or not.

We'll make you precompiled binaries (wheels) when we release on PyPI.


Image: Pearson Scott Foresman

Crafter is a modern CMS platform for building modern websites and content-rich digital experiences. Download this eBook now. Brought to you in partnership with Crafter Software.

kerberos ,python ,windows

Published at DZone with permission of A. Jesse Jiryu Davis, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.


Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.


{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}