Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Announcing WinKerberos

DZone's Guide to

Announcing WinKerberos

Check out this new Python extension module, WinKerberos. It provides native Kerberos support to Python applications on Windows.

· Web Dev Zone ·
Free Resource

Bugsnag monitors application stability, so you can make data-driven decisions on whether you should be building new features, or fixing bugs. Learn more.

Kerberos


My colleague Bernie Hackett has published a new Python extension module called WinKerberos. It provides native Kerberos support to Python applications on Windows. It's a drop-in replacement for the popular PyKerberos package, but it uses Microsoft's own Kerberos implementation, the Security Support Provider Interface (SSPI), and supports some Windows specific options.

Motivation

A number of MongoDB customers have requested support for GSSAPI authentication with PyMongo on Windows, so they can use Kerberos with Python and MongoDB.

Why not PyKerberos? PyKerberos works great on Unix, and PyMongo uses PyKerberos there. But it doesn't give us access to Microsoft's SSPI on Windows. If you want to use PyKerberos on Windows you could first install the MIT Kerberos library, but this is a finicky setup and we've had trouble proving that PyKerberos even works this way. Better to use SSPI, the standard way to do Kerberos on Windows.

But how can we use SSPI in Python? The existing kerberos-sspi is a nice library to do this, but a segfault that we reported prevents us from using it in PyMongo. Besides, we need some features it lacks, like the ability to authenticate as a different user than the process owner.

Advantages

Bernie decided to write a new Python extension in pure C to work around the segfault. The package he made has some additional advantages over kerberos-sspi:

  • Authenticating as a different user than the process owner
  • Tiny library, no dependencies, whereas kerberos-sspi depends on the giant pywin32

Try It!

We haven't published to PyPI yet. We need you to try it out first. Please, if you're using Kerberos in Python on Windows, give our new WinKerberos package a try and let us know—tweet at me @jessejiryudavis or open an issue on GitHub and tell us if it works for you or not.

We'll make you precompiled binaries (wheels) when we release on PyPI.

Link:

Image: Pearson Scott Foresman

Monitor application stability with Bugsnag to decide if your engineering team should be building new features on your roadmap or fixing bugs to stabilize your application.Try it free.

Topics:
kerberos ,python ,windows

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}