我正在编写一个使用python-gssapi模块的小型python应用程序。但是在创建Credential对象时遇到问题。我得到的Rhe错误是:
gssapi.error.NoCredential: (458752) No credentials were supplied, or the credentials were unavailable or inaccessible..
我已为kinit调用了user1@somedomain.com并从AD获得了TGT。在我的python代码中,我然后调用:
clientGssCreds = creds.Credential(gssUserName, lifetime=gssapi.C_INDEFINITE, desired_mechs=oid_set, usage=gssapi.C_INITIATE)
其中gssUsername是由:
gssUserName = Name("user1@somedomain.com", gssapi.C_NT_HOSTBASED_SERVICE)
非常感谢任何帮助。
编辑(下面的脚本):
def main():
parser = argparse.ArgumentParser()
parser.add_argument("username", help="user@domain.COM")
parser.add_argument("target_server_spn", help="HTTP@serviceurl.com@domain.COM")
args = parser.parse_args()
krb5MechOid = oids.OID.mech_from_string("1.2.840.113554.1.2.2")
spnegoMechOid = oids.OID.mech_from_string("1.3.6.1.5.5.2")
oid_set = oids.MutableOIDSet()
oid_set.add(spnegoMechOid)
oid_set.add(krb5MechOid)
gssUserName = Name(args.username, gssapi.C_NT_HOSTBASED_SERVICE)
clientGssCreds = creds.Credential(gssUserName, lifetime=gssapi.C_INDEFINITE, desired_mechs=oid_set, usage=gssapi.C_INITIATE)
gssServerName = gssapi.Name(args.target_server_spn, gssapi.C_NT_HOSTBASED_SERVICE)
clientContext = ctx.InitContext(gssServerName, clientGssCreds)