[Twisted-Python] twisted and kerberos

Benjamin Rutt rutt.4 at osu.edu
Thu Sep 15 19:16:54 MDT 2011


Hello twisted experts,

We are trying to add kerberos authentication to our existing twisted server.
 We haven't yet found a twisted specific library that can do this; any
pointers?

What we have found is python-krbV (https://fedorahosted.org/python-krbV/),
but we end up using it along with code like this to take over the socket
ourselves from twisted, when the client connects:

    self.transport.stopReading()
    self.transport.stopWriting()
    self.transport.socket.setblocking(1)

and then we use the self.transport.socket directly in blocking mode in
another thread (so it won't block the reactor).  In particular, we use code
like this to start the authentication process:

    ac = krbV.default_context().sendauth(self.transport.socket, ...)

…once the client has authenticated, we use:

    self.transport.socket.setblocking(0)
    self.transport.startReading()
    self.transport.startWriting()

to let twisted take over the socket again for the rest of the conversation.

So in the event there are no ready-to-go twisted libraries for kerberos, is
the above approach totally insane?
-- 
Benjamin Rutt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/twisted-python/attachments/20110915/4566cf15/attachment-0001.html>


More information about the Twisted-Python mailing list