Menu
▾
▴
Re: ldap.sasl.gssapi example?
|
From: Gavin D. <gdo...@an...> - 2004-04-07 17:39:35
|
OK, here's the result from running my modified sasl_bind.py (below): marlin [~/src/mod/python/users](SHARK)(55)> kinit Password for gdo...@AN...: marlin [~/src/mod/python/users](SHARK)(56)> klist Ticket cache: FILE:/tmp/krb5cc_3501 Default principal: gdo...@AN... =20 =20 Valid starting Expires Service principal 04/07/04 10:36:46 04/07/04 20:36:46=20 krbtgt/ANI...@AN... =20 =20 =20 =20 Kerberos 4 ticket cache: /tmp/tkt3501 klist: You have no tickets cached marlin [~/src/mod/python/users](SHARK)(57)> python ./sasl_bind.py ******************** GSSAPI ******************** *** ldap://etzadaat.anim.dreamworks.com:389/ -=20 SimpleLDAPObject.set_option ((17, 3),{}) *** ldap://etzadaat.anim.dreamworks.com:389/ -=20 SimpleLDAPObject.set_option ((17, 3),{}) *** ldap://etzadaat.anim.dreamworks.com:389/ -=20 SimpleLDAPObject.sasl_interactive_bind_s (('', <ldap.sasl.sasl instance=20 at 0xb6e8110c>, None, None),{}) Error using SASL mechanism GSSAPI {'desc': 'Local error'} (<class=20 ldap.LOCAL_ERROR at 0xb73fa4dc>, <ldap.LOCAL_ERROR instance at=20 0xb6e811ec>, <traceback object at 0xb6e85f54>) File "./sasl_bind.py", line 72, in ? l.sasl_interactive_bind_s("", sasl_auth) File "/usr/local/lib/python2.3/site-packages/ldap/ldapobject.py",=20 line 196, in sasl_interactive_bind_s return=20 self._ldap_call(self._l.sasl_interactive_bind_s,who,auth,serverctrls,clie= ntctrls) File "/usr/local/lib/python2.3/site-packages/ldap/ldapobject.py",=20 line 94, in _ldap_call result =3D func(*args,**kwargs) *** ldap://etzadaat.anim.dreamworks.com:389/ -=20 SimpleLDAPObject.unbind_ext ((None, None),{}) marlin [~/src/mod/python/users](SHARK)(58)> ------------------------------------------------- code ---------- # For documentation, see comments in Module/LDAPObject.c and the # ldap.sasl module documentation. import traceback import sys import ldap,ldap.sasl ldap.sasl._trace_level=3D0 ldap.set_option(ldap.OPT_DEBUG_LEVEL,0) for ldap_uri,sasl_mech,sasl_cb_value_dict in [ ( "ldap://etzadaat.anim.dreamworks.com:389/", 'GSSAPI', { ldap.sasl.CB_AUTHNAME :'', ldap.sasl.CB_PASS :'', } ), # ( # "ldap://localhost:1390/", # 'CRAM-MD5', # { # ldap.sasl.CB_AUTHNAME :'fred', # ldap.sasl.CB_PASS :'secret', # } # ), # ( # "ldap://localhost:1390/", # 'PLAIN', # { # ldap.sasl.CB_AUTHNAME :'fred', # ldap.sasl.CB_PASS :'secret', # } # ), # ( # "ldap://localhost:1390/", # 'LOGIN', # { # ldap.sasl.CB_AUTHNAME :'fred', # ldap.sasl.CB_PASS :'secret', # } # ), # ( # "ldapi://%2Ftmp%2Fopenldap-socket/", # 'EXTERNAL', # { } # ), # ( # "ldap://localhost:1390/", # 'GSSAPI', # { } # ), # ( # "ldap://localhost:1390/", # 'DIGEST-MD5', # { # ldap.sasl.CB_AUTHNAME :'fred', # ldap.sasl.CB_PASS :'secret', # } # ), ]: sasl_auth =3D ldap.sasl.sasl(sasl_cb_value_dict,sasl_mech) print 20*'*',sasl_auth.mech,20*'*' # Open the LDAP connection l =3D ldap.initialize(ldap_uri,trace_level=3D1) # Set protocol version to LDAPv3 to enable SASL bind! #l.protocol_version =3D 3 l.protocol_version =3D ldap.VERSION3 try: l.sasl_interactive_bind_s("", sasl_auth) except ldap.LDAPError,e: print 'Error using SASL mechanism ', sasl_auth.mech,str(e),=20 sys.exc_info() traceback.print_tb(sys.exc_info()[2]) else: print 'Sucessfully bound using SASL=20 mechanism',sasl_auth.mech,'as',repr(l.whoami_s()) l.unbind() --------------------------------------------- end code ---------- Michael Str=F6der wrote: > Gavin Doughtie wrote: > > ldap.LOCAL_ERROR: {'desc': 'Local error'} >=20 > Can you please catch the exception and display it using str()? See=20 > Demo/sasl_bind.py. >=20 > I'm experimenting with GSSAPI right now but currently I'm getting: >=20 > Error using SASL mechanism GSSAPI {'info': 'SASL(-1): generic failure:=20 > GSSAPI Error: Miscellaneous failure (see text) (Incorrect net=20 > address)', 'desc': 'Local error'} >=20 > Ciao, Michael. --=20 Gavin Doughtie DreamWorks SKG (818) 695-3821 |
