kylin启用了kerberos,python代码,指定keytab文件进行认证
在Python中指定keytab文件进行Kerberos认证,你需要用到gssapi
库。首先,确保已经安装了相应的库:
pip install gssapi requests-kerberos
然后,可以使用以下代码来进行认证:
import requests
from requests_kerberos import HTTPKerberosAuth, REQUIRED
import os
from gssapi.raw import acquire_cred_with_password
from getpass import getpass
os.environ["KRB5_CLIENT_KTNAME"] = "/path/to/your/keytab"
# your service name, like 'HTTP/host@YOUR-REALM.COM'
service_name = "<service-name>"
password = getpass("Enter password for {0}: ".format(service_name))
name = gssapi.Name(service_name, gssapi.NameType.kerberos_principal)
cred = acquire_cred_with_password(name, password)
auth = HTTPKerberosAuth(mutual_authentication=REQUIRED, force_preemptive=True,
delegate=True, principal=cred.name, hostname_override="server-name")
url = "http://your_kylin_instance:7070/kylin/api/cubes"
response = requests.get(url, auth=auth)
print(response.json())
请注意替换"/path/to/your/keytab"
为你的keytab文件的实际路径,<service-name>
为你的服务名,以及替换http://your_kylin_instance:7070/kylin/api/cubes
为Kylin实例的URL。
这会创建一个基于你的keytab和密码的GSSAPI凭据,并用其去请求Kerberos认证。