public
/
pyceo
27
1
Fork 3
Code Issues 25 Pull Requests 5 Projects Releases 1 Wiki Activity
pyceo/ceod/model
History
Max Erenberg d78d31eec0 add Kerberos delegation (#5) 
This PR adds unconstrained Kerberos delegation to the API.

The client obtains a forwarded TGT and sends it, base64-encoded, in an HTTP header named 'X-KRB5-CRED'. The server reads this credential, creates a new credentials cache for the user, and stores the credential into the new cache. The server can now authenticate to other services (e.g. LDAP) over GSSAPI using the forwarded client's credentials.

Reviewed-on: #5
Co-authored-by: Max Erenberg <merenber@localhost>
Co-committed-by: Max Erenberg <merenber@localhost>
 		2021-08-18 15:39:14 -04:00
..
templates add MailService and MailmanService 2021-07-24 00:08:22 +00:00
FileService.py use ConfigParser 2021-08-03 23:19:33 +00:00
Group.py use ldap3 instead of python-ldap 2021-08-15 05:04:49 +00:00
KerberosService.py add Kerberos delegation (#5) 2021-08-18 15:39:14 -04:00
LDAPService.py add Kerberos delegation (#5) 2021-08-18 15:39:14 -04:00
MailService.py use ConfigParser 2021-08-03 23:19:33 +00:00
MailmanService.py add Kerberos delegation (#5) 2021-08-18 15:39:14 -04:00
SudoRole.py add app factory 2021-07-24 21:09:10 +00:00
UWLDAPRecord.py use ldap3 instead of python-ldap 2021-08-15 05:04:49 +00:00
UWLDAPService.py use ldap3 instead of python-ldap 2021-08-15 05:04:49 +00:00
User.py use ldap3 instead of python-ldap 2021-08-15 05:04:49 +00:00
__init__.py add MailService and MailmanService 2021-07-24 00:08:22 +00:00
utils.py add app factory 2021-07-24 21:09:10 +00:00
validators.py implement renewals and password resets 2021-08-02 08:01:13 +00:00