kerberosTest/sample/server.py

#!/usr/bin/env python3
# -*- coding: utf-8 -*-

import os 
import gssapi 
import sys 
import subprocess 
import socket

# 设置环境变量
principal = "server/hadoop.test.com@TEST.COM"
curr_path = os.getcwd()
os.environ["KRB5_CONFIG"] = curr_path + "/server/krb5.conf"
os.environ["KRB5_KTNAME"] = curr_path + "/server/hadoop.keytab"
os.environ["KRB5CCNAME"] = "/tmp/krb5cc_hadoop_1000"
os.environ["KRB5_TRACE"] = "/tmp/server.log"

kinit_res = subprocess.call(["kinit", "-kt", os.environ["KRB5_KTNAME"], principal])
klist_res = subprocess.call(["klist"])
name = gssapi.Name("server/hadoop.test.com", name_type=gssapi.NameType.kerberos_principal)
cname = name.canonicalize(gssapi.MechType.kerberos)
print(cname)

s = socket.socket()
host = "127.0.0.1"
port = 12345

s.bind((host, port))
s.listen(1000)

creds = gssapi.Credentials(usage="accept", name=cname)
server_ctx = gssapi.SecurityContext(creds=creds, usage="accept")
print(server_ctx)
while True:
    c, addr = s.accept()
    print("client")
    c.send(b"no_auth")