Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Kerberos authentication with autorest v3 #944

Closed
SkinnySackboy opened this issue May 12, 2021 · 5 comments
Closed

Kerberos authentication with autorest v3 #944

SkinnySackboy opened this issue May 12, 2021 · 5 comments

Comments

@SkinnySackboy
Copy link

We would like to upgrade from autorest v2 to v3, but we are running into trouble keeping our existing mechanism to use Kerberos authentication (the web service is hosted on IIS and allows users to log in with their windows active directory credentials).

This is what we were doing with v2.

import json
import requests
from my_database_api import *
from requests_negotiate_sspi import HttpNegotiateAuth
from requests_kerberos import HTTPKerberosAuth
from msrest.authentication import KerberosAuthentication

api = MyDatabaseServiceAPI(KerberosAuthentication(), "http://mydatabaseservice.com")
addresses = api.get_addresses()

Is anyone aware of what the equivalent might be for v3 please, as when we generate the API it seems to be expecting a credential of type azure.core.credentials.TokenCredential?

Thanks in advance.
@iscai-msft
Copy link
Contributor

Hey @SkinnySackboy , from v2 -> v3 we don't use msrest.authentication anymore, we're now mainly using azure-identity (see docs about identity here).

I'm not sure the best way for you to switch since msrest.authentication.KerberosAuthentication seems custom for your use case, bringing in @lmazuel for his guidance. Thanks!

@lmazuel
Copy link
Member

lmazuel commented May 12, 2021

Hi @SkinnySackboy ! We don't have any plan to port this feature to our new SDK. It was added by an external contributor to msrest, and we were happy to accept the contribution and ship it, but we don't have it on our new backlog.

That being said, the code to make it work is really simple, see this line:
https://github.com/Azure/msrest-for-python/blob/9b67deacc860e10cd95eb968cfa770fe475f7d8e/msrest/authentication.py#L204

If you control the requests session, then you can still configure it. You can inject your own session into any client using trick like that:
Azure/azure-sdk-for-python#9596 (comment)

Let us know if it works or if we can do anything. We're open to contribution, if you want to port Kerberos to the new architecture :)

@SkinnySackboy
Copy link
Author

Thanks @lmazuel we'll try that and let you know how it goes. Thanks again.

@iscai-msft
Copy link
Contributor

@SkinnySackboy are you ok if I close this issue? thanks!

@SkinnySackboy
Copy link
Author

Yes thanks @iscai-msft thanks again for your help, much appreciated.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@lmazuel @SkinnySackboy @iscai-msft