Only try kerberos auth when username contains @
and pass realm to pywinrm. Alternative to #10644, fixes #10577.
This commit is contained in:
parent
7f034a74d1
commit
5675982b0f
1 changed files with 7 additions and 2 deletions
|
@ -90,13 +90,18 @@ class Connection(object):
|
||||||
return _winrm_cache[cache_key]
|
return _winrm_cache[cache_key]
|
||||||
exc = None
|
exc = None
|
||||||
for transport, scheme in self.transport_schemes['http' if port == 5985 else 'https']:
|
for transport, scheme in self.transport_schemes['http' if port == 5985 else 'https']:
|
||||||
if transport == 'kerberos' and not HAVE_KERBEROS:
|
if transport == 'kerberos' and (not HAVE_KERBEROS or not '@' in self.user):
|
||||||
continue
|
continue
|
||||||
|
if transport == 'kerberos':
|
||||||
|
realm = self.user.split('@', 1)[1].strip() or None
|
||||||
|
else:
|
||||||
|
realm = None
|
||||||
endpoint = urlparse.urlunsplit((scheme, netloc, '/wsman', '', ''))
|
endpoint = urlparse.urlunsplit((scheme, netloc, '/wsman', '', ''))
|
||||||
vvvv('WINRM CONNECT: transport=%s endpoint=%s' % (transport, endpoint),
|
vvvv('WINRM CONNECT: transport=%s endpoint=%s' % (transport, endpoint),
|
||||||
host=self.host)
|
host=self.host)
|
||||||
protocol = Protocol(endpoint, transport=transport,
|
protocol = Protocol(endpoint, transport=transport,
|
||||||
username=self.user, password=self.password)
|
username=self.user, password=self.password,
|
||||||
|
realm=realm)
|
||||||
try:
|
try:
|
||||||
protocol.send_message('')
|
protocol.send_message('')
|
||||||
_winrm_cache[cache_key] = protocol
|
_winrm_cache[cache_key] = protocol
|
||||||
|
|
Loading…
Reference in a new issue