Three functions are provided to support retrieval of Kerberos
Principal objects. All of these return objects of the type
PrincipalType.
- get_principal (name)
-
Return a Principal object corresponding to a fully-formed string
representation, such as 'splat@REALM.WE.LIVE.IN'. If the name
is not parsable, Krb5Error is raised with an
err_code attribute of KRB5_PARSE_MALFORMED.
- get_login_principal ()
-
Retrieve the default principal.
- get_svc_principal (svcname[, hostname])
-
Return a principal for a specific service. If hostname is
omitted or the empty string, the local hostname is used. Note that
Kerberos does not in any way validate that the specified service
exists.
- PrincipalType
-
The type of the Principal objects returned from
get_principal(), get_login_principal(), and
get_svc_principal().
Principal objects provide some useful methods and data attributes:
- name ()
-
Return the fully-formed name of the principal, suitable for passing to
get_principal() at a later time. The name includes the realm.
- realm ()
-
Return only the realm portion of the Principal name.
- host
-
For principals created using get_svc_principal(), this is
the fully-qualified domain name for the machine on which the service
should be found. For all other principals, this is None.
- service
-
For principals created using get_svc_principal(), this is
the name of the serivce passed in. For all other principals, this is
None.
