I am trying to access a REST service that uses Kerberos authentication (company internal) from a Python app on Windows. However, it seems that the service is configured to expect a SPNEGO only as when I try to use requests-kerberos to connect as in:
requests.get('servicename', auth=HTTPKerberosAuth())
it produces a 500 Error from the server with:
javax.servlet.ServletException: GSSException: No credential found for: 1.2.840.113554.1.2.2
My guess is that server is configured to expect SPNEGO only and Python client supports only Kerberos.
I have tried installing PyKerberos but that fails as it expects krb5 on the system and I am doing this under Windows. Are there any libraries available that could help me do a SPNEGO call from Python in Windows?
In case anyone else would be having a similar problem - resolved by using pycurl with pycurl.HTTPAUTH_GSSNEGOTIATE attribute set.
Related
I have a flask app running on Apache server using mod_wsgi. Everything works fine until I try to access the database using cx_Oracle. At that moment I get the following error:
sqlalchemy.exc.DatabaseError: (cx_Oracle.DatabaseError) DPI-1047: Cannot locate a 64-bit Oracle Client library: "The specified module could not be found". See https://oracle.github.io/odpi/doc/installation.html#windows for help.
I have added the client library path to the os environment variables.
It works well if I start the application from Pycharm IDE.
I have even added the following line in my .wsgi file.
sys.path.append('D:\FlaskDev\instantclient_11_2')
Can anyone help? Thanks in advance
If your python is 64Bits you must to use an 64 instant client too.
Try to follow this instructions.
I'm coding a discord bot in python. Whenever I try to connect to a specific site, on my EC2 instance running Amazon Linux 2, the script returns the following error:
discord.ext.commands.errors.CommandInvokeError: Command raised an exception: ClientConnectorSSLError: Cannot connect to host secure.site.here:443 ssl:None [[SSL: WRONG_SIGNATURE_TYPE] wrong signature type (_ssl.c:1076)]
(actual url snipped.)
The bot itself is dockerized, running python:3.7.4-slim-buster. The error is not present when built with image python:3.7.4-slim-stretch.
I've also tested the same script built with base image -buster on MacOS and also a GCP Compute Engine instance, both are error free.
What am I missing? Any tips welcome.
First of all I checked the current tls version used by connection to the site. It was 1.2.
I got same error with wget so I understand that problem not in python itself, but somewhere in openssl and system settings.
On Ubuntu 20.04.1 LTS I upgrade openssl from 1.1.1f to 1.1.1g - it solves the issue for me. I followed this manual.
In order to access a Reviewboard server I need to disable the SSL verification, however, I can't seem to do this from Reviewboard's Python API.
I've added a 'DISABLE_SSL_VERFICATION = True' line to ~/.reviewboardrc. The rbt commands themselves find this file ok, but scripts using the Python API don't seem to know it exists.
I'm seeing this behavior on both Ubuntu and a Cygwin install under Windows.
Is there something I'm missing with setting my Reviewboard configuration? Is there another way to disable SSL verification with the Python API?
I wasn't able to disable ssl verification globally, but there is a way to disable it when creating the RBClient that then carries through to any operations performed using that client.
Originally I was creating my client as below:
client = RBClient('server_url')
To disable ssl verification I added a verify_ssl argument and set it to false:
client = RBClient('server_url', verify_ssl=False)
Use the option —disable-ssl-verification for all rbt commands.
For example to post to Review board using retools use the command below.
rbt post —disable-ssl-verification
The exact reason why this is required is because of the Python Library. If you are using a Python Library version greater than 2.7.9 you will need this additional option.
Working on a python app on Mac (Yosemite OSX 10.10) I ran into this issue:
OperationalError: (2049, "Connection using old (pre-4.1.1) authentication protocol refused (client option 'secure_auth' enabled)")
With a bit of research it seemed that my client (that is mysql-python) is using secure auth and the user had a password encrypted in an old style, that is prior to pre-4.1.1.
As I do not have ways to handle things on the DB side I was wondering if there was a workaround or a way to deactivate secure_auth on mysql-python?
I am adapting the answer from here:
Eventually you have to tell the client who has an old-style password to change it to a new-style password. Old passwords are not secure.
Now, you are getting the error since the client has secure_auth set, but they have an old password. In order to login with the old password, the client must disable secure_auth on the client side. How exactly you do this varies by which client you're using.
Some other workarounds can be found in the MySQL documentation: Client does not support authentication protocol
I found a cure!
Or rather a workaround. From this post I decided to select slightly older version of MySQL and MySQLdb and this solved the issue.
Here is how I did it:
I had previously installed mysql_python for my python and had the brew version of mysql installed.
I deteleted all of that.
I look for a way to install MySQLdb by looking for it last stable version with the source.
I compiled them (followed the isntructions here), installed them and then I looked for a stable version of MySQL client (MySQL website is the best place for that) and install the 5.5 version which was perfectly fitting my requirements.
I made mysql to launch itself automatically and then restarted my computer (but you can just restart apache) and check that all path were correct and the right includes are in the right places (you can check that against the link above).
And now it all works fine!
Hope it helps.
I am trying to Setup Mercurial on IIS 7.5 on Windows 2008 R2 Standard SP1 64bit.
At first we installed it on a Win 7 machine 32bit with no problem , but moved it to the live server and got user permission issue.
TortoiseHg give teh following error when I Push.
HTTP Error: 500 (Access to the path 'C:\Apps\hglab\Repos\data\repositories\master\CashExpress\Kenya.hg\store\00changelog.i' is denied.)
I had to activate 32bit apps on the 2008 R2 webserver.
I am using HgLab 0.3.10 and TortoiseHg 2.9.2
I am using the Mercurial I downloaded from this site http://hglabhq.com/
I searched the web extensively and also Stack overflow. Most solutions are not for IIS7.5 and those that are for IIS7.5 does not address my problem.
I think it is a user permission issue or 32bit/64bit. Not sure what the user is that Mercurial uses.
I tried grating the anonymous IUSR full access, but no success.
I check the IIS logs and it looks like it is using user "mecurial/proto1.0" which I can't get any information on. I also can't find that user on windows. I presume it is a Python/Apatch user.
If you need any more information I will get it for you.
I am not that familiar with Python or Apache.
I want to use Mecurial and not TFS.