We have some XMLRPC servers that we would like to have GSSAPI authentication handled by the web server. Does the ability to handle Negotiate/GSSAPI authentication seem like a reasonable thing to add to the python xmlrpc library?
Are you offering to add it? And provide support going forward? I don’t know how common the need for GSSAPI support is, but from what little I’ve seen of the protocol, it’s not trivial to implement.
I’m not sure - possibly. Although I’ve managed to solve my immediate issue in a different way so I may not really need it either. At the moment more trying to gauge interest and whether or not a pull request to support it would be accepted.
Although I am firmly on the side of Python as “batteries
included”, I don’t think that even something so minor use as
combination of already obscure XMLRPC protocol with GSSAPI must
be included in the standard library. Writing HTTPBasicAuthHandler
subclass is really not that complicated, I did it myself
couple of times (urllib2_kerberos - thin wrapper of urllib2 use python-kerberos
and urllib2_prior_auth - Module allowing prior authorization to HTTP (bpo#19494), both of them
probably bitrotten to unuseability).