Skip to content

Commit e53ffdc

Browse files
rebecccrebeccc
committed
Update tutorial to make server_name equal FQDN
The introduction shows the differences between NameTypes and accidentally uses a hardcoded value for server_name, which is a variable that is used to make calls later in the code. By changing server_name to a FQDN, this variable will work for anybody using the tutorial.
1 parent 99ee548 commit e53ffdc

File tree

1 file changed

+7
-7
lines changed

1 file changed

+7
-7
lines changed

docs/source/basic-tutorial.md

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -43,12 +43,12 @@ Suppose we wanted to refer to an HTTP server on the current host.
4343
We could refer to it as a *host-based service*, or in the default
4444
mechanism form (in this case, for krb5):
4545

46-
>>> server_hostbased_name = gssapi.Name('HTTP@' + FQDN, name_type=gssapi.NameType.hostbased_service)
46+
>>> server_hostbased_name = gssapi.Name(f"HTTP@{FQDN}", name_type=gssapi.NameType.hostbased_service)
4747
>>> server_hostbased_name
48-
Name(b'HTTP@sross', <OID 1.2.840.113554.1.2.1.4>)
49-
>>> server_name = gssapi.Name('HTTP/sross@')
48+
Name(b'HTTP@seton.mivehind.net', <OID 1.2.840.113554.1.2.1.4>)
49+
>>> server_name = gssapi.Name(f"HTTP/{FQDN}@")
5050
>>> server_name
51-
Name(b'HTTP/sross@', None)
51+
Name(b'HTTP/seton.mivehind.net@', None)
5252
>>>
5353

5454
These are both effectively the same, but if we *canonicalize* both
@@ -80,7 +80,7 @@ to acquire credentials as such:
8080

8181
>>> REALM.addprinc('HTTP/%s@%s' % (FQDN, REALM.realm))
8282
>>> REALM.extract_keytab('HTTP/%s@%s' % (FQDN, REALM.realm), REALM.keytab)
83-
>>> server_creds = gssapi.Credentials(usage='accept', name=server_name)
83+
>>> server_creds = gssapi.Credentials(usage='accept', name=server_hostbased_name)
8484
>>>
8585

8686
Note that for the krb5 mechanism, in order to acquire credentials with
@@ -100,7 +100,7 @@ credentials are usable:
100100

101101
>>> server_creds.usage
102102
'accept'
103-
>>> server_creds.name == server_name
103+
>>> server_creds.name == server_hostbased_name
104104
True
105105
>>> server_creds.lifetime is None
106106
True
@@ -125,7 +125,7 @@ When establishing a security context, the default credentials are
125125
used unless otherwise specified. This allows applications to use
126126
the user's already acquired credentials:
127127

128-
>>> client_ctx = gssapi.SecurityContext(name=server_name, usage='initiate')
128+
>>> client_ctx = gssapi.SecurityContext(name=server_hostbased_name, usage='initiate')
129129
>>> initial_client_token = client_ctx.step()
130130
>>> client_ctx.complete
131131
False

0 commit comments

Comments
 (0)