The Generic Security Service (GSS) API was designed to provide
authentication, message integrity, and message confidentiality in a
manner independent of the underlying security mechanism and independent
of the network transport protocol used between communicating entities.
Unfortunately, the GSS-API has not seen widespread adoption outside a
few isolated areas. There are varying opinions as to why
this is the case. Some people see the GSS-API as a bit too unwieldy.
Case in point: the function gss_init_sec_context takes no fewer than
thirteen parameters! Others see it as being due to the fact that there
are not very many GSS-API mechanisms out there (Kerberos V5, SPKM, and
possibly a few others), and that most application developers do not want
to presuppose that someone has built a full-fledged Kerberos or public
key security infrastructure.
This project is mainly intended to attempt to address the first problem:
that the GSS-API is seen as unwieldy and difficult to learn. Python is
a very powerful and very easy-to-learn language, and my goal is to make
a GSS-API implementation for Python that is easy to use.
This early release of GSS-API for Python is a wrapper interface over MIT's
Kerberos V5 GSS-API mechanism. I used the excellent tool
SWIG to make this a manageable
task. Due to export restrictions, you will have to obtain MIT Kerberos
separately in order for this code to compile and run.
