FlASK-Kerberos在通过FlaskRun和Vim运行代码时会产生不同的结果

2022-04-19 00:00:00 python flask kerberos

问题描述

简单地说,有一个基于Flask-Kerberos example的FlaskApp,具有有效的密钥表文件(os.environ['KRB5_KTNAME']='/path/to/file.keytab')。

这是我的项目的工作树:

flask_kerberos_example
    static
        style.css
    templates
        index.html
    example_pure.py
    config.py
    .flaskenv

以下是‘Example_pure.py’文件的内容:

from flask import Flask
from flask import render_template
from flask_kerberos import init_kerberos
from flask_kerberos import requires_authentication
from config import Config

app = Flask(__name__)
app.config.from_object(Config)

@app.route("/")
@requires_authentication
def index(user):
    return render_template('index.html', user=user)

if __name__ == '__main__':
    init_kerberos(app, hostname='Server.l.s.d')
    app.run(host="0.0.0.0", port=5000)

这里是‘config.py’

import os
import base64
from dotenv import load_dotenv

basedir = os.path.abspath(os.path.dirname(__file__))
load_dotenv(os.path.join(basedir, '.flaskenv'))

class Config(object):

    # Setup Secret Key for Application
    SECRET_KEY = os.environ.get('SECRET_KEY') or str(base64.b64encode('you-will-never-guess'.encode("utf-8")))

这里是‘.flaskenv’

FLASK_APP="example_pure.py"
FLASK_RUN_HOST="0.0.0.0"
FLASK_RUN_PORT=5000

当我使用F9通过VIM执行此代码时,我得到了所需的输出

浏览器(http://Server.l.s.d:5000/)

烧瓶Kerberos示例

成功了,我想您是用户名@L.S.D

CMD

(venv) User@Server:~/.../flask_kerberos_example$ vim

 * Serving Flask app "example_pure" (lazy loading)
 * Environment: production
   WARNING: This is a development server. Do not use it in a production deployment.
   Use a production WSGI server instead.
 * Debug mode: off
 * Running on http://0.0.0.0:5000/ (Press CTRL+C to quit)
a.b.c.d - - [08/Jul/2021 09:35:19] "GET / HTTP/1.1" 401 -
a.b.c.d - - [08/Jul/2021 09:35:19] "GET / HTTP/1.1" 200 -
a.b.c.d - - [08/Jul/2021 09:35:19] "GET /static/style.css HTTP/1.1" 304 -

但是,当我使用flask run启动烧瓶应用程序时,我没有看到完全相同的结果。

浏览器(http://Server.l.s.d:5000/)

内部服务器错误

服务器遇到内部错误,无法完成 你的请求。可能是服务器超载,或者是 应用程序。

CMD

(venv) User@Server:~/.../flask_kerberos_example$ flask run

 * Serving Flask app "example_pure.py"
 * Environment: production
   WARNING: This is a development server. Do not use it in a production deployment.
   Use a production WSGI server instead.
 * Debug mode: off
 * Running on http://0.0.0.0:5000/ (Press CTRL+C to quit)
a.b.c.d - - [08/Jul/2021 09:37:28] "GET / HTTP/1.1" 401 -
[2021-07-08 09:37:28,023] ERROR in app: Exception on / [GET]
Traceback (most recent call last):
  File "/home/user/venv/lib/python3.7/site-packages/flask/app.py", line 2447, in wsgi_app
    response = self.full_dispatch_request()
  File "/home/user/venv/lib/python3.7/site-packages/flask/app.py", line 1952, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/home/user/venv/lib/python3.7/site-packages/flask/app.py", line 1821, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "/home/user/venv/lib/python3.7/site-packages/flask/_compat.py", line 39, in reraise
    raise value
  File "/home/user/venv/lib/python3.7/site-packages/flask/app.py", line 1950, in full_dispatch_request
    rv = self.dispatch_request()
  File "/home/user/venv/lib/python3.7/site-packages/flask/app.py", line 1936, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/home/user/venv/lib/python3.7/site-packages/flask_kerberos.py", line 106, in decorated
    rc = _gssapi_authenticate(token)
  File "/home/user/venv/lib/python3.7/site-packages/flask_kerberos.py", line 70, in _gssapi_authenticate
    rc, state = kerberos.authGSSServerInit(_SERVICE_NAME)
TypeError: argument 1 must be str, not None
a.b.c.d - - [08/Jul/2021 09:37:28] "GET / HTTP/1.1" 500 -

正如我所看到的,Flask会责备_SERVICE_NAME变量。我不明白是否必须将其设置在‘.flaskenv’或‘config.py’中,不是吗?这个问题似乎与我之前的问题部分重叠:"TypeError: argument 1 must be str, not None" when running Flask-Kerberos

谁能向我解释一下什么可能是问题,为什么我会得到不同的结果?


解决方案

当您使用flask run时,它会将您的应用程序作为模块导入,因此__name__将不等于";__main__";,因此init_kerberos()永远不会被调用,也不会在flASK-kerberos中设置_SERVICE_NAME全局。

另外,一般来说,我建议切换到flask-gssapi,这既是因为它以一种更干净的方式编写,不依赖于全局状态,也是因为它基于python-gssani而不是几乎没有维护的旧的pykerberos。

相关文章