Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support communication with vCenter Server via kerberos authenticated proxy sever #389

Open
VedaNiks opened this issue Jul 21, 2023 · 1 comment
Open

Support communication with vCenter Server via kerberos authenticated proxy sever #389

VedaNiks opened this issue Jul 21, 2023 · 1 comment
Assignees
@kunal-pmj
Labels
enhancement feature request

Comments

@VedaNiks
Copy link

Is your feature request related to a problem? Please describe.

I need to communicate with vCenter Server and all the traffic goes through a kerberos authenticated proxy sever. I am not able to authenticate the proxy server since the requests.session does not support/use 'Proxy-Authorization' header.
I am using below code:

import requests
import urllib3
from vmware.vapi.vsphere.client import create_vsphere_client
from requests_kerberos import HTTPKerberosAuth

kerb_auth = HTTPKerberosAuth(force_preemptive=True)
auth_header = kerb_auth.generate_request_header(None, '10.24.129.100', True)
session = requests.session()

# Disable cert verification for demo purpose.
# This is not recommended in a production environment.
session.verify = False
session.proxies = {
    'http': 'http://10.24.129.100:3128',
    'https': 'http://10.24.129.100:3128',
}
session.headers = {
    'Proxy-Authorization': auth_header
}

# Disable the secure connection warning for demo purpose.
# This is not recommended in a production environment.
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

# Connect to a vCenter Server using username and password
vsphere_client = create_vsphere_client(server='VC_IP',
                                       username='[email protected]',
                                       password='p@s$w0rD',
                                       session=session)

# List all VMs inside the vCenter Server
print(len(vsphere_client.vcenter.VM.list()))

Even for proxy server with basic authentication, we have to set proxy credentials as below:

session.proxies = {
    'http': 'http://squid_user:p@[email protected]:3128',
    'https': 'http://squid_user:p@[email protected]:3128'
}

Is there a way to connect to vCenter Server via kerberos authenticated proxy server by using VMware automation SDK python project?

Describe the solution you'd like

A way to authenticate proxy server which supports kerberos authentication.

Describe alternatives you've considered

The WAR for this is to directly use vCenter APIs with urllib3 library.

Additional context

No response
@kunal-pmj kunal-pmj self-assigned this Jul 24, 2023
@VedaNiks
Copy link
Author

@kunal-pmj any ETA for this feature?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kunal-pmj kunal-pmj

Labels
enhancement feature request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kunal-pmj @VedaNiks @jobingeo