# Set status to 401
self.set_status(401)
+ @functools.cache
def get_authenticated_user(self):
auth_header = self.request.headers.get("Authorization", None)
return
# Perform GSS API Negotiation
- if auth_header.startswith("Negotiate"):
+ if auth_header.startswith("Negotiate "):
return self._auth_negotiate(auth_header)
# Perform Basic Authentication
except:
raise tornado.web.HTTPError(400, "Authorization data was malformed")
+ # Authenticate against Kerberos
+ return self._auth_with_credentials(username, password)
+
+ def _auth_with_credentials(self, username, password):
# Check the credentials against the Kerberos database
try:
kerberos.checkPassword(username, password,