qivSrSSKrSSKrSSKrSSKJr SSKJr Sr\R"\ 5r "SS\5r g)a Implementation of a domain controller that allows users to authenticate against a Windows NT domain or a local computer. Used by HTTPAuthenticator. Only available on linux and macOS. See also https://wsgidav.readthedocs.io/en/latest/user_guide_configure.html Purpose ------- Usage:: from wsgidav.dc.nt_dc import NTDomainController domain_controller = NTDomainController(wsgidav_app, config) where: + domain_controller object corresponds to that in ``wsgidav.yaml`` or as input into ``wsgidav.http_authenticator.HTTPAuthenticator``. + preset_domain allows the admin to specify a domain to be used (instead of any domain that may come as part of the user_name in domain\user). This is useful only if there is one domain to be authenticated against and you want to spare users from typing the domain name + preset_server allows the admin to specify the NETBIOS name of the domain controller to be used (complete with the preceding \\). if absent, it will look for trusted domain controllers on the localhost. This class allows the user to authenticate against a Windows NT domain or a local computer, requires NT or beyond (2000, XP, 2003, etc). This class requires Mark Hammond's Win32 extensions for Python at here_ or sourceforge_ .. _here : http://starship.python.net/crew/mhammond/win32/Downloads.html .. _sourceforge : http://sourceforge.net/projects/pywin32/ Information on Win32 network authentication was from the following resources: + http://ejabberd.jabber.ru/node/55 + http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/81402 Testability and caveats ----------------------- **Digest Authentication** Digest authentication requires the password to be retrieve from the system to compute the correct digest for comparison. This is so far impossible (and indeed would be a big security loophole if it was allowed), so digest authentication WILL not work with this class. Highly recommend basic authentication over SSL support. **User Login** Authentication will count as a user login attempt, so any security in place for invalid password attempts may be triggered. Also note that, even though the user is logged in, the application does not impersonate the user - the application will continue to run under the account and permissions it started with. The user has the read/write permissions to the share of the running account and not his own account. **Using on a local computer** This class has been tested on a local computer (Windows XP). Leave domain as None and do not specify domain when entering user_name in this case. **Using for a network domain** This class is being tested for a network domain (I'm setting one up to test). N)util)BaseDomainControllerreStructuredTextc^^\rSrSrU4SjrSrSrSrSrSr Sr S r S r S r S rU=r$) NTDomainControllerXc>[TU]X5 [R"USSS9nUR S5UlUR S5Ulg)Nnt_dcT)as_dict preset_domain preset_server)super__init__rget_dict_valuegetr r )self wsgidav_appconfigdc_conf __class__s E/home/kali/flask_env/lib/python3.13/site-packages/wsgidav/dc/nt_dc.pyrNTDomainController.__init__YsF -%%fgtD$[[9$[[9clURRSUR<SUR<S3$)N(, ))r__name__r r rs r__str__NTDomainController.__str__as7~~&&'q););(>bASAS@VVW X rcg)NzWindows Domain Authentication)r path_infoenvirons rget_domain_realm#NTDomainController.get_domain_realmfs.rcg)NTr#)rrealmr%s rrequire_authentication)NTDomainController.require_authenticationisrcnURU5upVURU5nURXcXW5$N)_get_domain_username_get_domain_controller_name _auth_user)rr) user_namepasswordr%domainuserdc_names rbasic_auth_user"NTDomainController.basic_auth_userls500; 226:tv??rcg)NFr#rs rsupports_http_digest_auth,NTDomainController.supports_http_digest_authqsrcURSS5n[U5S:XaSnUSnO USnUSnURb URnX44$)N\r)splitlenr )rr1 user_datar3r4s rr.'NTDomainController._get_domain_usernames]OOD!, y>Q FQvjIJ >> !!M!"56 s$BC 5C 7C D4DDc tURXU5(dgSn[R"UUU[R[R5nU(d8[ R SU<SU<S35 U(aUR5 ggU(aUR5 [ RSU<S35 g![RaBn[ R SU<SU<SU35 SnAU(aUR5 ggSnAff=f!U(aUR5 ff=f) NFz LogonUser(rz, '***') failed.z, '***') failed: rKz logged on.T) r^ win32security LogonUserLOGON32_LOGON_NETWORKLOGON32_PROVIDER_DEFAULTrSwarningCloserRdebug)rr1r2r3rVhtokenerrs rr0NTDomainController._auth_users }}Y77 ",,3366 F*YMF:EU VW   i]+67""  OOYMF:5FseL      s*ACD D8DDDD7)r r )r __module__ __qualname____firstlineno__rr r&r*r6r9r.r/r^r0__static_attributes__ __classcell__)rs@rrrXs;: /@ 2  0rr) __doc__rCrMrawsgidavrwsgidav.dc.base_dcr __docformat__get_module_loggerrrSrr#rrrusAHR3"   *C-Cr