Graceful Kerberos authentication
Currently the code relies on ecp-cookie-init
to grab the cookies from the DCC to allow access. One problem with this approach is that ecp-cookie-init
writes a cookie file which cannot be properly interpreted by Python 3.5. The session cookies set by the DCC have expiration dates of "0", which means "expire at the end of the session". Python, however, interprets only empty strings as "expire at the end of the session", and interprets "0" as the Python time epoch, i.e. a time well inthe past and therefore expired. As a workaround, dcc-api
overrides the cookie parser contained within Python to handle "0" as the same as an empty string, but it would be nicer to handle Kerberos authentication properly by doing whatever it is that ecp-cookie-init
does itself. This would have the possible benefit of removing the need for the LSCSoft
dependency, but that's probably not a big deal.
Look into python-requests
library and Kerberos extensions.