使用 NTLM 使用 Python 脚本访问 SharePoint 列表的当前用户凭据进行授权 [英] Authorise with current user credentials for Python script accessing SharePoint list using NTLM

问题描述

我有一个脚本，用于检查 SharePoint 列表中的特定文件修订并返回结果.这很有效，但目前我的授权方法要求我在代码中包含我自己的密码才能访问 SharePoint 列表，这并不理想，因为密码必须经常更新，其他用户可能会查看我的登录详细信息.

I have a script that checks a SharePoint list for a specific file revision and returns the result. This works well, but currently my authorisation method requires me to include my own password in the code to gain access to the SharePoint list, which isn't ideal given that passwords have to be updated frequently and other users can potentially view my login details.

有人可以为我指明使用当前用户凭据访问 SharePoint 网站的正确方向吗?我一直在绕圈子查看 ActiveDirectory、NTLM、SOAP 等，但无法解读其中哪一种是最合适的方法.

Can someone point me in the right direction for using the current users credentials to access the SharePoint site? I've been going round in circles looking at ActiveDirectory, NTLM, SOAP etc and cannot decipher which of these is the most appropriate method.

我使用的是Python 2.7，工作功能如下:

I am using Python 2.7 and the working function is as follows:

import urllib2
from sharepoint import SharePointSite
from ntlm import HTTPNtlmAuthHandler

def read_sharepoint_list(current_project):
    # my Windows credentials
    username = "Domain\user.name"
    password = "my_password"
    # the sharepoint info
    site_url = "http://SharePoint/"
    list_name = "My List"
    # an opener for the NTLM authentication
    passman = urllib2.HTTPPasswordMgrWithDefaultRealm()
    passman.add_password(None, site_url, username, password)
    auth_NTLM = HTTPNtlmAuthHandler.HTTPNtlmAuthHandler(passman)
    # create and install the opener
    opener = urllib2.build_opener(auth_NTLM)
    urllib2.install_opener(opener)
    # create a SharePointSite object
    site = SharePointSite(site_url, opener)
    sp_list = site.lists[list_name] 

    for row in sp_list.rows:
        if current_project in row.Filename:
            basecase_rev = row.Rev

    return basecase_rev

推荐答案

requests_ntlm 库有一个开放的 pull request 此处 合并 Windows 用户的 SSPI 身份验证.我必须对代码进行一些编辑才能使其正常工作，但它对我有用.

There is an open pull request for the requests_ntlm library here to merge in SSPI authentication for Windows users. I had to make a few edits to the code for it to be functional, but it is working for me.

您首先需要安装 requests 和 requests_ntlm，然后修改requests_ntlm\__init__.py"包文件(如果在 Windows 上，则在您的 PythonLibsite-packages"文件夹中)以类似于以下内容:

You'll first need to install requests and requests_ntlm, then modify the "requests_ntlm\__init__.py" package file (in your Python "Libsite-packages" folder if on Windows) to resemble the following:

from .requests_ntlm import HttpNtlmAuth
from .requests_ntlmsspi import HttpNtlmSspiAuth

__all__ = ('HttpNtlmAuth', 'HttpNtlmSspiAuth')

接下来，将requests_ntlmsspi.py"文件(来自上面的链接)添加到requests_ntlm"包文件夹中.

Next, add the "requests_ntlmsspi.py" file (from the link above) to the "requests_ntlm" package folder.

然后您应该能够使用当前用户的凭据进行身份验证，如下所示:

You should then be able to authenticate using the current user's credentials as follows:

import requests
from requests_ntlm import HttpNtlmAuth, HttpNtlmSspiAuth

requests.get(site_url, auth=HttpNtlmSspiAuth())

这篇关于使用 NTLM 使用 Python 脚本访问 SharePoint 列表的当前用户凭据进行授权的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！