Kerberos authentication for Twisted Python client/server

Question

Task: add Kerberos active directory authentication to an insecure reporting and data manipulation desktop application. This app is...

• written in Stackless Python 2.7
• uses Twisted for client-server interactions
• Client is compiled to an exe and runs on Windows
• Servers run on Linux (Red Hat)

Currently we pull the Windows network ID (logon name) from the user's account and pass to the server, which looks up what permissions that user is configured to have, and passes back menu options which provide access just to those features. Main weakness is that one could send a different username to the server and access other permissions.

Therefore Kerberos. (And LDAP, from what I read.)

Question:

Does Twisted provide a built-in Kerberos setup?
authkerb perhaps?

I found authkerb after a ton of searching, but I don't see feedback from anyone using it. I'm not sure where to start. If anyone has experience with this, or if you've run across any relevant info to implementing Kerberos specifically with Twisted, I'd appreciate it immensely!

---

I've never touched anything like Kerberos before, so I read up on it:

kerberos.org/software/tutorial.html  
technet.microsoft.com/library/cc961976  
web.mit.edu/kerberos/krb5-latest/doc/appdev/init_creds.html  
web.mit.edu/kerberos/krb5-1.12/doc/user/tkt_mgmt.html

Also found tips on what to avoid:

faqs.org/faqs/kerberos-faq/general/section-83.html

Answer 1

Twisted does not.

However, http://calendarserver.org, which is bassed on Twisted, does have kerberos authentication, and was the originator of the https://pypi.python.org/pypi/pykerberos project. It should serve as a workable example.