1) Added support for Kerberos authentication, using SPNEGO to forward the Kerberos tickets through a browser. Fixes #5457

2) Fixed incorrect log information for AUTHENTICATION_SOURCES. Fixes #5829

web/pgadmin/utils/constants.py

@@ -47,3 +47,12 @@ ERROR_FETCHING_ROLE_INFORMATION = gettext(
     'Error fetching role information from the database server.')
 
 ERROR_FETCHING_DATA = gettext('Unable to fetch data.')
+
+# Authentication Sources
+INTERNAL = 'internal'
+LDAP = 'ldap'
+KERBEROS = 'kerberos'
+
+SUPPORTED_AUTH_SOURCES = [INTERNAL,
+                          LDAP,
+                          KERBEROS]

web/pgadmin/utils/master_password.py

@@ -1,8 +1,9 @@
 import config
-from flask import current_app
+from flask import current_app, session
 from flask_login import current_user
 from pgadmin.model import db, User, Server
 from pgadmin.utils.crypto import encrypt, decrypt
+from pgadmin.utils.constants import KERBEROS
 
 
 MASTERPASS_CHECK_TEXT = 'ideas are bulletproof'
@@ -32,6 +33,11 @@ def get_crypt_key():
     elif config.MASTER_PASSWORD_REQUIRED \
             and not config.SERVER_MODE and enc_key is None:
         return False, None
+    elif config.SERVER_MODE and \
+            session['_auth_source_manager_obj']['source_friendly_name']\
+            == KERBEROS:
+        return True, session['kerberos_key'] if 'kerberos_key' in session \
+            else None
     else:
         return True, enc_key