mei_rt2mei_rt2_fix_1meiyap-rt1rt2
rt2-01
|
Last change
on this file since 10e1588 was
10e1588,
checked in by Mei <mei@…>, 12 years ago
|
|
1) added oset handling
2) add dynamic constraints
|
-
Property mode set to
100755
|
|
File size:
1.1 KB
|
| Line | |
|---|
| 1 | |
|---|
| 2 | rm -rf creds_dump |
|---|
| 3 | |
|---|
| 4 | eloc=/home/mei/Deter/abac/libabac |
|---|
| 5 | keyloc=/home/mei/Deter/abac/examples/access_rt2_typed |
|---|
| 6 | |
|---|
| 7 | alpha=`creddy --keyid --cert $keyloc/Alpha_ID.pem` |
|---|
| 8 | bob=`creddy --keyid --cert $keyloc/Bob_ID.pem` |
|---|
| 9 | joe=`creddy --keyid --cert $keyloc/Joe_ID.pem` |
|---|
| 10 | |
|---|
| 11 | bob_prin="[keyid:$bob]" |
|---|
| 12 | |
|---|
| 13 | access_fileA="[keyid:$alpha].role:access([string:'read'],[urn:'file//fileA'])" |
|---|
| 14 | team_proj2="[keyid:$alpha].role:team([string:'proj2'])" |
|---|
| 15 | bob_prin="[keyid:$bob]" |
|---|
| 16 | joe_prin="[keyid:$joe]" |
|---|
| 17 | |
|---|
| 18 | ## dump all credentials -- does not work |
|---|
| 19 | #$eloc/abac_prover_yap --keystore $keyloc --dump creds_dump |
|---|
| 20 | |
|---|
| 21 | #[keyid:Alpha].role:access([string:'read'],[urn:'file//fileA']) <-?- [keyid:bob] (yes) |
|---|
| 22 | echo "===good============ Alpha.access(read,fileA)<-?-Bob yap " |
|---|
| 23 | $eloc/abac_prover_yap --keystore $keyloc --role "$access_fileA" --principal "$bob_prin" |
|---|
| 24 | |
|---|
| 25 | echo "===bad============ Alpha.access(read,fileA)<-?-Joe yap " |
|---|
| 26 | $eloc/abac_prover_yap --keystore $keyloc --role "$access_fileA" --principal "$joe_prin" |
|---|
| 27 | |
|---|
| 28 | echo "===good============ Alpha.team(proj2)<-?-Joe yap " |
|---|
| 29 | #[keyid:alpha].oset:team([string:'proj2'])<-[keyid:Joe] |
|---|
| 30 | $eloc/abac_prover_yap --keystore $keyloc --role "$team_proj2" --principal "$joe_prin" |
|---|
| 31 | |
|---|
Note: See
TracBrowser
for help on using the repository browser.
