source: examples/access_rt2_typed/rr @ 907af43

mei_rt2mei_rt2_fix_1meiyap-rt1rt2
Last change on this file since 907af43 was e88c95b, checked in by Mei <mei@…>, 13 years ago

1) switch the order of terms within the rule clause.

carl said more specific should be at the earlier part of rule so
it won't backtrack to death.

2) unset some debug flag in creddy
  • Property mode set to 100755
File size: 1.1 KB
Line 
1
2rm -rf creds_dump
3
4eloc=/home/mei/Deter/abac/libabac
5keyloc=/home/mei/Deter/abac/examples/access_rt2_typed
6
7alpha=`creddy --keyid --cert $keyloc/Alpha_ID.pem`
8bob=`creddy --keyid --cert $keyloc/Bob_ID.pem`
9joe=`creddy --keyid --cert $keyloc/Joe_ID.pem`
10
11bob_prin="[keyid:$bob]"
12
13access_fileA="[keyid:$alpha].role:access([string:'read'],[urn:'file//fileA'])"
14team_proj2="[keyid:$alpha].role:team([string:'proj2'])"
15bob_prin="[keyid:$bob]"
16joe_prin="[keyid:$joe]"
17
18## dump all credentials -- does not work
19$eloc/abac_prover_yap  --keystore $keyloc --dump creds_dump
20
21#[keyid:Alpha].role:access([string:'read'],[urn:'file//fileA']) <-?- [keyid:bob] (yes)
22echo "===good============ Alpha.access(read,fileA)<-?-Bob  yap "
23$eloc/abac_prover_yap  --keystore $keyloc --role "$access_fileA" --principal "$bob_prin"
24
25echo "===bad============ Alpha.access(read,fileA)<-?-Joe  yap "
26$eloc/abac_prover_yap  --keystore $keyloc --role "$access_fileA" --principal "$joe_prin"
27
28echo "===good============ Alpha.team(proj2)<-?-Joe  yap "
29#[keyid:alpha].oset:team([string:'proj2'])<-[keyid:Joe]
30$eloc/abac_prover_yap  --keystore $keyloc --role "$team_proj2" --principal "$joe_prin"
31
Note: See TracBrowser for help on using the repository browser.