mei_rt2mei_rt2_fix_1meiyap-rt1rt2
Last change
on this file since 9502c50 was
9502c50,
checked in by Mei <mei@…>, 12 years ago
|
1) rename examples' rr to run_query
2) updated some doc
3) add decode to creddy --roles and creddy --display --show so it will
show more useful attribute rule string
4) stub in the python script in one of the example directory
|
-
Property mode set to
100755
|
File size:
1.1 KB
|
Rev | Line | |
---|
[10e1588] | 1 | |
---|
[9502c50] | 2 | |
---|
| 3 | # access_rt2_typed |
---|
[10e1588] | 4 | |
---|
[c469edf] | 5 | pwd=`pwd` |
---|
| 6 | |
---|
| 7 | eloc=$pwd/../../libabac |
---|
| 8 | keyloc=$pwd |
---|
[10e1588] | 9 | |
---|
| 10 | alpha=`creddy --keyid --cert $keyloc/Alpha_ID.pem` |
---|
| 11 | bob=`creddy --keyid --cert $keyloc/Bob_ID.pem` |
---|
| 12 | joe=`creddy --keyid --cert $keyloc/Joe_ID.pem` |
---|
| 13 | |
---|
| 14 | bob_prin="[keyid:$bob]" |
---|
| 15 | |
---|
[9806e76] | 16 | access_fileA="[keyid:$alpha].role:access([string:'Read'],[urn:'file//fileA'])" |
---|
[10e1588] | 17 | team_proj2="[keyid:$alpha].role:team([string:'proj2'])" |
---|
| 18 | bob_prin="[keyid:$bob]" |
---|
| 19 | joe_prin="[keyid:$joe]" |
---|
| 20 | |
---|
[7b548fa] | 21 | ## dump all credentials |
---|
[e88c95b] | 22 | $eloc/abac_prover_yap --keystore $keyloc --dump creds_dump |
---|
[10e1588] | 23 | |
---|
[9806e76] | 24 | #[keyid:Alpha].role:access([string:'Read'],[urn:'file//fileA']) <-?- [keyid:bob] (yes) |
---|
[36b100a] | 25 | echo " " |
---|
[9502c50] | 26 | echo "===good============ Alpha.access(Read,fileA)<-?-Bob" |
---|
[10e1588] | 27 | $eloc/abac_prover_yap --keystore $keyloc --role "$access_fileA" --principal "$bob_prin" |
---|
| 28 | |
---|
[36b100a] | 29 | echo " " |
---|
[9502c50] | 30 | echo "===bad============ Alpha.access(Read,fileA)<-?-Joe" |
---|
[10e1588] | 31 | $eloc/abac_prover_yap --keystore $keyloc --role "$access_fileA" --principal "$joe_prin" |
---|
| 32 | |
---|
[36b100a] | 33 | echo " " |
---|
[9502c50] | 34 | echo "===good============ Alpha.team(proj2)<-?-Joe" |
---|
[10e1588] | 35 | #[keyid:alpha].oset:team([string:'proj2'])<-[keyid:Joe] |
---|
[e88c95b] | 36 | $eloc/abac_prover_yap --keystore $keyloc --role "$team_proj2" --principal "$joe_prin" |
---|
[10e1588] | 37 | |
---|
Note: See
TracBrowser
for help on using the repository browser.