Context Navigation

source: examples/access_tests/creddy_prover/s1_run_query @ 11ca336

mei_rt2

Last change on this file since 11ca336 was 2e9455f, checked in by Mei <mei@…>, 11 years ago
1) added namespace 2) tweak ?This, 3) allowing linking role/oset as constraining conditions 4) adding access_tests regression testing that uses GENI's access policy 5) added couple multi contexts regression tests 6) add compression/uncompression calls to abac_encode_string/abac_decode_string (libstrongwan only allows 512 char for attribute rule storage) 7) add attribute_now option to creddy that takes a whole char string for attribute rule
Property mode set to `100755`
File size: 1.6 KB

Line
1	#!/bin/sh
2
3	# geni s1_run_query
4	# using aba_prover_yap
5
6	echo "=====================s1_run_query=================="
7
8	pwd=`pwd`
9
10	eloc=`which abac_prover_yap \| sed 's/\/abac_prover_yap//'`
11	if [ "$eloc" = "" ]; then
12	echo "ERROR: abac_prover_yap is not in the search path!!!"
13	exit 1
14	fi
15
16	keyloc=$pwd
17
18	g=`creddy --keyid --cert $keyloc/G_ID.pem`
19	pa=`creddy --keyid --cert $keyloc/PA_ID.pem`
20	sa=`creddy --keyid --cert $keyloc/SA_ID.pem`
21
22	## dump all credentials
23	env ABAC_CN=1 $eloc/abac_prover_yap --keystore $keyloc --dump s1_creds_dump
24
25	## PA.std_ops <- "info"
26	#[keyid:PA].oset:std_ops <-?- [string:'info'] (yes)
27	role="[keyid:$pa].oset:std_ops"
28	prin="[string:'info']"
29	echo " "
30	echo "===good============ PA.std_ops<-?-info"
31	$eloc/abac_prover_yap --keystore $keyloc --role "$role" --principal "$prin"
32
33	#[keyid:G].oset:qualifiedProject <-?- [string:'proj1'] (yes)
34	role="[keyid:$g].oset:qualifiedProject"
35	prin="[string:'proj1']"
36	echo " "
37	echo "===good============ G.qualifiedProject<-?-proj1"
38	$eloc/abac_prover_yap --keystore $keyloc --role "$role" --principal "$prin"
39
40	#[keyid:G].oset:qualifiedProject <-?- [string:'projX'] (no)
41	role="[keyid:$g].oset:qualifiedProject"
42	prin="[string:'projX']"
43	echo " "
44	echo "===bad============ G.qualifiedProject<-?-projX"
45	$eloc/abac_prover_yap --keystore $keyloc --role "$role" --principal "$prin"
46
47	#[keyid:SA].oset:inStdProject <-?- [string:'proj1']
48	role="[keyid:$sa].oset:inStdProject"
49	prin="[string:'proj1']"
50	echo " "
51	echo "===bad============ SA.inStdProject<-?-proj1"
52	$eloc/abac_prover_yap --keystore $keyloc --role "$role" --principal "$prin"
53
54	echo "\n\n"

Note: See TracBrowser for help on using the repository browser.

Download in other formats: