source: examples/creddy_prover_tests/acme_rockets_rt0/run_query @ bc7133b

abac0-leakabac0-meimei-idmei-rt0-nmei_rt0tvf-new-xml
Last change on this file since bc7133b was 461541a, checked in by Mei <mei@…>, 12 years ago

1) updated original rt0 to remove libstrongswan dependency

a) identity credential being made/accessed with openssl api calls

(X509/EVP_PKEY pem)

b) attribute credential being made/access via xmlsec1 (custom XML

structure)

2) refactored libcreddy into libabac and now one ABAC namespace for

libabac

3) added attribute_rule suboption to creddy's attribute as another way

to insert access rule

4) added some regression tests into example directory
5) updated some docs.

  • Property mode set to 100755
File size: 1.5 KB
RevLine 
[461541a]1#!/bin/sh
2
3pwd=`pwd`
4eloc=`which abac_prover | sed 's/\/abac_prover//'`
5if [ "$eloc" = "" ]; then
6  echo "ERROR: abac_prover is not in the search path!!!"
7  exit 1
8fi
9
10keyloc=$pwd
11
12acme=`creddy --keyid --cert $keyloc/Acme_ID.pem`
13coyote=`creddy --keyid --cert $keyloc/Coyote_ID.pem`
14
15preferred_customer="$acme.preferred_customer"
16buy_rockets="$acme.buy_rockets"
17coyote_prin="$coyote"
18friend="$acme.friend"
19acme_prin="$acme"
20
21#[keyid:Acme].role:preferred_customer <-?- [keyid:Coyote]
22#isMember(pCoyote, role(pAcme,preferred_customer), C).
23echo "  "
24echo "===good============ Acme.preferred_customer <- Coyote"
25$eloc/abac_prover  --keystore $keyloc \
26      --role "$preferred_customer" --principal "$coyote_prin"
27
28#[keyid:Acme].role:buy_rockets <-?- [keyid:Coyote]
29#isMember(pCoyote, role(pAcme,buy_rockets), C).
30echo "  "
31echo "===good=============== Acme.buy_rockets <- Coyote"
32$eloc/abac_prover  --keystore $keyloc \
33        --role "$buy_rockets" --principal "$coyote_prin"
34
35## this is not suppose to work
36#[keyid:Acme].role:buy_rockets <-?- [keyid:Acme].role:preferred_customer
37echo "  "
38echo "===bad=============== Acme.buy_rockets <- Acme.preferred_customer"
39$eloc/abac_prover  --keystore $keyloc \
40        --role "$buy_rockets" --principal "$preferred_customer"
41
42#[keyid:Coyote].role:friend <-?- [keyid:Acme]
43#isMember(pAcme, role(pCoyote,friend), C).
44echo "  "
45echo "===bad=============== Coyote.friend <- Acme"
46$eloc/abac_prover  --keystore $keyloc \
47        --role "$friend" --principal "$acme_prin"
48
Note: See TracBrowser for help on using the repository browser.