source: examples/creddy_prover_tests/experiment_create_rt0/run_query @ 7f04233

mei_rt2
Last change on this file since 7f04233 was 2e9455f, checked in by Mei <mei@…>, 11 years ago

1) added namespace
2) tweak ?This,
3) allowing linking role/oset as constraining conditions
4) adding access_tests regression testing that uses GENI's access policy
5) added couple multi contexts regression tests
6) add compression/uncompression calls to abac_encode_string/abac_decode_string
(libstrongwan only allows 512 char for attribute rule storage)
7) add attribute_now option to creddy that takes a whole char string for attribute
rule
  • Property mode set to 100755
File size: 1.5 KB
RevLine 
[718ad924]1
[9502c50]2# experiment_create_rt0_typed
[da5afdf]3
[c469edf]4pwd=`pwd`
[08b8da7]5eloc=`which abac_prover_yap | sed 's/\/abac_prover_yap//'`
6if [ "$eloc" = "" ]; then
7  echo "ERROR: abac_prover_yap is not in the search path!!!"
8  exit 1
9fi
[c469edf]10keyloc=$pwd
[718ad924]11
12acme=`creddy --keyid --cert $keyloc/Acme_ID.pem`
13alice=`creddy --keyid --cert $keyloc/Alice_ID.pem`
14bob=`creddy --keyid --cert $keyloc/Bob_ID.pem`
15globotron=`creddy --keyid --cert $keyloc/Globotron_ID.pem`
16
[da5afdf]17glob_admin="[keyid:$globotron].role:admin"
18alice_prin="[keyid:$alice]"
19bob_prin="[keyid:$bob]"
20experiment_create="[keyid:$acme].role:experiment_create"
21
22## dump all credentials
23$eloc/abac_prover_yap  --keystore $keyloc --dump creds_dump
[2e9455f]24#$eloc/abac_prover_yap  --keystore $keyloc --dbdump
[da5afdf]25
[9502c50]26#[keyid:Globotron].role:admin <-?- [keyid:Alice]
[718ad924]27#isMember(pAlice, role(pGlobotron,admin), C).
28echo " "
[9502c50]29echo "===good=============== Globotron.admin <- Alice"
[da5afdf]30$eloc/abac_prover_yap  --keystore $keyloc \
31             --role "$glob_admin" --principal "$alice_prin"
[718ad924]32
[9502c50]33#[keyid:Globotron].role:admin <-?- [keyid:Bob]
[718ad924]34#isMember(pBob, role(pGlobotron,admin), C).
35echo " "
[9502c50]36echo "===bad=============== Globotron.admin <- Bob"
[da5afdf]37$eloc/abac_prover_yap  --keystore $keyloc \
38             --role "$glob_admin" --principal "$bob_prin"
[718ad924]39
[9502c50]40#[keyid:Acme].role:experiment_create <-?- [keyid:Bob]
[718ad924]41#isMember(pBob, role(pAcme,experiment_create), C).
42echo " "
[9502c50]43echo "===good=============== Acme.experiment_create <- Bob"
[da5afdf]44$eloc/abac_prover_yap  --keystore $keyloc \
45             --role "$experiment_create" --principal "$bob_prin"
[718ad924]46
47
Note: See TracBrowser for help on using the repository browser.