source: examples/creddy_prover_tests/experiment_create_rt0/run_query @ f89b991

mei_rt2
Last change on this file since f89b991 was 2e9455f, checked in by Mei <mei@…>, 11 years ago

1) added namespace
2) tweak ?This,
3) allowing linking role/oset as constraining conditions
4) adding access_tests regression testing that uses GENI's access policy
5) added couple multi contexts regression tests
6) add compression/uncompression calls to abac_encode_string/abac_decode_string
(libstrongwan only allows 512 char for attribute rule storage)
7) add attribute_now option to creddy that takes a whole char string for attribute
rule
  • Property mode set to 100755
File size: 1.5 KB
Line 
1
2# experiment_create_rt0_typed
3
4pwd=`pwd`
5eloc=`which abac_prover_yap | sed 's/\/abac_prover_yap//'`
6if [ "$eloc" = "" ]; then
7  echo "ERROR: abac_prover_yap is not in the search path!!!"
8  exit 1
9fi
10keyloc=$pwd
11
12acme=`creddy --keyid --cert $keyloc/Acme_ID.pem`
13alice=`creddy --keyid --cert $keyloc/Alice_ID.pem`
14bob=`creddy --keyid --cert $keyloc/Bob_ID.pem`
15globotron=`creddy --keyid --cert $keyloc/Globotron_ID.pem`
16
17glob_admin="[keyid:$globotron].role:admin"
18alice_prin="[keyid:$alice]"
19bob_prin="[keyid:$bob]"
20experiment_create="[keyid:$acme].role:experiment_create"
21
22## dump all credentials
23$eloc/abac_prover_yap  --keystore $keyloc --dump creds_dump
24#$eloc/abac_prover_yap  --keystore $keyloc --dbdump
25
26#[keyid:Globotron].role:admin <-?- [keyid:Alice]
27#isMember(pAlice, role(pGlobotron,admin), C).
28echo " "
29echo "===good=============== Globotron.admin <- Alice"
30$eloc/abac_prover_yap  --keystore $keyloc \
31             --role "$glob_admin" --principal "$alice_prin"
32
33#[keyid:Globotron].role:admin <-?- [keyid:Bob]
34#isMember(pBob, role(pGlobotron,admin), C).
35echo " "
36echo "===bad=============== Globotron.admin <- Bob"
37$eloc/abac_prover_yap  --keystore $keyloc \
38             --role "$glob_admin" --principal "$bob_prin"
39
40#[keyid:Acme].role:experiment_create <-?- [keyid:Bob]
41#isMember(pBob, role(pAcme,experiment_create), C).
42echo " "
43echo "===good=============== Acme.experiment_create <- Bob"
44$eloc/abac_prover_yap  --keystore $keyloc \
45             --role "$experiment_create" --principal "$bob_prin"
46
47
Note: See TracBrowser for help on using the repository browser.