source: examples/example_scripts/java/abac_attr.java @ d0efdec

mei_rt2
Last change on this file since d0efdec was 2e9455f, checked in by Mei <mei@…>, 11 years ago

1) added namespace
2) tweak ?This,
3) allowing linking role/oset as constraining conditions
4) adding access_tests regression testing that uses GENI's access policy
5) added couple multi contexts regression tests
6) add compression/uncompression calls to abac_encode_string/abac_decode_string
(libstrongwan only allows 512 char for attribute rule storage)
7) add attribute_now option to creddy that takes a whole char string for attribute
rule
  • Property mode set to 100644
File size: 2.5 KB
Line 
1
2/*****
3     abac_attr.java
4
5     To demonstrate how to use ABAC's api in java
6 
7     call:   abac_attr IceCream_ID.pem IceCream_private.pem IceCream_attr.der Chocolate_ID.pem
8 
9     This program will generate 2 principal credentials, (IceCream, Chocolate) and
10             an  attribute rule, write it out to an external
11             file and also load it into the context (prolog db)
12             [keyid:IceCream].delicious <- [Keyid:Chocolate]
13 
14     Then, a query is made against the context to see if it is populated correctly.
15 
16     Note: Chocolate's principal is loaded without it private key. It does not
17           need to because it is not being used to generate attribute credential
18***/
19
20import java.io.*;
21import java.util.*;
22
23import net.deterlab.abac.*;
24
25public class abac_attr {
26
27    static {
28        System.loadLibrary("jABAC");
29    }
30
31    public static void main(String[] args) {
32        Context ctxt=new Context();
33
34        ID iceID=new ID("IceCream",0);
35        iceID.id_write_cert("IceCream_ID.pem");
36        iceID.id_write_privkey("IceCream_private.pem");
37
38        ID chocoID=new ID("Chocolate",0);
39        chocoID.id_write_cert("Chocolate_ID.pem");
40        chocoID.id_write_privkey("Chocolate_private.pem");
41        ctxt.load_id(chocoID);
42
43/*
44        ctxt.load_id_chunks(iceID.id_cert_chunk(), iceID.id_privkey_chunk());
45*/
46        ctxt.load_id(iceID);
47
48        /* create an attribute cert
49               iceCream.delicous <- chocolate */
50        Role head= new Role(iceID.id_keyid(),"delicious");
51        Role tail= new Role(chocoID.id_keyid());
52
53        Attribute attr = new Attribute(head, 1800);
54        attr.attribute_add_tail(tail);
55        attr.attribute_bake();
56
57        /* write it out */
58        attr.attribute_write_cert("IceCream_attr.der");
59
60        /* load attribute cert into the context */
61        ctxt.load_attribute_chunk(attr.cert_chunk());
62
63        /* ctxt.load_attribute_chunk(attr.cert_chunk()); */
64        /* or, ctxt.load_attribute(attr); */
65
66        /* what is in prolog db 
67        ctxt.dump_yap_db(); */
68
69        AttributeVector credentials = ctxt.query(head, tail);
70        long sz=credentials.size();
71        if(sz > 0)
72            System.out.println("prover success!!");
73        else
74            System.out.println("prover failed!!");
75
76        for(int i=0; i<sz; i++) {
77            Attribute c=credentials.get(i);
78            System.out.println(c.head_string()+"<- "+c.tail_string());
79        }
80
81 /*       ctxt.free_context_now(); */
82        System.out.println("done, main from abac_attr.java");
83        System.out.flush();
84    }
85}
86
Note: See TracBrowser for help on using the repository browser.