mei_rt2
|
Last change
on this file since 7f04233 was
2e9455f,
checked in by Mei <mei@…>, 11 years ago
|
|
1) added namespace
2) tweak ?This,
3) allowing linking role/oset as constraining conditions
4) adding access_tests regression testing that uses GENI's access policy
5) added couple multi contexts regression tests
6) add compression/uncompression calls to abac_encode_string/abac_decode_string
(libstrongwan only allows 512 char for attribute rule storage)
7) add attribute_now option to creddy that takes a whole char string for attribute
rule
|
-
Property mode set to
100755
|
|
File size:
641 bytes
|
| Rev | Line | |
|---|
| [2e9455f] | 1 | #!/bin/sh |
|---|
| 2 | |
|---|
| 3 | #===bad============ Alpha.access(Read,fileA)<-?-Joe |
|---|
| 4 | #===good============ Alpha.access(Read,fileA)<-?-Bob |
|---|
| 5 | #param1=ABAC.DataTerm("string", "'Read'") |
|---|
| 6 | #param2=ABAC.DataTerm("urn","'file//fileA'") |
|---|
| 7 | |
|---|
| 8 | keystore=`pwd` |
|---|
| 9 | pID=`creddy --keyid --cert ${keystore}/Alpha_ID.pem` |
|---|
| 10 | cID=`creddy --keyid --cert ${keystore}/Joe_ID.pem` |
|---|
| 11 | bID=`creddy --keyid --cert ${keystore}/Bob_ID.pem` |
|---|
| 12 | |
|---|
| 13 | role="[keyid:${pID}].role:access([string:'Read'],[urn:'file//fileA'])" |
|---|
| 14 | principal="[keyid:${cID}]" |
|---|
| 15 | |
|---|
| 16 | env ABAC_CN=1 ../../example_scripts/c/abac_prover "$keystore" "$role" "$principal" |
|---|
| 17 | |
|---|
| 18 | #echo "$keystore" "$role" "$principal" |
|---|
| 19 | #gdb ../../example_scripts/c/abac_prover |
|---|
| 20 | |
|---|
| 21 | |
|---|
| 22 | |
|---|
Note: See
TracBrowser
for help on using the repository browser.
