source: examples/python_tests/acme_friend_rt1/README @ 7211a95

mei_rt2mei_rt2_fix_1
Last change on this file since 7211a95 was 7211a95, checked in by Mei <mei@…>, 13 years ago

1) add more python examples
2) add the missing linking role and linking oset api calls
3) fix the output of time typed data term/oset obj in typed_string format

(transform back from yap time format to our ddddddddTdddddd format

  • Property mode set to 100755
File size: 1.8 KB
Line 
1#
2# This example shows how a parameterized role can be used to infer a role and
3# that the same role can also be directly assigned.  The example has 4
4# principals, the Acme company, a Coyote, a RoadRUnner and a Jackrabbit.
5#
6# The policy of the Acme company is that anyone the Acme company thinks is a
7# friend of the Roadrunner is a preferred customer.  A friend of the roadrunner
8# has the [keyid:Acme}.role:friendOf([keyid:Roadrunner]) role, and a preferred
9# customer has the [keyid:Acme].role:preferred_customer role.
10#
11# This script creates the 4 and 3 credentials.  Credential 1 lays out the rule
12# that friends of the Roadrunner are preferred customers.  Credential 2
13# directly makes the Coyote a preferred customer.  Credential 3 recognizes that
14# Acme thinks that the Jackrabbit is the Roadrunner's friend.
15#
16# The attached ./run_query script tests whether the coyote is a friend of the
17# Roadrunner (which fails), whether the Jackrabbit is a friend of teh
18# Roadrunner (which succeeds), whether the Jackrabbit is a preferred customer
19# (which succeeds), whether the Coyote is a prefered customer (succeeds for a
20# different reason) and whether the system fails to load a bad certificate (it
21# does).
22
23# acme_friend_rt1
24
25#[keyid:Acme].role:friendof([keyid:Roadrunner]) <-?- [keyid:Coyote] (no)
26#[keyid:Acme].role:preferred_customer <-?- [keyid:Jackrabbit] (yes)
27
28creddy --generate --cn Acme
29creddy --generate --cn Coyote
30creddy --generate --cn Roadrunner
31creddy --generate --cn Jackrabbit
32
33roadrunner_keyid=`creddy --keyid --cert Roadrunner_ID.pem`
34friendof_roadrunner="friendOf([keyid:$roadrunner_keyid])"
35
36#[keyid:Acme].role:preferred_customer <- [keyid:Acme].role:friendOf([keyid:Roadrunner])
37
38#[keyid:Acme].role:prefered_customer <- [keyid:Coyote]
39
40#[keyid:Acme].role:friendOf([keyid:Roadrunner]) <- [keyid:Jackrabbit]
41
Note: See TracBrowser for help on using the repository browser.