mei_rt2mei_rt2_fix_1
|
Last change
on this file since 20eaefe was
f824a9e,
checked in by Mei <mei@…>, 12 years ago
|
|
1) add more doc to python_tests
|
-
Property mode set to
100755
|
|
File size:
1.1 KB
|
| Rev | Line | |
|---|
| [7211a95] | 1 | # |
|---|
| 2 | # This example shows a way to allow an user with multiple keyid identities |
|---|
| 3 | # to be 'reasoned' as one within a single scope. There are 4 principals |
|---|
| 4 | # Geni, Bob, Jack, and Joe. Bob and Joe are actually the same person but |
|---|
| 5 | # not Jack. |
|---|
| 6 | # |
|---|
| 7 | # Credentials 1 is the policy that says a principal is a group leader |
|---|
| 8 | # at Geni if it is equivalent to another principal who is a group |
|---|
| 9 | # leader at Geni. |
|---|
| 10 | # |
|---|
| 11 | # Credentials 2 establishes Bob as a group leader at Geni while |
|---|
| 12 | # credential 3 and 4 are the equivalent rules between Bob and Joe. |
|---|
| 13 | # |
|---|
| [f824a9e] | 14 | # The query.py file asks if Joe is also an group leader which he is because |
|---|
| 15 | # there is a equivalent rule from Bob to him. It also asks if Jack is a |
|---|
| 16 | # group leader which he isn't because there is no equivalent rule from Bob |
|---|
| 17 | # to him. |
|---|
| [7211a95] | 18 | |
|---|
| [f824a9e] | 19 | # leader_rt1 |
|---|
| [7211a95] | 20 | |
|---|
| [f824a9e] | 21 | # Credential 1, |
|---|
| [7211a95] | 22 | # [keyid:geni].role:leader |
|---|
| 23 | # <- [keyid:geni].role:equivalent([principal:?P[keyid:geni].role:leader]) |
|---|
| 24 | |
|---|
| 25 | # Credential 2 |
|---|
| [f824a9e] | 26 | # [keyid:geni].role:leader <- [keyid:bob] |
|---|
| [7211a95] | 27 | |
|---|
| 28 | # Credential 3 |
|---|
| [f824a9e] | 29 | # [keyid:geni].role:equivalent([keyid:bob]) <- [keyid:Joe] |
|---|
| [7211a95] | 30 | |
|---|
| 31 | # Credential 4 |
|---|
| [f824a9e] | 32 | # [keyid:geni].role:equivalent([keyid:Joe]) <- [keyid:Bob] |
|---|
| [7211a95] | 33 | |
|---|
Note: See
TracBrowser
for help on using the repository browser.
