mei_rt2mei_rt2_fix_1
Last change
on this file since a0c1772 was
f824a9e,
checked in by Mei <mei@…>, 12 years ago
|
1) add more doc to python_tests
|
-
Property mode set to
100755
|
File size:
1.1 KB
|
Rev | Line | |
---|
[7211a95] | 1 | # |
---|
| 2 | # This example shows a way to allow an user with multiple keyid identities |
---|
| 3 | # to be 'reasoned' as one within a single scope. There are 4 principals |
---|
| 4 | # Geni, Bob, Jack, and Joe. Bob and Joe are actually the same person but |
---|
| 5 | # not Jack. |
---|
| 6 | # |
---|
| 7 | # Credentials 1 is the policy that says a principal is a group leader |
---|
| 8 | # at Geni if it is equivalent to another principal who is a group |
---|
| 9 | # leader at Geni. |
---|
| 10 | # |
---|
| 11 | # Credentials 2 establishes Bob as a group leader at Geni while |
---|
| 12 | # credential 3 and 4 are the equivalent rules between Bob and Joe. |
---|
| 13 | # |
---|
[f824a9e] | 14 | # The query.py file asks if Joe is also an group leader which he is because |
---|
| 15 | # there is a equivalent rule from Bob to him. It also asks if Jack is a |
---|
| 16 | # group leader which he isn't because there is no equivalent rule from Bob |
---|
| 17 | # to him. |
---|
[7211a95] | 18 | |
---|
[f824a9e] | 19 | # leader_rt1 |
---|
[7211a95] | 20 | |
---|
[f824a9e] | 21 | # Credential 1, |
---|
[7211a95] | 22 | # [keyid:geni].role:leader |
---|
| 23 | # <- [keyid:geni].role:equivalent([principal:?P[keyid:geni].role:leader]) |
---|
| 24 | |
---|
| 25 | # Credential 2 |
---|
[f824a9e] | 26 | # [keyid:geni].role:leader <- [keyid:bob] |
---|
[7211a95] | 27 | |
---|
| 28 | # Credential 3 |
---|
[f824a9e] | 29 | # [keyid:geni].role:equivalent([keyid:bob]) <- [keyid:Joe] |
---|
[7211a95] | 30 | |
---|
| 31 | # Credential 4 |
---|
[f824a9e] | 32 | # [keyid:geni].role:equivalent([keyid:Joe]) <- [keyid:Bob] |
---|
[7211a95] | 33 | |
---|
Note: See
TracBrowser
for help on using the repository browser.