= Credential Printer = The ''credential printer'' service is an XMLRPC service to convert [WikiStart ABAC] credentials encoded as X.509 certificates into a text format. While [WikiStart libabac] is widely portable through swig, some programming environments cannot import the library, yet would like to see the contents of credentials. The credential printer provides access. == Installing the service == We distribute the credential printer as a python application. It depends on the standard installation and the M2Crypto package, available from several places. It also depends on [source:doc/INSTALL libabac]. Once the prerequisites are installed, download the [attachment:cred_printer-1.00.tar.gz credential printer source] and untar it, change to the {{{cred_printer-1.00}}} directory and run the standard python install script (as {{{root}}}): {{{ $ tar xzf cred_printer-1.00.tar.gz $ cd cred_printer-1.00 $ sudo python ./setup.py install }}} This will install a python egg into your site-packages and two python scripts, {{{cred_server.py}}} and {{{cred_client.py}}} into your standard biraries directory ({{{/usr/local/bin}}} on FreeBSD or Ubuntu). Because the installation runs as {{{root}}}, you may need to delete the distribution directory as {{{root}}}: {{{ $ cd .. $ sudo rm -rf cred_printer-1.00.tar.gz }}} == Running the server == The server takes an optional argument, {{{--cert}}} and a certificate with which to identify itself under SSL/https. If omitted, the server will run under http, unencrypted and unauthenticated. If run under SSL, the server expects clients to supply a certificate, but does not vaildate it's authorization chain. This is for future expansion using ABAC authorization to the server and self-certifying identities. The server also takes a {{{--port}}} argument defining the port to listen on. By default it listens on port 13232. Assuming that {{{./cert.pem}}} contains a certificate and key for the server: {{{ $ cred_server.py --cert ./cert.pem }}} starts the server under SSL/https listening on port 13232, {{{ $ cred_server.py --port 54321 --cert ./cert.pem }}} starts the server under SSL/https listening on port 54321 {{{ $ cred_server.py --port 54321 }}} starts the server under http listening on port 54321, and {{{ $ cred_server.py }}} starts the server under http on port 13232.