Version 1 (modified by 11 years ago) (diff) | ,
---|
[TOC]
New Features In The Coming Release
This pagdescribes features being developed for libabac and currently availabel on the tvf-new-xml
branch of the git repository. There are three new features:
- Support for multiple credential formats
- Support for Version 1.1 GENI credentials
- Support for human readable strings in credential printing
New Credentials
This release supports multiple credential formats, specifically version 1 and version 1.1 GENI credentials as well as reading GENI privilege credentials. Credentials read from files or chunks are transparenlty output as read, for example if they appear in a proof or if they are extracted from a context. Credentials that are created by an application are output in GENI v1.1 format by default, but can be created in GENI v1.0 using the set_output format of the Attribute object. Valid parameters to set_output_format
are:
- GENIv1.0
- GENIv1.1
Note that the output format must be set before the attribute is bake
d, and that the format cannot be changed after bake
has been called.
This code:
#!/usr/local/bin/python import sys import ABAC i = ABAC.ID("TestPrincipal", 10 * 356 * 24 * 3600) a = ABAC.Attribute(i, "role", 3600) # Here's the format change a.set_output_format("GENIv1.0") # Format change above a.principal(i.keyid()); a.bake() a.write(sys.stdout)
Produces output similar to:
<?xml version="1.0" encoding="UTF-8"?> <signed-credential> <credential xml:id="ref0"> <type>abac</type> <version>1.0</version> <expires>2013-06-17T23:15:44Z</expires> <rt0>ccae806d6e2ac13e39036d83ddc9d09a7f7bf23d.role<-ccae806d6e2ac13e39036d83ddc9d09a7f7bf23d</rt0> </credential> <signatures> <!-- elided --> </signatures> </credential> </signed-credential>
This code:
#!/usr/local/bin/python import sys import ABAC i = ABAC.ID("TestPrincipal", 10 * 356 * 24 * 3600) a = ABAC.Attribute(i, "role", 3600) # Here's the format change a.set_output_format("GENIv1.1") # Format change above a.principal(i.keyid()); a.bake() a.write(sys.stdout)
Produces:
<?xml version="1.0" encoding="UTF-8"?> <signed-credential> <credential xml:id="ref0"> <type>abac</type> <serial/> <owner_gid/> <target_gid/> <uuid/> <expires>2013-06-17T23:17:58Z</expires> <abac> <rt0> <version>1.1</version> <head> <ABACprincipal><keyid>394d50f1f95468521ea1042c88047d8db1bebadd</keyid></ABACprincipal> <role>role</role> </head> <tail> <ABACprincipal><keyid>394d50f1f95468521ea1042c88047d8db1bebadd</keyid></ABACprincipal> </tail> </rt0> </abac> </credential> <signatures> <!-- elided --> </signatures> </credential> </signed-credential>
Should you need to know the format in which an Attribute will be output:
#!/usr/local/bin/python import ABAC i = ABAC.ID("TestPrincipal", 10 * 356 * 24 * 3600) a = ABAC.Attribute(i, "role", 3600) print a.get_output_format()