Changes between Version 13 and Version 14 of WikiStart
- Timestamp:
- May 20, 2013 12:12:41 PM (11 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
WikiStart
v13 v14 138 138 }}} 139 139 140 The other way to initialize an iden itiy is to read the contents from an X.509 certificate file, or from the contents of such a file (referred to as a chunk):140 The other way to initialize an identity is to read the contents from an X.509 certificate file, or from the contents of such a file (referred to as a chunk): 141 141 142 142 {{{ … … 155 155 }}} 156 156 157 The {{{write_cert}}} and {{{write_cert_file}}} methods write the X.509 certificate from an identity. The private keys can similarly be read or written using {{{read_privkey_file}}} and {{{read_privkey}}}. The following snippet creates an identity, writes it to 2 files and reads it from those files printing the results. The output files will not contain the private key.157 The {{{write_cert}}} and {{{write_cert_file}}} methods write the X.509 certificate from an identity. The private keys can similarly be written using {{{write_privkey_file}}} and {{{write_privkey}}} and loaded with {{{load_privkey}}}. The following snippet creates an identity, writes it to 2 files and reads it from those files printing the results. The output files will not contain the private key. 158 158 159 159 {{{ … … 200 200 The Attribute constructor takes the issuing identity, the attribute being assigned and the validity period of the assertion (in seconds). This code assigns a principal to that class using the {{{principal}}} member. The {{{role}}} member and {{{linking_role}}} members can be used to construct the other kinds of attributes. 201 201 202 The {{{bake}}} member finalizes the attribute and creates a signed format for export, which one can write using the {{{write}}} and {{{write_file}}} members, that are analogous to {{{write_cert}}} and {{{write_cert_file}}} members of identities. Though applications may treat them as opaque, the current format is a [http://groups.geni.net/geni/wiki/TIEDABACCredential signed XML format].203 204 The {{{bake}}} method exists so that Attributes can contain conjunctions. If identity A wants to state that friendly admins are admins who are friendly ({{{A.friendly_admin <- A.friendly & A.admin}}}), this code will it:202 The {{{bake}}} member finalizes the attribute and creates a signed format for export, which one can write using the {{{write}}} and {{{write_file}}} members, that are analogous to {{{write_cert}}} and {{{write_cert_file}}} members of identities. Though applications may treat them as opaque, the current format is a [http://groups.geni.net/geni/wiki/TIEDABACCredential signed XML format]. 203 204 The {{{bake}}} method exists so that Attributes can contain conjunctions. If identity A wants to state that friendly admins are admins who are friendly ({{{A.friendly_admin <- A.friendly & A.admin}}}), this code will make it: 205 205 206 206 {{{