Changes between Version 13 and Version 14 of WikiStart


Ignore:
Timestamp:
May 20, 2013 12:12:41 PM (8 years ago)
Author:
Mei
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • WikiStart

    v13 v14  
    138138}}}
    139139
    140 The other way to initialize an idenitiy is to read the contents from an X.509 certificate file, or from the contents of such a file (referred to as a chunk):
     140The other way to initialize an identity is to read the contents from an X.509 certificate file, or from the contents of such a file (referred to as a chunk):
    141141
    142142{{{
     
    155155}}}
    156156
    157 The {{{write_cert}}} and {{{write_cert_file}}} methods write the X.509 certificate from an identity.  The private keys can similarly be read or written using {{{read_privkey_file}}} and {{{read_privkey}}}.  The following snippet creates an identity, writes it to 2 files and reads it from those files printing the results.  The output files will not contain the private key.
     157The {{{write_cert}}} and {{{write_cert_file}}} methods write the X.509 certificate from an identity.  The private keys can similarly be written using {{{write_privkey_file}}} and {{{write_privkey}}} and loaded with {{{load_privkey}}}.  The following snippet creates an identity, writes it to 2 files and reads it from those files printing the results.  The output files will not contain the private key.
    158158
    159159{{{
     
    200200The Attribute constructor takes the issuing identity, the attribute being assigned and the validity period of the assertion (in seconds).  This code assigns a principal to that class using the {{{principal}}} member.  The {{{role}}} member and {{{linking_role}}} members can be used to construct the other kinds of attributes.
    201201
    202 The {{{bake}}} member finalizes the attribute and creates a signed format for export, which one can write using the {{{write}}} and {{{write_file}}} members, that are analogous to {{{write_cert}}} and {{{write_cert_file}}} members of identities.  Though applications may treat them as opaque, thecurrent format is a [http://groups.geni.net/geni/wiki/TIEDABACCredential signed XML format].
    203 
    204 The {{{bake}}} method exists so that Attributes can contain conjunctions.  If identity A wants to state that friendly admins are admins who are friendly ({{{A.friendly_admin <- A.friendly & A.admin}}}), this code will it:
     202The {{{bake}}} member finalizes the attribute and creates a signed format for export, which one can write using the {{{write}}} and {{{write_file}}} members, that are analogous to {{{write_cert}}} and {{{write_cert_file}}} members of identities.  Though applications may treat them as opaque, the current format is a [http://groups.geni.net/geni/wiki/TIEDABACCredential signed XML format].
     203
     204The {{{bake}}} method exists so that Attributes can contain conjunctions.  If identity A wants to state that friendly admins are admins who are friendly ({{{A.friendly_admin <- A.friendly & A.admin}}}), this code will make it:
    205205
    206206{{{