Changes between Version 2 and Version 3 of WikiStart


Ignore:
Timestamp:
May 17, 2013 8:55:51 AM (11 years ago)
Author:
faber
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • WikiStart

    v2 v3  
    9696Current sources can be [/browser browsed on the web].
    9797
    98 == Releases  ==
     98=== Releases  ===
    9999
    100100See the [source:/doc/ChangeLog@mei_rt0 ChangeLog] for details about each release
     
    106106  * '''Update:''' We fixed a one-line bug in creddy. If you downloaded this over the weekend, please fetch it again.
    107107
     108== Using libabac ==
     109
     110Libabac allows developers to import signed ABAC statements about principals and attributes and prove that certain principals have those attributes ([http://groups.geni.net/geni/wiki/TIEDABACModel more detail about ABAC logic]).  The basic structures that libabac uses to support those operations are identities, attributes, and a context for those.
     111
     112
     113=== Identities ===
     114
     115An identity in ABAC is a principal who has issued or can issue attributes (valid ABAC statements).  libabac allows one to create new principals and to import identities from X.509 identity certificates.  To create a principal from scratch (in python):
     116
     117{{{
     118import ABAC
     119
     120id = ABAC.ID("newGuy", 5*365*3600*24)
     121}}}
     122
     123The first parameter is a common name to use for the identity and the second parameter is the validity.  Associated with this identity is a public/private key pair that can be used to sign new ABAC attributes.  In ABAC statements the principal is referred to an identifier derived from its public key.  You can access that identitfer using the keyid() method:
     124
     125
     126{{{
     127import ABAC
     128
     129id = ABAC.ID("newGuy", 5*365*3600*24)
     130print id.keyid()
     131}}}
     132prints something like:
     133
     134{{{
     135481365b6eced33c0b06674d506b92f01f69e05fd
     136}}}
     137
     138The other way to initialize an idenitiy is to read the contents from an X.509 certificate file, or from the contents of such a file (referred to as a chunk):
     139
     140{{{
     141import ABAC
     142
     143id1 = ABAC.ID("./newGuy.pem")
     144
     145try:
     146    f = open("./newGuy.pem")
     147    id2 = ABAC.ID_chunk(f.read())
     148    f.close()
     149except:
     150    pass
     151
     152print "%s %s" % (id1.keyid(), id2.keyid())
     153
     154
     155}}}
     156
    108157
    109158== Contacts ==