- Timestamp:
- Nov 19, 2010 5:56:49 PM (14 years ago)
- Branches:
- axis_example, compt_changes, info-ops, master
- Children:
- 85f5d11
- Parents:
- 66a8e6d
- Location:
- fedd
- Files:
-
- 1 added
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
fedd/access_to_abac.py
r66a8e6d r547aa3b 262 262 for i, c in enumerate(creds): 263 263 cmd = [creddy, '--attribute', '--issuer=%s' % cert, '--key=%s' % key, 264 '--role=%s' % c.attr, '--out=%s/cred%d ' % (dir, i)]264 '--role=%s' % c.attr, '--out=%s/cred%d_attr.der' % (dir, i)] 265 265 for r in c.req: 266 266 cmd.extend(attrs(r)) -
fedd/fedd_to_abac.py
r66a8e6d r547aa3b 100 100 print >>sys.stderr, 'Cannot open file (%s): %e' % e 101 101 102 if not roles: 103 print >>sys.stderr, "No roles found. Did you specify a configuration?" 104 102 105 for k, id in roles.items(): 103 106 for i, r in enumerate(id.roles): -
fedd/federation/authorizer.py
r66a8e6d r547aa3b 5 5 from subprocess import call 6 6 from threading import Lock 7 8 from string import join 7 9 8 10 from fedid import fedid … … 200 202 if me: 201 203 self.fedid = fedid(file=self.me) 202 self.context.load_id_file(self.me) 204 rv = self.context.load_id_file(self.me) 205 if rv != 0: 206 raise abac_authorizer.bad_name( 207 'Cannot load identity from %s' % me.cert) 203 208 else: 204 209 self.fedid = None … … 466 471 self.lock.release() 467 472 473 @staticmethod 474 def encode_credential(c): 475 return '%s <- %s' % (c.head().string(), c.tail().string()) 476 477 def get_creds_for_principal(self, fid): 478 look_for = set(["%s" % fid]) 479 found_attrs = set() 480 next_look = set() 481 found = set([]) 482 483 self.lock.acquire() 484 while look_for: 485 for c in self.context.credentials(): 486 tail = c.tail() 487 # XXX: This needs to be more aggressive for linked stuff 488 if tail.string() in look_for and c not in found: 489 found.add(c) 490 next_look.add(c.head().string()) 491 492 look_for = next_look 493 next_look = set() 494 495 return found 496 468 497 def __str__(self): 469 def encode_role(r):470 if r.is_principal():471 return "%s" % r.principal()472 elif r.is_role():473 return "%s.%s" % (r.principal(), r.role_name())474 elif r.is_linking():475 return "%s.%s.%s" % \476 (r.principal(), r.linking_role(), r.role_name())477 498 478 499 self.lock.acquire() 479 500 rv = "%s" % self.fedid 480 for c in self.context.credentials():481 rv += '\n%s <- %s' % (encode_role(c.head()), encode_role(c.tail()))501 rv += join([abac_authorizer.encode_credential(c) 502 for c in self.context.credentials()], '\n'); 482 503 self.lock.release() 483 504 return rv -
fedd/init_abac_authorizer.py
r66a8e6d r547aa3b 6 6 class Parser(OptionParser): 7 7 def __init__(self): 8 OptionParser.__init__(self, usage='%prog [options ')8 OptionParser.__init__(self, usage='%prog [options]') 9 9 self.add_option('--cert', dest='cert', help='Identity certificate') 10 10 self.add_option('--key', dest='key', help='Identity key')
Note: See TracChangeset
for help on using the changeset viewer.