Changes between Version 13 and Version 14 of FeddABAC


Ignore:
Timestamp:
Sep 20, 2011 10:42:09 AM (13 years ago)
Author:
faber
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • FeddABAC

    v13 v14  
    99  * There is a [http://groups.geni.net/geni/wiki/TIEDABACDemo worked example] that can be helpful here
    1010 * The existing [FeddDatabases fedd access databases]
     11 * [wiki:FeddABAC#UserCredentials User credentials]
    1112
    1213This page discusses how and where credentials are stored, details of the experiment controller operation relevant to ABAC operation, how three-name authorization is mapped into ABAC, and the specific tools used to make that conversion.
     14
     15'''Fedd users will need to run a command to [wiki:FeddABAC#UserCredentials convert their default credentials].'''
    1316
    1417== Storing Credentials ==
     
    141144
    142145If {{{--file}}} is not given, the [FeddDatabases#AccessComponentAccessDB accessDB] to convert must follow.
     146
     147== User Credentials ==
     148
     149The fedd tools expect the identity of the user to be a self-signed certificate.  This is accomplished using the command:
     150
     151{{{
     152$ cert_to_fedid.py --cn $USER --out $HOME/.ssl/fedid.pem $HOME/.ssl/emulab.pem
     153}}}
     154
     155The '''cert_to_fedid.py''' utility will list other parameters, but most are not needed for users.  The fedid_tools search for {{{.ssl/fedid.pem}}} as a default identity, so putting the output there will make things simple.