Changes between Version 3 and Version 4 of orca-abac

Show
Ignore:
Timestamp:
10/17/11 22:40:53 (8 years ago)
Author:
prateek (IP: 152.3.68.8)
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • orca-abac

    v3 v4  
    2525{{{ 
    2626abac.credential.verification.required 
    27 The ABAC checks can be turned on/off by setting this value ot true/false. 
    28  
    29 abac.local.certificate.repository 
    30 Set this value to true if the certificate repository is available on the local machine, otherwise, a global repository is considered to be available. 
     27The ABAC checks can be turned on/off by setting this value to true/false. 
    3128 
    3229abac.local.credential.repository.home 
    3330If a local certificate repository is available, then set this value to the root folder for the same. 
    3431 
     32abac.global.credential.repository.available 
     33Set this value to true if a global credential repository is available, which needs to be an instance of ORCA-POD. 
     34 
    3535abac.global.credential.repository.url 
    36 In case an ORCA-POD instance serves as a global certificate repository, set this value to the corresponding instance’s url. 
     36In case an ORCA-POD instance is available to serve as a global certificate repository, set this value to the corresponding instance’s url. 
    3737}}} 
    3838 
     
    4141 
    4242=== Sample policy and subject/object certificates === 
    43 A class named AbacTest under orca.security package is available to create a sample policy and subject/object certificates and store the same in a local repository. To generate the required it needs to be provided with the path to the keystore files for the three actors, a SM, a Broker and an AM. It also needs to be provided the slice id for which the credentials need to be generated. As of now, the user identity is created afresh and the same needs to be used while requesting an operation. The subject private and public key that needs to be used can be found under <ABAC_Context_Home>/temp/. 
     43A class named AbacTestUtil under orca.security package is available to create a sample policy and subject/object certificates and store the same in a local repository. To generate the required it needs to be provided with the path to the keystore files for the three actors, a SM, a Broker and an AM. It also needs to be provided the slice id for which the credentials need to be generated. As of now, the user identity is created afresh and the same needs to be used while requesting an operation. The subject private and public key that needs to be used can be found under <ABAC_Context_Home>/temp/. 
    4444 
    45 Note: The AbacTest class when run would search for the abac.properties file under <Current Active Directory>/config/. 
     45Note: The AbacTestUtil class when run would search for the abac.properties file under <Current Active Directory>/config/. 
    4646