Changes between Version 11 and Version 12 of GeniApiCredentials


Ignore:
Timestamp:
04/30/12 10:24:49 (9 years ago)
Author:
Aaron Helsinger
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • GeniApiCredentials

    v11 v12  
    44
    55Credentials are used to authorize actions (where certificates authenticate and URNs identify). They specify the permissions of the Owner relative to a Target object.
     6
     7In the AM API, credentials have a type and version string. This page documents credentials of type `geni_sfa` and version '''3'''.
    68
    79A credential provides the credential's owner with permissions on a target object (identified by a URN).  For instance, with a 'slice credential,' the user is given rights to allocate and remove resources from a slice.  The credential format that the GENI AM API uses is adapted from ProtoGENI's credential format described at: http://www.protogeni.net/trac/protogeni/wiki/Credentials.  The only differences between the two formats is that the GENI credential allows for different privileges (those from other control frameworks such as Planet Lab's SFA). Also note that the value of {{{can_delegate}}} on privileges is an [http://www.w3.org/TR/xmlschema11-2/#boolean xsd:boolean], meaning it should be one of 1, 0, {{{true}}}, or {{{false}}}.
     
    2123
    2224The schema is available at http://www.protogeni.net/trac/protogeni/attachment/wiki/Authentication/credential.rnc
     25
     26In the AM API, credentials have a type and version string. This page documents credentials of type `geni_sfa` and version '''3'''.
    2327
    2428Sample credential: