trustsrv.script

Software Testing Automation Framework (STAF)的开发代码

level will be used.
:li.If multiple trust specifications match the same system,
STAF will rank the matching specifications as documented in
section :hdref refid=machineTrustMatching. and use the match with
the highest (i.e. lowest numbered) rank.  If multiple trust
specifications match within the same rank, the lowest matching trust
level will be used.
:li.User trust specifications override machine trust specifications.
:eol.

:h4.Security
:p.&seclvl. 2.

:h4.Return Codes
:p.All return codes from GET are documented in :hdref refid=retcode..

:h4.Results
:p.The result buffer will contain the effective trust level of the given
machine.

:h4.Examples
:p.For the following examples, assume the trust entries for machines and
users are as follows with tcp as the default network interface and SampleAuth as
the default authenticator:
:xmp.
Type    Entry                         Trust Level
------- ----------------------------- -----------
Default <None>                        1
Machine *&colon.//*.austin.ibm.com          2
Machine *&colon.//client1.austin.ibm.com    5
Machine *&colon.//client3.austin.ibm.com    3
Machine local&colon.//local                 5
Machine tcp&colon.//client2.austin.ibm.com  0
User    SampleAuth&colon.//*@company.com    3
User    SampleAuth&colon.//Jane@company.com 4
User    SampleAuth&colon.//John@company.com 5
:exmp.

:p.Here are some :xph.GET:exph. requests and their results:

:xmp.
Request:  GET MACHINE client1.austin.ibm.com
Result :  5
:exmp.
:p.
:xmp.
Request:  GET MACHINE tcp&colon.//client2.austin.ibm.com
Result :  0
:exmp.
:p.
:xmp.
Request:  GET MACHINE client3.austin.ibm.com
Result :  3
:exmp.
:p.
:xmp.
Request:  GET MACHINE client4.austin.ibm.com
Result    2
:exmp.
:p.
:xmp.
Request:  GET MACHINE server1.raleigh.ibm.com
Result:   1
:exmp.
:p.
:xmp.
Request:  GET USER John@company.com MACHINE client3.austin.ibm.com
Result :  5
:exmp.
:p.
:xmp.
Request:  GET USER SampleAuth&colon.//Jane@company.com MACHINE client1.austin.ibm.com
Result :  4
:exmp.
:p.
:xmp.
Request:  GET USER Henry@company.com MACHINE client1.austin.ibm.com
Result :  3
:exmp.
:p.
:xmp.
Request:  GET USER Sally@mybusiness.com MACHINE client1.austin.ibm.com
Result :  5
:exmp.
:p.
:xmp.
Request:  GET USER Sally@mybusiness.com MACHINE server1.raleigh.ibm.com
Result :  1
:exmp.
.*
.*---------------------------------------------------------------------
.*
:ih1.service commands
:ih2.LIST
:i3.trust service
:h3.LIST
:p.LIST will return the default trust level and a list of the trust entries
for machines and users.

:h4.Syntax
:xmp.
LIST
:exmp.

:h4.Security
:p.&seclvl. 2.

:h4.Return Codes
:p.All return codes from LIST are documented in :hdref refid=retcode..

:h4.Results
:p.
The result buffer will contain a marshalled
:xph.<List> of <Map&colon.STAF/Service/Trust/Entry>:exph., representing
all the trust entries.  The first trust entry in the list will be for
the default trust entry, followed by trust entries for machines,
and then followed by trust entries for users.
The map is defined as follows:
:table cols='* * * 3*'.
:tcap.Definition of map class STAF/Service/Trust/Entry
:tnote text='Description'.This map class represents a trust entry.
:thd.
:c.Key Name
:c.Display Name
:c.Type
:c.Format / Value
:ethd.
:row.
:c.type
:c.Type
:c.&stringObj.
:c.:xph.'Default' | 'Machine' | 'User':exph.
:row.
:c.entry
:c.Entry
:c.&stringObj. | &noneObj.
:c.:xph.<Machine Spec> | <User Spec):exph.
:row.
:c.trustLevel
:c.Trust Level
:c.&stringObj.
:c.:xph.'0' - '5':exph.
:tnote text='Notes'.
:ol compact.
:li.The value for "Entry" will be &noneObj. for the default trust entry.
:li.Each trust entry for a machine, aka :xph.<Machine Spec>:exph., has
the following format:
.br
:xph.<Interface>&colon.//<System Identifier>:exph.
:li.Each trust entry for a user, aka :xph.<User Spec>:exph., has the
following format:
.br
:xph.<Authenticator>&colon.//<User Identifier>:exph.
:eol.
:etnote.
:etable.

:h4.Examples
:p.
:ul.
:li.:hp2.Goal::ehp2. Retrieve the list of all trust entries.
:p.:hp2.Syntax::ehp2.&nbsp; :xph.LIST:exph.
:p.:hp2.Result::ehp2.  If the request is submitted from the command line,
the result, in table format, could look like:
:xmp.
Type    Entry                         Trust Level
------- ----------------------------- -----------
Default <None>                        1
Machine *&colon.//*.austin.ibm.com          2
Machine *&colon.//9.31.73.14*               3
Machine *&colon.//9.31.73.147               5
Machine *&colon.//client1.austin.ibm.com    5
Machine *&colon.//client3.austin.ibm.com    3
Machine local&colon.//local                 5
Machine tcp&colon.//client2.austin.ibm.com  0
User    SampleAuth&colon.//*@company.com    3
User    SampleAuth&colon.//Jane@company.com 4
User    SampleAuth&colon.//John@company.com 5
:exmp.
:eul.
.*
.*---------------------------------------------------------------------
.*
:ih1.service commands
:ih2.DELETE
:i3.trust service
:h3.DELETE
:p.DELETE will remove the explicit trust entry for the specified machine
or user.
:h4.Syntax
:xmp.
DELETE MACHINE <Machine> | USER <User>
:exmp.
:p.:xph.MACHINE:exph. specifies the machine for which you wish to delete the
specific trust entry.
The format for <Machine> is:
:xmp.
  &lbrk.<Interface>&colon.//&rbrk.<System Identifier>
:exmp.
where:
:ul compact.
:li.:xph.<Interface>:exph. is the name of the network interface.
It is case-insensitive.
If the name of a network interface is not specified, wildcard '*' is
substituted.
:li.:xph.<System Identifier>:exph. is a valid network identifier for the network
interface.  It is case-insensitive.
:eul.
:p.
If a port is included (e.g. @6500) at the end of the machine
value, it will be removed.
:p.
:xph.USER:exph. specifies the user for which you wish to delete the
specific trust entry.
The format for <User> is:
:xmp.
  &lbrk.<Authenticator>&colon.//&rbrk.<User Identifier>
:exmp.
where:
:ul compact.
:li.:xph.<Authenticator>:exph. is the name of the authenticator.
It is case-insensitive.  If an authenticator is not specified, the default
authenticator is used.
:li.:xph.<User Identifier>:exph. is a valid user identifier for the authenticator.
It is case sensitive.
:eul.

:h4.Security
:p.&seclvl. 5.

:h4.Return Codes
:p.All return codes from DELETE are documented in :hdref refid=retcode..

:h4.Results
:p.The result buffer will contain no data on return from a DELETE command.

:h4.Examples
:p.
:ul.
:li.:hp2.Goal::ehp2. Delete the trust entry for machine *&colon.//client1.austin.ibm.com
:p.:hp2.Syntax::ehp2.&nbsp; :xph.DELETE MACHINE client1.austin.ibm.com:exph.
:p.
:li.:hp2.Goal::ehp2. Delete the trust entry for machine tcp&colon.//mysystem.site.com.
:p.:hp2.Syntax::ehp2.&nbsp; :xph.DELETE MACHINE tcp&colon.//mysystem.site.com:exph.
:p.
:li.:hp2.Goal::ehp2. Delete the trust entry for machine *&colon.//9.3.224.82
:p.:hp2.Syntax::ehp2.&nbsp; :xph.DELETE MACHINE 9.3.224.82:exph.
:p.
:li.:hp2.Goal::ehp2. Delete the trust entry for machine *&colon.//*.austin.ibm.com
:p.:hp2.Syntax::ehp2.&nbsp; :xph.DELETE MACHINE *.austin.ibm.com:exph.
:p.
:li.:hp2.Goal::ehp2. Delete the trust entry for user SampleAuth&colon.//John@company.com
(assuming SampleAuth is the default authenticator).
:p.:hp2.Syntax::ehp2.&nbsp; :xph.DELETE USER John@company.com:exph.
:p.
:li.:hp2.Goal::ehp2. Delete the trust entry for user "SampleAuth&colon.//*@company.com"
(assuming SampleAuth is the default autenticator).
:p.:hp2.Syntax::ehp2.&nbsp; :xph.DELETE USER *@company.com:exph.
:p.
:li.:hp2.Goal::ehp2. Delete the trust entry for user "Auth2&colon.//Mary"
:p.:hp2.Syntax::ehp2.&nbsp; :xph.DELETE USER Auth2&colon.//Mary:exph.
:p.
:li.:hp2.Goal::ehp2. Delete the trust entry for user "*&colon.//*"
:p.:hp2.Syntax::ehp2.&nbsp; :xph.DELETE USER *&colon.//*:exph.
:eul.