Dear all,

in order to better illustrate usage of the AA webservices, please find 
attached a shell script that conducts a REST sample session using the 
following arguments:

$ ./aa-session.sh
Usage: ./aa-session.sh <username> <password> <action> <uri>

<username>: your Plone username
<password>: your Plone password (plain text!)
<action>:   one of GET POST PUT DELETE
<uri>:      resource to query (please surround with hyphens)

Example:
$ ./aa-session.sh amaunz secret POST 'http://opentox.ntua.gr:3000/bibtex'


Note: the script sends crendentials in plain text. Please consider 
modifying the /identity/authenticate command to use SSL before you use 
the script!
To do so, add -k to all curl command lines and change 'http' in HOST 
variable to 'https'.


The script performs the following actions (in this sequence):

1) Get a token <token> from OpenSSO using <username> and <password>.
2) Query user attributes from LDAP using the token <token>.
3) Authorize action <action> on resource <uri> using the token <token>.
4) List all policies of user <username> using the token <token>.
5) Find owner of resource <uri> using the token <token> (NEW!)
6) Logout (invalidate token <token>).

Step 5) is a new feature: in case you are denied access to a resource, 
you can query the service for the resource owner. This person may or may 
not then grant you access.

Hope this is helpful.

Best regards
Andreas

-- 
http://www.maunz.de

  The squeaky wheel doesn't always get the grease.  Sometimes it gets 
replaced.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: aa-session.sh
Type: application/x-sh
Size: 2977 bytes
Desc: not available
URL: <http://lists.opentox.org/pipermail/development/attachments/20100622/5e90a395/attachment.sh>