As an SDK user, I want to run java code under the same user ID the s user using REST API, so that the code can access mainframe resources only accessible by that user by leveraging future PassTicket support in Zowe to allow me to have a minimum security requirement for my service.
Acceptance Criteria:
It is possible to run some Java code under the mainframe security environment for the user that is authenticated to the REST API via Zowe Authentication and Authorization Service
This is done by using requiring PassTickets in Zowe and passing them to pthread_security_applid_np() function with function code __CREATE_SECURITY_ENV that requires permission to BPX.SERVER but not to BPX.DAEMON
It requires being executed on z/OS, on PC or Mac a dummy implementation can be used
As an SDK user, I want to run java code under the same user ID the s user using REST API, so that the code can access mainframe resources only accessible by that user by leveraging future PassTicket support in Zowe to allow me to have a minimum security requirement for my service.
Acceptance Criteria:
pthread_security_applid_np()
function with function code__CREATE_SECURITY_ENV
that requires permission toBPX.SERVER
but not to BPX.DAEMONMigrated original story: https://rally1.rallydev.com/#/106710376756d/detail/userstory/288640296608