pnuts.security.JAASPnutsImpl is a subclass of pnuts.security.SecurePnutsImpl class. It allows you to execute a script safely using a Subject authenticated with JAAS, and User's security policy.
If JDK1.3 is running, JAAS must be installed for this feature. In addition, you might want to install a service provider of a specific platform (Solaris or Windows NT).
The following example illustrates how to control access to a property for a certain user account. In this case, "java.home" property can be read by testUser on Unix.
grant codebase "file:/c:/pnuts/pnuts.jar" {
permission java.security.AllPermission;
};
Unix {
com.sun.security.auth.module.UnixLoginModule required;
};
grant Principal com.sun.security.auth.UnixPrincipal "testUser" {
permission java.util.PropertyPermission "java.home", "read";
};
println(getProperty("java.home"))
import("pnuts.security.*")
import("com.sun.security.auth.*")
import("javax.security.auth.*")
setProperty("java.security.auth.policy", "test_auth.policy")
setProperty("java.security.auth.login.config", "test.config")
subject = Subject()
subject.getPrincipals().add(UnixPrincipal("testUser"))
c = getContext().clone()
c.setImplementation(JAASPnutsImpl(c.getImplementation(), null, subject))
System::setSecurityManager(SecurityManager())
load("try.pnut", c)