protected List<Principal> expandGroupPrincipals(AbstractUserAuthorizor.DefaultUser user) {
    List<Principal> res = null;

    {
      if (user != null) {
        res = new ArrayList<Principal>();

        List<Principal> groupPrincipals = user.getGroupPrincipals();

        if (groupPrincipals != null) {
          // Add "User" principal, if required:
          {
            if (matchGroupPrincipal(groupPrincipals, ApplicationUserRoles.BACKEND_USER_A)
                || matchGroupPrincipal(groupPrincipals, ApplicationUserRoles.BACKEND_USER_B)) {
              Principal p = new SimplePrincipal(ApplicationUserRoles.ROLE_USER);
              res.add(p);
            }
          }

          // Add "Administrator" principal, if required:
          {
            if (matchGroupPrincipal(groupPrincipals, ApplicationUserRoles.BACKEND_ADMINISTRATOR_A)
                || matchGroupPrincipal(
                    groupPrincipals, ApplicationUserRoles.BACKEND_ADMINISTRATOR_B)) {
              Principal p = new SimplePrincipal(ApplicationUserRoles.ROLE_ADMINISTRATOR);
              res.add(p);
            }
          }

          // Add all original principals "as is":
          {
            res.addAll(groupPrincipals);
          }
        }
      }
    }

    return res;
  }
  protected List<String> parseStringList(String list) throws IOException {
    List<String> res = null;

    {
      if (list != null) {
        res = new ArrayList<String>();

        StringTokenizer st = new StringTokenizer(list, ",");
        while (st.hasMoreTokens()) {
          String t = st.nextToken();
          t = t.trim();
          if (t.length() > 0) {
            res.add(t);
          }
        }
      }
    }

    return res;
  }