/**
* Subclasses can use this method to leave the authorization decision to the delegate configured
*/
protected int invokeDelegate(Resource resource) {
int authorizationDecision = AuthorizationContext.DENY;
ResourceType layer = resource.getLayer();
String delegateStr = (String) delegateMap.get(layer);
if (delegateStr == null)
throw PicketBoxMessages.MESSAGES.missingDelegateForLayer(
layer != null ? layer.toString() : null);
AuthorizationModuleDelegate delegate = null;
try {
delegate = getDelegate(delegateStr);
authorizationDecision = delegate.authorize(resource, this.subject, this.role);
} catch (Exception e) {
IllegalStateException ise = new IllegalStateException(e.getLocalizedMessage());
ise.initCause(e);
throw ise;
}
return authorizationDecision;
}
/**
* Options may have a comma separated delegate map
*
* @param commaSeparatedDelegates
*/
protected void populateDelegateMap(String commaSeparatedDelegates) {
StringTokenizer st = new StringTokenizer(commaSeparatedDelegates, ",");
while (st.hasMoreTokens()) {
String keyPair = st.nextToken();
StringTokenizer keyst = new StringTokenizer(keyPair, "=");
if (keyst.countTokens() != 2)
throw PicketBoxMessages.MESSAGES.invalidDelegateMapEntry(keyPair);
String key = keyst.nextToken();
String value = keyst.nextToken();
this.delegateMap.put(ResourceType.valueOf(key), value);
}
}
