+ @Produces
+ @ApplicationScoped
+ public AuthorizationService getAuthorizationService() {
+ OperationRegistry registry = new DefaultOperationRegistry(
+ new Operation[] { new AllOperation(), new CreateOperation(),
+ new DeleteOperation(), new ReadOperation(),
+ new WriteOperation() });
+ UserAccessor userAccessor = new UserAccessor() {
+
+ @Override
+ public String getCurrentUser() {
+ Principal principal = request.getUserPrincipal();
+ if (principal == null) {
+ return null;
+ }
+ return principal.getName();
+ }
+ };
+ AuthorizationService service = new JpaAuthorizationService("DEFAULT",
+ entityManager, userAccessor, userAdmin, 10000);
+
+ AnyUserCondition anyUserCondition = new AnyUserCondition();
+ GroupUserCondition adminUserCondition = new GroupUserCondition(
+ "administrators");
+
+ PhotoAuthorizationRule photoEntryRule = new PhotoAuthorizationRule();
+
+ // Pages that allow access by any authenticated user
+ PageAuthorizationRule anyUserPageRule = new PageAuthorizationRule(
+ AuthorizationResult.GRANTED, anyUserCondition, HomePage.class);
+
+ PageAuthorizationRule adminPageRule = new PageAuthorizationRule(
+ AuthorizationResult.GRANTED, adminUserCondition);
+
+ AuthorizationInitializer initializer = new AuthorizationInitializer(
+ service, new AbstractAuthorizationRule[] { photoEntryRule,
+ anyUserPageRule, adminPageRule });
+
+ return service;
+ }
+