+ @Produces
+ @ApplicationScoped
+ @PhotoCache
+ public Cache<String, ArrayList<PhotoEntry>> getPhotoCache() {
+ try {
+ InputResource cacheConfig = new ClassPathResource("META-INF/ehcache.xml");
+ return new EhCache<String, ArrayList<PhotoEntry>>(cacheConfig, "photos");
+ }
+ catch (IOException e) {
+ throw new RuntimeException("Could not create photo cache", e);
+ }
+ }
+
+ @Produces
+ @ApplicationScoped
+ public AuthorizationService getAuthorizationService() {
+ LOGGER.info("Initializing authorization service");
+ OperationRegistry registry = new DefaultOperationRegistry(
+ new Operation[]{new AllOperation(), new CreateOperation(), new DeleteOperation(), new ReadOperation(),
+ new WriteOperation()});
+ UserAccessor userAccessor = new UserAccessor() {
+
+ @Override
+ public String getCurrentUser() {
+ Principal principal = request.getUserPrincipal();
+ if (principal == null) {
+ return null;
+ }
+ return principal.getName();
+ }
+ };
+ AuthorizationService service =
+ new JpaAuthorizationService("DEFAULT", entityManager, userAccessor, userAdmin, 10000);
+
+ AnyUserCondition anyUserCondition = new AnyUserCondition();
+ GroupUserCondition adminUserCondition = new GroupUserCondition("administrators");
+
+ PhotoAuthorizationRule photoEntryRule = new PhotoAuthorizationRule(anyUserCondition);
+
+ // Pages that allow access by any authenticated user
+ PageAuthorizationRule anyUserPageRule =
+ new PageAuthorizationRule(AuthorizationResult.GRANTED, anyUserCondition, HomePage.class);
+
+ PageAuthorizationRule adminPageRule =
+ new PageAuthorizationRule(AuthorizationResult.GRANTED, adminUserCondition);
+
+ AuthorizationInitializer initializer = new AuthorizationInitializer(service,
+ new AbstractAuthorizationRule[]{photoEntryRule, anyUserPageRule, adminPageRule});
+
+ return service;
+ }
+