@Override public boolean doPrincipalAttributesAllowServiceAccess(final String principal, final Map<String, Object> principalAttributes) { if (this.rejectedAttributes.isEmpty() && this.requiredAttributes.isEmpty()) { LOGGER.debug("Skipping access strategy policy, since no attributes rules are defined"); return true; } if (!enoughAttributesAvailableToProcess(principal, principalAttributes)) { LOGGER.debug("Access is denied. There are not enough attributes available to satisfy requirements"); return false; } if (doRejectedAttributesRefusePrincipalAccess(principalAttributes)) { LOGGER.debug("Access is denied. The principal carries attributes that would reject service access"); return false; } if (!doRequiredAttributesAllowPrincipalAccess(principalAttributes, this.requiredAttributes)) { LOGGER.debug("Access is denied. The principal does not have the required attributes [{}] specified by this strategy", this.requiredAttributes); return false; } return true; }