@Override public boolean checkResourcePermission( Map<String, Object> contextMap, ServletRequest request, ServletResponse response, Subject callerSubject, String contextID, String canonicalRequestURI, List<String> roles) { if(contextID == null) throw PicketBoxMessages.MESSAGES.invalidNullArgument("contextID"); if(request == null) throw PicketBoxMessages.MESSAGES.invalidNullArgument("request"); if(response == null) throw PicketBoxMessages.MESSAGES.invalidNullArgument("response"); if(canonicalRequestURI == null) throw PicketBoxMessages.MESSAGES.invalidNullArgument("canonicalRequestURI"); AuthorizationManager authzMgr = securityContext.getAuthorizationManager(); if(authzMgr == null) throw PicketBoxMessages.MESSAGES.invalidNullProperty("AuthorizationManager"); boolean isAuthorized = false; WebResource webResource = new WebResource(Collections.unmodifiableMap(contextMap)); webResource.setPolicyContextID(contextID); webResource.setServletRequest(request); webResource.setServletResponse(response);