<!--
  Copyright 2007 Sun Microsystems, Inc. All rights reserved.

  Redistribution and use in source and binary forms, with or without
  modification, are permitted provided that the following conditions
  are met:

  - Redistributions of source code must retain the above copyright
    notice, this list of conditions and the following disclaimer.

  - Redistribution in binary form must reproduce the above copyright
    notice, this list of conditions and the following disclaimer in
    the documentation and/or other materials provided with the
    distribution.

  Neither the name of Sun Microsystems, Inc. or the names of
  contributors may be used to endorse or promote products derived
  from this software without specific prior written permission.

  This software is provided "AS IS," without a warranty of any
  kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND
  WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY,
  FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY
  EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES
  SUFFERED BY LICENSEE AS A RESULT OF USING, MODIFYING OR
  DISTRIBUTING THE SOFTWARE OR ITS DERIVATIVES. IN NO EVENT WILL SUN
  OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE, PROFIT OR DATA, OR
  FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL OR
  PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF
  LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE SOFTWARE,
  EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

  You acknowledge that Software is not designed, licensed or intended
  for use in the design, construction, operation or maintenance of
  any nuclear facility.
-->

public class AuthZClientProxy {

    SSOToken token;
    
    com.sun.identity.policy.client.PolicyEvaluator pe;
    PolicyDecision policyDecision;
 
    // Can store serviceName in a configuration file
    String serviceName = ?CustomClaimsApplicationPolicyService?;

    Map envParams = new HashMap();

    AuthZClientProxy (HttpServletRequest request) {
        try {
            SSOTokenManager manager = SSOTokenManager.getInstance();
            token = manager.createSSOToken(request);

            pe = new PolicyEvaluator(serviceName);

        } catch (Exception e) {}
 }

    AuthZClientProxy (EJBContext ctx) {
        try {
            AmSSOCache cache = AmFilterManager.getAmSSOCacheInstance();
            String tokenStr = cache.getSSOTokenForUser(ctx);
            SSOTokenManager manager = SSOTokenManager.getInstance();
            token = manager.createSSOToken(tokenStr);
            pe = new PolicyEvaluator(serviceName);

        } catch (Exception e) {}
 }
    public AuthZResultSet authorize(String resource) {
        AuthZResultSet results = new AuthZResultSet();
        policyDecision = pe.getPolicyDecision(token, resourceName, actionNames, envParams);

        // For debugging purposes, we can print the values 
        String str = policyDecision.tostring();
        System.out.println(?String output: ?+str);
        String xmlStr = policyDecision.toXml();
        System.out.println (?XML output: ?+xmlStr);
        /*

        The next steps involve getting ActionDecision map from the PolicyDecision object and creation the AuthZResultSet from the results.
        */

        return results;
    }
}