} else if (ENFORCE_MODE_DENY_ALL_REQUESTS.equals(m_enforceMode)) {
logger.debug("denying request because enforceMode==ENFORCE_MODE_DENY_ALL_REQUESTS");
throw new AuthzDeniedException("all requests are currently denied");
} else if (!ENFORCE_MODE_ENFORCE_POLICIES.equals(m_enforceMode)) {
logger.debug("denying request because enforceMode is invalid");
throw new AuthzOperationalException("invalid enforceMode from config \"" + m_enforceMode + "\"");
} else {
ResponseCtx response = null;
String contextIndex = null;
try {
contextIndex = (new Integer(next())).toString();
logger.debug("context index set={}", contextIndex);
Set<Subject> subjects = wrapSubjects(subjectId);
Set<Attribute> actions = wrapActions(action, api, contextIndex);
Set<Attribute> resources = wrapResources(pid, namespace);
RequestCtx request =
new RequestCtx(subjects,
resources,
actions,
Collections.EMPTY_SET);
Iterator<Attribute> tempit = actions.iterator();
while (tempit.hasNext()) {
Attribute tempobj = tempit.next();
logger.debug("request action has {}={}", tempobj.getId(), tempobj.getValue().toString());
}
m_registry.registerContext(contextIndex, context);
long st = System.currentTimeMillis();
try {
response = m_pdp.evaluate(request);
} finally {
long dur = System.currentTimeMillis() - st;
logger.debug("Policy evaluation took {}ms.", dur);
}
logger.debug("in pep, after evaluate() called");
} catch (Throwable t) {
logger.error("Error evaluating policy", t);
throw new AuthzOperationalException("");
} finally {
m_registry.unregisterContext(contextIndex);
}
logger.debug("in pep, before denyBiasedAuthz() called");
if (!denyBiasedAuthz(response.getResults())) {