In an authorization system, access is defined by rules, roles and active rules.
These definitions are preprocessed to form a bit array for each of a plurality
of roles representing the rules that apply to that role. Once a bit array is calculated
or generated for a given user based on that user's roles, the user bit array can
be cached so that it need not be regenerated for each time the user requests access
to resources. The rules used can either be role-based rules or active rules.
