package org.jboss.security.plugins;

import java.beans.PropertyEditorManager;
import java.lang.reflect.Method;
import java.security.Principal;
import java.util.Hashtable;
import java.util.Map;
import java.util.Set;
import javax.naming.NameParser;
import javax.naming.NamingException;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.AuthParam;
import javax.security.auth.message.AuthStatus;
import javax.security.jacc.PolicyContext;
import org.jboss.ejb.plugins.cmp.jdbc.SQLUtil;
import org.jboss.logging.Logger;
import org.jboss.security.AuthenticationManager;
import org.jboss.security.SecurityAssociation;
import org.jboss.security.SecurityConstants;
import org.jboss.security.SecurityDomain;
import org.jboss.security.auth.callback.CallbackHandlerPolicyContextHandler;
import org.jboss.security.jacc.SubjectPolicyContextHandler;
import org.jboss.system.ServiceMBeanSupport;
import org.jboss.util.CachePolicy;
import org.jboss.util.TimedCachePolicy;

/* loaded from: input_file:org/jboss/security/plugins/JASPISecurityManagerService.class */
public class JASPISecurityManagerService extends ServiceMBeanSupport implements JASPISecurityManagerServiceMBean {
    private static final String SECURITY_MGR_PATH = "java:/jbsx";
    private static Logger log;
    private static String securityMgrClassName;
    private static Class securityMgrClass;
    private static Class callbackHandlerClass;
    private static Class securityProxyFactoryClass;
    private static Hashtable securityDomainCtxMap;
    private static NameParser parser;
    private boolean serverMode = true;
    private static String defaultUnauthenticatedPrincipal;
    private static Hashtable contextIdMap;
    private static int defaultCacheTimeout;
    private static int defaultCacheResolution;
    static Class class$org$jboss$security$plugins$JaasSecurityManagerService;
    static Class class$org$jboss$security$auth$callback$SecurityAssociationHandler;
    static Class class$org$jboss$security$SubjectSecurityProxyFactory;
    static Class class$org$jboss$security$AuthenticationManager;
    static Class class$java$security$Principal;
    static Class class$org$jboss$security$propertyeditor$PrincipalEditor;
    static Class class$org$jboss$security$SecurityDomain;
    static Class class$org$jboss$security$propertyeditor$SecurityDomainEditor;
    static Class class$java$lang$String;
    static Class class$javax$security$auth$callback$CallbackHandler;
    static Class class$org$jboss$util$CachePolicy;

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public boolean getServerMode() {
        return this.serverMode;
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public void setServerMode(boolean z) {
        this.serverMode = z;
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public String getSecurityManagerClassName() {
        return securityMgrClassName;
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public void setSecurityManagerClassName(String str) throws ClassNotFoundException, ClassCastException {
        Class cls;
        Class cls2;
        securityMgrClassName = str;
        securityMgrClass = Thread.currentThread().getContextClassLoader().loadClass(securityMgrClassName);
        if (class$org$jboss$security$AuthenticationManager == null) {
            cls = class$("org.jboss.security.AuthenticationManager");
            class$org$jboss$security$AuthenticationManager = cls;
        } else {
            cls = class$org$jboss$security$AuthenticationManager;
        }
        if (cls.isAssignableFrom(securityMgrClass)) {
            return;
        }
        StringBuffer append = new StringBuffer().append(securityMgrClass).append(" does not implement ");
        if (class$org$jboss$security$AuthenticationManager == null) {
            cls2 = class$("org.jboss.security.AuthenticationManager");
            class$org$jboss$security$AuthenticationManager = cls2;
        } else {
            cls2 = class$org$jboss$security$AuthenticationManager;
        }
        throw new ClassCastException(append.append(cls2).toString());
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public String getSecurityProxyFactoryClassName() {
        return securityProxyFactoryClass.getName();
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public void setSecurityProxyFactoryClassName(String str) throws ClassNotFoundException {
        securityProxyFactoryClass = SubjectActions.getContextClassLoader().loadClass(str);
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public String getCallbackHandlerClassName() {
        return callbackHandlerClass.getName();
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public void setCallbackHandlerClassName(String str) throws ClassNotFoundException {
        callbackHandlerClass = SubjectActions.getContextClassLoader().loadClass(str);
    }

    public boolean isValid(String str, Principal principal, Object obj) {
        boolean z = false;
        try {
            z = lookupAuthenticationManager(str).isValid(principal, obj, null);
        } catch (NamingException e) {
            log.debug(new StringBuffer().append("isValid(").append(str).append(") failed").toString(), e);
        }
        return z;
    }

    public Principal getPrincipal(String str, Principal principal) {
        throw new IllegalStateException("Unimplemented Method");
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public void registerSecurityDomain(String str, SecurityDomain securityDomain) {
        int length = SecurityConstants.JAAS_CONTEXT_ROOT.length() + 1;
        int length2 = "java:/jbsx".length() + 1;
        if (str != null && str.startsWith(SecurityConstants.JAAS_CONTEXT_ROOT)) {
            str = str.substring(length);
        } else if (str != null && str.startsWith("java:/jbsx")) {
            str = str.substring(length2);
        }
        log.debug(new StringBuffer().append("Added ").append(str).append(SQLUtil.COMMA).append(securityDomain).append(" to map").toString());
        securityDomainCtxMap.put(str, securityDomain);
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public String getDefaultUnauthenticatedPrincipal() {
        return defaultUnauthenticatedPrincipal;
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public void setDefaultUnauthenticatedPrincipal(String str) {
        defaultUnauthenticatedPrincipal = str;
    }

    @Override // org.jboss.security.AuthenticationManager
    public boolean isValid(Principal principal, Object obj) {
        throw new IllegalStateException("Please call getSecurityManager to obtain a security manager and call isValid");
    }

    @Override // org.jboss.security.AuthenticationManager
    public boolean isValid(Principal principal, Object obj, Subject subject) {
        throw new IllegalStateException("Please call getSecurityManager to obtain a security manager and call isValid");
    }

    @Override // org.jboss.security.AuthenticationManager
    public Subject getActiveSubject() {
        throw new IllegalStateException("Please call getSecurityManager to obtain a security manager and call getActiveSubject");
    }

    public void cleanSubject(Subject subject, Map map) throws AuthException {
    }

    public AuthStatus secureResponse(AuthParam authParam, Subject subject, Map map) throws AuthException {
        return AuthStatus.PROCEED;
    }

    public AuthStatus validateRequest(AuthParam authParam, Subject subject, Subject subject2, Map map) throws AuthException {
        return AuthStatus.PROCEED;
    }

    @Override // org.jboss.security.AuthenticationManager
    public String getSecurityDomain() {
        throw new IllegalStateException("Unimplemented method: getSecurityDomain");
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public String getSecurityDomain(String str) {
        return (String) contextIdMap.get(str);
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public AuthenticationManager getSecurityManager(String str) {
        AuthenticationManager authenticationManager = null;
        try {
            authenticationManager = lookupAuthenticationManager(str);
        } catch (NamingException e) {
            log.error(new StringBuffer().append("Look up of security manager failed::").append(e.getLocalizedMessage()).toString());
        }
        return authenticationManager;
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public void registerSecurityDomain(String str, String str2) {
        int length = SecurityConstants.JAAS_CONTEXT_ROOT.length() + 1;
        int length2 = "java:/jbsx".length() + 1;
        if (str != null && str.startsWith(SecurityConstants.JAAS_CONTEXT_ROOT)) {
            str = str.substring(length);
        } else if (str != null && str.startsWith("java:/jbsx")) {
            str = str.substring(length2);
        }
        if (str == null) {
            str = SecurityConstants.DEFAULT_APPLICATION_POLICY;
        }
        contextIdMap.put(str2, str);
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public void flushAuthenticationCache(String str) {
        try {
            securityMgrClass.getMethod("flushAuthenticationCache", new Class[0]).invoke(lookupAuthenticationManager(str), new Object[0]);
        } catch (Exception e) {
            log.debug("flushAuthenticationCache failed", e);
        }
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public void flushAuthenticationCache(String str, Principal principal) {
        Class<?> cls;
        try {
            AuthenticationManager lookupAuthenticationManager = lookupAuthenticationManager(str);
            Class<?>[] clsArr = new Class[1];
            if (class$java$security$Principal == null) {
                cls = class$("java.security.Principal");
                class$java$security$Principal = cls;
            } else {
                cls = class$java$security$Principal;
            }
            clsArr[0] = cls;
            securityMgrClass.getMethod("flushAuthenticationCache", clsArr).invoke(lookupAuthenticationManager, principal);
        } catch (Exception e) {
            log.debug("flushAuthenticationCache failed", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.jboss.system.ServiceMBeanSupport
    public void startService() throws Exception {
        Class cls;
        Class cls2;
        Class cls3;
        Class cls4;
        if (this.serverMode) {
            SecurityAssociation.setServer();
        }
        SubjectPolicyContextHandler subjectPolicyContextHandler = new SubjectPolicyContextHandler();
        Set handlerKeys = PolicyContext.getHandlerKeys();
        if (handlerKeys == null || !handlerKeys.contains("javax.security.auth.Subject.container")) {
            PolicyContext.registerHandler("javax.security.auth.Subject.container", subjectPolicyContextHandler, true);
        }
        CallbackHandlerPolicyContextHandler callbackHandlerPolicyContextHandler = new CallbackHandlerPolicyContextHandler();
        if (handlerKeys == null || !handlerKeys.contains("org.jboss.security.auth.spi.CallbackHandler")) {
            PolicyContext.registerHandler("org.jboss.security.auth.spi.CallbackHandler", callbackHandlerPolicyContextHandler, false);
        }
        if (class$java$security$Principal == null) {
            cls = class$("java.security.Principal");
            class$java$security$Principal = cls;
        } else {
            cls = class$java$security$Principal;
        }
        if (class$org$jboss$security$propertyeditor$PrincipalEditor == null) {
            cls2 = class$("org.jboss.security.propertyeditor.PrincipalEditor");
            class$org$jboss$security$propertyeditor$PrincipalEditor = cls2;
        } else {
            cls2 = class$org$jboss$security$propertyeditor$PrincipalEditor;
        }
        PropertyEditorManager.registerEditor(cls, cls2);
        if (class$org$jboss$security$SecurityDomain == null) {
            cls3 = class$("org.jboss.security.SecurityDomain");
            class$org$jboss$security$SecurityDomain = cls3;
        } else {
            cls3 = class$org$jboss$security$SecurityDomain;
        }
        if (class$org$jboss$security$propertyeditor$SecurityDomainEditor == null) {
            cls4 = class$("org.jboss.security.propertyeditor.SecurityDomainEditor");
            class$org$jboss$security$propertyeditor$SecurityDomainEditor = cls4;
        } else {
            cls4 = class$org$jboss$security$propertyeditor$SecurityDomainEditor;
        }
        PropertyEditorManager.registerEditor(cls3, cls4);
        log.debug("Registered PrincipalEditor, SecurityDomainEditor");
        log.debug(new StringBuffer().append("ServerMode=").append(this.serverMode).toString());
        log.debug(new StringBuffer().append("SecurityMgrClass=").append(securityMgrClass).toString());
        log.debug(new StringBuffer().append("CallbackHandlerClass=").append(callbackHandlerClass).toString());
    }

    private static AuthenticationManager lookupAuthenticationManager(String str) throws NamingException {
        AuthenticationManager authenticationManager = (AuthenticationManager) securityDomainCtxMap.get(str);
        if (authenticationManager == null) {
            authenticationManager = newAuthenticationManager(str);
            securityDomainCtxMap.put(str, authenticationManager);
            log.debug(new StringBuffer().append("Added ").append(str).append(SQLUtil.COMMA).append(authenticationManager).append(" to map").toString());
        }
        return authenticationManager;
    }

    private static AuthenticationManager newAuthenticationManager(String str) throws NamingException {
        Class<?> cls;
        Class<?> cls2;
        try {
            Class<?>[] clsArr = new Class[2];
            if (class$java$lang$String == null) {
                cls = class$("java.lang.String");
                class$java$lang$String = cls;
            } else {
                cls = class$java$lang$String;
            }
            clsArr[0] = cls;
            if (class$javax$security$auth$callback$CallbackHandler == null) {
                cls2 = class$("javax.security.auth.callback.CallbackHandler");
                class$javax$security$auth$callback$CallbackHandler = cls2;
            } else {
                cls2 = class$javax$security$auth$callback$CallbackHandler;
            }
            clsArr[1] = cls2;
            AuthenticationManager authenticationManager = (AuthenticationManager) securityMgrClass.getConstructor(clsArr).newInstance(str, (CallbackHandler) callbackHandlerClass.newInstance());
            log.debug(new StringBuffer().append("Created securityMgr=").append(authenticationManager).toString());
            TimedCachePolicy timedCachePolicy = new TimedCachePolicy(defaultCacheTimeout, true, defaultCacheResolution);
            timedCachePolicy.create();
            timedCachePolicy.start();
            setSecurityDomainCache(authenticationManager, timedCachePolicy);
            return authenticationManager;
        } catch (Exception e) {
            String stringBuffer = new StringBuffer().append("Failed to create sec mgr('").append(str).append("'), securityMgrClass=").append(securityMgrClass).append(", callbackHandlerClass=").append(callbackHandlerClass).toString();
            log.error(stringBuffer, e);
            NamingException namingException = new NamingException(stringBuffer);
            namingException.setRootCause(e);
            throw namingException;
        }
    }

    private static void setSecurityDomainCache(AuthenticationManager authenticationManager, CachePolicy cachePolicy) {
        Class<?> cls;
        try {
            Class<?>[] clsArr = new Class[1];
            if (class$org$jboss$util$CachePolicy == null) {
                cls = class$("org.jboss.util.CachePolicy");
                class$org$jboss$util$CachePolicy = cls;
            } else {
                cls = class$org$jboss$util$CachePolicy;
            }
            clsArr[0] = cls;
            Method method = securityMgrClass.getMethod("setCachePolicy", clsArr);
            Object[] objArr = {cachePolicy};
            method.invoke(authenticationManager, objArr);
            log.debug(new StringBuffer().append("setCachePolicy, c=").append(objArr[0]).toString());
        } catch (Exception e) {
            log.warn("setCachePolicy failed.This is fine:", e);
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        Class cls2;
        Class cls3;
        if (class$org$jboss$security$plugins$JaasSecurityManagerService == null) {
            cls = class$("org.jboss.security.plugins.JaasSecurityManagerService");
            class$org$jboss$security$plugins$JaasSecurityManagerService = cls;
        } else {
            cls = class$org$jboss$security$plugins$JaasSecurityManagerService;
        }
        log = Logger.getLogger(cls);
        securityMgrClassName = SecurityConstants.JASPI_AUTHENTICATION_MANAGER;
        if (class$org$jboss$security$auth$callback$SecurityAssociationHandler == null) {
            cls2 = class$("org.jboss.security.auth.callback.SecurityAssociationHandler");
            class$org$jboss$security$auth$callback$SecurityAssociationHandler = cls2;
        } else {
            cls2 = class$org$jboss$security$auth$callback$SecurityAssociationHandler;
        }
        callbackHandlerClass = cls2;
        if (class$org$jboss$security$SubjectSecurityProxyFactory == null) {
            cls3 = class$("org.jboss.security.SubjectSecurityProxyFactory");
            class$org$jboss$security$SubjectSecurityProxyFactory = cls3;
        } else {
            cls3 = class$org$jboss$security$SubjectSecurityProxyFactory;
        }
        securityProxyFactoryClass = cls3;
        securityDomainCtxMap = new Hashtable();
        defaultUnauthenticatedPrincipal = "Unauthenticated Principal";
        contextIdMap = new Hashtable();
        defaultCacheTimeout = 1800;
        defaultCacheResolution = 60;
    }
}
