package org.jboss.jms.server.security;

import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import javax.jms.JMSSecurityException;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.security.auth.Subject;
import org.jboss.jms.server.SecurityManager;
import org.jboss.logging.Logger;
import org.jboss.security.AuthenticationManager;
import org.jboss.security.RealmMapping;
import org.jboss.security.SimplePrincipal;
import org.jboss.security.SubjectSecurityManager;
import org.w3c.dom.Element;

/* loaded from: input_file:org/jboss/jms/server/security/SecurityMetadataStore.class */
public class SecurityMetadataStore implements SecurityManager {
    private static final Logger log;
    private boolean trace = log.isTraceEnabled();
    private Map queueSecurityConf = new HashMap();
    private Map topicSecurityConf = new HashMap();
    private AuthenticationManager authenticationManager;
    private RealmMapping realmMapping;
    private Element defaultSecurityConfig;
    private String securityDomain;
    static Class class$org$jboss$jms$server$security$SecurityMetadataStore;

    @Override // org.jboss.jms.server.SecurityManager
    public SecurityMetadata getSecurityMetadata(boolean z, String str) {
        SecurityMetadata securityMetadata = (SecurityMetadata) (z ? this.queueSecurityConf.get(str) : this.topicSecurityConf.get(str));
        if (securityMetadata == null) {
            if (this.defaultSecurityConfig != null) {
                log.debug(new StringBuffer().append("No SecurityMetadadata was available for ").append(str).append(", using default security config").toString());
                try {
                    securityMetadata = new SecurityMetadata(this.defaultSecurityConfig);
                } catch (Exception e) {
                    log.warn(new StringBuffer().append("Unable to apply default security for destName, using guest ").append(str).toString(), e);
                    securityMetadata = new SecurityMetadata();
                }
            } else {
                log.warn(new StringBuffer().append("No SecurityMetadadata was available for ").append(str).append(", adding guest").toString());
                securityMetadata = new SecurityMetadata();
            }
        }
        return securityMetadata;
    }

    @Override // org.jboss.jms.server.SecurityManager
    public void setSecurityConfig(boolean z, String str, Element element) throws Exception {
        if (this.trace) {
            log.trace(new StringBuffer().append("adding security configuration for ").append(z ? "queue " : "topic ").append(str).toString());
        }
        SecurityMetadata securityMetadata = new SecurityMetadata(element);
        if (z) {
            this.queueSecurityConf.put(str, securityMetadata);
        } else {
            this.topicSecurityConf.put(str, securityMetadata);
        }
    }

    @Override // org.jboss.jms.server.SecurityManager
    public void clearSecurityConfig(boolean z, String str) throws Exception {
        if (this.trace) {
            log.trace(new StringBuffer().append("clearing security configuration for ").append(z ? "queue " : "topic ").append(str).toString());
        }
        if (z) {
            this.queueSecurityConf.remove(str);
        } else {
            this.topicSecurityConf.remove(str);
        }
    }

    @Override // org.jboss.jms.server.SecurityManager
    public Subject authenticate(String str, String str2) throws JMSSecurityException {
        if (this.trace) {
            log.trace(new StringBuffer().append("authenticating user ").append(str).toString());
        }
        SimplePrincipal simplePrincipal = new SimplePrincipal(str);
        char[] cArr = null;
        if (str2 != null) {
            cArr = str2.toCharArray();
        }
        Subject subject = new Subject();
        if (!this.authenticationManager.isValid(simplePrincipal, cArr, subject)) {
            throw new JMSSecurityException(new StringBuffer().append("User ").append(str).append(" is NOT authenticated").toString());
        }
        SecurityActions.pushSubjectContext(simplePrincipal, cArr, subject);
        return subject;
    }

    @Override // org.jboss.jms.server.SecurityManager
    public boolean authorize(String str, Set set) {
        if (this.trace) {
            log.trace(new StringBuffer().append("authorizing user ").append(str).append(" for role(s) ").append(set.toString()).toString());
        }
        boolean doesUserHaveRole = this.realmMapping.doesUserHaveRole(str == null ? null : new SimplePrincipal(str), set);
        if (this.trace) {
            log.trace(new StringBuffer().append("user ").append(str).append(doesUserHaveRole ? " is " : " is NOT ").append("authorized").toString());
        }
        return doesUserHaveRole;
    }

    public void start() throws NamingException {
        if (this.trace) {
            log.trace("initializing SecurityMetadataStore");
        }
        InitialContext initialContext = new InitialContext();
        try {
            try {
                Object lookup = initialContext.lookup(this.securityDomain);
                log.debug(new StringBuffer().append("JaasSecurityManager is ").append(lookup).toString());
                this.authenticationManager = (AuthenticationManager) lookup;
                this.realmMapping = (RealmMapping) lookup;
                log.trace("SecurityMetadataStore initialized");
                initialContext.close();
            } catch (NamingException e) {
                log.warn(new StringBuffer().append("Failed to lookup securityDomain ").append(this.securityDomain).toString(), e);
                if (this.securityDomain.startsWith("java:/jaas/")) {
                    throw e;
                }
                this.authenticationManager = (SubjectSecurityManager) initialContext.lookup(new StringBuffer().append("java:/jaas/").append(this.securityDomain).toString());
                initialContext.close();
            }
        } catch (Throwable th) {
            initialContext.close();
            throw th;
        }
    }

    public void stop() throws Exception {
    }

    public String getSecurityDomain() {
        return this.securityDomain;
    }

    public void setSecurityDomain(String str) {
        this.securityDomain = str;
    }

    public Element getDefaultSecurityConfig() {
        return this.defaultSecurityConfig;
    }

    public void setDefaultSecurityConfig(Element element) throws Exception {
        new SecurityMetadata(element);
        this.defaultSecurityConfig = element;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$jboss$jms$server$security$SecurityMetadataStore == null) {
            cls = class$("org.jboss.jms.server.security.SecurityMetadataStore");
            class$org$jboss$jms$server$security$SecurityMetadataStore = cls;
        } else {
            cls = class$org$jboss$jms$server$security$SecurityMetadataStore;
        }
        log = Logger.getLogger(cls);
    }
}
