package org.jboss.security.plugins;

import java.beans.PropertyEditorManager;
import java.security.Principal;
import java.util.Hashtable;
import java.util.Map;
import java.util.Set;
import javax.naming.NameParser;
import javax.naming.NamingException;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.AuthParam;
import javax.security.auth.message.AuthStatus;
import javax.security.jacc.PolicyContext;
import org.jboss.logging.Logger;
import org.jboss.security.AuthenticationManager;
import org.jboss.security.SecurityAssociation;
import org.jboss.security.SecurityDomain;
import org.jboss.security.SubjectSecurityProxyFactory;
import org.jboss.security.auth.callback.CallbackHandlerPolicyContextHandler;
import org.jboss.security.auth.callback.SecurityAssociationHandler;
import org.jboss.security.jacc.SubjectPolicyContextHandler;
import org.jboss.security.propertyeditor.PrincipalEditor;
import org.jboss.security.propertyeditor.SecurityDomainEditor;
import org.jboss.system.ServiceMBeanSupport;
import org.jboss.util.CachePolicy;
import org.jboss.util.TimedCachePolicy;

/* loaded from: input_file:org/jboss/security/plugins/JASPISecurityManagerService.class */
public class JASPISecurityManagerService extends ServiceMBeanSupport implements JASPISecurityManagerServiceMBean {
    private static final String SECURITY_MGR_PATH = "java:/jbsx";
    private static Class securityMgrClass;
    private static NameParser parser;
    private boolean serverMode = true;
    private static Logger log = Logger.getLogger(JaasSecurityManagerService.class);
    private static String securityMgrClassName = "org.jboss.security.plugins.JASPISecurityManager";
    private static Class callbackHandlerClass = SecurityAssociationHandler.class;
    private static Class securityProxyFactoryClass = SubjectSecurityProxyFactory.class;
    private static Hashtable securityDomainCtxMap = new Hashtable();
    private static String defaultUnauthenticatedPrincipal = "Unauthenticated Principal";
    private static Hashtable contextIdMap = new Hashtable();
    private static int defaultCacheTimeout = 1800;
    private static int defaultCacheResolution = 60;

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public boolean getServerMode() {
        return this.serverMode;
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public void setServerMode(boolean z) {
        this.serverMode = z;
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public String getSecurityManagerClassName() {
        return securityMgrClassName;
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public void setSecurityManagerClassName(String str) throws ClassNotFoundException, ClassCastException {
        securityMgrClassName = str;
        securityMgrClass = Thread.currentThread().getContextClassLoader().loadClass(securityMgrClassName);
        if (!AuthenticationManager.class.isAssignableFrom(securityMgrClass)) {
            throw new ClassCastException(securityMgrClass + " does not implement " + AuthenticationManager.class);
        }
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public String getSecurityProxyFactoryClassName() {
        return securityProxyFactoryClass.getName();
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public void setSecurityProxyFactoryClassName(String str) throws ClassNotFoundException {
        securityProxyFactoryClass = SubjectActions.getContextClassLoader().loadClass(str);
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public String getCallbackHandlerClassName() {
        return callbackHandlerClass.getName();
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public void setCallbackHandlerClassName(String str) throws ClassNotFoundException {
        callbackHandlerClass = SubjectActions.getContextClassLoader().loadClass(str);
    }

    public boolean isValid(String str, Principal principal, Object obj) {
        boolean z = false;
        try {
            z = lookupAuthenticationManager(str).isValid(principal, obj, (Subject) null);
        } catch (NamingException e) {
            log.debug("isValid(" + str + ") failed", e);
        }
        return z;
    }

    public Principal getPrincipal(String str, Principal principal) {
        throw new IllegalStateException("Unimplemented Method");
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public void registerSecurityDomain(String str, SecurityDomain securityDomain) {
        int length = "java:/jaas".length() + 1;
        int length2 = SECURITY_MGR_PATH.length() + 1;
        if (str != null && str.startsWith("java:/jaas")) {
            str = str.substring(length);
        } else if (str != null && str.startsWith(SECURITY_MGR_PATH)) {
            str = str.substring(length2);
        }
        log.debug("Added " + str + ", " + securityDomain + " to map");
        securityDomainCtxMap.put(str, securityDomain);
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public String getDefaultUnauthenticatedPrincipal() {
        return defaultUnauthenticatedPrincipal;
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public void setDefaultUnauthenticatedPrincipal(String str) {
        defaultUnauthenticatedPrincipal = str;
    }

    public boolean isValid(Principal principal, Object obj) {
        throw new IllegalStateException("Please call getSecurityManager to obtain a security manager and call isValid");
    }

    public boolean isValid(Principal principal, Object obj, Subject subject) {
        throw new IllegalStateException("Please call getSecurityManager to obtain a security manager and call isValid");
    }

    public Subject getActiveSubject() {
        throw new IllegalStateException("Please call getSecurityManager to obtain a security manager and call getActiveSubject");
    }

    public Principal getTargetPrincipal(Principal principal, Map map) {
        throw new RuntimeException("Not implemented yet");
    }

    public void cleanSubject(Subject subject, Map map) throws AuthException {
    }

    public AuthStatus secureResponse(AuthParam authParam, Subject subject, Map map) throws AuthException {
        return AuthStatus.PROCEED;
    }

    public AuthStatus validateRequest(AuthParam authParam, Subject subject, Subject subject2, Map map) throws AuthException {
        return AuthStatus.PROCEED;
    }

    public String getSecurityDomain() {
        throw new IllegalStateException("Unimplemented method: getSecurityDomain");
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public String getSecurityDomain(String str) {
        return (String) contextIdMap.get(str);
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public AuthenticationManager getSecurityManager(String str) {
        AuthenticationManager authenticationManager = null;
        try {
            authenticationManager = lookupAuthenticationManager(str);
        } catch (NamingException e) {
            log.error("Look up of security manager failed::" + e.getLocalizedMessage());
        }
        return authenticationManager;
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public void registerSecurityDomain(String str, String str2) {
        int length = "java:/jaas".length() + 1;
        int length2 = SECURITY_MGR_PATH.length() + 1;
        if (str != null && str.startsWith("java:/jaas")) {
            str = str.substring(length);
        } else if (str != null && str.startsWith(SECURITY_MGR_PATH)) {
            str = str.substring(length2);
        }
        if (str == null) {
            str = "other";
        }
        contextIdMap.put(str2, str);
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public void flushAuthenticationCache(String str) {
        try {
            securityMgrClass.getMethod("flushAuthenticationCache", new Class[0]).invoke(lookupAuthenticationManager(str), new Object[0]);
        } catch (Exception e) {
            log.debug("flushAuthenticationCache failed", e);
        }
    }

    @Override // org.jboss.security.plugins.JASPISecurityManagerServiceMBean
    public void flushAuthenticationCache(String str, Principal principal) {
        try {
            securityMgrClass.getMethod("flushAuthenticationCache", Principal.class).invoke(lookupAuthenticationManager(str), principal);
        } catch (Exception e) {
            log.debug("flushAuthenticationCache failed", e);
        }
    }

    protected void startService() throws Exception {
        if (this.serverMode) {
            SecurityAssociation.setServer();
        }
        SubjectPolicyContextHandler subjectPolicyContextHandler = new SubjectPolicyContextHandler();
        Set handlerKeys = PolicyContext.getHandlerKeys();
        if (handlerKeys == null || !handlerKeys.contains(SubjectPolicyContextHandler.SUBJECT_CONTEXT_KEY)) {
            PolicyContext.registerHandler(SubjectPolicyContextHandler.SUBJECT_CONTEXT_KEY, subjectPolicyContextHandler, true);
        }
        CallbackHandlerPolicyContextHandler callbackHandlerPolicyContextHandler = new CallbackHandlerPolicyContextHandler();
        if (handlerKeys == null || !handlerKeys.contains("org.jboss.security.auth.spi.CallbackHandler")) {
            PolicyContext.registerHandler("org.jboss.security.auth.spi.CallbackHandler", callbackHandlerPolicyContextHandler, false);
        }
        PropertyEditorManager.registerEditor(Principal.class, PrincipalEditor.class);
        PropertyEditorManager.registerEditor(SecurityDomain.class, SecurityDomainEditor.class);
        log.debug("Registered PrincipalEditor, SecurityDomainEditor");
        log.debug("ServerMode=" + this.serverMode);
        log.debug("SecurityMgrClass=" + securityMgrClass);
        log.debug("CallbackHandlerClass=" + callbackHandlerClass);
    }

    private static AuthenticationManager lookupAuthenticationManager(String str) throws NamingException {
        AuthenticationManager authenticationManager = (AuthenticationManager) securityDomainCtxMap.get(str);
        if (authenticationManager == null) {
            authenticationManager = newAuthenticationManager(str);
            securityDomainCtxMap.put(str, authenticationManager);
            log.debug("Added " + str + ", " + authenticationManager + " to map");
        }
        return authenticationManager;
    }

    private static AuthenticationManager newAuthenticationManager(String str) throws NamingException {
        try {
            AuthenticationManager authenticationManager = (AuthenticationManager) securityMgrClass.getConstructor(String.class, CallbackHandler.class).newInstance(str, (CallbackHandler) callbackHandlerClass.newInstance());
            log.debug("Created securityMgr=" + authenticationManager);
            TimedCachePolicy timedCachePolicy = new TimedCachePolicy(defaultCacheTimeout, true, defaultCacheResolution);
            timedCachePolicy.create();
            timedCachePolicy.start();
            setSecurityDomainCache(authenticationManager, timedCachePolicy);
            return authenticationManager;
        } catch (Exception e) {
            String str2 = "Failed to create sec mgr('" + str + "'), securityMgrClass=" + securityMgrClass + ", callbackHandlerClass=" + callbackHandlerClass;
            log.error(str2, e);
            NamingException namingException = new NamingException(str2);
            namingException.setRootCause(e);
            throw namingException;
        }
    }

    private static void setSecurityDomainCache(AuthenticationManager authenticationManager, CachePolicy cachePolicy) {
        try {
            Object[] objArr = {cachePolicy};
            securityMgrClass.getMethod("setCachePolicy", CachePolicy.class).invoke(authenticationManager, objArr);
            log.debug("setCachePolicy, c=" + objArr[0]);
        } catch (Exception e) {
            log.warn("setCachePolicy failed.This is fine:", e);
        }
    }
}
