package org.jboss.security.integration;

import java.security.Principal;
import javax.security.auth.Subject;
import org.jboss.logging.Logger;
import org.jboss.managed.api.ManagedOperation;
import org.jboss.managed.api.annotation.ManagementComponent;
import org.jboss.managed.api.annotation.ManagementObject;
import org.jboss.managed.api.annotation.ManagementOperation;
import org.jboss.managed.api.annotation.ManagementParameter;
import org.jboss.security.AuthenticationManager;
import org.jboss.security.ISecurityManagement;
import org.jboss.security.SubjectFactory;

@ManagementObject(name = "JBossSecuritySubjectFactory", componentType = @ManagementComponent(type = "MCBean", subtype = "Security"))
/* loaded from: input_file:org/jboss/security/integration/JBossSecuritySubjectFactory.class */
public class JBossSecuritySubjectFactory implements SubjectFactory {
    protected static Logger log = Logger.getLogger(JBossSecuritySubjectFactory.class);
    protected ISecurityManagement securityManagement;

    @ManagementOperation(description = "Create a subject using the modules specified in the 'other' security domain", impact = ManagedOperation.Impact.ReadOnly)
    public Subject createSubject() {
        return createSubject("other");
    }

    @ManagementOperation(description = "Create a subject using the modules configured in the specified security domain", params = {@ManagementParameter(name = "securityDomainName", description = "The security domain name")}, impact = ManagedOperation.Impact.ReadOnly)
    public Subject createSubject(String str) {
        if (this.securityManagement == null) {
            throw new IllegalStateException("SecurityManagement has not been injected");
        }
        Subject subject = new Subject();
        Principal principal = SecurityActions.getPrincipal();
        AuthenticationManager authenticationManager = this.securityManagement.getAuthenticationManager(str);
        if (authenticationManager == null) {
            if (log.isTraceEnabled()) {
                log.trace("AuthenticationManager for " + str + " not found. Using other");
            }
            authenticationManager = this.securityManagement.getAuthenticationManager("other");
        }
        if (authenticationManager.isValid(principal, SecurityActions.getCredential(), subject)) {
            return subject;
        }
        throw new SecurityException("Unauthenticated caller:" + principal);
    }

    public void setSecurityManagement(ISecurityManagement iSecurityManagement) {
        this.securityManagement = iSecurityManagement;
    }
}
