package org.jolokia.osgi.security;

import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpServletRequest;
import org.jolokia.config.ConfigKey;
import org.jolokia.util.AuthorizationHeaderParser;
import org.jolokia.util.UserPasswordCallbackHandler;

/* loaded from: input_file:org/jolokia/osgi/security/JaasAuthenticator.class */
public class JaasAuthenticator extends BaseAuthenticator {
    private final String realm;

    public JaasAuthenticator(String str) {
        this.realm = str;
    }

    @Override // org.jolokia.osgi.security.BaseAuthenticator
    protected boolean doAuthenticate(HttpServletRequest httpServletRequest, AuthorizationHeaderParser.Result result) {
        try {
            String user = result.getUser();
            LoginContext createLoginContext = createLoginContext(this.realm, new UserPasswordCallbackHandler(user, result.getPassword()));
            createLoginContext.login();
            httpServletRequest.setAttribute("org.osgi.service.http.authentication.type", "BASIC");
            httpServletRequest.setAttribute("org.osgi.service.http.authentication.remote.user", user);
            httpServletRequest.setAttribute(ConfigKey.JAAS_SUBJECT_REQUEST_ATTRIBUTE, createLoginContext.getSubject());
            return true;
        } catch (LoginException e) {
            return false;
        }
    }

    protected LoginContext createLoginContext(String str, CallbackHandler callbackHandler) throws LoginException {
        return new LoginContext(str, callbackHandler);
    }
}
