package org.jboss.messaging.integration.security;

import java.security.Principal;
import java.util.HashSet;
import java.util.Set;
import javax.naming.InitialContext;
import javax.security.auth.Subject;
import org.jboss.messaging.core.logging.Logger;
import org.jboss.messaging.core.security.CheckType;
import org.jboss.messaging.core.security.JBMSecurityManager;
import org.jboss.messaging.core.security.Role;
import org.jboss.messaging.core.server.MessagingComponent;
import org.jboss.security.AuthenticationManager;
import org.jboss.security.RealmMapping;
import org.jboss.security.SimplePrincipal;

/* loaded from: input_file:org/jboss/messaging/integration/security/JBossASSecurityManager.class */
public class JBossASSecurityManager implements JBMSecurityManager, MessagingComponent {
    private static final Logger log = Logger.getLogger(JBossASSecurityManager.class);
    private RealmMapping realmMapping;
    private AuthenticationManager authenticationManager;
    private boolean started;
    private boolean trace = log.isTraceEnabled();
    private String securityDomainName = "java:/jaas/messaging";

    public boolean validateUser(String str, String str2) {
        SimplePrincipal simplePrincipal = new SimplePrincipal(str);
        char[] cArr = null;
        if (str2 != null) {
            cArr = str2.toCharArray();
        }
        return this.authenticationManager.isValid(simplePrincipal, cArr, new Subject());
    }

    public boolean validateUserAndRole(String str, String str2, Set<Role> set, CheckType checkType) {
        SimplePrincipal simplePrincipal = str == null ? null : new SimplePrincipal(str);
        char[] cArr = null;
        if (str2 != null) {
            cArr = str2.toCharArray();
        }
        Subject subject = new Subject();
        boolean isValid = this.authenticationManager.isValid(simplePrincipal, cArr, subject);
        if (isValid) {
            SecurityActions.pushSubjectContext(simplePrincipal, cArr, subject, this.securityDomainName);
            isValid = this.realmMapping.doesUserHaveRole(simplePrincipal, getRolePrincipals(checkType, set));
            if (this.trace) {
                log.trace("user " + str + (isValid ? " is " : " is NOT ") + "authorized");
            }
            SecurityActions.popSubjectContext();
        }
        return isValid;
    }

    public void addRole(String str, String str2) {
    }

    public void addUser(String str, String str2) {
    }

    public void removeRole(String str, String str2) {
    }

    public void removeUser(String str) {
    }

    public void setDefaultUser(String str) {
    }

    private Set<Principal> getRolePrincipals(CheckType checkType, Set<Role> set) {
        HashSet hashSet = new HashSet();
        for (Role role : set) {
            if (checkType.hasRole(role)) {
                hashSet.add(new SimplePrincipal(role.getName()));
            }
        }
        return hashSet;
    }

    public void setRealmMapping(RealmMapping realmMapping) {
        this.realmMapping = realmMapping;
    }

    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

    public synchronized void start() throws Exception {
        if (this.started) {
            return;
        }
        this.authenticationManager = (AuthenticationManager) new InitialContext().lookup(this.securityDomainName);
        this.realmMapping = this.authenticationManager;
        this.started = true;
    }

    public synchronized void stop() {
        if (this.started) {
            this.started = false;
        }
    }

    public synchronized boolean isStarted() {
        return this.started;
    }

    public void setSecurityDomainName(String str) {
        this.securityDomainName = str;
    }
}
