package org.jboss.wsf.stack.cxf.security.authentication;

import java.util.Collections;
import java.util.Map;
import javax.security.auth.Subject;
import org.apache.cxf.common.security.SimplePrincipal;
import org.apache.cxf.ws.security.wss4j.AbstractUsernameTokenAuthenticatingInterceptor;
import org.jboss.logging.Logger;
import org.jboss.security.AuthenticationManager;
import org.picketbox.config.PicketBoxConfiguration;
import org.picketbox.exceptions.ConfigurationStreamNullException;
import org.picketbox.factories.SecurityFactory;

/* loaded from: input_file:org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingInterceptor.class */
public class SubjectCreatingInterceptor extends AbstractUsernameTokenAuthenticatingInterceptor {
    private static final Logger log = Logger.getLogger(SubjectCreatingInterceptor.class);
    private static final String DEFAULT_SECURITY_DOMAIN_NAME = "JBossWS";
    private AuthenticationManagerLoader aml;
    private String securityDomainName;

    public SubjectCreatingInterceptor() {
        this(Collections.emptyMap());
    }

    public SubjectCreatingInterceptor(Map<String, Object> map) {
        super(map);
        this.aml = null;
        this.securityDomainName = DEFAULT_SECURITY_DOMAIN_NAME;
        try {
            this.aml = (AuthenticationManagerLoader) AuthenticationManagerLoader.class.newInstance();
        } catch (Exception e) {
            log.error("AuthenticationManager can not be loaded");
            throw new SecurityException("AuthenticationManager can not be loaded");
        }
    }

    public Subject createSubject(String str, String str2, boolean z, String str3, String str4) {
        AuthenticationManager manager = this.aml.getManager(this.securityDomainName);
        SimplePrincipal simplePrincipal = new SimplePrincipal(str);
        Subject subject = new Subject();
        boolean isTraceEnabled = log.isTraceEnabled();
        if (isTraceEnabled) {
            log.trace("About to authenticate, using security domain '" + manager.getSecurityDomain() + "'");
        }
        if (manager.isValid(simplePrincipal, str2, subject)) {
            if (isTraceEnabled) {
                log.trace("Authenticated, principal=" + str);
            }
            return subject;
        }
        String str5 = "Authentication failed, principal=" + simplePrincipal.getName();
        log.error(str5);
        throw new SecurityException(str5);
    }

    public void setSecurityConfigFile(String str) {
        SecurityFactory.prepare();
        try {
            try {
                new PicketBoxConfiguration().load(str);
            } catch (ConfigurationStreamNullException e) {
                throw new SecurityException("Unable to load the configuration file " + str);
            } catch (Exception e2) {
                throw new SecurityException("Unable to read the configuration file " + str, e2);
            }
        } finally {
            SecurityFactory.release();
        }
    }

    public void setSecurityDomainName(String str) {
        this.securityDomainName = str;
    }
}
