package org.picketlink.trust.jbossws.handler;

import java.security.Principal;
import javax.security.auth.Subject;
import javax.xml.ws.handler.MessageContext;
import org.jboss.security.AuthenticationManager;
import org.jboss.security.SecurityContextAssociation;
import org.jboss.security.identity.extensions.CredentialIdentity;
import org.picketlink.common.exceptions.ConfigurationException;

/* loaded from: input_file:org/picketlink/trust/jbossws/handler/AbstractWSAuthenticationHandler.class */
public abstract class AbstractWSAuthenticationHandler extends AbstractPicketLinkTrustHandler {
    @Override // org.picketlink.trust.jbossws.handler.AbstractPicketLinkTrustHandler
    protected boolean handleInbound(MessageContext messageContext) {
        logger.trace("Handling Inbound Message");
        trace(messageContext);
        try {
            AuthenticationManager authenticationManager = getAuthenticationManager(messageContext);
            Principal principal = null;
            Object obj = null;
            for (CredentialIdentity credentialIdentity : SecurityContextAssociation.getSecurityContext().getSubjectInfo().getIdentities()) {
                principal = credentialIdentity.asPrincipal();
                obj = credentialIdentity.getCredential();
            }
            Subject subject = new Subject();
            if (authenticationManager.isValid(principal, obj, subject)) {
                logger.trace("Successfully Authenticated:Principal = " + principal + "  ::subject = " + subject);
                SecurityActions.setSecurityContext(SecurityActions.createSecurityContext(principal, obj, subject));
                return true;
            }
            String str = "PL00102: Processing Exception:Authentication failed, principal=" + principal;
            logger.error(str);
            throw new RuntimeException(new SecurityException(str));
        } catch (ConfigurationException e) {
            logger.authenticationManagerError(e);
            throw new RuntimeException((Throwable) e);
        }
    }

    protected AuthenticationManager getAuthenticationManager(MessageContext messageContext) throws ConfigurationException {
        return (AuthenticationManager) lookupJNDI("java:jboss/jaas/" + getSecurityDomainName(messageContext));
    }
}
