package org.jboss.security.integration;

import java.lang.reflect.Method;
import java.util.concurrent.ConcurrentHashMap;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.security.auth.callback.CallbackHandler;
import org.jboss.logging.Logger;
import org.jboss.security.AuthenticationManager;
import org.jboss.security.AuthorizationManager;
import org.jboss.security.ISecurityManagement;
import org.jboss.security.audit.AuditManager;
import org.jboss.security.auth.callback.SecurityAssociationHandler;
import org.jboss.security.config.SecurityConfiguration;
import org.jboss.security.identitytrust.IdentityTrustManager;
import org.jboss.security.mapping.MappingManager;
import org.jboss.security.plugins.JaasSecurityDomain;
import org.jboss.security.plugins.SecurityDomainContext;
import org.jboss.util.CachePolicy;
import org.jboss.util.TimedCachePolicy;

/* loaded from: input_file:org/jboss/security/integration/JNDIBasedSecurityManagement.class */
public class JNDIBasedSecurityManagement implements ISecurityManagement {
    private static final long serialVersionUID = 1;
    protected static Logger log = Logger.getLogger(JNDIBasedSecurityManagement.class);
    static transient ConcurrentHashMap<String, SecurityDomainContext> securityMgrMap = new ConcurrentHashMap<>();
    protected String BASE_CTX = "java:/jaas";
    protected String authenticationMgrClass = "org.jboss.security.plugins.JaasSecurityManager";
    protected String authorizationMgrClass = "org.jboss.security.plugins.JBossAuthorizationManager";
    protected String auditMgrClass = "org.jboss.security.plugins.audit.JBossAuditManager";
    protected String identityTrustMgrClass = "org.jboss.security.plugins.identitytrust.JBossIdentityTrustManager";
    protected String mappingMgrClass = "org.jboss.security.plugins.mapping.JBossMappingManager";
    protected CallbackHandler callBackHandler = new SecurityAssociationHandler();
    protected boolean enableIdentity = false;
    protected boolean enableAudit = true;
    private CachePolicy cachePolicy = null;
    private transient ConcurrentHashMap<String, AuthenticationManager> authMgrMap = null;
    private transient ConcurrentHashMap<String, AuthorizationManager> authzMgrMap = null;
    private transient ConcurrentHashMap<String, MappingManager> mappingMgrMap = null;
    private transient ConcurrentHashMap<String, AuditManager> auditMgrMap = null;
    private transient ConcurrentHashMap<String, IdentityTrustManager> idmMgrMap = null;

    public JNDIBasedSecurityManagement() {
        initializeMaps();
    }

    public AuditManager getAuditManager(String str) {
        initializeMaps();
        AuditManager auditManager = null;
        try {
            if (this.enableAudit) {
                auditManager = this.auditMgrMap.get(str);
                if (auditManager == null) {
                    auditManager = (AuditManager) lookUpJNDI(str + "/auditMgr");
                    this.auditMgrMap.put(str, auditManager);
                }
            }
        } catch (Exception e) {
            log.trace("Exception in getting audit mgr", e);
        }
        return auditManager;
    }

    public AuthenticationManager getAuthenticationManager(String str) {
        initializeMaps();
        AuthenticationManager authenticationManager = null;
        try {
            authenticationManager = this.authMgrMap.get(str);
            if (authenticationManager == null) {
                authenticationManager = (AuthenticationManager) lookUpJNDI(str + "/authenticationMgr");
                this.authMgrMap.put(str, authenticationManager);
            }
        } catch (Exception e) {
            log.trace("Exception in getting authentication mgr  for domain=" + str, e);
        }
        return authenticationManager;
    }

    public AuthorizationManager getAuthorizationManager(String str) {
        initializeMaps();
        AuthorizationManager authorizationManager = null;
        try {
            authorizationManager = this.authzMgrMap.get(str);
            if (authorizationManager == null) {
                authorizationManager = (AuthorizationManager) lookUpJNDI(str + "/authorizationMgr");
                this.authzMgrMap.put(str, authorizationManager);
            }
        } catch (Exception e) {
            log.trace("Exception in getting authorization mgr", e);
        }
        return authorizationManager;
    }

    public IdentityTrustManager getIdentityTrustManager(String str) {
        initializeMaps();
        IdentityTrustManager identityTrustManager = null;
        try {
            if (this.enableIdentity) {
                identityTrustManager = this.idmMgrMap.get(str);
                if (identityTrustManager == null) {
                    identityTrustManager = (IdentityTrustManager) lookUpJNDI(str + "/identityTrustMgr");
                    this.idmMgrMap.put(str, identityTrustManager);
                }
            }
        } catch (Exception e) {
            log.trace("Exception in getting IdentityTrustManager", e);
        }
        return identityTrustManager;
    }

    public MappingManager getMappingManager(String str) {
        initializeMaps();
        MappingManager mappingManager = null;
        try {
            mappingManager = this.mappingMgrMap.get(str);
            if (mappingManager == null) {
                mappingManager = (MappingManager) lookUpJNDI(str + "/mappingMgr");
                this.mappingMgrMap.put(str, mappingManager);
            }
        } catch (Exception e) {
            log.trace("Exception in getting MappingManager", e);
        }
        return mappingManager;
    }

    public void setAuthenticationMgrClass(String str) {
        this.authenticationMgrClass = str;
    }

    public void setAuthorizationMgrClass(String str) {
        this.authorizationMgrClass = str;
    }

    public void setAuditMgrClass(String str) {
        this.auditMgrClass = str;
    }

    public void setEnableAudit(boolean z) {
        this.enableAudit = z;
    }

    public void setEnableIdentity(boolean z) {
        this.enableIdentity = z;
    }

    public void setIdentityTrustMgrClass(String str) {
        this.identityTrustMgrClass = str;
    }

    public void setMappingMgrClass(String str) {
        this.mappingMgrClass = str;
    }

    public void setCallBackHandler(CallbackHandler callbackHandler) {
        this.callBackHandler = callbackHandler;
    }

    public void setBaseContext(String str) {
        if (str == null) {
            throw new IllegalArgumentException("ctx is null");
        }
        this.BASE_CTX = str;
    }

    public void setCachePolicy(CachePolicy cachePolicy) {
        this.cachePolicy = cachePolicy;
    }

    public static void setCacheTimeout(String str, int i, int i2) {
        SecurityDomainContext securityDomainContext = securityMgrMap.get(str);
        if (securityDomainContext == null) {
            try {
                securityDomainContext = (SecurityDomainContext) new InitialContext().lookup("java:/jaas/" + str);
                securityMgrMap.put(str, securityDomainContext);
            } catch (NamingException e) {
                log.trace("SetCacheTimeOut:Failed to look up SecurityDomainCtx:" + str);
            }
        }
        if (securityDomainContext != null) {
            TimedCachePolicy authenticationCache = securityDomainContext.getAuthenticationCache();
            if (authenticationCache == null || !(authenticationCache instanceof TimedCachePolicy)) {
                log.warn("Failed to find cache policy for securityDomain='" + str + "'");
                return;
            }
            TimedCachePolicy timedCachePolicy = authenticationCache;
            synchronized (timedCachePolicy) {
                timedCachePolicy.setDefaultLifetime(i);
                timedCachePolicy.setResolution(i2);
            }
        }
    }

    public static void setDefaultCacheTimeout(int i) {
        SecurityConstantsBridge.defaultCacheTimeout = i;
    }

    public static void setDefaultCacheResolution(int i) {
        SecurityConstantsBridge.defaultCacheResolution = i;
    }

    public SecurityDomainContext createSecurityDomainContext(String str) throws Exception {
        log.debug("Creating SDC for domain=" + str);
        AuthenticationManager createAuthenticationManager = createAuthenticationManager(str);
        if (this.cachePolicy == null) {
            this.cachePolicy = createDefaultCachePolicy();
        }
        setSecurityDomainCache(createAuthenticationManager, this.cachePolicy);
        if (SecurityConfiguration.isDeepCopySubjectMode()) {
            setDeepCopySubjectMode(createAuthenticationManager);
        }
        SecurityDomainContext securityDomainContext = new SecurityDomainContext(createAuthenticationManager, this.cachePolicy);
        securityDomainContext.setAuthorizationManager(createAuthorizationManager(str));
        securityDomainContext.setAuditMgr(createAuditManager(str));
        securityDomainContext.setIdentityTrustMgr(createIdentityTrustManager(str));
        securityDomainContext.setMappingMgr(createMappingManager(str));
        return securityDomainContext;
    }

    public void registerJaasSecurityDomainInstance(String str, JaasSecurityDomain jaasSecurityDomain) throws Exception {
        SecurityDomainContext securityDomainContext = securityMgrMap.get(str);
        if (securityDomainContext != null) {
            securityDomainContext.setAuthenticationManager(jaasSecurityDomain);
        } else {
            securityDomainContext = createSecurityDomainContext(str);
            securityDomainContext.setAuthenticationManager(jaasSecurityDomain);
        }
        securityMgrMap.put(str, securityDomainContext);
    }

    public void deregisterJaasSecurityDomainInstance(String str, JaasSecurityDomain jaasSecurityDomain) {
        securityMgrMap.remove(str);
    }

    private Object lookUpJNDI(String str) {
        try {
            InitialContext initialContext = new InitialContext();
            return str.startsWith(this.BASE_CTX) ? initialContext.lookup(str) : initialContext.lookup(this.BASE_CTX + "/" + str);
        } catch (Exception e) {
            log.trace("Look up of JNDI for " + str + " failed with " + e.getLocalizedMessage());
            return null;
        }
    }

    private AuthenticationManager createAuthenticationManager(String str) throws Exception {
        return (AuthenticationManager) SecurityActions.getContextClassLoader().loadClass(this.authenticationMgrClass).getConstructor(String.class, CallbackHandler.class).newInstance(str, this.callBackHandler);
    }

    private AuthorizationManager createAuthorizationManager(String str) throws Exception {
        return (AuthorizationManager) SecurityActions.getContextClassLoader().loadClass(this.authorizationMgrClass).getConstructor(String.class).newInstance(str);
    }

    private AuditManager createAuditManager(String str) throws Exception {
        return (AuditManager) SecurityActions.getContextClassLoader().loadClass(this.auditMgrClass).getConstructor(String.class).newInstance(str);
    }

    private MappingManager createMappingManager(String str) throws Exception {
        return (MappingManager) SecurityActions.getContextClassLoader().loadClass(this.mappingMgrClass).getConstructor(String.class).newInstance(str);
    }

    private IdentityTrustManager createIdentityTrustManager(String str) throws Exception {
        return (IdentityTrustManager) SecurityActions.getContextClassLoader().loadClass(this.identityTrustMgrClass).getConstructor(String.class).newInstance(str);
    }

    private static void setSecurityDomainCache(AuthenticationManager authenticationManager, CachePolicy cachePolicy) {
        try {
            Object[] objArr = {cachePolicy};
            authenticationManager.getClass().getMethod("setCachePolicy", CachePolicy.class).invoke(authenticationManager, objArr);
            log.debug("setCachePolicy, c=" + objArr[0]);
        } catch (Exception e) {
            if (log.isTraceEnabled()) {
                log.trace("Optional setCachePolicy failed" + e.getLocalizedMessage());
            }
        }
    }

    private static void setDeepCopySubjectMode(AuthenticationManager authenticationManager) {
        try {
            Method method = authenticationManager.getClass().getMethod("setDeepCopySubjectOption", Boolean.class);
            Object[] objArr = {Boolean.TRUE};
            method.invoke(authenticationManager, objArr);
            log.trace("setDeepCopySubjectOption, option=" + objArr[0]);
        } catch (Exception e) {
            if (log.isTraceEnabled()) {
                log.trace("Optional setDeepCopySubjectMode failed" + e.getLocalizedMessage());
            }
        }
    }

    private CachePolicy createDefaultCachePolicy() {
        TimedCachePolicy timedCachePolicy = new TimedCachePolicy(SecurityConstantsBridge.defaultCacheTimeout, true, SecurityConstantsBridge.defaultCacheResolution);
        timedCachePolicy.create();
        timedCachePolicy.start();
        return timedCachePolicy;
    }

    private void initializeMaps() {
        if (this.authMgrMap == null) {
            this.authMgrMap = new ConcurrentHashMap<>();
        }
        if (this.authzMgrMap == null) {
            this.authzMgrMap = new ConcurrentHashMap<>();
        }
        if (this.mappingMgrMap == null) {
            this.mappingMgrMap = new ConcurrentHashMap<>();
        }
        if (this.auditMgrMap == null) {
            this.auditMgrMap = new ConcurrentHashMap<>();
        }
        if (this.idmMgrMap == null) {
            this.idmMgrMap = new ConcurrentHashMap<>();
        }
    }
}
