package org.jboss.as.security;

import java.util.List;
import org.jboss.as.controller.AbstractBoottimeAddStepHandler;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.ProcessType;
import org.jboss.as.controller.ReloadRequiredRemoveStepHandler;
import org.jboss.as.controller.ReloadRequiredWriteAttributeHandler;
import org.jboss.as.controller.ServiceVerificationHandler;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.SimpleResourceDefinition;
import org.jboss.as.controller.access.constraint.SensitivityClassification;
import org.jboss.as.controller.access.management.AccessConstraintDefinition;
import org.jboss.as.controller.access.management.SensitiveTargetAccessConstraintDefinition;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.as.naming.ServiceBasedNamingStore;
import org.jboss.as.naming.deployment.ContextNames;
import org.jboss.as.naming.service.BinderService;
import org.jboss.as.security.context.SecurityDomainJndiInjectable;
import org.jboss.as.security.deployment.JaccEarDeploymentProcessor;
import org.jboss.as.security.deployment.SecurityDependencyProcessor;
import org.jboss.as.security.service.JaasConfigurationService;
import org.jboss.as.security.service.SecurityBootstrapService;
import org.jboss.as.security.service.SecurityManagementService;
import org.jboss.as.security.service.SimpleSecurityManagerService;
import org.jboss.as.security.service.SubjectFactoryService;
import org.jboss.as.server.AbstractDeploymentChainStep;
import org.jboss.as.server.DeploymentProcessorTarget;
import org.jboss.as.server.Services;
import org.jboss.as.server.deployment.Phase;
import org.jboss.as.server.moduleservice.ServiceModuleLoader;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import org.jboss.msc.service.ServiceController;
import org.jboss.msc.service.ServiceTarget;
import org.jboss.security.ISecurityManagement;
import org.jboss.security.auth.callback.JBossCallbackHandler;
import org.jboss.security.auth.login.XMLLoginConfigImpl;
import org.jboss.security.authentication.JBossCachedAuthenticationManager;
import org.jboss.security.plugins.JBossAuthorizationManager;
import org.jboss.security.plugins.JBossSecuritySubjectFactory;
import org.jboss.security.plugins.audit.JBossAuditManager;
import org.jboss.security.plugins.identitytrust.JBossIdentityTrustManager;
import org.jboss.security.plugins.mapping.JBossMappingManager;

/* loaded from: input_file:org/jboss/as/security/SecuritySubsystemRootResourceDefinition.class */
public class SecuritySubsystemRootResourceDefinition extends SimpleResourceDefinition {
    static final SensitiveTargetAccessConstraintDefinition MISC_SECURITY_SENSITIVITY = new SensitiveTargetAccessConstraintDefinition(new SensitivityClassification(SecurityExtension.SUBSYSTEM_NAME, "misc-security", false, true, true));
    static final SecuritySubsystemRootResourceDefinition INSTANCE = new SecuritySubsystemRootResourceDefinition();
    static final SimpleAttributeDefinition DEEP_COPY_SUBJECT_MODE = new SimpleAttributeDefinitionBuilder(Constants.DEEP_COPY_SUBJECT_MODE, ModelType.BOOLEAN, true).setAccessConstraints(new AccessConstraintDefinition[]{MISC_SECURITY_SENSITIVITY}).setDefaultValue(new ModelNode(false)).setAllowExpression(true).build();

    /* loaded from: input_file:org/jboss/as/security/SecuritySubsystemRootResourceDefinition$NewSecuritySubsystemAdd.class */
    static class NewSecuritySubsystemAdd extends AbstractBoottimeAddStepHandler {
        private static final String AUTHENTICATION_MANAGER = ModuleName.PICKETBOX.getName() + ":" + ModuleName.PICKETBOX.getSlot() + ":" + JBossCachedAuthenticationManager.class.getName();
        private static final String CALLBACK_HANDLER = ModuleName.PICKETBOX.getName() + ":" + ModuleName.PICKETBOX.getSlot() + ":" + JBossCallbackHandler.class.getName();
        private static final String AUTHORIZATION_MANAGER = ModuleName.PICKETBOX.getName() + ":" + ModuleName.PICKETBOX.getSlot() + ":" + JBossAuthorizationManager.class.getName();
        private static final String AUDIT_MANAGER = ModuleName.PICKETBOX.getName() + ":" + ModuleName.PICKETBOX.getSlot() + ":" + JBossAuditManager.class.getName();
        private static final String IDENTITY_TRUST_MANAGER = ModuleName.PICKETBOX.getName() + ":" + ModuleName.PICKETBOX.getSlot() + ":" + JBossIdentityTrustManager.class.getName();
        private static final String MAPPING_MANAGER = ModuleName.PICKETBOX.getName() + ":" + ModuleName.PICKETBOX.getSlot() + ":" + JBossMappingManager.class.getName();
        private static final String SUBJECT_FACTORY = ModuleName.PICKETBOX.getName() + ":" + ModuleName.PICKETBOX.getSlot() + ":" + JBossSecuritySubjectFactory.class.getName();
        public static final OperationStepHandler INSTANCE = new NewSecuritySubsystemAdd();

        NewSecuritySubsystemAdd() {
        }

        protected void populateModel(ModelNode modelNode, ModelNode modelNode2) throws OperationFailedException {
            SecuritySubsystemRootResourceDefinition.DEEP_COPY_SUBJECT_MODE.validateAndSet(modelNode, modelNode2);
        }

        protected void performBoottime(OperationContext operationContext, ModelNode modelNode, ModelNode modelNode2, ServiceVerificationHandler serviceVerificationHandler, List<ServiceController<?>> list) throws OperationFailedException {
            SecurityLogger.ROOT_LOGGER.activatingSecuritySubsystem();
            if (operationContext.getProcessType() != ProcessType.APPLICATION_CLIENT) {
                SecurityActions.setSystemProperty("org.jboss.security.context.ThreadLocal", "true");
            }
            ServiceTarget serviceTarget = operationContext.getServiceTarget();
            SecurityBootstrapService securityBootstrapService = new SecurityBootstrapService();
            list.add(serviceTarget.addService(SecurityBootstrapService.SERVICE_NAME, securityBootstrapService).addDependency(Services.JBOSS_SERVICE_MODULE_LOADER, ServiceModuleLoader.class, securityBootstrapService.getServiceModuleLoaderInjectedValue()).addListener(serviceVerificationHandler).setInitialMode(ServiceController.Mode.ACTIVE).install());
            operationContext.addStep(new AbstractDeploymentChainStep() { // from class: org.jboss.as.security.SecuritySubsystemRootResourceDefinition.NewSecuritySubsystemAdd.1
                protected void execute(DeploymentProcessorTarget deploymentProcessorTarget) {
                }
            }, OperationContext.Stage.RUNTIME);
            SecurityDomainJndiInjectable securityDomainJndiInjectable = new SecurityDomainJndiInjectable();
            BinderService binderService = new BinderService("jaas");
            list.add(serviceTarget.addService(ContextNames.JBOSS_CONTEXT_SERVICE_NAME.append(new String[]{"jaas"}), binderService).addInjection(binderService.getManagedObjectInjector(), securityDomainJndiInjectable).addDependency(ContextNames.JBOSS_CONTEXT_SERVICE_NAME, ServiceBasedNamingStore.class, binderService.getNamingStoreInjector()).addDependency(SecurityManagementService.SERVICE_NAME, ISecurityManagement.class, securityDomainJndiInjectable.getSecurityManagementInjector()).addListener(serviceVerificationHandler).setInitialMode(ServiceController.Mode.ACTIVE).install());
            ModelNode resolveModelAttribute = SecuritySubsystemRootResourceDefinition.DEEP_COPY_SUBJECT_MODE.resolveModelAttribute(operationContext, modelNode2);
            SecurityManagementService securityManagementService = new SecurityManagementService(AUTHENTICATION_MANAGER, resolveModelAttribute.isDefined() && resolveModelAttribute.asBoolean(), CALLBACK_HANDLER, AUTHORIZATION_MANAGER, AUDIT_MANAGER, IDENTITY_TRUST_MANAGER, MAPPING_MANAGER);
            list.add(serviceTarget.addService(SecurityManagementService.SERVICE_NAME, securityManagementService).addDependency(Services.JBOSS_SERVICE_MODULE_LOADER, ServiceModuleLoader.class, securityManagementService.getServiceModuleLoaderInjectedValue()).addListener(serviceVerificationHandler).setInitialMode(ServiceController.Mode.ACTIVE).install());
            SubjectFactoryService subjectFactoryService = new SubjectFactoryService(SUBJECT_FACTORY);
            list.add(serviceTarget.addService(SubjectFactoryService.SERVICE_NAME, subjectFactoryService).addDependency(SecurityManagementService.SERVICE_NAME, ISecurityManagement.class, subjectFactoryService.getSecurityManagementInjector()).addListener(serviceVerificationHandler).setInitialMode(ServiceController.Mode.ACTIVE).install());
            list.add(serviceTarget.addService(JaasConfigurationService.SERVICE_NAME, new JaasConfigurationService(XMLLoginConfigImpl.getInstance())).addListener(serviceVerificationHandler).setInitialMode(ServiceController.Mode.ACTIVE).install());
            SimpleSecurityManagerService simpleSecurityManagerService = new SimpleSecurityManagerService();
            list.add(serviceTarget.addService(SimpleSecurityManagerService.SERVICE_NAME, simpleSecurityManagerService).addDependency(SecurityManagementService.SERVICE_NAME, ISecurityManagement.class, simpleSecurityManagerService.getSecurityManagementInjector()).addListener(serviceVerificationHandler).install());
            operationContext.addStep(new AbstractDeploymentChainStep() { // from class: org.jboss.as.security.SecuritySubsystemRootResourceDefinition.NewSecuritySubsystemAdd.2
                protected void execute(DeploymentProcessorTarget deploymentProcessorTarget) {
                    deploymentProcessorTarget.addDeploymentProcessor(SecurityExtension.SUBSYSTEM_NAME, Phase.INSTALL, 848, new JaccEarDeploymentProcessor());
                    deploymentProcessorTarget.addDeploymentProcessor(SecurityExtension.SUBSYSTEM_NAME, Phase.DEPENDENCIES, 3152, new SecurityDependencyProcessor());
                }
            }, OperationContext.Stage.RUNTIME);
        }
    }

    private SecuritySubsystemRootResourceDefinition() {
        super(SecurityExtension.PATH_SUBSYSTEM, SecurityExtension.getResourceDescriptionResolver(SecurityExtension.SUBSYSTEM_NAME), NewSecuritySubsystemAdd.INSTANCE, ReloadRequiredRemoveStepHandler.INSTANCE);
        setDeprecated(SecurityExtension.DEPRECATED_SINCE);
    }

    public void registerAttributes(ManagementResourceRegistration managementResourceRegistration) {
        managementResourceRegistration.registerReadWriteAttribute(DEEP_COPY_SUBJECT_MODE, (OperationStepHandler) null, new ReloadRequiredWriteAttributeHandler(new AttributeDefinition[]{DEEP_COPY_SUBJECT_MODE}));
    }
}
