package org.jboss.web.tomcat.security;

import java.io.IOException;
import javax.servlet.ServletException;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.valves.ValveBase;
import org.jboss.logging.Logger;

/* loaded from: input_file:org/jboss/web/tomcat/security/BasicAuthValve.class */
public class BasicAuthValve extends ValveBase {
    private static Logger log = Logger.getLogger((Class<?>) BasicAuthValve.class);
    private static boolean trace = log.isTraceEnabled();
    private boolean useExceptionAsMsg = false;
    private boolean clearAuthException = true;
    private String exceptionHeader = null;

    public boolean isUseExceptionAsMsg() {
        return this.useExceptionAsMsg;
    }

    public void setUseExceptionAsMsg(boolean z) {
        this.useExceptionAsMsg = z;
    }

    public String getExceptionHeader() {
        return this.exceptionHeader;
    }

    public void setExceptionHeader(String str) {
        this.exceptionHeader = str;
    }

    @Override // org.apache.catalina.valves.ValveBase, org.apache.catalina.Valve
    public void invoke(Request request, Response response) throws IOException, ServletException {
        getNext().invoke(request, response);
        Throwable authException = SecurityAssociationActions.getAuthException();
        int status = response.getStatus();
        if (trace) {
            log.trace("Status: " + status + "SecurityAssociation.exception: ", authException);
        }
        if (status < 400 || authException == null) {
            return;
        }
        String message = authException.getMessage();
        if (this.useExceptionAsMsg && response.getCoyoteResponse() != null) {
            response.getCoyoteResponse().setMessage(message);
        }
        if (this.exceptionHeader != null) {
            response.setHeader(this.exceptionHeader, message);
        }
        if (this.clearAuthException) {
            try {
                SecurityAssociationActions.clearAuthException();
            } catch (Throwable th) {
                log.warn("Unable to clear auth exception ", th);
            }
        }
    }
}
