package org.jboss.web.tomcat.security;

import java.io.IOException;
import java.security.CodeSource;
import java.util.Map;
import javax.security.jacc.PolicyContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.valves.ValveBase;
import org.jboss.logging.Logger;
import org.jboss.metadata.web.jboss.JBossWebMetaData;
import org.jboss.security.SecurityRolesAssociation;

/* loaded from: input_file:org/jboss/web/tomcat/security/JaccContextValve.class */
public class JaccContextValve extends ValveBase {
    private static Logger log = Logger.getLogger(JaccContextValve.class);
    public static ThreadLocal<CodeSource> activeCS = new ThreadLocal<>();
    private String contextID;
    private CodeSource warCS;
    private JBossWebMetaData metaData;
    private boolean trace = log.isTraceEnabled();

    public JaccContextValve(JBossWebMetaData jBossWebMetaData, CodeSource codeSource) {
        this.metaData = jBossWebMetaData;
        this.contextID = this.metaData.getJaccContextID();
        this.warCS = codeSource;
    }

    public void invoke(Request request, Response response) throws IOException, ServletException {
        SecurityAssociationValve.activeWebMetaData.set(this.metaData);
        activeCS.set(this.warCS);
        HttpServletRequest request2 = request.getRequest();
        Map principalVersusRolesMap = this.metaData.getPrincipalVersusRolesMap();
        SecurityRolesAssociation.setSecurityRoles(principalVersusRolesMap);
        if (this.trace) {
            log.trace("MetaData:" + this.metaData + ":principalToRoleSetMap" + principalVersusRolesMap);
        }
        try {
            PolicyContext.setContextID(this.contextID);
            HttpServletRequestPolicyContextHandler.setRequest(request2);
            if (SecurityAssociationValve.activeRequest.get() == null) {
                SecurityAssociationValve.activeRequest.set(request);
            }
            getNext().invoke(request, response);
        } finally {
            SecurityAssociationValve.activeWebMetaData.set(null);
            SecurityAssociationValve.activeRequest.set(null);
            SecurityAssociationActions.clear();
            activeCS.set(null);
            SecurityRolesAssociation.setSecurityRoles((Map) null);
            HttpServletRequestPolicyContextHandler.setRequest(null);
        }
    }
}
