package org.jboss.invocation.http.servlet;

import java.io.IOException;
import java.io.ObjectInputStream;
import java.lang.reflect.Method;
import java.util.Map;
import javax.management.ObjectName;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.jboss.invocation.MarshalledInvocation;
import org.jboss.logging.Logger;
import org.jboss.mx.util.MBeanServerLocator;

/* loaded from: input_file:org/jboss/invocation/http/servlet/ReadOnlyAccessFilter.class */
public class ReadOnlyAccessFilter implements Filter {
    private static Logger log = Logger.getLogger(ReadOnlyAccessFilter.class);
    private FilterConfig filterConfig = null;
    private String readOnlyContext;
    private Map namingMethodMap;

    public void init(FilterConfig filterConfig) throws ServletException {
        this.filterConfig = filterConfig;
        if (filterConfig != null) {
            this.readOnlyContext = filterConfig.getInitParameter("readOnlyContext");
            try {
                this.namingMethodMap = (Map) MBeanServerLocator.locateJBoss().getAttribute(new ObjectName(filterConfig.getInitParameter("invokerName")), "MethodMap");
            } catch (Exception e) {
                log.error("Failed to init ReadOnlyAccessFilter", e);
                throw new ServletException("Failed to init ReadOnlyAccessFilter", e);
            }
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (((HttpServletRequest) servletRequest).getUserPrincipal() == null && this.readOnlyContext != null) {
            try {
                MarshalledInvocation marshalledInvocation = (MarshalledInvocation) new ObjectInputStream(servletRequest.getInputStream()).readObject();
                servletRequest.setAttribute("MarshalledInvocation", marshalledInvocation);
                marshalledInvocation.setMethodMap(this.namingMethodMap);
                Method method = marshalledInvocation.getMethod();
                if (method != null) {
                    validateAccess(method, marshalledInvocation);
                }
            } catch (ClassNotFoundException e) {
                throw new ServletException("Failed to read MarshalledInvocation", e);
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public void destroy() {
    }

    public String toString() {
        if (this.filterConfig == null) {
            return "NamingAccessFilter()";
        }
        StringBuffer stringBuffer = new StringBuffer("NamingAccessFilter(");
        stringBuffer.append(this.filterConfig);
        stringBuffer.append(")");
        return stringBuffer.toString();
    }

    private void validateAccess(Method method, MarshalledInvocation marshalledInvocation) throws ServletException {
        boolean isTraceEnabled = log.isTraceEnabled();
        if (isTraceEnabled) {
            log.trace("Checking against readOnlyContext: " + this.readOnlyContext);
        }
        if (!method.getName().equals("lookup")) {
            throw new ServletException("Only lookups against " + this.readOnlyContext + " are allowed");
        }
        Object[] arguments = marshalledInvocation.getArguments();
        Object obj = arguments.length > 0 ? arguments[0] : "";
        String obj2 = obj instanceof String ? (String) obj : obj.toString();
        if (isTraceEnabled) {
            log.trace("Checking lookup(" + obj2 + ") against: " + this.readOnlyContext);
        }
        if (!obj2.startsWith(this.readOnlyContext)) {
            throw new ServletException("Lookup(" + obj2 + ") is not under: " + this.readOnlyContext);
        }
    }
}
