package com.sun.appserv.security;

import com.sun.enterprise.deployment.Group;
import com.sun.enterprise.deployment.PrincipalImpl;
import com.sun.enterprise.security.auth.login.PasswordCredential;
import com.sun.enterprise.security.auth.realm.Realm;
import com.sun.enterprise.util.i18n.StringManager;
import com.sun.logging.LogDomains;
import com.sun.web.security.PrincipalGroupFactory;
import java.security.Principal;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;

/* JADX WARN: Classes with same name are omitted:
  input_file:119167-17/SUNWascmn/reloc/appserver/lib/appserv-ext.jar:com/sun/appserv/security/AppservPasswordLoginModule.class
 */
/* loaded from: input_file:119167-17/SUNWascmn/reloc/appserver/lib/appserv-rt.jar:com/sun/appserv/security/AppservPasswordLoginModule.class */
public abstract class AppservPasswordLoginModule implements LoginModule {
    protected Subject _subject;
    protected Map _sharedState;
    protected Map _options;
    protected String _username;
    protected String _password;
    protected Realm _currentRealm;
    protected PrincipalImpl _userPrincipal;
    protected static final StringManager sm = StringManager.getManager("com.sun.enterprise.security.auth.login");
    protected boolean _succeeded = false;
    protected boolean _commitSucceeded = false;
    protected String[] _groupsList = null;
    protected Logger _logger = LogDomains.getLogger(LogDomains.SECURITY_LOGGER);

    public final void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this._subject = subject;
        this._sharedState = map;
        this._options = map2;
        if (this._logger.isLoggable(Level.FINE)) {
            this._logger.log(Level.FINE, new StringBuffer().append("Login module initialized: ").append(getClass().toString()).toString());
        }
    }

    public final boolean login() throws LoginException {
        if (this._subject == null) {
            String string = sm.getString("pwdlm.noinfo");
            this._logger.log(Level.SEVERE, string);
            throw new LoginException(string);
        }
        PasswordCredential passwordCredential = null;
        try {
            Iterator<Object> it = this._subject.getPrivateCredentials().iterator();
            while (it.hasNext() && passwordCredential == null) {
                Object next = it.next();
                if (next instanceof PasswordCredential) {
                    passwordCredential = (PasswordCredential) next;
                }
            }
        } catch (Exception e) {
            this._logger.log(Level.WARNING, "passwordlm.nocreds", e.toString());
        }
        if (passwordCredential == null) {
            this._logger.log(Level.SEVERE, "passwordlm.nopwdcred");
            throw new LoginException(sm.getString("pwdlm.nocreds"));
        }
        String str = null;
        try {
            str = passwordCredential.getRealm();
            this._currentRealm = Realm.getInstance(str);
            if (this._currentRealm == null) {
                String string2 = sm.getString("pwdlm.norealmavail", str);
                this._logger.log(Level.SEVERE, string2);
                throw new LoginException(string2);
            }
            this._username = passwordCredential.getUser();
            this._password = passwordCredential.getPassword();
            authenticateUser();
            if (!this._logger.isLoggable(Level.FINE)) {
                return true;
            }
            this._logger.log(Level.FINE, "JAAS login complete.");
            return true;
        } catch (Exception e2) {
            String string3 = sm.getString("pwdlm.norealm", str);
            this._logger.log(Level.SEVERE, string3);
            throw new LoginException(string3);
        }
    }

    public boolean commit() throws LoginException {
        if (!this._succeeded) {
            return false;
        }
        String name = this._currentRealm.getName();
        this._userPrincipal = PrincipalGroupFactory.getPrincipalInstance(this._username, name);
        Set<Principal> principals = this._subject.getPrincipals();
        if (!principals.contains(this._userPrincipal)) {
            principals.add(this._userPrincipal);
        }
        for (int i = 0; i < this._groupsList.length; i++) {
            if (this._groupsList[i] != null) {
                Group groupInstance = PrincipalGroupFactory.getGroupInstance(this._groupsList[i], name);
                if (!principals.contains(groupInstance)) {
                    principals.add(groupInstance);
                }
                this._groupsList[i] = null;
            }
        }
        this._groupsList = null;
        this._username = null;
        this._password = null;
        this._commitSucceeded = true;
        if (!this._logger.isLoggable(Level.FINE)) {
            return true;
        }
        this._logger.log(Level.FINE, "JAAS authentication committed.");
        return true;
    }

    public final boolean abort() throws LoginException {
        if (this._logger.isLoggable(Level.FINE)) {
            this._logger.log(Level.FINE, "JAAS authentication aborted.");
        }
        if (!this._succeeded) {
            return false;
        }
        if (!this._succeeded || this._commitSucceeded) {
            logout();
            return true;
        }
        this._succeeded = false;
        this._username = null;
        this._password = null;
        this._userPrincipal = null;
        for (int i = 0; i < this._groupsList.length; i++) {
            this._groupsList[i] = null;
        }
        this._groupsList = null;
        return true;
    }

    public final boolean logout() throws LoginException {
        if (this._logger.isLoggable(Level.FINE)) {
            this._logger.log(Level.FINE, new StringBuffer().append("JAAS logout for: ").append(this._subject.toString()).toString());
        }
        this._subject.getPrincipals().remove(this._userPrincipal);
        this._succeeded = false;
        this._succeeded = this._commitSucceeded;
        this._username = null;
        this._password = null;
        this._userPrincipal = null;
        if (this._groupsList == null) {
            return true;
        }
        for (int i = 0; i < this._groupsList.length; i++) {
            this._groupsList[i] = null;
        }
        this._groupsList = null;
        return true;
    }

    public final void commitUserAuthentication(String[] strArr) {
        this._groupsList = strArr;
        this._succeeded = true;
    }

    protected abstract void authenticateUser() throws LoginException;
}
