package com.sun.enterprise.iiop.security;

import com.sun.corba.ee.internal.core.IOR;
import com.sun.enterprise.iiop.POAEJBORB;
import com.sun.enterprise.security.auth.LoginContextDriver;
import com.sun.enterprise.util.ORBManager;
import com.sun.logging.LogDomains;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.logging.Level;
import javax.security.auth.Subject;
import org.omg.CORBA.Object;

/* loaded from: input_file:116287-16/SUNWascmo/reloc/$ASINSTDIR/lib/appserv-rt.jar:com/sun/enterprise/iiop/security/SecurityServiceImpl.class */
public class SecurityServiceImpl implements SecurityService {
    private static java.util.logging.Logger _logger;
    private static final boolean debug = false;
    private String IS_A = "_is_a";

    @Override // com.sun.enterprise.iiop.security.SecurityService
    public SecurityContext getSecurityContext(Object object) throws InvalidMechanismException, InvalidIdentityTokenException {
        IOR ior = ((POAEJBORB) ORBManager.getORB()).getIOR(object);
        if (ior.isLocal()) {
            return null;
        }
        try {
            return new SecurityMechanismSelector().selectSecurityContext(ior);
        } catch (InvalidIdentityTokenException e) {
            if (_logger.isLoggable(Level.SEVERE)) {
                _logger.log(Level.SEVERE, "iiop.invalididtoken_exception", e.toString());
            }
            throw new InvalidIdentityTokenException(e.getMessage());
        } catch (InvalidMechanismException e2) {
            if (_logger.isLoggable(Level.SEVERE)) {
                _logger.log(Level.SEVERE, "iiop.invalidmechanism_exception", e2.toString());
            }
            throw new InvalidMechanismException(e2.getMessage());
        } catch (SecurityMechanismException e3) {
            if (_logger.isLoggable(Level.SEVERE)) {
                _logger.log(Level.SEVERE, "iiop.secmechanism_exception", e3.toString());
            }
            throw new RuntimeException(e3.getMessage());
        }
    }

    @Override // com.sun.enterprise.iiop.security.SecurityService
    public void receivedReply(int i, Object object) {
        if (i == 1) {
            _logger.log(Level.FINE, "Failed status");
            throw new RuntimeException("Target did not accept security context");
        }
        if (i == 2) {
        }
    }

    @Override // com.sun.enterprise.iiop.security.SecurityService
    public int setSecurityContext(SecurityContext securityContext, byte[] bArr, String str) {
        try {
            SecurityContext evaluateTrust = new SecurityMechanismSelector().evaluateTrust(securityContext, bArr);
            if (evaluateTrust == null) {
                return 0;
            }
            authenticate(evaluateTrust.subject, evaluateTrust.authcls != null ? evaluateTrust.authcls : evaluateTrust.identcls);
            return 0;
        } catch (Exception e) {
            if (str.equals(this.IS_A) || !_logger.isLoggable(Level.FINEST)) {
                return 1;
            }
            _logger.log(Level.FINEST, "iiop.authenticate_exception", e.toString());
            return 1;
        }
    }

    @Override // com.sun.enterprise.iiop.security.SecurityService
    public void sendingReply(SecurityContext securityContext) {
    }

    @Override // com.sun.enterprise.iiop.security.SecurityService
    public void unsetSecurityContext() {
        boolean z = true;
        ServerConnectionContext serverConnectionContext = SecurityMechanismSelector.getServerConnectionContext();
        if (serverConnectionContext != null && serverConnectionContext.getSocket() != null) {
            z = false;
        }
        if (z) {
            return;
        }
        com.sun.enterprise.security.SecurityContext.setCurrent(null);
    }

    private void authenticate(Subject subject, Class cls) throws SecurityMechanismException {
        try {
            AccessController.doPrivileged(new PrivilegedAction(this, subject, cls) { // from class: com.sun.enterprise.iiop.security.SecurityServiceImpl.1
                private final Subject val$fs;
                private final Class val$cl;
                private final SecurityServiceImpl this$0;

                {
                    this.this$0 = this;
                    this.val$fs = subject;
                    this.val$cl = cls;
                }

                @Override // java.security.PrivilegedAction
                public Object run() {
                    LoginContextDriver.login(this.val$fs, this.val$cl);
                    return null;
                }
            });
        } catch (Exception e) {
            if (_logger.isLoggable(Level.SEVERE)) {
                _logger.log(Level.SEVERE, "iiop.login_exception", e.toString());
            }
            throw new SecurityMechanismException(new StringBuffer().append("Cannot login user:").append(e.getMessage()).toString());
        }
    }

    static {
        _logger = null;
        _logger = LogDomains.getLogger(LogDomains.CORBA_LOGGER);
    }
}
