package com.iplanet.ias.security.auth.realm.certificate;

import com.iplanet.ias.security.auth.realm.IASRealm;
import com.sun.enterprise.security.SecurityContext;
import com.sun.enterprise.security.auth.AuthenticationInfoImpl;
import com.sun.enterprise.security.auth.AuthenticationStatusImpl;
import com.sun.enterprise.security.auth.LocalCredentialsImpl;
import com.sun.enterprise.security.auth.Privilege;
import com.sun.enterprise.security.auth.PrivilegeImpl;
import com.sun.enterprise.security.auth.realm.InvalidOperationException;
import com.sun.enterprise.security.auth.realm.NoSuchUserException;
import com.sun.enterprise.security.auth.realm.Realm;
import java.util.Enumeration;
import java.util.Properties;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.security.auth.Subject;
import sun.security.x509.X500Name;

/* loaded from: input_file:116287-19/SUNWascmo/reloc/$ASINSTDIR/lib/appserv-rt.jar:com/iplanet/ias/security/auth/realm/certificate/CertificateRealm.class */
public class CertificateRealm extends IASRealm {
    public static final String AUTH_TYPE = "certificate";
    public static final String PARAM_GROUPS = "assign-groups";
    private static final String GROUPS_SEP = ",";
    private Vector defaultGroups = null;
    private Privilege[] groupsAsPrivileges = null;

    @Override // com.sun.enterprise.security.auth.realm.Realm
    protected void init(Properties properties) {
        this.defaultGroups = new Vector();
        String property = properties.getProperty(PARAM_GROUPS);
        if (property == null) {
            this.groupsAsPrivileges = new Privilege[0];
            return;
        }
        IASRealm._logger.fine(new StringBuffer().append("CertificateRealm : groups: ").append(property).toString());
        StringTokenizer stringTokenizer = new StringTokenizer(property, ",");
        while (stringTokenizer.hasMoreTokens()) {
            this.defaultGroups.add(stringTokenizer.nextToken());
        }
        int size = this.defaultGroups.size();
        this.groupsAsPrivileges = new Privilege[size];
        for (int i = 0; i < size; i++) {
            this.groupsAsPrivileges[i] = new PrivilegeImpl((String) this.defaultGroups.get(i));
        }
    }

    @Override // com.sun.enterprise.security.auth.realm.Realm
    public String getAuthType() {
        return "certificate";
    }

    @Override // com.sun.enterprise.security.auth.realm.Realm
    public Enumeration getGroupNames(String str) throws NoSuchUserException, InvalidOperationException {
        return this.defaultGroups.elements();
    }

    @Override // com.sun.enterprise.security.auth.realm.Realm
    public String getJAASContext() {
        IASRealm._logger.warning("certrealm.nojaas");
        return null;
    }

    public void authenticate(Subject subject, X500Name x500Name) {
        String name = x500Name.getName();
        IASRealm._logger.finest(new StringBuffer().append("Certificate realm setting up security context for: ").append(name).toString());
        String defaultRealm = Realm.getDefaultRealm();
        AuthenticationInfoImpl authenticationInfoImpl = new AuthenticationInfoImpl(name, defaultRealm, true);
        authenticationInfoImpl.setAttribute("Groups", this.groupsAsPrivileges);
        AuthenticationStatusImpl authenticationStatusImpl = new AuthenticationStatusImpl(name, "certificate", defaultRealm, 0);
        LocalCredentialsImpl localCredentialsImpl = new LocalCredentialsImpl();
        localCredentialsImpl.setAuthenticationStatus(authenticationStatusImpl);
        localCredentialsImpl.addAuthenticationInfo(authenticationInfoImpl);
        SecurityContext.setCurrent(new SecurityContext(name, localCredentialsImpl, subject));
    }
}
