package com.iplanet.ias.security.auth.login;

import com.iplanet.ias.util.i18n.StringManager;
import com.sun.enterprise.security.PrincipalImpl;
import com.sun.enterprise.security.auth.AuthenticationInfoImpl;
import com.sun.enterprise.security.auth.AuthenticationStatus;
import com.sun.enterprise.security.auth.AuthenticationStatusImpl;
import com.sun.enterprise.security.auth.LocalCredentialsImpl;
import com.sun.enterprise.security.auth.PrivilegeImpl;
import com.sun.enterprise.security.auth.login.PasswordCredential;
import com.sun.enterprise.security.auth.realm.Realm;
import com.sun.logging.LogDomains;
import java.util.Iterator;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;

/* loaded from: input_file:116287-19/SUNWascmo/reloc/$ASINSTDIR/lib/appserv-rt.jar:com/iplanet/ias/security/auth/login/PasswordLoginModule.class */
public abstract class PasswordLoginModule implements LoginModule {
    protected Subject _subject;
    protected Map _sharedState;
    protected Map _options;
    protected String _username;
    protected String _password;
    protected Realm _currentRealm;
    protected PrincipalImpl _userPrincipal;
    protected static StringManager sm;
    static final boolean $assertionsDisabled;
    static Class class$com$iplanet$ias$security$auth$login$PasswordLoginModule;
    protected boolean _succeeded = false;
    protected boolean _commitSucceeded = false;
    protected LocalCredentialsImpl _cred = new LocalCredentialsImpl();
    protected Logger _logger = LogDomains.getLogger(LogDomains.SECURITY_LOGGER);

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        this._subject = subject;
        this._sharedState = map;
        this._options = map2;
        this._logger.finest(new StringBuffer().append("Login module initialized: ").append(getClass().toString()).toString());
    }

    public boolean login() throws LoginException {
        if (this._subject == null) {
            throw new LoginException(sm.getString("pwdlm.noinfo"));
        }
        PasswordCredential passwordCredential = null;
        try {
            Iterator<Object> it = this._subject.getPrivateCredentials().iterator();
            while (it.hasNext() && passwordCredential == null) {
                Object next = it.next();
                if (next instanceof PasswordCredential) {
                    passwordCredential = (PasswordCredential) next;
                }
            }
        } catch (Exception e) {
            this._logger.log(Level.WARNING, "passwordlm.nocreds", e.toString());
        }
        if (passwordCredential == null) {
            this._logger.warning("passwordlm.nopwdcred");
            throw new LoginException(sm.getString("pwdlm.nocreds"));
        }
        String str = null;
        try {
            str = passwordCredential.getRealm();
            this._currentRealm = Realm.getInstance(str);
            if (this._currentRealm == null) {
                throw new LoginException(sm.getString("pwdlm.norealmavail", str));
            }
            this._username = passwordCredential.getUser();
            this._password = passwordCredential.getPassword();
            authenticate();
            this._logger.finest("JAAS login complete.");
            return true;
        } catch (Exception e2) {
            throw new LoginException(sm.getString("pwdlm.norealm", str));
        }
    }

    public boolean commit() throws LoginException {
        if (!this._succeeded) {
            return false;
        }
        this._userPrincipal = new PrincipalImpl(this._username);
        if (!this._subject.getPrincipals().contains(this._userPrincipal)) {
            this._subject.getPrincipals().add(this._userPrincipal);
        }
        if (!this._subject.getPublicCredentials().contains(this._cred)) {
            this._subject.getPublicCredentials().add(this._cred);
        }
        this._username = null;
        this._password = null;
        this._commitSucceeded = true;
        this._logger.finest("JAAS authentication committed.");
        return true;
    }

    public boolean abort() throws LoginException {
        this._logger.finest("JAAS authentication aborted.");
        if (!this._succeeded) {
            return false;
        }
        if (!this._succeeded || this._commitSucceeded) {
            logout();
            return true;
        }
        this._succeeded = false;
        this._username = null;
        this._password = null;
        this._userPrincipal = null;
        return true;
    }

    public boolean logout() throws LoginException {
        this._logger.finest(new StringBuffer().append("JAAS logout for: ").append(this._subject.toString()).toString());
        this._subject.getPrincipals().remove(this._userPrincipal);
        this._subject.getPublicCredentials().remove(this._cred);
        this._succeeded = false;
        this._succeeded = this._commitSucceeded;
        this._username = null;
        this._password = null;
        this._userPrincipal = null;
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AuthenticationStatus commitAuthentication(String str, String str2, Realm realm, String[] strArr) {
        String name = realm.getName();
        AuthenticationInfoImpl authenticationInfoImpl = new AuthenticationInfoImpl(str, name, true);
        PrivilegeImpl[] privilegeImplArr = new PrivilegeImpl[strArr.length];
        for (int i = 0; i < strArr.length; i++) {
            privilegeImplArr[i] = new PrivilegeImpl(strArr[i]);
        }
        authenticationInfoImpl.setAttribute("Groups", privilegeImplArr);
        this._succeeded = true;
        AuthenticationStatusImpl authenticationStatusImpl = new AuthenticationStatusImpl(str, name, this._currentRealm.getAuthType(), 0);
        if (!$assertionsDisabled && this._cred == null) {
            throw new AssertionError();
        }
        this._cred.setAuthenticationStatus(authenticationStatusImpl);
        if (!$assertionsDisabled && authenticationInfoImpl == null) {
            throw new AssertionError();
        }
        this._cred.addAuthenticationInfo(authenticationInfoImpl);
        return authenticationStatusImpl;
    }

    protected abstract AuthenticationStatus authenticate() throws LoginException;

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$iplanet$ias$security$auth$login$PasswordLoginModule == null) {
            cls = class$("com.iplanet.ias.security.auth.login.PasswordLoginModule");
            class$com$iplanet$ias$security$auth$login$PasswordLoginModule = cls;
        } else {
            cls = class$com$iplanet$ias$security$auth$login$PasswordLoginModule;
        }
        $assertionsDisabled = !cls.desiredAssertionStatus();
        sm = StringManager.getManager("com.iplanet.ias.security.auth.login");
    }
}
