package com.iplanet.dpro.session.service;

import com.iplanet.am.sdk.AMException;
import com.iplanet.am.sdk.AMStoreConnection;
import com.iplanet.am.sdk.AMUser;
import com.iplanet.am.util.Debug;
import com.iplanet.am.util.SecureRandomManager;
import com.iplanet.am.util.Stats;
import com.iplanet.am.util.SystemProperties;
import com.iplanet.am.util.ThreadPool;
import com.iplanet.am.util.ThreadPoolException;
import com.iplanet.dpro.session.Session;
import com.iplanet.dpro.session.SessionException;
import com.iplanet.dpro.session.SessionID;
import com.iplanet.dpro.session.SessionNotificationHandler;
import com.iplanet.dpro.session.SessionTimedOutException;
import com.iplanet.dpro.session.share.SessionBundle;
import com.iplanet.dpro.session.share.SessionInfo;
import com.iplanet.dpro.session.share.SessionNotification;
import com.iplanet.jato.view.DisplayFieldDescriptor;
import com.iplanet.log.LogException;
import com.iplanet.security.x509.X500Name;
import com.iplanet.services.comm.server.PLLServer;
import com.iplanet.services.comm.share.Notification;
import com.iplanet.services.comm.share.NotificationSet;
import com.iplanet.services.naming.WebtopNaming;
import com.iplanet.services.util.Base64;
import com.iplanet.services.util.Crypt;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.authentication.util.ISAuthConstants;
import com.sun.identity.common.Constants;
import com.sun.identity.log.LogConstants;
import com.sun.identity.log.LogRecord;
import com.sun.identity.log.Logger;
import com.sun.identity.security.AdminDNAction;
import com.sun.identity.security.DecodeAction;
import com.sun.identity.security.EncodeAction;
import com.sun.identity.sm.ServiceSchemaManager;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.net.ConnectException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLEncoder;
import java.security.AccessController;
import java.security.SecureRandom;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Set;
import java.util.Vector;
import java.util.logging.Level;
import javax.servlet.http.HttpSession;

/* JADX WARN: Classes with same name are omitted:
  input_file:117586-19/SUNWamclt/reloc/$PRODUCT_DIR/lib/am_sdk.jar:com/iplanet/dpro/session/service/SessionService.class
 */
/* loaded from: input_file:117586-19/SUNWamsdk/reloc/$PRODUCT_DIR/lib/am_sdk.jar:com/iplanet/dpro/session/service/SessionService.class */
public class SessionService {
    private static final String sccsID = "@(#)SessionService.java       1.26  00/04/06 04/06/00  Sun Microsystems, Inc.";
    private static ThreadPool threadPool;
    public static Debug sessionDebug;
    public static int maxSessions;
    private static SessionMaxStats maxSessionStats;
    private static boolean logStatus;
    public static final String SHANDLE_SCHEME_PREFIX = "shandle:";
    private static final String amSessionService = "iPlanetAMSessionService";
    private static final String httpSessionTrackingCookieName = "JSESSIONID";
    private static final String httpSessionPropertyName = "DSAMEInternalSession";
    private static final String httpSessionOwnerPropertyName = "DSAMEInternalSession.owner";
    private static final String amSSOLogFile = "amSSO.access";
    private static final int DEFAULT_POOL_SIZE = 10;
    private static final int DEFAULT_THRESHOLD = 100;
    protected static final String securityCookieName = "DSAMESecurityCookie";
    private static boolean isWeblogicFlag;
    public static final String SESSION_SERVICE = "session";
    private SecureRandom secureRandom;
    private Hashtable sessionTable;
    private String sessionServer;
    private String sessionServerPort;
    private String sessionServerProtocol;
    private String sessionServerID;
    private static volatile SessionService volatileRef;
    private static SessionService sessionService;
    public static String deploymentURI;
    private static boolean isSessionFailoverEnabled;
    private String thisSessionServer;
    private String thisSessionServerPortAsString;
    private int thisSessionServerPort;
    private String thisSessionServerProtocol;
    private String thisSessionServerURL;
    private URL thisSessionServiceURL;
    private URL sessionServiceID;
    static Class class$com$iplanet$dpro$session$service$SessionService;
    static SSOTokenManager ssoManager = null;
    private static int numberOfActiveSessions = 0;
    private static String dsameAdminDN = null;
    private static Logger logger = null;
    private static boolean isEnableHostLookUp = Boolean.valueOf(SystemProperties.get(Constants.ENABLE_HOST_LOOKUP)).booleanValue();
    private static final String webContainer = SystemProperties.get("com.sun.identity.webcontainer");
    protected static final String defaultApplicationMaxCachingTime = String.valueOf(153722867280912930L);
    protected static final long applicationMaxCachingTime = Long.valueOf(SystemProperties.get(Constants.APPLICATION_SESSION_MAX_CACHING_TIME, defaultApplicationMaxCachingTime)).longValue();
    private static SSOToken sessionServiceToken = null;
    public static Stats stats = Stats.getInstance("amSSO");
    private Hashtable sessionHandleTable = new Hashtable();
    private InternalSession authSession = null;
    private Vector sessionEventURLs = new Vector();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:117586-19/SUNWamclt/reloc/$PRODUCT_DIR/lib/am_sdk.jar:com/iplanet/dpro/session/service/SessionService$SessionNotificationSender.class
     */
    /* loaded from: input_file:117586-19/SUNWamsdk/reloc/$PRODUCT_DIR/lib/am_sdk.jar:com/iplanet/dpro/session/service/SessionService$SessionNotificationSender.class */
    public class SessionNotificationSender implements Runnable {
        private SessionService sessionService;
        private InternalSession session;
        private int eventType;
        private final SessionService this$0;

        SessionNotificationSender(SessionService sessionService, SessionService sessionService2, InternalSession internalSession, int i) {
            this.this$0 = sessionService;
            this.sessionService = sessionService2;
            this.session = internalSession;
            this.eventType = i;
        }

        @Override // java.lang.Runnable
        public void run() {
            boolean z;
            Vector sessionEventURLs = this.session.getSessionEventURLs();
            if (this.sessionService.sessionEventURLs.size() == 0 && sessionEventURLs.size() == 0) {
                return;
            }
            SessionNotification sessionNotification = new SessionNotification(this.session.toSessionInfo(), this.eventType, System.currentTimeMillis());
            Notification notification = new Notification(sessionNotification.toXMLString());
            NotificationSet notificationSet = new NotificationSet("session");
            notificationSet.addNotification(notification);
            Enumeration elements = this.sessionService.sessionEventURLs.elements();
            while (elements.hasMoreElements()) {
                String str = (String) elements.nextElement();
                try {
                    URL url = new URL(str);
                    if (this.sessionService.isLocalSessionService(url)) {
                        SessionNotificationHandler.handler.processNotification(sessionNotification);
                    } else {
                        PLLServer.send(url, notificationSet);
                    }
                } catch (Exception e) {
                    SessionService.sessionDebug.error(new StringBuffer().append("Global notification to ").append(str).toString(), e);
                }
            }
            Enumeration elements2 = sessionEventURLs.elements();
            while (elements2.hasMoreElements()) {
                String str2 = (String) elements2.nextElement();
                if (!this.sessionService.sessionEventURLs.contains(str2)) {
                    try {
                        URL url2 = new URL(str2);
                        if (url2.getQuery() != null) {
                            z = !url2.getQuery().equals("shortcircuit=false");
                        } else {
                            z = false;
                        }
                        if (this.sessionService.isLocalSessionService(url2) && z) {
                            SessionNotificationHandler.handler.processNotification(sessionNotification);
                        } else {
                            PLLServer.send(url2, notificationSet);
                        }
                    } catch (Exception e2) {
                        SessionService.sessionDebug.error(new StringBuffer().append("Individual notification to ").append(str2).toString(), e2);
                    }
                }
            }
        }
    }

    public static SessionService getSessionService() {
        Class cls;
        if (sessionService == null) {
            if (class$com$iplanet$dpro$session$service$SessionService == null) {
                cls = class$("com.iplanet.dpro.session.service.SessionService");
                class$com$iplanet$dpro$session$service$SessionService = cls;
            } else {
                cls = class$com$iplanet$dpro$session$service$SessionService;
            }
            synchronized (cls) {
                if (volatileRef == null) {
                    volatileRef = new SessionService();
                }
            }
            sessionService = volatileRef;
            sessionService.postInit();
        }
        return sessionService;
    }

    public static boolean isInitialized() {
        return sessionService != null;
    }

    private static String getHttpSessionTrackingCookieName() {
        return httpSessionTrackingCookieName;
    }

    public Session getAuthenticationSession(String str, HttpSession httpSession) {
        try {
            if (this.authSession == null) {
                this.authSession = getServiceSession(str, httpSession);
            }
            if (this.authSession != null) {
                return Session.getSession(this.authSession.getID());
            }
            return null;
        } catch (Exception e) {
            sessionDebug.error("Error creating service session", e);
            return null;
        }
    }

    private InternalSession getServiceSession(String str, HttpSession httpSession) {
        try {
            InternalSession newInternalSession = newInternalSession(str, httpSession);
            newInternalSession.setType(1);
            newInternalSession.setClientID((String) AccessController.doPrivileged(new AdminDNAction()));
            newInternalSession.setClientDomain(str);
            newInternalSession.setExpire(false);
            newInternalSession.setState(1);
            incrementActiveSessions();
            return newInternalSession;
        } catch (Exception e) {
            sessionDebug.error("Error creating service session", e);
            return null;
        }
    }

    public InternalSession newInternalSession(String str, HttpSession httpSession) {
        if (isSessionFailoverEnabled && httpSession == null) {
            return createSession(str);
        }
        SessionID generateSessionId = generateSessionId(str, httpSession);
        String stringBuffer = new StringBuffer().append(SHANDLE_SCHEME_PREFIX).append(generateSessionId(str, null).toString()).toString();
        InternalSession internalSession = new InternalSession(generateSessionId);
        internalSession.setSessionHandle(stringBuffer);
        internalSession.setHttpSession(httpSession);
        this.sessionTable.put(generateSessionId, internalSession);
        this.sessionHandleTable.put(stringBuffer, internalSession);
        internalSession.setCreationTime();
        internalSession.setLatestAccessTime();
        return internalSession;
    }

    private SessionID generateSessionId(String str, HttpSession httpSession) {
        int lastIndexOf;
        while (true) {
            String hexString = Long.toHexString(this.secureRandom.nextLong());
            String str2 = (String) AccessController.doPrivileged(new EncodeAction(new StringBuffer().append(hexString).append("@").append(this.sessionServerID).toString(), Crypt.getHardcodedKeyEncryptor()));
            if (isSessionFailoverEnabled && httpSession != null) {
                String id = httpSession.getId();
                if (isWeblogicFlag && (lastIndexOf = id.lastIndexOf(33)) != -1) {
                    id = id.substring(0, lastIndexOf);
                }
                str2 = new StringBuffer().append(str2).append("@").append(id).toString();
            }
            SessionID sessionID = isSessionFailoverEnabled ? new SessionID(str2, hexString, this.thisSessionServerProtocol, this.thisSessionServer, this.thisSessionServerPortAsString, str) : new SessionID(str2, hexString, this.sessionServerProtocol, this.sessionServer, this.sessionServerPort, str);
            if (this.sessionTable.get(sessionID) == null && this.sessionHandleTable.get(sessionID) == null) {
                return sessionID;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public InternalSession removeInternalSession(SessionID sessionID) {
        if (sessionID == null) {
            return null;
        }
        InternalSession internalSession = (InternalSession) this.sessionTable.remove(sessionID);
        if (internalSession == null) {
            internalSession = recoverSession(sessionID);
            this.sessionTable.remove(sessionID);
        }
        if (internalSession != null) {
            removeSessionHandle(internalSession);
            HttpSession httpSession = internalSession.getHttpSession();
            if (httpSession != null) {
                try {
                    httpSession.removeAttribute(httpSessionPropertyName);
                    httpSession.invalidate();
                } catch (IllegalStateException e) {
                    if (sessionDebug.messageEnabled()) {
                        sessionDebug.message("Exception:removeInternalSession: the web containers session timeout could be shorter than the IS session timeout", e);
                    }
                }
            }
        }
        return internalSession;
    }

    private void removeSessionHandle(InternalSession internalSession) {
        String sessionHandle;
        if (internalSession == null || (sessionHandle = internalSession.getSessionHandle()) == null) {
            return;
        }
        this.sessionHandleTable.remove(sessionHandle);
    }

    public boolean isSessionFailoverEnabled() {
        return isSessionFailoverEnabled;
    }

    public boolean isLocalSession(SessionID sessionID) {
        return ((InternalSession) this.sessionTable.get(sessionID)) != null;
    }

    public boolean isLocalSessionService(URL url) {
        URL url2 = isSessionFailoverEnabled ? this.thisSessionServiceURL : this.sessionServiceID;
        return url2 != null && url2.getProtocol().equalsIgnoreCase(url.getProtocol()) && url2.getHost().equalsIgnoreCase(url.getHost()) && url2.getPort() == url.getPort();
    }

    public InternalSession getInternalSession(SessionID sessionID) {
        if (sessionID == null || sessionID.toString().startsWith(SHANDLE_SCHEME_PREFIX)) {
            return null;
        }
        InternalSession internalSession = (InternalSession) this.sessionTable.get(sessionID);
        if (internalSession == null) {
            internalSession = recoverSession(sessionID);
        }
        return internalSession;
    }

    public InternalSession getInternalSessionByHandle(String str) {
        return (InternalSession) this.sessionHandleTable.get(str);
    }

    private Vector getValidInternalSessions() {
        Vector vector = new Vector();
        synchronized (this.sessionTable) {
            Enumeration elements = this.sessionTable.elements();
            while (elements.hasMoreElements()) {
                InternalSession internalSession = (InternalSession) elements.nextElement();
                if (internalSession.getState() == 1 && internalSession.willExpire()) {
                    vector.addElement(internalSession);
                }
            }
        }
        return vector;
    }

    private Vector getValidInternalSessions(String str, int[] iArr) throws SessionException {
        String attributeValue;
        Vector vector = new Vector();
        if (str == null) {
            str = "*";
        }
        try {
            long currentTimeMillis = System.currentTimeMillis();
            String lowerCase = str.toLowerCase();
            Enumeration elements = getValidInternalSessions().elements();
            String userNamingAttribute = AMStoreConnection.getUserNamingAttribute();
            boolean equals = lowerCase.equals("*");
            while (true) {
                if (!elements.hasMoreElements()) {
                    break;
                }
                InternalSession internalSession = (InternalSession) elements.nextElement();
                if (equals || ((attributeValue = new X500Name(internalSession.getClientID()).getAttributeValue(userNamingAttribute)) != null && matchFilter(attributeValue.toLowerCase(), lowerCase))) {
                    if (vector.size() == SessionConfigListener.getMaxsize()) {
                        iArr[0] = 1;
                        break;
                    }
                    vector.addElement(internalSession);
                    if (System.currentTimeMillis() - currentTimeMillis >= SessionConfigListener.getTimeout()) {
                        iArr[0] = 2;
                        break;
                    }
                }
            }
            return vector;
        } catch (Exception e) {
            sessionDebug.error("SessionService : Unable to get Session Information ", e);
            throw new SessionException(e);
        }
    }

    public void destroyInternalSession(SessionID sessionID) {
        InternalSession removeInternalSession = removeInternalSession(sessionID);
        removeInternalSession.setIsISStored(false);
        if (removeInternalSession == null || removeInternalSession.getState() == 0) {
            return;
        }
        if (removeInternalSession.getState() == 1) {
            decrementActiveSessions();
        }
        logEvent(removeInternalSession, 5);
        removeInternalSession.setState(3);
        sendEvent(removeInternalSession, 5);
    }

    public void logoutInternalSession(SessionID sessionID) {
        InternalSession removeInternalSession = removeInternalSession(sessionID);
        if (removeInternalSession == null || removeInternalSession.getState() == 0) {
            return;
        }
        if (removeInternalSession.getState() == 1) {
            decrementActiveSessions();
        }
        logEvent(removeInternalSession, 3);
        removeInternalSession.setState(3);
        sendEvent(removeInternalSession, 3);
    }

    public static synchronized void decrementActiveSessions() {
        numberOfActiveSessions--;
    }

    public static synchronized void incrementActiveSessions() {
        numberOfActiveSessions++;
    }

    public static synchronized int getActiveSessions() {
        return numberOfActiveSessions;
    }

    private void addInternalSessionListener(SessionID sessionID, String str) {
        InternalSession internalSession = getInternalSession(sessionID);
        if (internalSession != null) {
            Vector sessionEventURLs = internalSession.getSessionEventURLs();
            if (sessionEventURLs.contains(str)) {
                return;
            }
            sessionEventURLs.addElement(str);
            internalSession.updateForFailover();
        }
    }

    private void addListenerOnAllInternalSessions(String str) {
        if (this.sessionEventURLs.contains(str)) {
            return;
        }
        this.sessionEventURLs.addElement(str);
    }

    public InternalSession getSession(SessionID sessionID, boolean z) throws SessionException {
        InternalSession locateSession = locateSession(sessionID);
        if (locateSession.getState() != 1) {
            if (locateSession.getTimeLeftBeforePurge() > 0) {
                throw new SessionTimedOutException(new StringBuffer().append(SessionBundle.getString("sessionTimedOut")).append(" ").append(sessionID.toString()).toString());
            }
            throw new SessionException(new StringBuffer().append(SessionBundle.getString("invalidSessionState")).append(sessionID.toString()).toString());
        }
        if (z) {
            locateSession.setLatestAccessTime();
        }
        return locateSession;
    }

    public Vector getValidSessions(Session session) throws SessionException {
        return getValidSessions(session, null, new int[]{0});
    }

    public Vector getValidSessions(Session session, String str, int[] iArr) throws SessionException {
        if (session.getState(false) != 1) {
            throw new SessionException(new StringBuffer().append(SessionBundle.getString("invalidSessionState")).append(session.getID().toString()).toString());
        }
        try {
            Set attribute = getUser(session).getAttribute("iplanet-am-session-get-valid-sessions");
            Vector validInternalSessions = sessionService.getValidInternalSessions(str, iArr);
            Vector vector = new Vector();
            int size = validInternalSessions.size();
            for (int i = 0; i < size; i++) {
                InternalSession internalSession = (InternalSession) validInternalSessions.elementAt(i);
                SessionInfo sessionInfo = internalSession.toSessionInfo();
                sessionInfo.sid = internalSession.getSessionHandle();
                if (hasTopLevelAdminRole(session) || attribute.contains(internalSession.getClientDomain())) {
                    vector.add(sessionInfo);
                }
            }
            return vector;
        } catch (Exception e) {
            throw new SessionException(e);
        }
    }

    public void destroySession(Session session, SessionID sessionID) throws SessionException {
        if (sessionID == null) {
            return;
        }
        if (session.getState(false) != 1) {
            throw new SessionException(new StringBuffer().append(SessionBundle.getString("invalidSessionState")).append(sessionID.toString()).toString());
        }
        InternalSession internalSession = sessionService.getInternalSession(sessionID);
        if (internalSession == null) {
            internalSession = sessionService.getInternalSessionByHandle(sessionID.toString());
        }
        if (internalSession != null) {
            SessionID id = internalSession.getID();
            try {
                if (session.getID().equals(id) || hasTopLevelAdminRole(session)) {
                    sessionService.destroyInternalSession(id);
                } else {
                    if (!getUser(session).getAttribute("iplanet-am-session-destroy-sessions").contains(session.getClientDomain())) {
                        throw new SessionException(SessionBundle.rbName, "noPrivilege", null);
                    }
                    sessionService.destroyInternalSession(id);
                }
            } catch (Exception e) {
                throw new SessionException(e);
            }
        }
    }

    public void logout(SessionID sessionID) throws SessionException {
        locateSession(sessionID);
        logoutInternalSession(sessionID);
    }

    public void addSessionListener(SessionID sessionID, String str) throws SessionException {
        if (locateSession(sessionID).getState() == 0) {
            throw new SessionException(new StringBuffer().append(SessionBundle.getString("invalidSessionState")).append(sessionID.toString()).toString());
        }
        addInternalSessionListener(sessionID, str);
    }

    public void addSessionListenerOnAllSessions(Session session, String str) throws SessionException {
        if (session.getState(false) != 1) {
            throw new SessionException(new StringBuffer().append(SessionBundle.getString("invalidSessionState")).append(session.getID().toString()).toString());
        }
        if (session.getClientID().equals(dsameAdminDN)) {
            addListenerOnAllInternalSessions(str);
            return;
        }
        try {
            if (getUser(session).getStringAttribute("iplanet-am-session-add-session-listener-on-all-sessions").equals("false")) {
                throw new SessionException(SessionBundle.rbName, "noPrivilege", null);
            }
            addListenerOnAllInternalSessions(str);
        } catch (Exception e) {
            throw new SessionException(e);
        }
    }

    public void setProperty(SessionID sessionID, String str, String str2) throws SessionException {
        locateSession(sessionID).putProperty(str, str2);
    }

    protected InternalSession locateSession(SessionID sessionID) throws SessionException {
        InternalSession internalSession = getInternalSession(sessionID);
        if (internalSession == null) {
            throw new SessionException(new StringBuffer().append(SessionBundle.getString("invalidSessionID")).append(sessionID.toString()).toString());
        }
        return internalSession;
    }

    public void setExternalProperty(SessionID sessionID, String str, String str2) throws SessionException {
        locateSession(sessionID).putExternalProperty(str, str2);
    }

    public void sendEvent(InternalSession internalSession, int i) {
        sessionDebug.message(new StringBuffer().append("Running sendEvent, type = ").append(i).toString());
        try {
            threadPool.run(new SessionNotificationSender(this, this, internalSession, i));
        } catch (ThreadPoolException e) {
            sessionDebug.error("Sending Notification Error: ", e);
        }
    }

    public void logEvent(InternalSession internalSession, int i) {
        switch (i) {
            case 0:
                logIt(internalSession, "SESSION CREATE");
                return;
            case 1:
                logIt(internalSession, "IDLE TIMEOUT");
                return;
            case 2:
                logIt(internalSession, "MAX TIMEOUT");
                return;
            case 3:
                logIt(internalSession, "LOGOUT");
                return;
            case 4:
                logIt(internalSession, "REACTIVATION");
                return;
            case 5:
                logIt(internalSession, "DESTROY");
                return;
            default:
                logIt(internalSession, "UNKNOWN EVENT");
                return;
        }
    }

    public void logIt(InternalSession internalSession, String str) {
        if (logStatus) {
            try {
                String sessionID = internalSession.getID().toString();
                LogRecord logRecord = new LogRecord(Level.INFO, str);
                logRecord.addLogInfo(LogConstants.LOGIN_ID_SID, sessionID);
                String clientID = internalSession.getClientID();
                String clientDomain = internalSession.getClientDomain();
                String property = internalSession.getProperty(ISAuthConstants.HOST);
                String property2 = internalSession.getProperty(LogConstants.HOST_NAME);
                logRecord.addLogInfo(LogConstants.LOGIN_ID, clientID);
                logRecord.addLogInfo(LogConstants.LOG_LEVEL, logRecord.getLevel().toString());
                logRecord.addLogInfo(LogConstants.DOMAIN, clientDomain);
                logRecord.addLogInfo(LogConstants.IP_ADDR, property);
                logRecord.addLogInfo(LogConstants.HOST_NAME, property2);
                getLogger().log(logRecord, getSessionServiceToken());
            } catch (Exception e) {
                sessionDebug.error("SessionService.logIt(): Cannot write to the session log file: ", e);
            }
        }
    }

    private SSOTokenManager getSSOTokenManager() throws SSOException {
        if (ssoManager == null) {
            ssoManager = SSOTokenManager.getInstance();
        }
        return ssoManager;
    }

    private SSOToken getSessionServiceToken() throws Exception {
        if (sessionServiceToken == null) {
            InternalSession serviceSession = getServiceSession(new StringBuffer().append("SessionService-").append(this.sessionServer).toString(), null);
            setProperty(serviceSession.getID(), "Principal", serviceSession.getClientID());
            sessionServiceToken = getSSOTokenManager().createSSOToken(serviceSession.getID().toString());
        }
        return sessionServiceToken;
    }

    private Logger getLogger() {
        if (logger == null) {
            logger = (Logger) Logger.getLogger(amSSOLogFile);
        }
        return logger;
    }

    private SessionService() {
        this.secureRandom = null;
        this.sessionTable = null;
        this.sessionServiceID = null;
        try {
            dsameAdminDN = (String) AccessController.doPrivileged(new AdminDNAction());
            if (isSessionFailoverEnabled) {
                this.thisSessionServerProtocol = SystemProperties.get("com.iplanet.am.localserver.protocol");
                this.thisSessionServer = SystemProperties.get("com.iplanet.am.localserver.host");
                this.thisSessionServerPortAsString = SystemProperties.get("com.iplanet.am.localserver.port");
                if (this.thisSessionServerProtocol == null || this.thisSessionServerPortAsString == null || this.thisSessionServer == null) {
                    throw new SessionException(SessionBundle.rbName, "propertyMustBeSet", null);
                }
                this.thisSessionServerPort = Integer.parseInt(this.thisSessionServerPortAsString);
                this.thisSessionServerURL = new StringBuffer().append(this.thisSessionServerProtocol).append(ISAuthConstants.URL_SEPARATOR).append(this.thisSessionServer).append(":").append(this.thisSessionServerPortAsString).toString();
                this.thisSessionServiceURL = Session.getSessionServiceURL(this.thisSessionServerProtocol, this.thisSessionServer, this.thisSessionServerPortAsString);
            }
            this.sessionServerProtocol = SystemProperties.get("com.iplanet.am.server.protocol");
            this.sessionServer = SystemProperties.get("com.iplanet.am.server.host");
            this.sessionServerPort = SystemProperties.get("com.iplanet.am.server.port");
            this.sessionServiceID = new URL(this.sessionServerProtocol, this.sessionServer, Integer.parseInt(this.sessionServerPort), "");
            this.sessionServerID = WebtopNaming.getServerID(this.sessionServerProtocol, this.sessionServer, this.sessionServerPort);
            this.secureRandom = SecureRandomManager.getSecureRandom();
            this.sessionTable = new Hashtable();
            if (stats.isEnabled()) {
                maxSessionStats = new SessionMaxStats(this.sessionTable);
                stats.addStatsListener(maxSessionStats);
            }
            new SessionMonitor(this, this.sessionTable).start();
        } catch (Exception e) {
            sessionDebug.error("SessionService.SessionService():", e);
        }
    }

    private void postInit() {
        try {
            ServiceSchemaManager serviceSchemaManager = new ServiceSchemaManager("iPlanetAMSessionService", getSessionServiceToken());
            SessionConfigListener sessionConfigListener = new SessionConfigListener(serviceSchemaManager);
            serviceSchemaManager.addListener(sessionConfigListener);
            sessionConfigListener.schemaChanged("iPlanetAMSessionService", null);
        } catch (Exception e) {
            sessionDebug.error("SessionService.postInit():+Unable to get Session Schema Information", e);
        }
    }

    private AMUser getUser(Session session) throws SessionException, SSOException, AMException {
        return new AMStoreConnection(getSSOTokenManager().createSSOToken(session.getID().toString())).getUser(session.getClientID());
    }

    private boolean hasTopLevelAdminRole(Session session) throws SessionException, SSOException, AMException {
        AMStoreConnection aMStoreConnection = new AMStoreConnection(getSSOTokenManager().createSSOToken(session.getID().toString()));
        Set roleDNs = aMStoreConnection.getUser(session.getClientID()).getRoleDNs();
        if (roleDNs == null || roleDNs.isEmpty()) {
            return false;
        }
        Iterator it = roleDNs.iterator();
        while (it.hasNext()) {
            if (aMStoreConnection.getRole((String) it.next()).getRoleType() == 1) {
                return true;
            }
        }
        return false;
    }

    private InternalSession createSession(String str) {
        DataInputStream dataInputStream = null;
        String str2 = "?op=create";
        if (str != null) {
            try {
                try {
                    str2 = new StringBuffer().append(str2).append("&domain=").append(URLEncoder.encode(str)).toString();
                } catch (Exception e) {
                    sessionDebug.error("Failed to retrieve new session", e);
                    closeStream(dataInputStream);
                    return null;
                }
            } catch (Throwable th) {
                closeStream(dataInputStream);
                throw th;
            }
        }
        HttpURLConnection invokeRemote = invokeRemote(new URL(this.thisSessionServerProtocol, this.thisSessionServer, this.thisSessionServerPort, new StringBuffer().append(deploymentURI).append("/GetHttpSession").append(str2).toString()), null);
        dataInputStream = new DataInputStream(invokeRemote.getInputStream());
        if (invokeRemote.getResponseCode() != 200) {
            closeStream(dataInputStream);
            return null;
        }
        InternalSession internalSession = (InternalSession) this.sessionTable.get(new SessionID(dataInputStream.readUTF()));
        closeStream(dataInputStream);
        return internalSession;
    }

    private void closeStream(InputStream inputStream) {
        if (inputStream != null) {
            try {
                inputStream.close();
            } catch (IOException e) {
                sessionDebug.error("Unable to close input", e);
            }
        }
    }

    private boolean releaseSession(URL url, SessionID sessionID) {
        if (sessionDebug.messageEnabled()) {
            sessionDebug.message(new StringBuffer().append("Attempting to release InternalSession ").append(sessionID).append(" from server instance: ").append(url).toString());
        }
        DataInputStream dataInputStream = null;
        URL url2 = null;
        try {
            try {
                try {
                    url2 = new URL(url.getProtocol(), url.getHost(), url.getPort(), new StringBuffer().append(deploymentURI).append("/GetHttpSession").append("?op=release").toString());
                    HttpURLConnection invokeRemote = invokeRemote(url2, sessionID);
                    dataInputStream = new DataInputStream(invokeRemote.getInputStream());
                    boolean z = invokeRemote.getResponseCode() == 200;
                    closeStream(dataInputStream);
                    return z;
                } catch (ConnectException e) {
                    if (sessionDebug.messageEnabled()) {
                        sessionDebug.message(new StringBuffer().append("releaseSession: failed to connect to  ").append(url2).toString());
                    }
                    closeStream(dataInputStream);
                    return true;
                }
            } catch (Exception e2) {
                sessionDebug.error("Failed to release session", e2);
                closeStream(dataInputStream);
                return false;
            }
        } catch (Throwable th) {
            closeStream(dataInputStream);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int handleReleaseSession(SessionID sessionID) {
        if (!isSessionFailoverEnabled) {
            return LogException.ALREADY_EXISTS;
        }
        InternalSession internalSession = (InternalSession) this.sessionTable.remove(sessionID);
        removeSessionHandle(internalSession);
        if (internalSession != null || !sessionDebug.messageEnabled()) {
            return 200;
        }
        sessionDebug.message(new StringBuffer().append("releaseSession: session not found  ").append(sessionID).toString());
        return 200;
    }

    private InternalSession recoverSession(SessionID sessionID) {
        if (!isSessionFailoverEnabled) {
            return null;
        }
        if (sessionDebug.messageEnabled()) {
            sessionDebug.message(new StringBuffer().append("Recovering InternalSession from HttpSession: ").append(sessionID).toString());
        }
        DataInputStream dataInputStream = null;
        try {
            try {
                dataInputStream = new DataInputStream(invokeRemote(new URL(this.thisSessionServerProtocol, this.thisSessionServer, this.thisSessionServerPort, new StringBuffer().append(deploymentURI).append("/GetHttpSession").append("?op=recover").toString()), sessionID).getInputStream());
                closeStream(dataInputStream);
            } catch (Exception e) {
                sessionDebug.error("Failed to retrieve new session", e);
                closeStream(dataInputStream);
            }
            return (InternalSession) this.sessionTable.get(sessionID);
        } catch (Throwable th) {
            closeStream(dataInputStream);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public InternalSession retrieveSession(SessionID sessionID, HttpSession httpSession) {
        if (!isSessionFailoverEnabled || httpSession == null) {
            return null;
        }
        String str = (String) httpSession.getAttribute(httpSessionPropertyName);
        if (str == null) {
            sessionDebug.message("GISFHS-No InternalSession in HttpSession");
            return null;
        }
        InternalSession decrypt = decrypt(str);
        if (decrypt == null || !decrypt.getID().equals(sessionID)) {
            return null;
        }
        URL url = (URL) httpSession.getAttribute(httpSessionOwnerPropertyName);
        if (!isLocalSessionService(url)) {
            if (!releaseSession(url, sessionID)) {
                return null;
            }
            httpSession.setAttribute(httpSessionOwnerPropertyName, this.thisSessionServiceURL);
        }
        decrypt.setHttpSession(httpSession);
        this.sessionTable.put(decrypt.getID(), decrypt);
        String sessionHandle = decrypt.getSessionHandle();
        if (sessionHandle != null) {
            this.sessionHandleTable.put(sessionHandle, decrypt);
        }
        return decrypt;
    }

    public void saveForFailover(InternalSession internalSession) {
        HttpSession httpSession;
        if (isSessionFailoverEnabled && (httpSession = internalSession.getHttpSession()) != null) {
            httpSession.setAttribute(httpSessionOwnerPropertyName, this.thisSessionServiceURL);
            httpSession.setAttribute(httpSessionPropertyName, encrypt(internalSession));
        }
    }

    private HttpURLConnection invokeRemote(URL url, SessionID sessionID) throws Exception {
        if (!isSessionFailoverEnabled) {
            return null;
        }
        try {
            HttpURLConnection httpURLConnection = (HttpURLConnection) url.openConnection();
            String stringBuffer = new StringBuffer().append("DSAMESecurityCookie=").append((String) AccessController.doPrivileged(new EncodeAction(new StringBuffer().append(this.thisSessionServerURL).append("@").append(System.currentTimeMillis()).toString()))).toString();
            if (sessionID != null) {
                stringBuffer = new StringBuffer().append(stringBuffer).append(";").append(Session.getCookieName()).append("=").append(sessionID).toString();
                String httpId = sessionID.getHttpId();
                if (httpId != null) {
                    stringBuffer = new StringBuffer().append(stringBuffer).append(";").append(httpSessionTrackingCookieName).append("=").append(httpId).toString();
                }
            }
            httpURLConnection.setRequestProperty("Cookie", stringBuffer);
            httpURLConnection.setRequestMethod("GET");
            httpURLConnection.setDoInput(true);
            return httpURLConnection;
        } catch (Exception e) {
            sessionDebug.message(new StringBuffer().append("Failed contacting ").append(url).toString(), e);
            throw e;
        }
    }

    public static String encrypt(Object obj) {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new ObjectOutputStream(byteArrayOutputStream).writeObject(obj);
            return (String) AccessController.doPrivileged(new EncodeAction(Base64.encode(byteArrayOutputStream.toByteArray()), Crypt.getHardcodedKeyEncryptor()));
        } catch (Exception e) {
            sessionDebug.message("Error in encrypting the Internal Session object");
            return null;
        }
    }

    public static InternalSession decrypt(String str) {
        if (str == null) {
            return null;
        }
        try {
            Object readObject = new ObjectInputStream(new ByteArrayInputStream(Base64.decode((String) AccessController.doPrivileged(new DecodeAction(str, Crypt.getHardcodedKeyEncryptor()))))).readObject();
            if (readObject == null) {
                return null;
            }
            return (InternalSession) readObject;
        } catch (Exception e) {
            sessionDebug.message(new StringBuffer().append("Error in decrypting the Internal Session object").append(e.getMessage()).toString());
            return null;
        }
    }

    public static String encodeID(String str) {
        if (str == null) {
            return null;
        }
        int i = 0;
        char[] charArray = str.toCharArray();
        for (char c : charArray) {
            if (c == '%') {
                i++;
            }
        }
        char[] cArr = new char[charArray.length + (i * 2)];
        int i2 = 0;
        for (int i3 = 0; i3 < charArray.length; i3++) {
            switch (charArray[i3]) {
                case '%':
                    cArr[i2] = '%';
                    cArr[i2 + 1] = '2';
                    cArr[i2 + 2] = '5';
                    i2 += 3;
                    break;
                default:
                    cArr[i2] = charArray[i3];
                    i2++;
                    break;
            }
        }
        return String.valueOf(cArr);
    }

    protected static void debugIS(String str, Object obj) {
        if (obj == null) {
            sessionDebug.message(new StringBuffer().append("InternalSession Attribute is NULL in -->").append(str).toString());
            return;
        }
        InternalSession internalSession = (InternalSession) obj;
        if (internalSession == null) {
            sessionDebug.message(new StringBuffer().append("InternalSession is NULL in -->").append(str).toString());
            return;
        }
        try {
            sessionDebug.message(new StringBuffer().append(str).append(" --Value of sessionID-->").append(internalSession.getID()).toString());
            sessionDebug.message(new StringBuffer().append(str).append(" --Value of clientDomain-->").append(internalSession.getClientDomain()).toString());
            sessionDebug.message(new StringBuffer().append(str).append(" --Value of maxSessionTime-->").append(internalSession.getMaxSessionTime()).toString());
            sessionDebug.message(new StringBuffer().append(str).append(" --Value of sessionState-->").append(internalSession.getState()).toString());
            sessionDebug.message(new StringBuffer().append(str).append(" --Value of idleTime-->").append(internalSession.getIdleTime()).toString());
            if (internalSession.getProperty(DisplayFieldDescriptor.NAME_PROP) != null) {
                sessionDebug.message(new StringBuffer().append(str).append(" --Value of property Name is -->").append(internalSession.getProperty(DisplayFieldDescriptor.NAME_PROP)).toString());
            } else {
                sessionDebug.message(new StringBuffer().append(str).append("  --Value of property Name is NULL").toString());
            }
        } catch (Exception e) {
            sessionDebug.message(new StringBuffer().append("ERROR in debugIS").append(e.getMessage()).toString());
        }
    }

    public static boolean matchFilter(String str, String str2) {
        if (str2.equals("*") || str2.equals(str)) {
            return true;
        }
        int length = str2.length();
        int indexOf = str2.indexOf("*");
        if (indexOf < 0) {
            return false;
        }
        String substring = str2.substring(0, indexOf);
        if (!str.startsWith(substring, 0)) {
            return false;
        }
        int length2 = substring.length() + 1;
        int i = 0;
        if (indexOf > 0) {
            i = length2;
        }
        String substring2 = str2.substring(length2, length);
        while (true) {
            String str3 = substring2;
            int indexOf2 = str2.indexOf("*", length2);
            if (indexOf2 == -1) {
                return str.endsWith(str3);
            }
            String substring3 = str2.substring(length2, indexOf2);
            if (str.indexOf(substring3, i) == -1) {
                return false;
            }
            length2 = indexOf2 + 1;
            i = i + substring3.length() + 1;
            substring2 = str2.substring(length2, length);
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        int i;
        int i2;
        threadPool = null;
        sessionDebug = null;
        maxSessions = 10000;
        logStatus = false;
        isWeblogicFlag = false;
        sessionDebug = Debug.getInstance("amSession");
        try {
            i = Integer.parseInt(SystemProperties.get(Constants.NOTIFICATION_THREADPOOL_SIZE));
        } catch (Exception e) {
            i = 10;
        }
        try {
            i2 = Integer.parseInt(SystemProperties.get(Constants.NOTIFICATION_THREADPOOL_THRESHOLD));
        } catch (Exception e2) {
            i2 = 100;
        }
        threadPool = new ThreadPool("amSession", i, i2, true, sessionDebug);
        try {
            maxSessions = Integer.parseInt(SystemProperties.get(Constants.AM_SESSION_MAX_SESSIONS));
        } catch (Exception e3) {
            maxSessions = 10000;
        }
        String str = SystemProperties.get("com.iplanet.am.logstatus");
        if (str == null) {
            str = "INACTIVE";
        }
        if (str.equalsIgnoreCase(ISAuthConstants.ACTIVE)) {
            logStatus = true;
        }
        if (webContainer.startsWith("BEA")) {
            isWeblogicFlag = true;
        }
        volatileRef = null;
        sessionService = null;
        deploymentURI = SystemProperties.get("com.iplanet.am.services.deploymentDescriptor");
        isSessionFailoverEnabled = Boolean.valueOf(SystemProperties.get(Constants.AM_SESSION_FAILOVER_ENABLED)).booleanValue();
    }
}
