package com.sun.enterprise.security.acl;

import com.sun.enterprise.Switch;
import com.sun.enterprise.config.ConfigContext;
import com.sun.enterprise.config.serverbeans.SecurityService;
import com.sun.enterprise.config.serverbeans.Server;
import com.sun.enterprise.config.serverbeans.ServerBeansFactory;
import com.sun.enterprise.deployment.Group;
import com.sun.enterprise.deployment.PrincipalImpl;
import com.sun.enterprise.deployment.Role;
import com.sun.enterprise.deployment.interfaces.SecurityRoleMapper;
import com.sun.enterprise.server.ApplicationServer;
import com.sun.logging.LogDomains;
import java.io.Serializable;
import java.security.AccessController;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Vector;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;

/* loaded from: input_file:119166-14/SUNWascmn/reloc/appserver/lib/appserv-rt.jar:com/sun/enterprise/security/acl/RoleMapper.class */
public class RoleMapper implements Serializable, SecurityRoleMapper {
    private static Map ROLEMAPPER;
    private static final String DEFAULT_ROLE_NAME = "ANYONE";
    private static Role defaultRole;
    private static String defaultRoleName;
    private String appName;
    private final Map roleToSubject = new HashMap();
    private final Map roleToPrincipal = new HashMap();
    private final Map roleToGroup = new HashMap();
    private static Logger _logger;
    static final boolean $assertionsDisabled;
    static Class class$com$sun$enterprise$security$acl$RoleMapper;

    private RoleMapper(String str) {
        this.appName = str;
        if (Switch.getSwitch().getContainerType() == 2) {
            initDefaultRole();
        }
    }

    private static synchronized void initDefaultRole() {
        ConfigContext configContext;
        if (defaultRole == null) {
            defaultRoleName = DEFAULT_ROLE_NAME;
            try {
                configContext = ApplicationServer.getServerContext().getConfigContext();
            } catch (Exception e) {
                _logger.log(Level.WARNING, "java_security.anonymous_role_reading_exception", (Throwable) e);
            }
            if (!$assertionsDisabled && configContext == null) {
                throw new AssertionError();
            }
            Server serverBean = ServerBeansFactory.getServerBean(configContext);
            if (!$assertionsDisabled && serverBean == null) {
                throw new AssertionError();
            }
            SecurityService securityServiceBean = ServerBeansFactory.getSecurityServiceBean(configContext);
            if (!$assertionsDisabled && securityServiceBean == null) {
                throw new AssertionError();
            }
            defaultRoleName = securityServiceBean.getAnonymousRole();
            if (_logger.isLoggable(Level.FINE)) {
                _logger.log(Level.FINE, new StringBuffer().append("Default role is: ").append(defaultRoleName).toString());
            }
            defaultRole = new Role(defaultRoleName);
        }
    }

    public static RoleMapper getRoleMapper(String str) {
        Class cls;
        RoleMapper roleMapper = (RoleMapper) ROLEMAPPER.get(str);
        if (roleMapper == null) {
            roleMapper = new RoleMapper(str);
            if (class$com$sun$enterprise$security$acl$RoleMapper == null) {
                cls = class$("com.sun.enterprise.security.acl.RoleMapper");
                class$com$sun$enterprise$security$acl$RoleMapper = cls;
            } else {
                cls = class$com$sun$enterprise$security$acl$RoleMapper;
            }
            Class cls2 = cls;
            synchronized (cls) {
                ROLEMAPPER.put(str, roleMapper);
            }
        }
        return roleMapper;
    }

    public static void setRoleMapper(String str, SecurityRoleMapper securityRoleMapper) {
        Class cls;
        if (class$com$sun$enterprise$security$acl$RoleMapper == null) {
            cls = class$("com.sun.enterprise.security.acl.RoleMapper");
            class$com$sun$enterprise$security$acl$RoleMapper = cls;
        } else {
            cls = class$com$sun$enterprise$security$acl$RoleMapper;
        }
        Class cls2 = cls;
        synchronized (cls) {
            ROLEMAPPER.put(str, securityRoleMapper);
        }
    }

    public static void removeRoleMapper(String str) {
        Class cls;
        if (ROLEMAPPER.containsKey(str)) {
            if (class$com$sun$enterprise$security$acl$RoleMapper == null) {
                cls = class$("com.sun.enterprise.security.acl.RoleMapper");
                class$com$sun$enterprise$security$acl$RoleMapper = cls;
            } else {
                cls = class$com$sun$enterprise$security$acl$RoleMapper;
            }
            Class cls2 = cls;
            synchronized (cls) {
                ROLEMAPPER.remove(str);
            }
        }
    }

    @Override // com.sun.enterprise.deployment.interfaces.SecurityRoleMapper
    public String getName() {
        return this.appName;
    }

    @Override // com.sun.enterprise.deployment.interfaces.SecurityRoleMapper
    public void setName(String str) {
        this.appName = str;
    }

    private void addRoleToPrincipal(Principal principal, String str) {
        if (!$assertionsDisabled && this.roleToSubject == null) {
            throw new AssertionError();
        }
        Subject subject = (Subject) this.roleToSubject.get(str);
        Subject subject2 = subject == null ? new Subject() : subject;
        AccessController.doPrivileged(new PrivilegedAction(this, subject2, principal) { // from class: com.sun.enterprise.security.acl.RoleMapper.1
            private final Subject val$sub;
            private final Principal val$principal;
            private final RoleMapper this$0;

            {
                this.this$0 = this;
                this.val$sub = subject2;
                this.val$principal = principal;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                this.val$sub.getPrincipals().add(this.val$principal);
                return null;
            }
        });
        this.roleToSubject.put(str, subject2);
    }

    @Override // com.sun.enterprise.deployment.interfaces.SecurityRoleMapper
    public void unassignPrincipalFromRole(Role role, Principal principal) {
        if (!$assertionsDisabled && this.roleToSubject == null) {
            throw new AssertionError();
        }
        String name = role.getName();
        Subject subject = (Subject) this.roleToSubject.get(name);
        if (subject != null) {
            AccessController.doPrivileged(new PrivilegedAction(this, subject, principal) { // from class: com.sun.enterprise.security.acl.RoleMapper.2
                private final Subject val$sub;
                private final Principal val$p;
                private final RoleMapper this$0;

                {
                    this.this$0 = this;
                    this.val$sub = subject;
                    this.val$p = principal;
                }

                @Override // java.security.PrivilegedAction
                public Object run() {
                    this.val$sub.getPrincipals().remove(this.val$p);
                    return null;
                }
            });
            this.roleToSubject.put(name, subject);
        }
        Map map = principal instanceof Group ? this.roleToGroup : this.roleToPrincipal;
        Vector vector = (Vector) map.get(name);
        if (vector != null) {
            vector.remove(principal);
            map.put(name, vector);
        }
    }

    @Override // com.sun.enterprise.deployment.interfaces.SecurityRoleMapper
    public Map getRoleToSubjectMapping() {
        if ($assertionsDisabled || this.roleToSubject != null) {
            return this.roleToSubject;
        }
        throw new AssertionError();
    }

    @Override // com.sun.enterprise.deployment.interfaces.SecurityRoleMapper
    public void assignRole(Principal principal, Role role) {
        String name = role.getName();
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, new StringBuffer().append("SECURITY:RoleMapper Assigning Role ").append(name).append(" to  ").append(principal.getName()).toString());
        }
        addRoleToPrincipal(principal, name);
        Map map = principal instanceof Group ? this.roleToGroup : this.roleToPrincipal;
        Vector vector = (Vector) map.get(name);
        if (vector == null) {
            vector = new Vector();
        }
        vector.add(principal);
        map.put(name, vector);
    }

    @Override // com.sun.enterprise.deployment.interfaces.SecurityRoleMapper
    public Iterator getRoles() {
        if ($assertionsDisabled || this.roleToSubject != null) {
            return this.roleToSubject.keySet().iterator();
        }
        throw new AssertionError();
    }

    @Override // com.sun.enterprise.deployment.interfaces.SecurityRoleMapper
    public Enumeration getGroupsAssignedTo(Role role) {
        if (!$assertionsDisabled && this.roleToGroup == null) {
            throw new AssertionError();
        }
        Vector vector = (Vector) this.roleToGroup.get(role.getName());
        return (vector == null ? new Vector() : vector).elements();
    }

    @Override // com.sun.enterprise.deployment.interfaces.SecurityRoleMapper
    public Enumeration getUsersAssignedTo(Role role) {
        if (!$assertionsDisabled && this.roleToPrincipal == null) {
            throw new AssertionError();
        }
        Vector vector = (Vector) this.roleToPrincipal.get(role.getName());
        return (vector == null ? new Vector() : vector).elements();
    }

    @Override // com.sun.enterprise.deployment.interfaces.SecurityRoleMapper
    public void unassignRole(Role role) {
        if (role != null) {
            String name = role.getName();
            this.roleToSubject.remove(name);
            this.roleToPrincipal.remove(name);
            this.roleToGroup.remove(name);
        }
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer("RoleMapper:");
        Iterator roles = getRoles();
        while (roles.hasNext()) {
            String str = (String) roles.next();
            stringBuffer.append(new StringBuffer().append("\n\tRole (").append(str).append(") has Principals(").toString());
            Iterator<Principal> it = ((Subject) this.roleToSubject.get(str)).getPrincipals().iterator();
            while (it.hasNext()) {
                stringBuffer.append(new StringBuffer().append(it.next().getName()).append(" ").toString());
            }
            stringBuffer.append(")");
        }
        if (_logger.isLoggable(Level.FINER)) {
            _logger.log(Level.FINER, stringBuffer.toString());
        }
        return stringBuffer.toString();
    }

    public RoleMapper(RoleMapper roleMapper) {
        this.appName = roleMapper.getName();
        Iterator roles = roleMapper.getRoles();
        while (roles.hasNext()) {
            String str = (String) roles.next();
            Enumeration groupsAssignedTo = roleMapper.getGroupsAssignedTo(new Role(str));
            Vector vector = new Vector();
            while (groupsAssignedTo.hasMoreElements()) {
                Group group = (Group) groupsAssignedTo.nextElement();
                vector.add(new Group(group.getName()));
                addRoleToPrincipal(group, str);
            }
            this.roleToGroup.put(str, vector);
            Enumeration usersAssignedTo = roleMapper.getUsersAssignedTo(new Role(str));
            Vector vector2 = new Vector();
            while (usersAssignedTo.hasMoreElements()) {
                PrincipalImpl principalImpl = (PrincipalImpl) usersAssignedTo.nextElement();
                vector2.add(new PrincipalImpl(principalImpl.getName()));
                addRoleToPrincipal(principalImpl, str);
            }
            this.roleToPrincipal.put(str, vector2);
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$sun$enterprise$security$acl$RoleMapper == null) {
            cls = class$("com.sun.enterprise.security.acl.RoleMapper");
            class$com$sun$enterprise$security$acl$RoleMapper = cls;
        } else {
            cls = class$com$sun$enterprise$security$acl$RoleMapper;
        }
        $assertionsDisabled = !cls.desiredAssertionStatus();
        ROLEMAPPER = new HashMap();
        defaultRole = null;
        defaultRoleName = null;
        _logger = LogDomains.getLogger(LogDomains.SECURITY_LOGGER);
    }
}
