package com.sun.enterprise.security.provider;

import com.sun.logging.LogDomains;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Permissions;
import java.security.Policy;
import java.security.ProtectionDomain;
import java.util.Collection;
import java.util.Enumeration;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.jacc.PolicyContext;
import javax.security.jacc.PolicyContextException;
import sun.security.provider.PolicyFile;

/* loaded from: input_file:119166-14/SUNWascmn/reloc/appserver/lib/appserv-rt.jar:com/sun/enterprise/security/provider/PolicyWrapper.class */
public final class PolicyWrapper extends Policy {
    private Policy policy;
    private static Logger logger = Logger.getLogger(LogDomains.SECURITY_LOGGER);
    private static final String REUSE = "java.security.Policy.supportsReuse";

    public PolicyWrapper() {
        this.policy = null;
        this.policy = new PolicyFile();
    }

    @Override // java.security.Policy
    public PermissionCollection getPermissions(CodeSource codeSource) {
        String contextID = PolicyContext.getContextID();
        PolicyConfigurationImpl policyConfigForContext = getPolicyConfigForContext(contextID);
        PermissionCollection permissions = getPolicy(policyConfigForContext).getPermissions(codeSource);
        if (permissions != null) {
            permissions = removeExcludedPermissions(policyConfigForContext, permissions);
        }
        if (logger.isLoggable(Level.FINEST)) {
            logger.finest(new StringBuffer().append("JACC Policy Provider: PolicyWrapper.getPermissions(cs), context (").append(contextID).append(") codesource (").append(codeSource).append(") permissions: ").append(permissions).toString());
        }
        return permissions;
    }

    @Override // java.security.Policy
    public PermissionCollection getPermissions(ProtectionDomain protectionDomain) {
        String contextID = PolicyContext.getContextID();
        PolicyConfigurationImpl policyConfigForContext = getPolicyConfigForContext(contextID);
        PermissionCollection permissions = getPolicy(policyConfigForContext).getPermissions(protectionDomain);
        if (permissions != null) {
            permissions = removeExcludedPermissions(policyConfigForContext, permissions);
        }
        if (logger.isLoggable(Level.FINEST)) {
            logger.finest(new StringBuffer().append("JACC Policy Provider: PolicyWrapper.getPermissions(d), context (").append(contextID).append(") permissions: ").append(permissions).toString());
        }
        return permissions;
    }

    @Override // java.security.Policy
    public boolean implies(ProtectionDomain protectionDomain, Permission permission) {
        Permissions excludedPolicy;
        String contextID = PolicyContext.getContextID();
        PolicyConfigurationImpl policyConfigForContext = getPolicyConfigForContext(contextID);
        boolean implies = getPolicy(policyConfigForContext).implies(protectionDomain, permission);
        if (implies && (excludedPolicy = getExcludedPolicy(policyConfigForContext)) != null) {
            implies = !grantedIsExcluded(permission, excludedPolicy);
        }
        if (logger.isLoggable(Level.FINEST) && !implies) {
            logger.finest(new StringBuffer().append("JACC Policy Provider: PolicyWrapper.implies, context (").append(contextID).append(")- result was(").append(implies).append(") permission (").append(permission).append(")").toString());
        }
        return implies;
    }

    @Override // java.security.Policy
    public void refresh() {
        if (logger.isLoggable(Level.FINE)) {
            logger.fine("JACC Policy Provider: Refreshing Policy files!");
        }
        this.policy.refresh();
        Collection<PolicyConfigurationImpl> policyConfigurationImpls = PolicyConfigurationFactoryImpl.getPolicyConfigurationImpls();
        if (policyConfigurationImpls != null) {
            for (PolicyConfigurationImpl policyConfigurationImpl : policyConfigurationImpls) {
                if (policyConfigurationImpl != null) {
                    policyConfigurationImpl.refresh(false);
                }
            }
        }
        try {
            if (PolicyContext.getHandlerKeys().contains("java.security.Policy.supportsReuse")) {
                PolicyContext.getContext("java.security.Policy.supportsReuse");
            }
        } catch (PolicyContextException e) {
            throw new IllegalStateException(e.toString());
        }
    }

    private static PolicyConfigurationImpl getPolicyConfigForContext(String str) {
        PolicyConfigurationImpl policyConfigurationImpl = null;
        if (str != null) {
            policyConfigurationImpl = PolicyConfigurationFactoryImpl.getPolicyConfigurationImpl(str);
        }
        return policyConfigurationImpl;
    }

    private Policy getPolicy(PolicyConfigurationImpl policyConfigurationImpl) {
        Policy policy;
        if (policyConfigurationImpl == null) {
            policy = this.policy;
        } else {
            policy = policyConfigurationImpl.getPolicy();
            if (policy == null) {
                policy = this.policy;
            }
        }
        return policy;
    }

    private static Permissions getExcludedPolicy(PolicyConfigurationImpl policyConfigurationImpl) {
        Permissions permissions = null;
        if (policyConfigurationImpl != null) {
            permissions = policyConfigurationImpl.getExcludedPolicy();
        }
        return permissions;
    }

    private static PermissionCollection removeExcludedPermissions(PolicyConfigurationImpl policyConfigurationImpl, PermissionCollection permissionCollection) {
        PermissionCollection permissionCollection2 = permissionCollection;
        boolean z = true;
        Permissions excludedPolicy = getExcludedPolicy(policyConfigurationImpl);
        if (excludedPolicy != null && excludedPolicy.elements().hasMoreElements()) {
            permissionCollection2 = null;
            Enumeration<Permission> elements = permissionCollection.elements();
            while (elements.hasMoreElements()) {
                Permission nextElement = elements.nextElement();
                if (grantedIsExcluded(nextElement, excludedPolicy)) {
                    z = false;
                } else {
                    if (permissionCollection2 == null) {
                        permissionCollection2 = new Permissions();
                    }
                    permissionCollection2.add(nextElement);
                }
            }
            if (z) {
                permissionCollection2 = permissionCollection;
            }
        }
        return permissionCollection2;
    }

    private static boolean grantedIsExcluded(Permission permission, Permissions permissions) {
        boolean z = false;
        if (permissions != null) {
            if (permissions.implies(permission)) {
                z = true;
            } else {
                Enumeration<Permission> elements = permissions.elements();
                while (!z && elements.hasMoreElements()) {
                    if (permission.implies(elements.nextElement())) {
                        z = true;
                    }
                }
            }
        }
        if (logger.isLoggable(Level.FINEST) && z) {
            logger.finest(new StringBuffer().append("JACC Policy Provider: permission is excluded: ").append(permission).toString());
        }
        return z;
    }
}
