package com.iplanet.ias.security.auth.realm.ldap;

import com.iplanet.ias.security.auth.realm.IASRealm;
import com.sun.enterprise.security.auth.realm.BadRealmException;
import com.sun.enterprise.security.auth.realm.InvalidOperationException;
import com.sun.enterprise.security.auth.realm.NoSuchRealmException;
import com.sun.enterprise.security.auth.realm.NoSuchUserException;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Properties;
import java.util.Vector;
import java.util.logging.Level;

/* loaded from: input_file:120982-06/SUNWproxy/reloc/bin/proxy/jar/webserv-rt.jar:com/iplanet/ias/security/auth/realm/ldap/LDAPRealm.class */
public class LDAPRealm extends IASRealm {
    public static final String LDAP_METACHARS = "*&|!()=<>";
    public static final String AUTH_TYPE = "ldap";
    public static final String PARAM_DIRURL = "directory";
    public static final String PARAM_USERDN = "base-dn";
    public static final String PARAM_SEARCH_FILTER = "search-filter";
    public static final String PARAM_GRPDN = "group-base-dn";
    public static final String PARAM_GRP_SEARCH_FILTER = "group-search-filter";
    public static final String PARAM_GRP_TARGET = "group-target";
    public static final String PARAM_MODE = "mode";
    public static final String PARAM_JNDICF = "jndiCtxFactory";
    public static final String PARAM_POOLSIZE = "pool-size";
    public static final String PARAM_AUTH_MECH = "authentication";
    public static final String PARAM_BINDDN = "search-bind-dn";
    public static final String PARAM_BINDPWD = "search-bind-password";
    public static final String MODE_FIND_BIND = "find-bind";
    public static final String SUBST_SUBJECT_NAME = "%s";
    public static final String SUBST_SUBJECT_DN = "%d";
    private static final String SEARCH_FILTER_DEFAULT = "uid=%s";
    private static final String GRP_SEARCH_FILTER_DEFAULT = "uniquemember=%d";
    private static final String GRP_TARGET_DEFAULT = "cn";
    private static final String MODE_DEFAULT = "find-bind";
    private static final String JNDICF_DEFAULT = "com.sun.jndi.ldap.LdapCtxFactory";
    private static final String POOLSIZE_DEFAULT = "5";
    private static final String AUTH_MECH_DEFAULT = "simple";
    private HashMap groupCache;
    private Vector emptyVector;
    private Properties ldapBindProp = null;

    @Override // com.sun.enterprise.security.auth.realm.Realm
    public synchronized void init(Properties properties) throws BadRealmException, NoSuchRealmException {
        String property = properties.getProperty(PARAM_DIRURL);
        String property2 = properties.getProperty(PARAM_USERDN);
        String property3 = properties.getProperty(IASRealm.JAAS_CONTEXT_PARAM);
        if (property == null || property2 == null || property3 == null) {
            throw new BadRealmException(sm.getString("ldaprealm.badconfig", property, property2, property3));
        }
        String property4 = properties.getProperty(PARAM_MODE, "find-bind");
        if (!"find-bind".equals(property4)) {
            throw new BadRealmException(sm.getString("ldaprealm.badmode", property4));
        }
        String property5 = properties.getProperty(PARAM_JNDICF, JNDICF_DEFAULT);
        String property6 = properties.getProperty(PARAM_SEARCH_FILTER, SEARCH_FILTER_DEFAULT);
        String property7 = properties.getProperty(PARAM_GRPDN, property2);
        String property8 = properties.getProperty(PARAM_GRP_SEARCH_FILTER, GRP_SEARCH_FILTER_DEFAULT);
        String property9 = properties.getProperty(PARAM_GRP_TARGET, GRP_TARGET_DEFAULT);
        String property10 = properties.getProperty(PARAM_POOLSIZE, POOLSIZE_DEFAULT);
        String property11 = properties.getProperty(PARAM_AUTH_MECH, AUTH_MECH_DEFAULT);
        setProperty(PARAM_DIRURL, property);
        setProperty(PARAM_USERDN, property2);
        setProperty(IASRealm.JAAS_CONTEXT_PARAM, property3);
        if (properties.getProperty(PARAM_BINDDN) != null) {
            setProperty(PARAM_BINDDN, properties.getProperty(PARAM_BINDDN));
        }
        if (properties.getProperty(PARAM_BINDPWD) != null) {
            setProperty(PARAM_BINDPWD, properties.getProperty(PARAM_BINDPWD));
        }
        setProperty(PARAM_MODE, property4);
        setProperty(PARAM_JNDICF, property5);
        setProperty(PARAM_SEARCH_FILTER, property6);
        setProperty(PARAM_GRPDN, property7);
        setProperty(PARAM_GRP_SEARCH_FILTER, property8);
        setProperty(PARAM_GRP_TARGET, property9);
        setProperty(PARAM_POOLSIZE, property10);
        setProperty(PARAM_AUTH_MECH, property11);
        if (_logger.isLoggable(Level.FINE)) {
            _logger.fine(new StringBuffer().append("LDAPRealm : directory=").append(property).toString());
            _logger.fine(new StringBuffer().append("LDAPRealm : base-dn=").append(property2).toString());
            _logger.fine(new StringBuffer().append("LDAPRealm : jndiCtxFactory=").append(property5).toString());
            _logger.fine(new StringBuffer().append("LDAPRealm : jaas-context=").append(property3).toString());
            _logger.fine(new StringBuffer().append("LDAPRealm : mode=").append(property4).toString());
            _logger.fine(new StringBuffer().append("LDAPRealm : search-filter=").append(property6).toString());
            _logger.fine(new StringBuffer().append("LDAPRealm : group-base-dn=").append(property7).toString());
            _logger.fine(new StringBuffer().append("LDAPRealm : group-search-filter=").append(property8).toString());
            _logger.fine(new StringBuffer().append("LDAPRealm : group-target=").append(property9).toString());
            _logger.fine(new StringBuffer().append("LDAPRealm : search-bind-dn=").append(getProperty(PARAM_BINDDN)).toString());
            _logger.fine(new StringBuffer().append("LDAPRealm : search-bind-password=").append(getProperty(PARAM_BINDPWD) == null ? null : "******").toString());
            _logger.fine(new StringBuffer().append("LDAPRealm : pool-size=").append(property10).toString());
            _logger.fine(new StringBuffer().append("LDAPRealm : authentication=").append(property11).toString());
        }
        this.groupCache = new HashMap();
        this.emptyVector = new Vector();
        this.ldapBindProp = initLdapBindProp();
    }

    private Properties initLdapBindProp() {
        Properties properties = new Properties();
        String property = getProperty(PARAM_JNDICF);
        String property2 = getProperty(PARAM_DIRURL);
        properties.put("java.naming.factory.initial", property);
        properties.put("java.naming.provider.url", property2);
        String property3 = getProperty(PARAM_BINDDN);
        String property4 = getProperty(PARAM_BINDPWD);
        if (property3 != null && property4 != null) {
            properties.put("java.naming.security.principal", property3);
            properties.put("java.naming.security.credentials", property4);
        }
        String property5 = getProperty(PARAM_POOLSIZE);
        if (property5 != null) {
            Integer.parseInt(property5);
            properties.put("com.sun.jndi.ldap.connect.pool.prefsize", property5);
        }
        properties.put("com.sun.jndi.ldap.connect.pool", "true");
        properties.put("com.sun.jndi.ldap.connect.timeout", "300000");
        return properties;
    }

    @Override // com.sun.enterprise.security.auth.realm.Realm
    public String getAuthType() {
        return AUTH_TYPE;
    }

    public Properties getLdapBindProp() {
        return this.ldapBindProp;
    }

    @Override // com.sun.enterprise.security.auth.realm.Realm
    public Enumeration getGroupNames(String str) throws InvalidOperationException, NoSuchUserException {
        Vector vector = (Vector) this.groupCache.get(str);
        if (vector != null) {
            return vector.elements();
        }
        _logger.fine(new StringBuffer().append("No groups available for: ").append(str).toString());
        return this.emptyVector.elements();
    }

    public void setGroupNames(String str, String[] strArr) {
        Vector vector = new Vector(strArr.length);
        for (String str2 : strArr) {
            vector.add(str2);
        }
        this.groupCache.put(str, vector);
    }
}
