package com.sun.enterprise.security.wss;

import com.sun.enterprise.security.ClientSecurityContext;
import com.sun.enterprise.security.SecurityContext;
import com.sun.enterprise.security.jauth.AuthException;
import com.sun.enterprise.security.jauth.ClientAuthContext;
import com.sun.enterprise.security.jauth.FailureException;
import com.sun.enterprise.security.jauth.PendingException;
import com.sun.enterprise.security.jauth.SOAPAuthParam;
import com.sun.enterprise.security.jauth.ServerAuthContext;
import com.sun.logging.LogDomains;
import java.security.Principal;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import javax.xml.rpc.handler.soap.SOAPMessageContext;

/* loaded from: input_file:119166-09/SUNWascmn/reloc/appserver/lib/appserv-rt.jar:com/sun/enterprise/security/wss/WebServiceSecurity.class */
public class WebServiceSecurity {
    private static Logger _logger;
    private static final String SHARED_CLIENT_STATE = "com.sun.enterprise.security.jauth.ClientHashMap";
    private static final String SHARED_SERVER_STATE = "com.sun.enterprise.security.jauth.ServerHashMap";

    private WebServiceSecurity() {
    }

    public static boolean validateRequest(SOAPMessageContext sOAPMessageContext, ServerAuthContext serverAuthContext) throws AuthException {
        Subject subject;
        Set<Principal> principals;
        boolean z = true;
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "Container Auth: ServerAuthContext.validateRequest");
        }
        boolean z2 = true;
        SecurityContext current = SecurityContext.getCurrent();
        if (current == null || current.didServerGenerateCredentials()) {
            subject = new Subject();
        } else {
            subject = current.getSubject();
            z2 = false;
        }
        SOAPAuthParam sOAPAuthParam = new SOAPAuthParam(sOAPMessageContext.getMessage(), null);
        Map hashMap = new HashMap();
        sOAPMessageContext.setProperty(SHARED_SERVER_STATE, hashMap);
        try {
            serverAuthContext.validateRequest(sOAPAuthParam, subject, hashMap);
        } catch (FailureException e) {
            _logger.log(Level.FINE, "Container-auth: wss: Error validating request  ", (Throwable) e);
            sOAPMessageContext.setMessage(sOAPAuthParam.getResponse());
            throw e;
        } catch (PendingException e2) {
            _logger.log(Level.FINE, "Container-auth: wss: Error validating request  ", (Throwable) e2);
            sOAPMessageContext.setMessage(sOAPAuthParam.getResponse());
            z = false;
        }
        if (z && z2 && (principals = subject.getPrincipals()) != null && !principals.isEmpty()) {
            SecurityContext.setCurrent(new SecurityContext(principals.iterator().next().getName(), subject));
        }
        return z;
    }

    public static void secureResponse(SOAPMessageContext sOAPMessageContext, ServerAuthContext serverAuthContext) throws AuthException {
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "Container Auth: ServerAuthContext.secureResponse");
        }
        Subject subject = SecurityContext.getCurrent().getSubject();
        SOAPAuthParam sOAPAuthParam = new SOAPAuthParam(null, sOAPMessageContext.getMessage());
        HashMap hashMap = (HashMap) sOAPMessageContext.getProperty(SHARED_SERVER_STATE);
        try {
            serverAuthContext.secureResponse(sOAPAuthParam, subject, hashMap);
            serverAuthContext.disposeSubject(subject, hashMap);
        } catch (Throwable th) {
            serverAuthContext.disposeSubject(subject, hashMap);
            throw th;
        }
    }

    public static void secureRequest(SOAPMessageContext sOAPMessageContext, ClientAuthContext clientAuthContext, boolean z) throws AuthException {
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "Container Auth: ClientAuthContext.secureRequest");
        }
        SOAPAuthParam sOAPAuthParam = new SOAPAuthParam(sOAPMessageContext.getMessage(), null);
        HashMap hashMap = new HashMap();
        sOAPMessageContext.setProperty(SHARED_CLIENT_STATE, hashMap);
        Subject subject = null;
        if (z) {
            ClientSecurityContext current = ClientSecurityContext.getCurrent();
            if (current != null) {
                subject = current.getSubject();
            }
        } else {
            SecurityContext current2 = SecurityContext.getCurrent();
            if (current2 != null && !current2.didServerGenerateCredentials()) {
                subject = current2.getSubject();
            }
        }
        if (subject == null) {
            subject = new Subject();
        }
        clientAuthContext.secureRequest(sOAPAuthParam, subject, hashMap);
    }

    public static boolean validateResponse(SOAPMessageContext sOAPMessageContext, ClientAuthContext clientAuthContext) throws AuthException {
        SOAPAuthParam sOAPAuthParam = new SOAPAuthParam(null, sOAPMessageContext.getMessage());
        HashMap hashMap = (HashMap) sOAPMessageContext.getProperty(SHARED_CLIENT_STATE);
        Subject subject = new Subject();
        try {
            try {
                clientAuthContext.validateResponse(sOAPAuthParam, subject, hashMap);
                clientAuthContext.disposeSubject(subject, hashMap);
                return true;
            } catch (AuthException e) {
                _logger.log(Level.SEVERE, "Container-auth: wss: Error validating response  ", (Throwable) e);
                throw e;
            }
        } catch (Throwable th) {
            clientAuthContext.disposeSubject(subject, hashMap);
            throw th;
        }
    }

    static {
        _logger = null;
        _logger = LogDomains.getLogger(LogDomains.SECURITY_LOGGER);
    }
}
