package org.ow2.jonas.security.internal;

import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.StringReader;
import java.security.NoSuchAlgorithmException;
import java.util.Enumeration;
import java.util.Hashtable;
import javax.management.MalformedObjectNameException;
import javax.naming.Context;
import javax.naming.NamingException;
import javax.security.jacc.PolicyContext;
import javax.security.jacc.PolicyContextException;
import org.objectweb.util.monolog.api.BasicLevel;
import org.objectweb.util.monolog.api.Logger;
import org.ow2.jonas.jmx.JmxService;
import org.ow2.jonas.lib.security.jacc.handlers.JPolicyContextHandler;
import org.ow2.jonas.lib.service.AbsServiceImpl;
import org.ow2.jonas.lib.util.JonasObjectName;
import org.ow2.jonas.lib.util.Log;
import org.ow2.jonas.registry.RegistryService;
import org.ow2.jonas.security.SecurityService;
import org.ow2.jonas.security.internal.realm.factory.JResourceDS;
import org.ow2.jonas.security.internal.realm.factory.JResourceLDAP;
import org.ow2.jonas.security.internal.realm.factory.JResourceMemory;
import org.ow2.jonas.security.internal.realm.factory.JResourceRemoteImpl;
import org.ow2.jonas.security.internal.realm.lib.HashHelper;
import org.ow2.jonas.security.internal.realm.principal.Group;
import org.ow2.jonas.security.internal.realm.principal.Role;
import org.ow2.jonas.security.lib.JResourceManager;
import org.ow2.jonas.security.realm.factory.JResource;
import org.ow2.jonas.security.realm.principal.JUser;
import org.ow2.jonas.service.ServiceException;

/* loaded from: input_file:org/ow2/jonas/security/internal/JonasSecurityServiceImpl.class */
public class JonasSecurityServiceImpl extends AbsServiceImpl implements SecurityService, JonasSecurityServiceImplMBean {
    public static final String REMOTE_RESOUCE = "_remoteres";
    private RegistryService registryService;
    private JResources jResources;
    private static Logger logger = Log.getLogger("org.ow2.jonas.security");
    protected static final String CONFIG_FILE = "conf" + File.separator + "jonas-realm.xml";
    private JmxService jmxService = null;
    private Context ictx = null;
    private boolean bindResourcesIntoJndi = false;

    public void setRealmJndiRegistration(boolean z) {
        this.bindResourcesIntoJndi = z;
    }

    @Override // org.ow2.jonas.security.internal.JonasSecurityServiceImplMBean
    public void removeJResource(String str) throws Exception {
        JResource remove = this.jResources.remove(str);
        if (this.bindResourcesIntoJndi) {
            try {
                this.ictx.unbind(str);
                if (logger.isLoggable(BasicLevel.DEBUG)) {
                    logger.log(BasicLevel.DEBUG, "jResource " + str + " remove from the registry.");
                }
            } catch (NamingException e) {
                logger.log(BasicLevel.ERROR, "Cannot unbind the resource '" + str + "' into JNDI", e);
            }
        }
        try {
            remove.removeMBeans();
            if (remove instanceof JResourceMemory) {
                this.jmxService.unregisterMBean(JonasObjectName.securityMemoryFactory(getDomainName(), str));
            } else if (remove instanceof JResourceDS) {
                this.jmxService.unregisterMBean(JonasObjectName.securityDatasourceFactory(getDomainName(), str));
            } else if (remove instanceof JResourceLDAP) {
                this.jmxService.unregisterMBean(JonasObjectName.securityLdapFactory(getDomainName(), str));
            }
        } catch (ServiceException e2) {
            logger.log(BasicLevel.ERROR, "JMX service not available", e2);
        } catch (Exception e3) {
            logger.log(BasicLevel.ERROR, "Can not unregister the MBean for the resource " + str + " : " + e3.getMessage());
            throw new ServiceException("Can not unregister the MBean for the resource " + str + " : " + e3.getMessage());
        }
    }

    public void setRegistryService(RegistryService registryService) {
        this.registryService = registryService;
    }

    private RegistryService getRegistryService() {
        return this.registryService;
    }

    private void initJACCPolicyContextHandlers() throws PolicyContextException {
        logger.log(BasicLevel.DEBUG, "");
        JPolicyContextHandler jPolicyContextHandler = new JPolicyContextHandler();
        String[] keys = jPolicyContextHandler.getKeys();
        for (int i = 0; i < keys.length; i++) {
            logger.log(BasicLevel.DEBUG, "key " + keys[i]);
            PolicyContext.registerHandler(keys[i], jPolicyContextHandler, true);
        }
    }

    public void doStart() throws ServiceException {
        PolicyProvider.init();
        try {
            initJACCPolicyContextHandlers();
            try {
                this.jResources = new JResources(this);
                try {
                    JResourceRemoteImpl jResourceRemoteImpl = new JResourceRemoteImpl(this);
                    this.ictx = getRegistryService().getRegistryContext();
                    this.ictx.rebind(getJonasServerName() + REMOTE_RESOUCE, jResourceRemoteImpl);
                    this.jmxService.registerMBean(this, JonasObjectName.securityService(getDomainName()));
                } catch (Exception e) {
                    logger.log(BasicLevel.ERROR, "Cannot create initial context when Security service initializing");
                    throw new ServiceException("Cannot create initial context when Security service initializing", e);
                }
            } catch (ServiceException e2) {
                logger.log(BasicLevel.ERROR, "JMX service not available", e2);
            } catch (Throwable th) {
                logger.log(BasicLevel.ERROR, "SecurityService: Cannot start the Security service:\n" + th);
                th.printStackTrace();
                throw new ServiceException("SecurityService: Cannot start the Security service", th);
            }
            createRealm();
            try {
                registerResourcesMBeans();
                logger.log(BasicLevel.INFO, "Security Service started");
            } catch (MalformedObjectNameException e3) {
                throw new ServiceException("SecurityService: Cannot register mbeans", e3);
            }
        } catch (PolicyContextException e4) {
            logger.log(BasicLevel.ERROR, "Cannot init JACCPolicyContextHandlers");
            throw new ServiceException("Cannot init JACCPolicyContextHandlers :" + e4);
        }
    }

    private void registerResourcesMBeans() throws MalformedObjectNameException {
        Enumeration<JResource> resources = this.jResources.getResources();
        String domainName = getDomainName();
        while (resources.hasMoreElements()) {
            JResource nextElement = resources.nextElement();
            if (nextElement instanceof JResourceMemory) {
                String name = nextElement.getName();
                JResourceMemory jResourceMemory = (JResourceMemory) nextElement;
                jResourceMemory.setJmxService(this.jmxService);
                jResourceMemory.setDomainName(domainName);
                Hashtable<String, JUser> users = jResourceMemory.getUsers();
                Enumeration<String> keys = users.keys();
                while (keys.hasMoreElements()) {
                    String nextElement2 = keys.nextElement();
                    this.jmxService.registerMBean(users.get(nextElement2), JonasObjectName.user(domainName, name, nextElement2));
                }
                Hashtable<String, Group> groups = jResourceMemory.getGroups();
                Enumeration<String> keys2 = groups.keys();
                while (keys2.hasMoreElements()) {
                    String nextElement3 = keys2.nextElement();
                    this.jmxService.registerMBean(groups.get(nextElement3), JonasObjectName.group(domainName, name, nextElement3));
                }
                Hashtable<String, Role> roles = jResourceMemory.getRoles();
                Enumeration<String> keys3 = roles.keys();
                while (keys3.hasMoreElements()) {
                    String nextElement4 = keys3.nextElement();
                    this.jmxService.registerMBean(roles.get(nextElement4), JonasObjectName.role(domainName, name, nextElement4));
                }
            }
        }
    }

    public void doStop() {
        if (this.jmxService != null) {
            try {
                removeJResources();
            } catch (Exception e) {
                logger.log(BasicLevel.ERROR, "Cannot remove JResources", e);
            }
            this.jmxService.unregisterMBean(JonasObjectName.securityService(getDomainName()));
        }
        try {
            this.ictx.unbind(getJonasServerName() + REMOTE_RESOUCE);
            logger.log(BasicLevel.INFO, "Security Service stopped");
        } catch (Exception e2) {
            logger.log(BasicLevel.ERROR, "Cannot unbind remote resource for security access", e2);
            throw new ServiceException("Cannot unbind remote resource for security access", e2);
        }
    }

    private void removeJResources() throws Exception {
        Enumeration<JResource> resources = this.jResources.getResources();
        while (resources.hasMoreElements()) {
            removeJResource(resources.nextElement().getName());
        }
    }

    public JResource getJResource(String str) {
        return this.jResources.getJResource(str);
    }

    private void createRealm() throws ServiceException {
        File file = null;
        try {
            file = getConfigFile();
            try {
                JResourceManager.getInstance().addResources(this.jResources, new FileReader(file), file.getPath());
            } catch (Throwable th) {
                String str = "Cannot add security resource from '" + file + "'";
                logger.log(BasicLevel.ERROR, str);
                throw new ServiceException(str, th);
            }
        } catch (FileNotFoundException e) {
            logger.log(BasicLevel.ERROR, "Cannot find config file " + file);
            throw new ServiceException(e.getMessage(), e);
        }
    }

    protected File getConfigFile() throws FileNotFoundException {
        String str = System.getProperty("jonas.base") + File.separator + CONFIG_FILE;
        File file = new File(str);
        if (file.exists()) {
            return file;
        }
        throw new FileNotFoundException("Can't find configuration file : " + str);
    }

    public String toXML() {
        return this.jResources.toXML();
    }

    @Override // org.ow2.jonas.security.internal.JonasSecurityServiceImplMBean
    public String encryptPassword(String str, String str2) throws NoSuchAlgorithmException {
        return "{" + str2.toUpperCase() + "}" + HashHelper.hashPassword(str, str2);
    }

    @Override // org.ow2.jonas.security.internal.JonasSecurityServiceImplMBean
    public boolean isValidAlgorithm(String str) {
        boolean z = true;
        try {
            encryptPassword("test", str);
        } catch (NoSuchAlgorithmException e) {
            z = false;
        }
        return z;
    }

    @Override // org.ow2.jonas.security.internal.JonasSecurityServiceImplMBean
    public void addResources(String str) throws Exception {
        try {
            JResourceManager.getInstance().addResources(this.jResources, new StringReader(str), "");
        } catch (Exception e) {
            String str2 = "Cannot add security resource from xml '" + str + "'";
            logger.log(BasicLevel.ERROR, str2);
            throw new ServiceException(str2, e);
        }
    }

    @Override // org.ow2.jonas.security.internal.JonasSecurityServiceImplMBean
    public void addJResourceMemory(String str) throws Exception {
        JResourceMemory jResourceMemory = new JResourceMemory();
        jResourceMemory.setSecurityService(this);
        jResourceMemory.setJmxService(this.jmxService);
        jResourceMemory.setDomainName(getDomainName());
        jResourceMemory.setName(str);
        StringBuffer stringBuffer = new StringBuffer(JResources.HEADER_XML);
        stringBuffer.append("<jonas-realm>");
        stringBuffer.append("<jonas-memoryrealm>");
        stringBuffer.append(jResourceMemory.toXML());
        stringBuffer.append("</jonas-memoryrealm>");
        stringBuffer.append("</jonas-realm>");
        addResources(stringBuffer.toString());
    }

    @Override // org.ow2.jonas.security.internal.JonasSecurityServiceImplMBean
    public void addJResourceDS(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9) throws Exception {
        JResourceDS jResourceDS = new JResourceDS();
        jResourceDS.setSecurityService(this);
        jResourceDS.setJmxService(this.jmxService);
        jResourceDS.setDomainName(getDomainName());
        jResourceDS.setName(str);
        jResourceDS.setDsName(str2);
        jResourceDS.setUserTable(str3);
        jResourceDS.setUserTableUsernameCol(str4);
        jResourceDS.setUserTablePasswordCol(str5);
        jResourceDS.setRoleTable(str6);
        jResourceDS.setRoleTableUsernameCol(str7);
        jResourceDS.setRoleTableRolenameCol(str8);
        jResourceDS.setAlgorithm(str9);
        StringBuffer stringBuffer = new StringBuffer(JResources.HEADER_XML);
        stringBuffer.append("<jonas-realm>");
        stringBuffer.append("<jonas-dsrealm>");
        stringBuffer.append(jResourceDS.toXML());
        stringBuffer.append("</jonas-dsrealm>");
        stringBuffer.append("</jonas-realm>");
        addResources(stringBuffer.toString());
    }

    @Override // org.ow2.jonas.security.internal.JonasSecurityServiceImplMBean
    public void addJResourceLDAP(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, String str10, String str11, String str12, String str13, String str14, String str15, String str16, String str17, String str18, String str19, String str20) throws Exception {
        JResourceLDAP jResourceLDAP = new JResourceLDAP();
        jResourceLDAP.setSecurityService(this);
        jResourceLDAP.setJmxService(this.jmxService);
        jResourceLDAP.setDomainName(getDomainName());
        jResourceLDAP.setName(str);
        jResourceLDAP.setInitialContextFactory(str2);
        jResourceLDAP.setProviderUrl(str3);
        jResourceLDAP.setSecurityAuthentication(str4);
        jResourceLDAP.setSecurityPrincipal(str5);
        jResourceLDAP.setSecurityCredentials(str6);
        jResourceLDAP.setSecurityProtocol(str7);
        jResourceLDAP.setLanguage(str8);
        jResourceLDAP.setReferral(str9);
        jResourceLDAP.setStateFactories(str10);
        jResourceLDAP.setAuthenticationMode(str11);
        jResourceLDAP.setUserPasswordAttribute(str12);
        jResourceLDAP.setUserRolesAttribute(str13);
        jResourceLDAP.setRoleNameAttribute(str14);
        jResourceLDAP.setBaseDN(str15);
        jResourceLDAP.setUserDN(str16);
        jResourceLDAP.setUserSearchFilter(str17);
        jResourceLDAP.setRoleDN(str18);
        jResourceLDAP.setRoleSearchFilter(str19);
        jResourceLDAP.setAlgorithm(str20);
        StringBuffer stringBuffer = new StringBuffer(JResources.HEADER_XML);
        stringBuffer.append("<jonas-realm>");
        stringBuffer.append("<jonas-ldaprealm>");
        stringBuffer.append(jResourceLDAP.toXML());
        stringBuffer.append("</jonas-ldaprealm>");
        stringBuffer.append("</jonas-realm>");
        addResources(stringBuffer.toString());
    }

    public void bindResource(String str, JResource jResource) {
        if (this.bindResourcesIntoJndi) {
            try {
                this.ictx.rebind(jResource.getName(), jResource);
                if (logger.isLoggable(BasicLevel.DEBUG)) {
                    logger.log(BasicLevel.DEBUG, "jResource " + jResource.getName() + " bound into the registry.");
                }
            } catch (NamingException e) {
                logger.log(BasicLevel.ERROR, "Cannot bind the resource '" + jResource.getName() + "' into JNDI", e);
            }
        }
        try {
            if (jResource instanceof JResourceMemory) {
                this.jmxService.registerMBean(jResource, JonasObjectName.securityMemoryFactory(getDomainName(), jResource.getName()));
            } else if (jResource instanceof JResourceDS) {
                this.jmxService.registerMBean(jResource, JonasObjectName.securityDatasourceFactory(getDomainName(), jResource.getName()));
            } else if (jResource instanceof JResourceLDAP) {
                this.jmxService.registerMBean(jResource, JonasObjectName.securityLdapFactory(getDomainName(), jResource.getName()));
            }
        } catch (Exception e2) {
            logger.log(BasicLevel.ERROR, "Can not register the MBean for the resource " + jResource.getName() + " : " + e2.getMessage());
            throw new ServiceException("Can not register the MBean for the resource " + jResource.getName() + " : " + e2.getMessage());
        } catch (ServiceException e3) {
            logger.log(BasicLevel.ERROR, "JMX service not available", e3);
        }
    }

    public void setJmxService(JmxService jmxService) {
        this.jmxService = jmxService;
    }
}
