package org.ow2.jonas.web.tomcat6.ws;

import java.io.File;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.catalina.Context;
import org.apache.catalina.Host;
import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleEvent;
import org.apache.catalina.LifecycleListener;
import org.apache.catalina.authenticator.Constants;
import org.apache.catalina.core.StandardContext;
import org.apache.catalina.core.StandardWrapper;
import org.apache.catalina.deploy.LoginConfig;
import org.apache.catalina.deploy.SecurityCollection;
import org.apache.catalina.deploy.SecurityConstraint;
import org.apache.catalina.startup.ContextConfig;
import org.ow2.jonas.deployment.web.WebContainerDeploymentDesc;
import org.ow2.jonas.lib.security.PermissionManagerException;
import org.ow2.jonas.web.base.lib.PermissionManager;
import org.ow2.jonas.web.tomcat6.JOnASStandardContext;
import org.ow2.jonas.web.tomcat6.Tomcat6Service;
import org.ow2.jonas.web.tomcat6.security.Realm;
import org.ow2.jonas.web.tomcat6.ws.security.SecureWebDeploymentDescBuilder;
import org.ow2.jonas.web.tomcat6.ws.strategy.EjbJarContextNamingStrategy;
import org.ow2.jonas.ws.jaxws.IWebservicesContainer;
import org.ow2.jonas.ws.jaxws.IWebservicesModule;
import org.ow2.jonas.ws.jaxws.PortMetaData;
import org.ow2.jonas.ws.jaxws.WSException;
import org.ow2.jonas.ws.jaxws.ejb.IEJBWebserviceEndpoint;
import org.ow2.jonas.ws.jaxws.ejb.ISecurityConstraint;
import org.ow2.jonas.ws.jaxws.ejb.IWebDeployer;
import org.ow2.jonas.ws.jaxws.ejb.context.ContextNamingStrategyException;
import org.ow2.util.log.Log;
import org.ow2.util.log.LogFactory;

/* loaded from: input_file:org/ow2/jonas/web/tomcat6/ws/WebservicesWebDeployer.class */
public class WebservicesWebDeployer implements IWebDeployer {
    private static Log logger = LogFactory.getLog(WebservicesWebDeployer.class);
    private Tomcat6Service tomcatService;
    private String workDirectory;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/ow2/jonas/web/tomcat6/ws/WebservicesWebDeployer$WebContext.class */
    public static class WebContext {
        private String contextName;
        private String realmName;
        private String jaasEntry;

        public WebContext(String str, String str2, String str3) {
            this.contextName = str;
            this.realmName = str2;
            this.jaasEntry = str3;
        }

        public String getContextName() {
            return this.contextName;
        }

        public String getRealmName() {
            return this.realmName;
        }

        public String getJaasEntry() {
            return this.jaasEntry;
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            WebContext webContext = (WebContext) obj;
            if (this.contextName != null) {
                if (!this.contextName.equals(webContext.contextName)) {
                    return false;
                }
            } else if (webContext.contextName != null) {
                return false;
            }
            if (this.jaasEntry != null) {
                if (!this.jaasEntry.equals(webContext.jaasEntry)) {
                    return false;
                }
            } else if (webContext.jaasEntry != null) {
                return false;
            }
            return this.realmName != null ? this.realmName.equals(webContext.realmName) : webContext.realmName == null;
        }

        public int hashCode() {
            return (31 * ((31 * (this.contextName != null ? this.contextName.hashCode() : 0)) + (this.realmName != null ? this.realmName.hashCode() : 0))) + (this.jaasEntry != null ? this.jaasEntry.hashCode() : 0);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/ow2/jonas/web/tomcat6/ws/WebservicesWebDeployer$WebservicesContextLifecycleListener.class */
    public static class WebservicesContextLifecycleListener implements LifecycleListener {
        private WebservicesContextLifecycleListener() {
        }

        @Override // org.apache.catalina.LifecycleListener
        public void lifecycleEvent(LifecycleEvent lifecycleEvent) {
            if (Lifecycle.START_EVENT.equals(lifecycleEvent.getType())) {
                ((Context) lifecycleEvent.getLifecycle()).setConfigured(true);
                return;
            }
            if (Lifecycle.AFTER_START_EVENT.equals(lifecycleEvent.getType())) {
                Context context = (Context) lifecycleEvent.getLifecycle();
                for (String str : context.findApplicationListeners()) {
                    context.removeApplicationListener(str);
                }
            }
        }
    }

    public WebservicesWebDeployer(Tomcat6Service tomcat6Service) {
        this.tomcatService = tomcat6Service;
    }

    public void setWorkDirectory(String str) {
        this.workDirectory = str;
    }

    public void deploy(IWebservicesModule<? extends IWebservicesContainer<? extends IEJBWebserviceEndpoint>> iWebservicesModule) throws WSException {
        this.tomcatService.startInternalWebContainer();
        logger.debug("Deploying WsModule {0}", new Object[]{iWebservicesModule.getName()});
        for (Map.Entry<WebContext, List<IEJBWebserviceEndpoint>> entry : getWebContextPartitions(iWebservicesModule).entrySet()) {
            deployEndpoints(entry.getKey(), entry.getValue());
        }
    }

    protected void deployEndpoints(WebContext webContext, List<IEJBWebserviceEndpoint> list) throws WSException {
        logger.debug("Deploying Web Context {0}", new Object[]{webContext.getContextName()});
        JOnASStandardContext createWebservicesContext = createWebservicesContext(webContext.getContextName());
        Host defaultHost = getDefaultHost();
        configureSecurityRealm(defaultHost, createWebservicesContext, webContext, list);
        for (IEJBWebserviceEndpoint iEJBWebserviceEndpoint : list) {
            configureWebservicesServlet(createWebservicesContext, iEJBWebserviceEndpoint);
            PortMetaData portMetaData = iEJBWebserviceEndpoint.getPortMetaData();
            portMetaData.setEndpointURL(URLUtils.getEndpointURL(portMetaData, defaultHost));
        }
        defaultHost.addChild(createWebservicesContext);
    }

    private void configureSecurityRealm(Host host, JOnASStandardContext jOnASStandardContext, WebContext webContext, List<IEJBWebserviceEndpoint> list) throws WSException {
        Realm realm = null;
        if (webContext.getRealmName() != null) {
            realm = this.tomcatService.createJOnASRealm(webContext.getRealmName(), true);
        } else if (webContext.getJaasEntry() != null) {
            realm = this.tomcatService.createJOnASRealm(webContext.getJaasEntry(), false);
        } else {
            org.apache.catalina.Realm realm2 = host.getRealm();
            if (realm2 != null && (realm2 instanceof Realm)) {
                try {
                    realm = (Realm) ((Realm) realm2).clone();
                } catch (CloneNotSupportedException e) {
                    throw new WSException("Cannot clone the realm used by the existing context or its parent realm", e);
                }
            }
        }
        if (realm != null) {
            String str = host.getName() + jOnASStandardContext.getPath();
            WebContainerDeploymentDesc createWebDeploymentDescriptor = createWebDeploymentDescriptor(list);
            realm.setPermissionManager(createPermissionManager(str, createWebDeploymentDescriptor));
            jOnASStandardContext.setWebDeploymentDescriptor(createWebDeploymentDescriptor);
            realm.setContext(jOnASStandardContext);
            jOnASStandardContext.setRealm(realm);
        }
    }

    private PermissionManager createPermissionManager(String str, WebContainerDeploymentDesc webContainerDeploymentDesc) throws WSException {
        try {
            PermissionManager permissionManager = new PermissionManager(webContainerDeploymentDesc, str, true);
            permissionManager.translateServletDeploymentDescriptor();
            permissionManager.commit();
            return permissionManager;
        } catch (PermissionManagerException e) {
            throw new WSException("Cannot construct PermissionManager", e);
        }
    }

    private WebContainerDeploymentDesc createWebDeploymentDescriptor(List<IEJBWebserviceEndpoint> list) throws WSException {
        SecureWebDeploymentDescBuilder secureWebDeploymentDescBuilder = new SecureWebDeploymentDescBuilder();
        ArrayList arrayList = new ArrayList();
        Iterator<IEJBWebserviceEndpoint> it = list.iterator();
        while (it.hasNext()) {
            ISecurityConstraint securityConstraint = it.next().getSecurityConstraint();
            if (securityConstraint != null) {
                arrayList.add(securityConstraint);
            }
        }
        return secureWebDeploymentDescBuilder.createJOnASWebDescriptor(arrayList);
    }

    public void undeploy(IWebservicesModule<? extends IWebservicesContainer<? extends IEJBWebserviceEndpoint>> iWebservicesModule) {
        Context context;
        PermissionManager permissionManager;
        this.tomcatService.startInternalWebContainer();
        logger.debug("Undeploying WsModule {0}", new Object[]{iWebservicesModule.getName()});
        for (String str : getAssociatedWebContexts(iWebservicesModule)) {
            Host defaultHost = getDefaultHost();
            if (defaultHost != null && (context = (Context) defaultHost.findChild(str)) != null) {
                logger.debug("Undeploying Web Context {0}", new Object[]{str});
                File file = new File(context.getDocBase());
                if (file.isDirectory()) {
                    file.delete();
                }
                defaultHost.removeChild(context);
                org.apache.catalina.Realm realm = context.getRealm();
                if (realm != null && (realm instanceof Realm) && (permissionManager = ((Realm) realm).getPermissionManager()) != null) {
                    try {
                        permissionManager.delete();
                    } catch (PermissionManagerException e) {
                        logger.debug("Cannot delete PermissionManager of Context ''{0}''", new Object[]{str, e});
                    }
                }
            }
        }
    }

    protected List<String> getAssociatedWebContexts(IWebservicesModule<? extends IWebservicesContainer<? extends IEJBWebserviceEndpoint>> iWebservicesModule) {
        ArrayList arrayList = new ArrayList();
        Iterator it = iWebservicesModule.getContainers().iterator();
        while (it.hasNext()) {
            Iterator it2 = ((IWebservicesContainer) it.next()).getEndpoints().iterator();
            while (it2.hasNext()) {
                arrayList.add((String) ((IEJBWebserviceEndpoint) it2.next()).getDeploymentInfos().get("context-name"));
            }
        }
        return arrayList;
    }

    private void configureWebservicesServlet(StandardContext standardContext, IEJBWebserviceEndpoint iEJBWebserviceEndpoint) {
        StandardWrapper wrapWebserviceEndpoint = wrapWebserviceEndpoint(iEJBWebserviceEndpoint);
        configureSecurityConstraints(standardContext, iEJBWebserviceEndpoint);
        logger.debug("Added Wrapper/Servlet: {0}", new Object[]{wrapWebserviceEndpoint});
        standardContext.addChild(wrapWebserviceEndpoint);
        standardContext.addServletMapping(iEJBWebserviceEndpoint.getPortMetaData().getUrlPattern(), wrapWebserviceEndpoint.getServletName());
    }

    private void configureSecurityConstraints(StandardContext standardContext, IEJBWebserviceEndpoint iEJBWebserviceEndpoint) {
        if (iEJBWebserviceEndpoint.getSecurityConstraint() == null) {
            return;
        }
        ISecurityConstraint securityConstraint = iEJBWebserviceEndpoint.getSecurityConstraint();
        SecurityConstraint securityConstraint2 = new SecurityConstraint();
        securityConstraint2.setUserConstraint(securityConstraint.getTransportGuarantee());
        Iterator it = securityConstraint.getRoleNames().iterator();
        while (it.hasNext()) {
            securityConstraint2.addAuthRole((String) it.next());
        }
        SecurityCollection securityCollection = new SecurityCollection();
        securityCollection.addPattern(securityConstraint.getUrlPattern());
        if (securityConstraint.getHttpMethods() != null) {
            Iterator it2 = securityConstraint.getHttpMethods().iterator();
            while (it2.hasNext()) {
                securityCollection.addMethod((String) it2.next());
            }
        }
        securityConstraint2.addCollection(securityCollection);
        standardContext.addConstraint(securityConstraint2);
        Iterator it3 = securityConstraint.getRoleNames().iterator();
        while (it3.hasNext()) {
            standardContext.addSecurityRole((String) it3.next());
        }
        LoginConfig loginConfig = new LoginConfig();
        String authMethod = securityConstraint.getAuthMethod();
        if (authMethod == null) {
            authMethod = Constants.BASIC_METHOD;
        } else if ("FORM".equals(authMethod) || "NONE".equals(authMethod)) {
            logger.warn("This is an error to set auth-method to ''{0}'', changing it to ''BASIC''", new Object[]{authMethod});
            authMethod = Constants.BASIC_METHOD;
        }
        loginConfig.setAuthMethod(authMethod);
        loginConfig.setRealmName(securityConstraint.getRealmName());
        standardContext.setLoginConfig(loginConfig);
    }

    private Map<WebContext, List<IEJBWebserviceEndpoint>> getWebContextPartitions(IWebservicesModule<? extends IWebservicesContainer<? extends IEJBWebserviceEndpoint>> iWebservicesModule) throws WSException {
        HashMap hashMap = new HashMap();
        Host defaultHost = getDefaultHost();
        Iterator it = iWebservicesModule.getContainers().iterator();
        while (it.hasNext()) {
            for (IEJBWebserviceEndpoint iEJBWebserviceEndpoint : ((IWebservicesContainer) it.next()).getEndpoints()) {
                String contextRoot = getContextRoot(iEJBWebserviceEndpoint);
                WebContext webContext = new WebContext(contextRoot, iEJBWebserviceEndpoint.getSecurityConstraint() != null ? iEJBWebserviceEndpoint.getSecurityConstraint().getRealmName() : null, null);
                if (defaultHost.findChild(contextRoot) != null) {
                    throw new WSException("Context '" + contextRoot + "' already deployed in Host '" + defaultHost + "'");
                }
                if (hashMap.containsKey(webContext)) {
                    ((List) hashMap.get(webContext)).add(iEJBWebserviceEndpoint);
                } else {
                    if (findWebContext(hashMap.keySet(), contextRoot) != null) {
                        List list = (List) hashMap.get(findWebContext(hashMap.keySet(), contextRoot));
                        StringBuilder sb = new StringBuilder();
                        sb.append("Context '");
                        sb.append(contextRoot);
                        sb.append("' for Bean WSEndpoint '");
                        sb.append(iEJBWebserviceEndpoint.getContextNamingInfo().getBeanName());
                        sb.append("' is incompatible in regards to security with a context used by beans [");
                        Iterator it2 = list.iterator();
                        while (it2.hasNext()) {
                            sb.append(((IEJBWebserviceEndpoint) it2.next()).getContextNamingInfo().getBeanName());
                            sb.append(" ");
                        }
                        sb.append("]. ");
                        sb.append("Specify the <session>/<context-root> element in the META-INF/easybeans.xml ");
                        sb.append("or set compatibles <session>/<realm-name> (or <session>/<jaas-entry>)");
                        throw new WSException(sb.toString());
                    }
                    ArrayList arrayList = new ArrayList();
                    arrayList.add(iEJBWebserviceEndpoint);
                    hashMap.put(webContext, arrayList);
                }
            }
        }
        return hashMap;
    }

    private WebContext findWebContext(Set<WebContext> set, String str) {
        for (WebContext webContext : set) {
            if (str.equals(webContext.getContextName())) {
                return webContext;
            }
        }
        return null;
    }

    private Host getDefaultHost() {
        return this.tomcatService.findHost(null);
    }

    protected JOnASStandardContext createWebservicesContext(String str) {
        JOnASStandardContext jOnASStandardContext = new JOnASStandardContext(false, true, false);
        jOnASStandardContext.setPath(str);
        jOnASStandardContext.setTomcatService(this.tomcatService);
        File file = new File(this.workDirectory, str);
        if (!file.exists()) {
            file.mkdirs();
        }
        jOnASStandardContext.setDocBase(file.getPath());
        jOnASStandardContext.addLifecycleListener(new WebservicesContextLifecycleListener());
        jOnASStandardContext.addLifecycleListener(new ContextConfig());
        return jOnASStandardContext;
    }

    private String getContextRoot(IEJBWebserviceEndpoint iEJBWebserviceEndpoint) throws WSException {
        String contextRoot = iEJBWebserviceEndpoint.getPortMetaData().getContextRoot();
        if (contextRoot == null) {
            try {
                contextRoot = new EjbJarContextNamingStrategy().getContextName(iEJBWebserviceEndpoint.getContextNamingInfo());
            } catch (ContextNamingStrategyException e) {
                throw new WSException("Cannot define a web context name for endpoint " + iEJBWebserviceEndpoint, e);
            }
        }
        if (!contextRoot.startsWith("/")) {
            contextRoot = "/" + contextRoot;
        }
        iEJBWebserviceEndpoint.getPortMetaData().setContextRoot(contextRoot);
        iEJBWebserviceEndpoint.getDeploymentInfos().put("context-name", contextRoot);
        return contextRoot;
    }

    protected StandardWrapper wrapWebserviceEndpoint(IEJBWebserviceEndpoint iEJBWebserviceEndpoint) {
        WebServiceEndpointStandardWrapper webServiceEndpointStandardWrapper = new WebServiceEndpointStandardWrapper(iEJBWebserviceEndpoint, iEJBWebserviceEndpoint.getContextNamingInfo().getBeanName());
        webServiceEndpointStandardWrapper.setParentClassLoader(getClass().getClassLoader());
        return webServiceEndpointStandardWrapper;
    }
}
