package com.ibm.ejs.security;

import com.ibm.ejs.oa.EJSORB;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ejs.security.SecurityCollaborator;
import com.ibm.etools.archive.util.FinderHelperMetaDataConverter;
import com.ibm.etools.j2ee.xml.EarDeploymentDescriptorXmlMapperI;
import com.ibm.websphere.csi.CSIException;
import com.ibm.websphere.csi.CollaboratorCookie;
import com.ibm.websphere.csi.EJBConfigData;
import com.ibm.websphere.csi.EJBKey;
import com.ibm.websphere.csi.EJBMethodInfo;
import com.ibm.websphere.csi.SecurityCookie;
import com.ibm.ws.security.ejb.SecurityBeanCookie;
import javax.naming.Context;
import org.omg.Security.CredentialType;
import org.omg.Security.InvalidCredentialType;
import org.omg.SecurityLevel2.Credentials;

/* loaded from: input_file:lib/security.jar:com/ibm/ejs/security/EJSSecurityCollaborator.class */
public class EJSSecurityCollaborator extends SecurityCollaborator {
    private static TraceComponent tc;
    private static EJSSecurityCollaborator securityCollaboratorInstance;
    private static final String[] UNPROTECTED;
    protected SecurityCollaborator.Delegation delegationPolicy;
    static Class class$com$ibm$ejs$security$EJSSecurityCollaborator;

    public EJSSecurityCollaborator() {
        securityCollaboratorInstance = this;
        String property = EJSORB.getORBInstance().getProperty("com.ibm.CORBA.delegateCredentials");
        if (property.equalsIgnoreCase("simple")) {
            this.delegationPolicy = new SecurityCollaborator.SimpleDelegation(this);
        } else if (property.equalsIgnoreCase("none")) {
            this.delegationPolicy = new SecurityCollaborator.NoDelegation(this);
        } else {
            this.delegationPolicy = new SecurityCollaborator.MethodDelegation(this);
        }
    }

    public static EJSSecurityCollaborator getInstance() {
        return securityCollaboratorInstance;
    }

    public static void initialize(Context context) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initialize");
        }
        SecurityCollaborator.initialize(context);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "initialize");
        }
    }

    @Override // com.ibm.ejs.security.SecurityCollaborator, com.ibm.websphere.csi.BeforeActivationCollaborator
    public CollaboratorCookie preInvoke(EJBKey eJBKey, EJBMethodInfo eJBMethodInfo, CollaboratorCookie collaboratorCookie) throws CSIException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "preInvoke");
        }
        if (!SecurityCollaborator.securityEnabled) {
            return null;
        }
        Credentials[] received_credentials = SecurityCollaborator.current.received_credentials();
        Credentials ownedCredentials = SecurityCollaborator.getOwnedCredentials();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, new StringBuffer().append("receivedCreds is null: ").append(received_credentials == null).toString());
        }
        Credentials credentials = null;
        try {
            credentials = SecurityCollaborator.current.get_credentials(CredentialType.SecInvocationCredentials, false, false, null);
        } catch (InvalidCredentialType e) {
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, new StringBuffer().append("invokedCred is null: ").append(credentials == null).toString());
        }
        SetUnauthenticatedCredIfNeeded(credentials, received_credentials);
        Credentials[] performAuthorization = performAuthorization(eJBKey, eJBMethodInfo, ownedCredentials, received_credentials, (SecurityBeanCookie) collaboratorCookie);
        Credentials credentials2 = null;
        if (performAuthorization != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "performAuthorization returned non null retCreds");
            }
            credentials2 = performAuthorization[1] != null ? performAuthorization[1] : performAuthorization[0];
        }
        Credentials credentials3 = credentials2;
        eJBMethodInfo.getHomeName();
        if (!isUnprotected(((SecurityBeanCookie) collaboratorCookie).getBeanName())) {
            credentials3 = this.delegationPolicy.delegate(eJBKey, eJBMethodInfo, ownedCredentials, credentials2, (SecurityBeanCookie) collaboratorCookie);
        }
        setCredentials(received_credentials, credentials2, credentials3);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "preInvoke");
        }
        return (CollaboratorCookie) SecurityCollaborator.getCookie(performAuthorization);
    }

    public void preInvokeSimple(String str, CollaboratorCookie collaboratorCookie) throws CSIException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "preInvoke");
        }
        if (SecurityCollaborator.securityEnabled) {
            Credentials[] received_credentials = SecurityCollaborator.current.received_credentials();
            SecurityCollaborator.getOwnedCredentials();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("receivedCreds is null: ").append(received_credentials == null).toString());
            }
            Credentials credentials = null;
            try {
                credentials = SecurityCollaborator.current.get_credentials(CredentialType.SecInvocationCredentials, false, false, null);
            } catch (InvalidCredentialType e) {
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("invokedCred is null: ").append(credentials == null).toString());
            }
            performAuthorizationSimple(str, credentials, received_credentials, (SecurityBeanCookie) collaboratorCookie);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "preInvokeSimple");
            }
        }
    }

    @Override // com.ibm.ejs.security.SecurityCollaborator
    protected boolean isUnprotected(String str) {
        for (int i = 0; i < UNPROTECTED.length; i++) {
            if (UNPROTECTED[i].equals(str)) {
                return true;
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.ejs.security.SecurityCollaborator
    public String resolveHomeMethod(String str) {
        String resolveHomeMethod;
        if (str.startsWith(FinderHelperMetaDataConverter.FIND)) {
            StringBuffer stringBuffer = new StringBuffer(3 + str.length());
            stringBuffer.append(EarDeploymentDescriptorXmlMapperI.EJB).append(str);
            stringBuffer.setCharAt(3, 'F');
            resolveHomeMethod = stringBuffer.toString();
        } else {
            resolveHomeMethod = super.resolveHomeMethod(str);
        }
        return resolveHomeMethod;
    }

    @Override // com.ibm.ejs.security.SecurityCollaborator, com.ibm.websphere.csi.BeforeActivationCollaborator
    public void postInvoke(EJBKey eJBKey, EJBMethodInfo eJBMethodInfo, CollaboratorCookie collaboratorCookie, CollaboratorCookie collaboratorCookie2) throws CSIException {
        super.postInvokeCommon(eJBKey, eJBMethodInfo, (SecurityCookie) collaboratorCookie, collaboratorCookie2);
    }

    @Override // com.ibm.ejs.security.SecurityCollaborator, com.ibm.websphere.csi.BeforeActivationCollaborator
    public CollaboratorCookie beanInstalled(EJBConfigData eJBConfigData) {
        return installBean(eJBConfigData);
    }

    @Override // com.ibm.ejs.security.SecurityCollaborator, com.ibm.websphere.csi.BeforeActivationCollaborator
    public void beanUninstalled(CollaboratorCookie collaboratorCookie) {
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$ibm$ejs$security$EJSSecurityCollaborator == null) {
            cls = class$("com.ibm.ejs.security.EJSSecurityCollaborator");
            class$com$ibm$ejs$security$EJSSecurityCollaborator = cls;
        } else {
            cls = class$com$ibm$ejs$security$EJSSecurityCollaborator;
        }
        tc = Tr.register(cls);
        UNPROTECTED = new String[]{"RemoteSRP", "RemoteSRPHome", "SrdSrvltCtxHome", "SessionBMP", "UPManager", "UP_ReadOnly", "UP_ReadWrite"};
    }
}
