package com.ibm.ISecurityLocalObjectCSIv2UtilityImpl;

import com.ibm.CORBA.iiop.ExtendedClientRequestInfo;
import com.ibm.CORBA.iiop.ExtendedServerRequestInfo;
import com.ibm.ISecurityL13SupportImpl.SecurityLogger;
import com.ibm.ISecurityL13SupportImpl.SecurityMessages;
import com.ibm.ISecurityLocalObjectBaseL13Impl.CSICredentialsManager;
import com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityContextImpl;
import com.ibm.ISecurityLocalObjectBaseL13Impl.VaultImpl;
import com.ibm.ISecurityUtilityImpl.CSIUtil;
import com.ibm.ISecurityUtilityImpl.SecurityConfiguration;
import com.ibm.ISecurityUtilityImpl.SecurityMinorCodes;
import com.ibm.ejs.ras.RasHelper;
import com.ibm.ejs.util.am.AlarmListener;
import com.ibm.ejs.util.am.AlarmManager;
import com.ibm.websphere.security.cred.WSCredential;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.orbimpl.transport.ConnectionInformationImpl;
import com.ibm.ws.security.auth.SubjectHelper;
import com.ibm.ws.security.core.ContextManager;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.security.core.SecurityConfig;
import com.ibm.ws.security.util.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.sql.Timestamp;
import java.util.Map;
import javax.security.auth.Subject;
import org.omg.CORBA.BAD_PARAM;
import org.omg.CORBA.CompletionStatus;
import org.omg.CORBA.NO_PERMISSION;
import org.omg.CORBA.SystemException;
import org.omg.CSI.CompleteEstablishContext;
import org.omg.CSI.ContextError;
import org.omg.CSI.EstablishContext;
import org.omg.CSI.SASContextBody;
import org.omg.IOP.ServiceContext;
import org.omg.PortableInterceptor.ClientRequestInfo;
import org.omg.PortableInterceptor.ForwardRequest;
import org.omg.PortableInterceptor.RequestInfo;
import org.omg.PortableInterceptor.ServerRequestInfo;

/* loaded from: input_file:com.ibm.ws.admin.client_6.1.0.jar:com/ibm/ISecurityLocalObjectCSIv2UtilityImpl/SessionManager.class */
public class SessionManager implements AlarmListener {
    private ConnectionTable serverConnTable;
    private ConnectionTable clientConnTable;
    private SecurityConfiguration secConfig;
    private VaultImpl vault;
    int sessionCleanupInterval;
    int sessionDiscardUnusedMillis;
    int sessionCacheMaxSize;
    int sessionCacheIdleTime;
    boolean sessionCacheLimitEnabled;
    private long context_generator = 1;
    private CSIUtil csiUtil = new CSIUtil();

    public SessionManager() {
        Boolean bool;
        this.serverConnTable = null;
        this.clientConnTable = null;
        this.secConfig = null;
        this.vault = null;
        this.sessionCleanupInterval = 300000;
        this.sessionDiscardUnusedMillis = SecurityConfiguration.DefaultSessionGCdiscardunused;
        this.sessionCacheMaxSize = -1;
        this.sessionCacheIdleTime = -1;
        this.sessionCacheLimitEnabled = false;
        this.serverConnTable = new ConnectionTable();
        this.clientConnTable = new ConnectionTable();
        VaultImpl.getInstance();
        this.secConfig = VaultImpl.getSecurityConfiguration();
        this.vault = VaultImpl.getInstance();
        this.sessionCleanupInterval = this.secConfig.getsessionGCinterval();
        this.sessionDiscardUnusedMillis = this.secConfig.getsessionGCdiscardunused();
        if (RasHelper.isServer() && (bool = new Boolean(ContextManagerFactory.getInstance().getProperty(SecurityConfig.CSIV2_SESSION_CACHE_LIMIT_ENABLED))) != null) {
            this.sessionCacheLimitEnabled = bool.booleanValue();
        }
        if (this.sessionCacheLimitEnabled) {
            Integer num = new Integer(ContextManagerFactory.getInstance().getProperty(SecurityConfig.CSIV2_SESSION_CACHE_MAX_SIZE));
            Integer num2 = new Integer(ContextManagerFactory.getInstance().getProperty(SecurityConfig.CSIV2_SESSION_CACHE_IDLE_TIME));
            if (num != null) {
                this.sessionCacheMaxSize = num.intValue();
            }
            if (num2 != null) {
                this.sessionCacheIdleTime = num2.intValue();
            }
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SessionManager.init", new StringBuffer().append("Session cache limit is enabled, session cache max size is ").append(this.sessionCacheMaxSize).append(" , session cache idle time is ").append(this.sessionCacheIdleTime).append(" milliseconds.").toString());
            }
            System.out.println(new StringBuffer().append("session cache limit is enabled, session cache max size is ").append(this.sessionCacheMaxSize).append(" , session cache idle time is ").append(this.sessionCacheIdleTime).append(" milliseconds.").toString());
        }
        if (this.sessionCacheMaxSize > 0 && this.sessionCacheIdleTime > 0) {
            System.out.println("Session cache max size is defined, disabling garbage collection for session entries\n");
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SessionManager.init", "Session cache max size is defined, disabling garbage collection for session entries\n");
                return;
            }
            return;
        }
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SessionManager.init", new StringBuffer().append("SessionManager cleanup alarm set for sessionGCinterval: ").append(this.sessionCleanupInterval).append(" milliseconds, sessionDiscardUnused: ").append(this.sessionDiscardUnusedMillis).append(" milliseconds.").toString());
        }
        long currentTimeMillis = System.currentTimeMillis() + this.sessionCleanupInterval;
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SessionManager.init", new StringBuffer().append("Next cleanup time: ").append(new Timestamp(currentTimeMillis)).toString());
        }
        AlarmManager.createDeferrable(this.sessionCleanupInterval, this);
    }

    public SessionEntry csi_server_session_lookup(long j, ServerConnectionKey serverConnectionKey, SASContextBody sASContextBody) {
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SessionManager.csi_server_session_lookup", new StringBuffer().append("Looking for unique server session with hash: ").append(serverConnectionKey.get_server_connection_hash()).append(":").append(j).toString());
        }
        Connection server_connection_lookup = server_connection_lookup(serverConnectionKey.get_server_connection_hash());
        SessionEntry sessionEntry = get_server_session_from_connection(j, server_connection_lookup);
        if (sessionEntry == null && sASContextBody != null && sASContextBody.discriminator() == 0) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SessionManager.csi_server_session_lookup", "Message is EstablishContext and session not found, adding new session entry.");
            }
            sessionEntry = add_server_session_to_connection(j, server_connection_lookup, sASContextBody.establish_msg());
        } else {
            if (sessionEntry == null && sASContextBody != null && sASContextBody.discriminator() == 5) {
                if (!SecurityLogger.debugTraceEnabled) {
                    return null;
                }
                SecurityLogger.debugMessage("SessionManager.csi_server_session_lookup", "Message is MessageInContext and session not found, returning null.");
                return null;
            }
            if (sessionEntry != null) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("SessionManager.csi_server_session_lookup", "Session has been found.");
                }
                if (sessionEntry.get_session_state() == 7 && sASContextBody != null && sASContextBody.discriminator() == 0) {
                    if (SecurityLogger.debugTraceEnabled) {
                        SecurityLogger.debugMessage("SessionManager.csi_server_session_lookup", "Message type is EstablishContext but session found was already SESSION_REJECTED, deleting session and creating new session.");
                    }
                    delete_server_session_from_connection(j, server_connection_lookup);
                    sessionEntry = add_server_session_to_connection(j, server_connection_lookup, sASContextBody.establish_msg());
                } else if (sASContextBody != null && sASContextBody.discriminator() == 0 && !sessionEntry.compare_establish_context_messages(sASContextBody.establish_msg())) {
                    if (SecurityLogger.debugTraceEnabled) {
                        SecurityLogger.debugMessage("SessionManager.csi_server_session_lookup", "Message type is EstablishContext but session found had different tokens.  Changing state of session to SESSION_CONFLICTING_EVIDENCE");
                    }
                    sessionEntry.set_session_state(3);
                }
            }
        }
        if (sessionEntry != null) {
            sessionEntry.update_session_usage_timestamp();
        }
        return sessionEntry;
    }

    public SessionEntry csi_client_session_lookup(ClientSessionKey clientSessionKey) {
        Connection client_connection_lookup = client_connection_lookup(clientSessionKey.get_connection_key());
        SessionEntry sessionEntry = get_client_session_from_connection(clientSessionKey, client_connection_lookup);
        if (sessionEntry == null) {
            sessionEntry = add_client_session_to_connection(clientSessionKey, client_connection_lookup);
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SessionManager.csi_client_session_lookup", new StringBuffer().append("Unique client session added with hash: ").append(clientSessionKey.get_client_session_hash()).append(":").append(sessionEntry.get_client_context_id()).toString());
            }
        } else {
            if (sessionEntry.get_session_state() == 7) {
                delete_client_session_from_connection(sessionEntry.get_client_context_id(), client_connection_lookup);
                sessionEntry = add_client_session_to_connection(clientSessionKey, client_connection_lookup);
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("SessionManager.csi_client_session_lookup", new StringBuffer().append("Previous session in SESSION_REJECTED state, adding new unique client session with hash: ").append(clientSessionKey.get_client_session_hash()).append(":").append(sessionEntry.get_client_context_id()).toString());
                }
            }
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SessionManager.csi_client_session_lookup", new StringBuffer().append("Found unique session with hash: ").append(clientSessionKey.get_client_session_hash()).append(":").append(sessionEntry.get_client_context_id()).toString());
            }
        }
        sessionEntry.update_session_usage_timestamp();
        return sessionEntry;
    }

    public void csi_client_session_status_update(long j, ClientSessionKey clientSessionKey, int i) {
        if (clientSessionKey != null) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SessionManager.csi_client_session_status_update", new StringBuffer().append("ContextID: ").append(j).append(", SessionHash: ").append(clientSessionKey.get_client_session_hash()).append(", SessionState: ").append(i).toString());
            }
            SessionEntry sessionEntry = get_client_session_by_context_id(j, clientSessionKey);
            if (clientSessionKey == null || sessionEntry == null) {
                return;
            }
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SessionManager.csi_client_session_status_update", new StringBuffer().append("Found unique session with hash: ").append(clientSessionKey.get_client_session_hash()).append(":").append(sessionEntry.get_client_context_id()).toString());
            }
            sessionEntry.set_session_state(i);
            update_client_session(clientSessionKey, sessionEntry);
        }
    }

    public void csi_client_session_ecmessage_update(long j, ClientSessionKey clientSessionKey, EstablishContext establishContext) {
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SessionManager.csi_client_session_ecmessage_update", new StringBuffer().append("Updating session: ").append(j).append(", clientSessionKey: ").append(clientSessionKey.get_client_session_hash()).toString());
        }
        if (clientSessionKey != null) {
            SessionEntry sessionEntry = get_client_session_by_context_id(j, clientSessionKey);
            if (sessionEntry != null) {
                sessionEntry.set_ec_message(establishContext);
                update_client_session(clientSessionKey, sessionEntry);
            } else if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SessionManager.csi_client_session_ecmessage_update", "Did not find a sessionEntry.");
            }
        }
    }

    private SessionEntry get_client_session_from_connection(ClientSessionKey clientSessionKey, Connection connection) {
        SessionEntry sessionEntry = null;
        if (clientSessionKey != null) {
            SessionHashTable sessionHashTable = connection.getSessionHashTable();
            SessionTable clientSessionTable = connection.getClientSessionTable();
            long j = sessionHashTable.get_session_hash(clientSessionKey);
            if (j != 0) {
                sessionEntry = clientSessionTable.get_session(j);
            }
        }
        return sessionEntry;
    }

    private synchronized SessionEntry get_client_session_by_context_id(long j, ClientSessionKey clientSessionKey) {
        Connection client_connection_lookup;
        SessionEntry sessionEntry = null;
        if (clientSessionKey != null && (client_connection_lookup = client_connection_lookup(clientSessionKey.get_connection_key())) != null) {
            SessionTable clientSessionTable = client_connection_lookup.getClientSessionTable();
            if (j != 0) {
                sessionEntry = clientSessionTable.get_session(j);
            }
        }
        return sessionEntry;
    }

    protected SessionEntry add_server_session_to_connection(long j, Connection connection, EstablishContext establishContext) {
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SessionManager.add_server_session_to_connection", "entry");
        }
        SessionEntry sessionEntry = null;
        SessionTable serverSessionTable = connection.getServerSessionTable();
        if (serverSessionTable != null) {
            int size = serverSessionTable.size();
            String stringBuffer = new StringBuffer().append("Server session table size is ").append(size).toString();
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage(stringBuffer, "entry");
            }
            if (this.sessionCacheMaxSize > 0 && this.sessionCacheIdleTime > 0 && size > this.sessionCacheMaxSize) {
                clean_server_sessions(serverSessionTable, this.sessionCacheIdleTime);
            }
            sessionEntry = new SessionEntry(j, establishContext, new StringBuffer().append(connection.get_connection_hash()).append(":").append(j).toString());
            if (sessionEntry != null) {
                serverSessionTable.add_session(j, sessionEntry);
            }
        } else if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("Server session table is null", "entry");
        }
        return sessionEntry;
    }

    private SessionEntry add_client_session_to_connection(ClientSessionKey clientSessionKey, Connection connection) {
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SessionManager.add_client_session_to_connection", "");
        }
        SessionEntry sessionEntry = null;
        SessionTable clientSessionTable = connection.getClientSessionTable();
        SessionHashTable sessionHashTable = connection.getSessionHashTable();
        if (sessionHashTable != null && clientSessionTable != null) {
            int size = clientSessionTable.size();
            String stringBuffer = new StringBuffer().append("Client session table size: ").append(size).toString();
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SessionManager.add_client_session_to_connection", stringBuffer);
            }
            if (this.sessionCacheMaxSize > 0 && this.sessionCacheIdleTime > 0 && size > this.sessionCacheMaxSize) {
                clean_client_sessions(clientSessionTable, sessionHashTable, this.sessionCacheIdleTime);
            }
            sessionEntry = new SessionEntry(get_next_context_id());
            if (sessionEntry == null) {
                throw new OutOfMemoryError();
            }
            sessionEntry.set_session_state(4);
            sessionEntry.set_client_session_key(clientSessionKey);
            sessionHashTable.add_session_hash(clientSessionKey, sessionEntry.get_client_context_id());
            clientSessionTable.add_session(sessionEntry.get_client_context_id(), sessionEntry);
        } else if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SessionManager.add_client_session_to_connection", "Session table, session hash table or both are null ");
        }
        return sessionEntry;
    }

    public void update_client_session(ClientSessionKey clientSessionKey, SessionEntry sessionEntry) {
        Connection client_connection_lookup;
        if (clientSessionKey == null || (client_connection_lookup = client_connection_lookup(clientSessionKey.get_connection_key())) == null) {
            return;
        }
        client_connection_lookup.getClientSessionTable().add_session(sessionEntry.get_client_context_id(), sessionEntry);
    }

    public synchronized boolean csi_message_stateful_after_postinvoke(ServerRequestInfo serverRequestInfo, SecurityContextImpl securityContextImpl) {
        long j = 0;
        boolean z = false;
        ConnectionInformationImpl connectionInformationImpl = (ConnectionInformationImpl) ((ExtendedServerRequestInfo) serverRequestInfo).getConnectionData();
        if (securityContextImpl != null) {
            j = securityContextImpl.get_stateful_context_id();
        }
        if (j != 0) {
            SessionEntry csi_server_session_get = csi_server_session_get(j, new ServerConnectionKey(connectionInformationImpl.getConnectionCreationTime(), connectionInformationImpl.getRemoteHost(), connectionInformationImpl.getRemotePort()));
            if (csi_server_session_get != null) {
                switch (csi_server_session_get.get_session_state()) {
                    case 1:
                        z = true;
                        break;
                    default:
                        z = false;
                        break;
                }
            }
        }
        return z;
    }

    public long csi_get_context_id_from_service_context(SecurityContextImpl securityContextImpl) {
        if (securityContextImpl != null) {
            return securityContextImpl.get_stateful_context_id();
        }
        return 0L;
    }

    public SessionEntry csi_server_session_get(long j, ServerConnectionKey serverConnectionKey) {
        return get_server_session_from_connection(j, server_connection_lookup(serverConnectionKey.get_server_connection_hash()));
    }

    public synchronized void csi_server_session_update(long j, ServerConnectionKey serverConnectionKey, SessionEntry sessionEntry) {
        Connection server_connection_lookup = server_connection_lookup(serverConnectionKey.get_server_connection_hash());
        if (sessionEntry == null || server_connection_lookup == null) {
            return;
        }
        update_server_session_to_connection(j, server_connection_lookup, sessionEntry);
    }

    public void csi_server_session_status_update(long j, ServerConnectionKey serverConnectionKey, int i) {
        Connection server_connection_lookup = server_connection_lookup(serverConnectionKey.get_server_connection_hash());
        SessionEntry sessionEntry = get_server_session_from_connection(j, server_connection_lookup);
        if (sessionEntry != null) {
            sessionEntry.set_session_state(i);
            update_server_session_to_connection(j, server_connection_lookup, sessionEntry);
        }
    }

    protected Connection server_connection_lookup(String str) {
        Connection connection = (Connection) this.serverConnTable.get(str);
        if (connection == null) {
            connection = new Connection();
            connection.set_connection_hash(str);
            this.serverConnTable.put(str, connection);
        }
        return connection;
    }

    protected Connection client_connection_lookup(String str) {
        Connection connection = (Connection) this.clientConnTable.get(str);
        if (connection == null) {
            connection = new Connection();
            connection.set_connection_hash(str);
            this.clientConnTable.put(str, connection);
        }
        return connection;
    }

    public void csi_delete_client_connection(String str) {
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SessionManager.csi_delete_client_connection", new StringBuffer().append("A connection has been broken to ").append(str).append(".  Removing session entries for this connection.").toString());
        }
        Connection connection = (Connection) this.clientConnTable.get(str);
        if (connection != null) {
            connection.getClientSessionTable().clear();
            connection.getSessionHashTable().clear();
            this.clientConnTable.remove(str);
        }
    }

    public void csi_delete_server_connection(String str) {
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SessionManager.csi_delete_server_connection", new StringBuffer().append("A connection has been broken to ").append(str).append(".  Removing session entries for this connection.").toString());
        }
        Connection connection = (Connection) this.serverConnTable.get(str);
        if (connection != null) {
            connection.getServerSessionTable().clear();
            this.serverConnTable.remove(str);
        }
    }

    protected SessionEntry get_server_session_from_connection(long j, Connection connection) {
        SessionTable serverSessionTable = connection.getServerSessionTable();
        if (serverSessionTable != null) {
            return serverSessionTable.get_session(j);
        }
        return null;
    }

    protected void delete_server_session_from_connection(long j, Connection connection) {
        SessionTable serverSessionTable = connection.getServerSessionTable();
        if (serverSessionTable != null) {
            serverSessionTable.delete_session(j);
        }
    }

    protected void delete_client_session_from_connection(long j, Connection connection) {
        SessionTable clientSessionTable = connection.getClientSessionTable();
        if (clientSessionTable != null) {
            clientSessionTable.delete_session(j);
        }
    }

    protected void update_server_session_to_connection(long j, Connection connection, SessionEntry sessionEntry) {
        SessionTable serverSessionTable = connection.getServerSessionTable();
        if (sessionEntry == null) {
            throw new BAD_PARAM();
        }
        serverSessionTable.add_session(j, sessionEntry);
    }

    /*  JADX ERROR: Failed to decode insn: 0x0005: MOVE_MULTI, method: com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.SessionManager.get_next_context_id():long
        java.lang.ArrayIndexOutOfBoundsException: arraycopy: source index -1 out of bounds for object array[8]
        	at java.base/java.lang.System.arraycopy(Native Method)
        	at jadx.plugins.input.java.data.code.StackState.insert(StackState.java:49)
        	at jadx.plugins.input.java.data.code.CodeDecodeState.insert(CodeDecodeState.java:118)
        	at jadx.plugins.input.java.data.code.JavaInsnsRegister.dup2x1(JavaInsnsRegister.java:313)
        	at jadx.plugins.input.java.data.code.JavaInsnData.decode(JavaInsnData.java:46)
        	at jadx.core.dex.instructions.InsnDecoder.lambda$process$0(InsnDecoder.java:54)
        	at jadx.plugins.input.java.data.code.JavaCodeReader.visitInstructions(JavaCodeReader.java:81)
        	at jadx.core.dex.instructions.InsnDecoder.process(InsnDecoder.java:50)
        	at jadx.core.dex.nodes.MethodNode.load(MethodNode.java:156)
        	at jadx.core.dex.nodes.ClassNode.load(ClassNode.java:443)
        	at jadx.core.ProcessClass.process(ProcessClass.java:70)
        	at jadx.core.ProcessClass.generateCode(ProcessClass.java:110)
        	at jadx.core.dex.nodes.ClassNode.generateClassCode(ClassNode.java:400)
        	at jadx.core.dex.nodes.ClassNode.decompile(ClassNode.java:388)
        	at jadx.core.dex.nodes.ClassNode.getCode(ClassNode.java:338)
        */
    private synchronized long get_next_context_id() {
        /*
            r8 = this;
            r0 = r8
            r1 = r0
            long r1 = r1.context_generator
            // decode failed: arraycopy: source index -1 out of bounds for object array[8]
            r2 = 1
            long r1 = r1 + r2
            r0.context_generator = r1
            return r-1
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.SessionManager.get_next_context_id():long");
    }

    public void csi_client_session_complete(SASContextBody sASContextBody, boolean z, long j, ClientSessionKey clientSessionKey) {
        if (!z) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SessionManager.csi_client_session_complete", "In stateless mode, no client session was added.");
                return;
            }
            return;
        }
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SessionManager.csi_client_session_complete", new StringBuffer().append("Client session key used: ").append(clientSessionKey).toString());
        }
        if (clientSessionKey == null) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SessionManager.csi_client_session_complete", "Exiting early due to null clientSessionKey.");
                return;
            }
            return;
        }
        if (sASContextBody == null || sASContextBody.discriminator() != 1) {
            return;
        }
        CompleteEstablishContext complete_msg = sASContextBody.complete_msg();
        if (complete_msg.context_stateful && complete_msg.client_context_id != 0) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SessionManager.csi_client_session_complete", "Marking session complete.");
            }
            csi_client_session_status_update(complete_msg.client_context_id, clientSessionKey, 1);
        } else if (complete_msg.client_context_id == 0 && j != 0) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SessionManager.csi_client_session_complete", "Marking client session rejected, server negotiated session as stateless.");
            }
            csi_client_session_status_update(j, clientSessionKey, 7);
        }
        if (this.secConfig.authenticationRetryEnabled()) {
            this.csiUtil.getCurrent().clear_retry_count();
        }
    }

    public void csi_client_session_complete_exception(SASContextBody sASContextBody, boolean z, ClientSessionKey clientSessionKey) throws ForwardRequest {
        ContextError error_msg;
        if (z) {
            if (sASContextBody != null && sASContextBody.discriminator() == 1) {
                CompleteEstablishContext complete_msg = sASContextBody.complete_msg();
                if (complete_msg.context_stateful && complete_msg.client_context_id != 0) {
                    csi_client_session_status_update(complete_msg.client_context_id, clientSessionKey, 1);
                }
                if (this.secConfig.authenticationRetryEnabled()) {
                    this.csiUtil.getCurrent().clear_retry_count();
                    return;
                }
                return;
            }
            if (sASContextBody == null || sASContextBody.discriminator() != 4 || (error_msg = sASContextBody.error_msg()) == null) {
                return;
            }
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SessionManager.csi_client_session_complete_exception", new StringBuffer().append("Client context ID: ").append(error_msg.client_context_id).toString());
            }
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SessionManager.csi_client_session_complete_exception", "Marking session as rejected.");
            }
            this.csiUtil.deserializeRootException(error_msg.error_token);
            if (error_msg.client_context_id != 0) {
                csi_client_session_status_update(error_msg.client_context_id, clientSessionKey, 7);
            }
        }
    }

    public void retry(ClientRequestInfo clientRequestInfo) throws ForwardRequest {
        SystemException systemException;
        ContextManager contextManagerFactory = ContextManagerFactory.getInstance();
        if (this.secConfig.authenticationRetryEnabled() && this.csiUtil.getCurrent().getAuthRetryForJAAS()) {
            int i = this.csiUtil.getCurrent().get_retry_count();
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SessionManager.retry", new StringBuffer().append("Retry count is ").append(i).toString());
            }
            if (i < this.secConfig.getauthenticationRetryCount()) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("SessionManager.retry", new StringBuffer().append("retry_count ").append(i).append("is less than configured in secConfig:").append(this.secConfig.getauthenticationRetryCount()).append(" incrementing...").toString());
                }
                this.csiUtil.getCurrent().increment_retry_count();
                long j = 0;
                CompletionStatus completionStatus = CompletionStatus.COMPLETED_MAYBE;
                CSICredentialsManager cSICredentialsManager = new CSICredentialsManager();
                if (clientRequestInfo.received_exception() != null && (systemException = ((ExtendedClientRequestInfo) clientRequestInfo).getSystemException()) != null) {
                    j = systemException.minor;
                }
                if (j == 1229079302 || j == 1229079301 || j == 1229079303 || j == 1229079304 || j == 1229079306 || j == 1229079305 || isReferenceContextErrorRetriable(clientRequestInfo) || j == 1229079296 || j == 1229079297 || j == 1229079299 || j == 1229079298 || j == 1229079312 || j == 1229079313 || isAcceptContextErrorRetriable(clientRequestInfo)) {
                    if (SecurityLogger.debugTraceEnabled) {
                        SecurityLogger.debugMessage("SessionManager.retry", "Minor code check - 1");
                    }
                    Subject subject = null;
                    try {
                        subject = cSICredentialsManager.getInvocationSubject();
                    } catch (Exception e) {
                        FFDCFilter.processException(e, "com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.SessionManager.retry", "1258", this);
                        SecurityLogger.debugMessage("SessionManager.retry", new StringBuffer().append("Exception getting Subject from thread.  ").append(e.toString()).toString());
                    }
                    WSCredential wSCredentialFromSubject = SubjectHelper.getWSCredentialFromSubject(subject);
                    if (wSCredentialFromSubject != null && wSCredentialFromSubject.isBasicAuth()) {
                        if (SecurityLogger.debugTraceEnabled) {
                            SecurityLogger.debugMessage("SessionManager.retry", "wsCred non null and isBasicAuth true");
                        }
                        if (j == 1229079296 || j == 1229079297 || j == 1229079299 || j == 1229079298 || j == 1229079312 || j == 1229079313 || isAcceptContextErrorRetriable(clientRequestInfo)) {
                            if (SecurityLogger.debugTraceEnabled) {
                                SecurityLogger.debugMessage("SessionManager.retry", "Minorcode check - 2");
                            }
                            if (this.secConfig.getloginSource() == 1 || this.secConfig.getloginSource() == 6) {
                                if (SecurityLogger.debugTraceEnabled) {
                                    SecurityLogger.debugMessage("SessionManager.retry", "Prompt or StdIn is the loginSource");
                                }
                                try {
                                    if (SecurityLogger.debugTraceEnabled) {
                                        SecurityLogger.debugMessage("SessionManager.retry", "Setting invocation to NULL.");
                                    }
                                    contextManagerFactory.setInvocationSubject(null);
                                } catch (Exception e2) {
                                    FFDCFilter.processException(e2, "com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.SessionManager.retry", "1296", this);
                                }
                            }
                        }
                        if (SecurityLogger.debugTraceEnabled) {
                            SecurityLogger.debugMessage("SessionManager.retry", "Throwing a ForwardRequest exception to retry the request.");
                        }
                        throw new ForwardRequest(clientRequestInfo.target());
                    }
                    if (wSCredentialFromSubject != null) {
                        if (SecurityLogger.debugTraceEnabled) {
                            SecurityLogger.debugMessage("SessionManager.retry", "wsCred is non-null");
                        }
                        try {
                            if (!contextManagerFactory.isServerCred(wSCredentialFromSubject)) {
                                if (SecurityLogger.debugTraceEnabled) {
                                    SecurityLogger.debugMessage("SessionManager.retry", "wsCred is not server cred");
                                }
                                if (!wSCredentialFromSubject.isBasicAuth()) {
                                    if (SecurityLogger.debugTraceEnabled) {
                                        SecurityLogger.debugMessage("SessionManager.retry", "wsCred is not BasicAuth. Throwing ForwardRequest");
                                    }
                                    throw new ForwardRequest(clientRequestInfo.target());
                                }
                                if (SecurityLogger.debugTraceEnabled) {
                                    SecurityLogger.debugMessage("SessionManager.retry", "wsCred is BasicAuth");
                                }
                                String msgOrUseDefault = SecurityMessages.getMsgOrUseDefault("JSAS0202E", "JSAS0202E: Credential token expired.");
                                if (SecurityLogger.debugTraceEnabled) {
                                    SecurityLogger.debugMessage("SessionManager.retry", msgOrUseDefault);
                                }
                                throw new NO_PERMISSION(msgOrUseDefault, SecurityMinorCodes.CREDENTIAL_TOKEN_EXPIRED, CompletionStatus.COMPLETED_NO);
                            }
                            if (SecurityLogger.debugTraceEnabled) {
                                SecurityLogger.debugMessage("SessionManager.retry", "wsCred is server cred");
                            }
                            try {
                                try {
                                    AccessController.doPrivileged(new PrivilegedExceptionAction(this, contextManagerFactory) { // from class: com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.SessionManager.1
                                        private final ContextManager val$contextMgrPriv;
                                        private final SessionManager this$0;

                                        {
                                            this.this$0 = this;
                                            this.val$contextMgrPriv = contextManagerFactory;
                                        }

                                        @Override // java.security.PrivilegedExceptionAction
                                        public Object run() throws Exception {
                                            this.val$contextMgrPriv.setInvocationSubject(this.val$contextMgrPriv.getServerSubject());
                                            return null;
                                        }
                                    });
                                    if (SecurityLogger.debugTraceEnabled) {
                                        SecurityLogger.debugMessage("SessionManager.retry", "Retrying with refreshed server cred.");
                                    }
                                    throw new ForwardRequest(clientRequestInfo.target());
                                } catch (PrivilegedActionException e3) {
                                    FFDCFilter.processException(e3, "com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.SessionManager.retry", "1346", this);
                                    SecurityLogger.debugMessage("SessionManager.retry", "Exception refreshing server credential.");
                                    throw e3.getException();
                                }
                            } catch (Exception e4) {
                                if (SecurityLogger.debugTraceEnabled) {
                                    SecurityLogger.debugMessage("SessionManager.retry", "Exception caught (wsCred is serverCred)");
                                }
                                if (e4 instanceof ForwardRequest) {
                                    if (SecurityLogger.debugTraceEnabled) {
                                        SecurityLogger.debugMessage("SessionManager.retry", "Forwarding request");
                                    }
                                    throw e4;
                                }
                                FFDCFilter.processException((Throwable) e4, "com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.SessionManager.retry", "1371", (Object) this);
                                String stringBuffer = new StringBuffer().append("Caught exception trying to set invocation subject. Reason: ").append(e4.toString()).toString();
                                SecurityLogger.debugMessage("SessionManager.retry", stringBuffer);
                                SecurityLogger.logException("SessionManager.retry", e4, 0, 0);
                                throw new NO_PERMISSION(stringBuffer, SecurityMinorCodes.CREDENTIAL_TOKEN_EXPIRED, CompletionStatus.COMPLETED_NO);
                            }
                        } catch (Exception e5) {
                            if (SecurityLogger.debugTraceEnabled) {
                                SecurityLogger.debugMessage("SessionManager.retry", "Caught exception from wsCred (non null)");
                            }
                            if (e5 instanceof ForwardRequest) {
                                if (SecurityLogger.debugTraceEnabled) {
                                    SecurityLogger.debugMessage("SessionManager.retry", "Forwarding Request");
                                }
                                throw e5;
                            }
                            String msgOrUseDefault2 = SecurityMessages.getMsgOrUseDefault("JSAS0202E", "JSAS0202E: Credential token expired.");
                            if (SecurityLogger.debugTraceEnabled) {
                                SecurityLogger.debugMessage("SessionManager.retry", msgOrUseDefault2);
                            }
                            throw new NO_PERMISSION(msgOrUseDefault2, SecurityMinorCodes.CREDENTIAL_TOKEN_EXPIRED, CompletionStatus.COMPLETED_NO);
                        }
                    }
                }
            }
        }
    }

    public boolean isReferenceContextErrorRetriable(ClientRequestInfo clientRequestInfo) throws ForwardRequest {
        ContextError error_msg;
        SASContextBody sASContextBody = null;
        ServiceContext serviceContext = this.csiUtil.get_sc_from_reply((RequestInfo) clientRequestInfo);
        if (serviceContext != null) {
            sASContextBody = this.csiUtil.get_message_from_sc(serviceContext);
        }
        if (sASContextBody != null && sASContextBody.discriminator() == 4 && (error_msg = sASContextBody.error_msg()) != null) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SessionManager.isReferenceContextErrorRetriable", new StringBuffer().append("Major/Minor status: ").append(error_msg.major_status).append("/").append(error_msg.minor_status).toString());
            }
            if (error_msg.major_status == 4 && error_msg.minor_status == 1) {
                if (!SecurityLogger.debugTraceEnabled) {
                    return true;
                }
                SecurityLogger.debugMessage("SessionManager.isReferenceContextErrorRetriable", "Reference ContextError major/minor retriable");
                return true;
            }
        }
        if (!SecurityLogger.debugTraceEnabled) {
            return false;
        }
        SecurityLogger.debugMessage("SessionManager.isReferenceContextErrorRetriable", "ContextError major/minor not retriable or not present.");
        return false;
    }

    public boolean isAcceptContextErrorRetriable(ClientRequestInfo clientRequestInfo) throws ForwardRequest {
        ContextError error_msg;
        SASContextBody sASContextBody = null;
        ServiceContext serviceContext = this.csiUtil.get_sc_from_reply((RequestInfo) clientRequestInfo);
        if (serviceContext != null) {
            sASContextBody = this.csiUtil.get_message_from_sc(serviceContext);
        }
        if (sASContextBody != null && sASContextBody.discriminator() == 4 && (error_msg = sASContextBody.error_msg()) != null) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SessionManager.isAcceptContextErrorRetriable", new StringBuffer().append("Major/Minor status: ").append(error_msg.major_status).append("/").append(error_msg.minor_status).toString());
            }
            if (error_msg.major_status == 1 && error_msg.minor_status == 1) {
                if (!SecurityLogger.debugTraceEnabled) {
                    return true;
                }
                SecurityLogger.debugMessage("SessionManager.isAcceptContextErrorRetriable", "Accept ContextError major/minor retriable");
                return true;
            }
        }
        if (!SecurityLogger.debugTraceEnabled) {
            return false;
        }
        SecurityLogger.debugMessage("SessionManager.isAcceptContextErrorRetriable", "ContextError major/minor not retriable or not present.");
        return false;
    }

    public void csi_set_connection_cred(ServerConnectionKey serverConnectionKey, Subject subject) {
        server_connection_lookup(serverConnectionKey.get_server_connection_hash()).set_client_cert_creds_list(subject);
    }

    public Subject csi_lookup_connection_cred(ServerConnectionKey serverConnectionKey) {
        return server_connection_lookup(serverConnectionKey.get_server_connection_hash()).get_client_cert_creds_list();
    }

    public void csi_set_connection_propagation_token_map(ServerConnectionKey serverConnectionKey, Map map) {
        server_connection_lookup(serverConnectionKey.get_server_connection_hash()).set_client_cert_propagation_token_map(map);
    }

    public Map csi_lookup_connection_propagation_token_map(ServerConnectionKey serverConnectionKey) {
        return server_connection_lookup(serverConnectionKey.get_server_connection_hash()).get_client_cert_propagation_token_map();
    }

    private void clean_server_sessions(SessionTable sessionTable, int i) {
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SessionManager.clean_server_sessions", "");
        }
        Long[] lArr = null;
        try {
            lArr = (Long[]) sessionTable.keySet().toArray(new Long[0]);
        } catch (ArrayStoreException e) {
            FFDCFilter.processException(e, "com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.SessionManager.clean_session_tables", "1635", this);
        }
        if (lArr != null) {
            for (int i2 = 0; i2 < lArr.length; i2++) {
                SessionEntry sessionEntry = (SessionEntry) sessionTable.get(lArr[i2]);
                if (sessionEntry != null) {
                    if (System.currentTimeMillis() - sessionEntry.get_session_usage_timestamp() > ((long) i)) {
                        sessionTable.remove(lArr[i2]);
                        if (SecurityLogger.debugTraceEnabled) {
                            SecurityLogger.debugMessage("SessionManager.clean_server_sessions", new StringBuffer().append("Server session deleted:  ").append(lArr[i2]).append(", last used = ").append(new Timestamp(sessionEntry.get_session_usage_timestamp())).toString());
                        }
                    }
                }
            }
        }
    }

    private void clean_client_sessions(SessionTable sessionTable, SessionHashTable sessionHashTable, int i) {
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SessionManager.clean_client_sessions", "");
        }
        Long[] lArr = null;
        try {
            lArr = (Long[]) sessionTable.keySet().toArray(new Long[sessionTable.size()]);
        } catch (ArrayStoreException e) {
            FFDCFilter.processException(e, "com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.SessionManager.clean_client_sessions", "1687", this);
        }
        if (lArr != null) {
            for (int i2 = 0; i2 < lArr.length; i2++) {
                SessionEntry sessionEntry = (SessionEntry) sessionTable.get(lArr[i2]);
                if (sessionEntry != null) {
                    if (System.currentTimeMillis() - sessionEntry.get_session_usage_timestamp() > ((long) i)) {
                        sessionHashTable.remove(sessionEntry.get_client_session_key().get_client_session_hash());
                        sessionTable.remove(lArr[i2]);
                        if (SecurityLogger.debugTraceEnabled) {
                            SecurityLogger.debugMessage("SessionManager.clean_client_sessions", new StringBuffer().append("Client session deleted:  hash = ").append(sessionEntry.get_client_session_key().get_client_session_hash()).append(":").append(lArr[i2]).append(", last used = ").append(new Timestamp(sessionEntry.get_session_usage_timestamp())).toString());
                        }
                    }
                }
            }
        }
    }

    protected void clean_session_tables() {
        SessionTable serverSessionTable;
        SessionTable clientSessionTable;
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SessionManager.clean_session_tables", new StringBuffer().append("*** BEGIN SESSION CLEANUP AT ").append(new Timestamp(System.currentTimeMillis())).append(" ***").toString());
        }
        String[] strArr = null;
        try {
            strArr = (String[]) this.clientConnTable.keySet().toArray(new String[this.clientConnTable.size()]);
        } catch (ArrayStoreException e) {
            FFDCFilter.processException(e, "com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.SessionManager.clean_session_tables", "1745", this);
        }
        if (strArr != null) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SessionManager.clean_session_tables", new StringBuffer().append("Client connection table size:  ").append(this.clientConnTable.size()).toString());
            }
            for (String str : strArr) {
                Connection connection = (Connection) this.clientConnTable.get(str);
                if (connection != null && (clientSessionTable = connection.getClientSessionTable()) != null) {
                    if (SecurityLogger.debugTraceEnabled) {
                        SecurityLogger.debugMessage("SessionManager.clean_session_tables", new StringBuffer().append("Client session table size:  ").append(clientSessionTable.size()).toString());
                    }
                    clean_client_sessions(clientSessionTable, connection.getSessionHashTable(), this.sessionDiscardUnusedMillis);
                }
            }
        }
        try {
            strArr = (String[]) this.serverConnTable.keySet().toArray(new String[this.serverConnTable.size()]);
        } catch (ArrayStoreException e2) {
            FFDCFilter.processException(e2, "com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.SessionManager.clean_session_tables", "1795", this);
        }
        if (strArr != null) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("SessionManager.clean_session_tables", new StringBuffer().append("Server connection table size:  ").append(this.serverConnTable.size()).toString());
            }
            for (String str2 : strArr) {
                Connection connection2 = (Connection) this.serverConnTable.get(str2);
                if (connection2 != null && (serverSessionTable = connection2.getServerSessionTable()) != null) {
                    if (SecurityLogger.debugTraceEnabled) {
                        SecurityLogger.debugMessage("SessionManager.clean_session_tables", new StringBuffer().append("Server session table size:  ").append(serverSessionTable.size()).toString());
                    }
                    clean_server_sessions(serverSessionTable, this.sessionDiscardUnusedMillis);
                }
            }
        }
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SessionManager.clean_session_tables", new StringBuffer().append("*** END SESSION CLEANUP AT ").append(new Timestamp(System.currentTimeMillis())).append(" ***").toString());
        }
    }

    @Override // com.ibm.ejs.util.am.AlarmListener
    public void alarm(Object obj) {
        if (this.sessionCacheMaxSize <= 0 || this.sessionCacheIdleTime <= 0) {
            clean_session_tables();
            AlarmManager.createDeferrable(this.sessionCleanupInterval, this);
        } else if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("SessionManager.alarm", "Cache max size is defined, disabling the garbage collection for session entries ");
        }
    }
}
