package com.ibm.ws.webservices.wssecurity.core;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.etools.webservice.wscommonbnd.AlgorithmMapping;
import com.ibm.etools.webservice.wscommonbnd.CRL;
import com.ibm.etools.webservice.wscommonbnd.CertStoreList;
import com.ibm.etools.webservice.wscommonbnd.CollectionCertStore;
import com.ibm.etools.webservice.wscommonbnd.KeyLocator;
import com.ibm.etools.webservice.wscommonbnd.KeyStore;
import com.ibm.etools.webservice.wscommonbnd.LDAPCertStore;
import com.ibm.etools.webservice.wscommonbnd.LoginMapping;
import com.ibm.etools.webservice.wscommonbnd.NonceCaching;
import com.ibm.etools.webservice.wscommonbnd.TrustAnchor;
import com.ibm.etools.webservice.wscommonbnd.TrustedIDEvaluator;
import com.ibm.etools.webservice.wscommonbnd.X509Certificate;
import com.ibm.etools.webservice.wssecurity.Consumer;
import com.ibm.etools.webservice.wssecurity.Defaultbindings;
import com.ibm.etools.webservice.wssecurity.Generator;
import com.ibm.etools.webservice.wssecurity.WSSecurity;
import com.ibm.events.util.CeiString;
import com.ibm.websphere.management.AdminConstants;
import com.ibm.websphere.management.AdminServiceFactory;
import com.ibm.websphere.management.MBeanFactory;
import com.ibm.websphere.management.wlm.ClusterAdminConstants;
import com.ibm.websphere.security.WebSphereRuntimePermission;
import com.ibm.ws.exception.ComponentDisabledException;
import com.ibm.ws.exception.ConfigurationError;
import com.ibm.ws.exception.ConfigurationWarning;
import com.ibm.ws.exception.RuntimeError;
import com.ibm.ws.exception.RuntimeWarning;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.management.collaborator.DefaultRuntimeCollaborator;
import com.ibm.ws.management.util.SecurityHelper;
import com.ibm.ws.runtime.component.ComponentImpl;
import com.ibm.ws.runtime.service.ConfigRoot;
import com.ibm.ws.runtime.service.Repository;
import com.ibm.ws.runtime.service.VariableMap;
import com.ibm.ws.runtime.service.WSSecurityService;
import com.ibm.ws.security.service.SecurityService;
import com.ibm.ws.security.service.SecurityServiceEvent;
import com.ibm.ws.security.service.SecurityServiceListener;
import com.ibm.ws.security.util.Constants;
import com.ibm.ws.util.PlatformHelperFactory;
import com.ibm.ws.webservices.wssecurity.util.ConfigConstants;
import com.ibm.ws.webservices.wssecurity.util.WebServicesSecurityAlgorithmHelper;
import com.ibm.ws.wssecurity.xss4j.dsig.util.HWKeyCache;
import com.ibm.wsspi.wssecurity.SoapSecurityException;
import com.ibm.xml.soapsec.util.ConfigUtil;
import java.security.Permission;
import java.text.MessageFormat;
import java.util.HashSet;
import java.util.Map;
import org.eclipse.emf.common.util.EList;
import org.eclipse.emf.ecore.resource.Resource;
import org.eclipse.jst.j2ee.internal.web.operations.CreateServletTemplateModel;

/* loaded from: input_file:com.ibm.ws.admin.client_6.1.0.jar:com/ibm/ws/webservices/wssecurity/core/WSSecurityComponentImpl.class */
public class WSSecurityComponentImpl extends ComponentImpl implements WSSecurityService {
    private static final TraceComponent tc;
    private static final String clsName;
    private static final String comp = "security.wssecurity";
    private static final Permission REFRESH_PERM;
    static Class class$com$ibm$ws$runtime$service$Repository;
    static Class class$com$ibm$ws$security$service$SecurityService;
    static Class class$com$ibm$ws$runtime$service$WSSecurityService;
    static Class class$com$ibm$ws$runtime$service$VariableMap;
    static Class class$com$ibm$ws$webservices$wssecurity$core$WSSecurityClientComponentImpl;
    static Class class$com$ibm$ws$webservices$wssecurity$core$WSSecurityComponentImpl;
    private boolean ndEnvironment = false;
    private WSSecurityDefaultConfiguration config = new WSSecurityDefaultConfiguration();
    private WebServicesSecurityAdmin wssecAdmin = null;
    private Object lock = new Object();
    private boolean initialized = false;
    private ClassLoader appClassLoader = null;

    /* renamed from: com.ibm.ws.webservices.wssecurity.core.WSSecurityComponentImpl$1, reason: invalid class name */
    /* loaded from: input_file:com.ibm.ws.admin.client_6.1.0.jar:com/ibm/ws/webservices/wssecurity/core/WSSecurityComponentImpl$1.class */
    static class AnonymousClass1 {
    }

    /* loaded from: input_file:com.ibm.ws.admin.client_6.1.0.jar:com/ibm/ws/webservices/wssecurity/core/WSSecurityComponentImpl$WSSecurityListener.class */
    private class WSSecurityListener implements SecurityServiceListener {
        private WSSecurity cell;
        private WSSecurity server;
        private final WSSecurityComponentImpl this$0;

        private WSSecurityListener(WSSecurityComponentImpl wSSecurityComponentImpl, WSSecurity wSSecurity, WSSecurity wSSecurity2) {
            this.this$0 = wSSecurityComponentImpl;
            this.cell = wSSecurity;
            this.server = wSSecurity2;
        }

        @Override // com.ibm.ws.security.service.SecurityServiceListener
        public void stateChanged(SecurityServiceEvent securityServiceEvent) {
            Class cls;
            if (WSSecurityComponentImpl.tc.isEntryEnabled()) {
                Tr.entry(WSSecurityComponentImpl.tc, "stateChanged");
            }
            if (securityServiceEvent.getState() == 1) {
                WSSecurityDefaultConfiguration wSSecurityDefaultConfiguration = new WSSecurityDefaultConfiguration();
                try {
                    if (this.this$0.ndEnvironment && this.cell != null) {
                        if (WSSecurityComponentImpl.tc.isDebugEnabled()) {
                            Tr.debug(WSSecurityComponentImpl.tc, "Loading the Cell level configuration");
                        }
                        this.this$0.loadConfig(this.cell, wSSecurityDefaultConfiguration);
                    }
                    if (this.server != null) {
                        if (WSSecurityComponentImpl.tc.isDebugEnabled()) {
                            Tr.debug(WSSecurityComponentImpl.tc, "Loading the Server level configuration");
                        }
                        this.this$0.loadConfig(this.server, wSSecurityDefaultConfiguration);
                    }
                } catch (SoapSecurityException e) {
                    StringBuffer stringBuffer = new StringBuffer();
                    if (WSSecurityComponentImpl.class$com$ibm$ws$webservices$wssecurity$core$WSSecurityClientComponentImpl == null) {
                        cls = WSSecurityComponentImpl.class$("com.ibm.ws.webservices.wssecurity.core.WSSecurityClientComponentImpl");
                        WSSecurityComponentImpl.class$com$ibm$ws$webservices$wssecurity$core$WSSecurityClientComponentImpl = cls;
                    } else {
                        cls = WSSecurityComponentImpl.class$com$ibm$ws$webservices$wssecurity$core$WSSecurityClientComponentImpl;
                    }
                    FFDCFilter.processException(e, stringBuffer.append(cls.getName()).append(".initialize").toString(), "912", this);
                    Tr.error(WSSecurityComponentImpl.tc, "security.wssecurity.WSEC0126E", e);
                }
                wSSecurityDefaultConfiguration.keyStores.clear();
                wSSecurityDefaultConfiguration.certs.clear();
                this.this$0.config = wSSecurityDefaultConfiguration;
                if (!this.this$0.initialized) {
                    NonceManagerFactory.init(this.this$0.config.useNonceCache, this.this$0.config.nonceCacheName, this.this$0.config.nonceCacheSize, this.this$0.config.nonceCacheTimeout, this.this$0.config.nonceLength, this.this$0.config.nonceCacheDistributed);
                    CertManagerFactory.init(this.this$0.config.useCertCache, this.this$0.config.certCacheName, this.this$0.config.certCacheSize, this.this$0.config.certCacheTimeOut);
                    DistributedConfigCacheFactory.init_boot(this.this$0.config.useConfigCache, this.this$0.config.configCacheName, this.this$0.config.configCacheSize, this.this$0.config.configCacheTimeToLive);
                    TokenCacheManagerFactory.init(this.this$0.config.useTokenCache, this.this$0.config.tokenCacheName, this.this$0.config.tokenCacheSize, this.this$0.config.tokenCacheTimeOut, this.this$0.config.tokenCacheCushion);
                }
                this.this$0.initialized = true;
                if (this.this$0.wssecAdmin != null) {
                    if (WSSecurityComponentImpl.tc.isDebugEnabled()) {
                        Tr.debug(WSSecurityComponentImpl.tc, "(Start) set WSSecurityService to WebServicesSecurityAdmin MBean");
                    }
                    this.this$0.wssecAdmin.setWSSecurityService(this.this$0);
                }
                if (WSSecurityComponentImpl.tc.isDebugEnabled()) {
                    Tr.debug(WSSecurityComponentImpl.tc, "Configuration: ", new Object[]{this.this$0.config});
                }
            } else if (securityServiceEvent.getState() == 2 && this.this$0.wssecAdmin != null) {
                if (WSSecurityComponentImpl.tc.isDebugEnabled()) {
                    Tr.debug(WSSecurityComponentImpl.tc, "(Stop) remove WSSecurityService from WebServicesSecurityAdmin MBean");
                }
                this.this$0.wssecAdmin.setWSSecurityService(null);
            }
            if (WSSecurityComponentImpl.tc.isEntryEnabled()) {
                Tr.exit(WSSecurityComponentImpl.tc, "stateChanged");
            }
        }

        WSSecurityListener(WSSecurityComponentImpl wSSecurityComponentImpl, WSSecurity wSSecurity, WSSecurity wSSecurity2, AnonymousClass1 anonymousClass1) {
            this(wSSecurityComponentImpl, wSSecurity, wSSecurity2);
        }
    }

    @Override // com.ibm.ws.runtime.component.ComponentImpl, com.ibm.wsspi.runtime.component.WsComponentImpl, com.ibm.wsspi.runtime.component.WsComponent
    public void start() throws RuntimeWarning, RuntimeError {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, ClusterAdminConstants.START);
        }
        try {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Registering WebServicesSecurityAdmin MBean");
            }
            this.wssecAdmin = new WebServicesSecurityAdmin();
            MBeanFactory mBeanFactory = AdminServiceFactory.getMBeanFactory();
            mBeanFactory.activateMBean("WebServicesSecurityAdmin", new DefaultRuntimeCollaborator(this.wssecAdmin, "WebServicesSecurityAdmin"), mBeanFactory.getConfigId("WebServicesSecurityAdmin"), "com/ibm/ws/management/descriptor/xml/WebServicesSecurityAdmin.xml");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "WebServicesSecurityAdmin MBean registered");
            }
            try {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Registering WebServicesSecurityAlgorithmHelper MBean");
                }
                WebServicesSecurityAlgorithmHelper webServicesSecurityAlgorithmHelper = new WebServicesSecurityAlgorithmHelper();
                MBeanFactory mBeanFactory2 = AdminServiceFactory.getMBeanFactory();
                mBeanFactory2.activateMBean("WebServicesSecurityAlgorithmHelper", new DefaultRuntimeCollaborator(webServicesSecurityAlgorithmHelper, "WebServicesSecurityAlgorithmHelper"), mBeanFactory2.getConfigId("WebServicesSecurityAlgorithmHelper"), "com/ibm/ws/management/descriptor/xml/WebServicesSecurityAlgorithmHelper.xml");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "WebServicesSecurityAlgorithmHelper MBean registered");
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, ClusterAdminConstants.START);
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, new StringBuffer().append(clsName).append(".initialize").toString(), "136", this);
                Tr.error(tc, "security.wssecurity.init.startfail", new Object[]{e});
                throw new RuntimeError(ConfigConstants.getMessage("security.wssecurity.WSEC0145E"), e);
            }
        } catch (Exception e2) {
            FFDCFilter.processException(e2, new StringBuffer().append(clsName).append(".initialize").toString(), "118", this);
            Tr.error(tc, "security.wssecurity.init.startfail", new Object[]{e2});
            throw new RuntimeError(ConfigConstants.getMessage("security.wssecurity.start.activate.failed"), e2);
        }
    }

    @Override // com.ibm.ws.runtime.component.ComponentImpl, com.ibm.wsspi.runtime.component.WsComponentImpl, com.ibm.wsspi.runtime.component.WsComponent
    public void stop() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, ClusterAdminConstants.STOP);
        }
        HWKeyCache.removeAllEntries();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, ClusterAdminConstants.STOP);
        }
    }

    @Override // com.ibm.ws.runtime.component.ComponentImpl, com.ibm.wsspi.runtime.component.WsComponentImpl, com.ibm.wsspi.runtime.component.WsComponent
    public void initialize(Object obj) throws ConfigurationWarning, ConfigurationError, ComponentDisabledException {
        Class cls;
        Class cls2;
        Class cls3;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initialize", obj);
        }
        try {
            WSSecurityPlatformContextFactory.setServer();
            String processType = AdminServiceFactory.getAdminService().getProcessType();
            if (processType == null || processType.length() == 0) {
                Tr.error(tc, "security.wssecurity.init.nullprocesstype");
                throw new ConfigurationError(ConfigConstants.getMessage("security.wssecurity.init.nullprocesstype"));
            }
            if (processType.equals(AdminConstants.MANAGED_PROCESS) || processType.equals(AdminConstants.DEPLOYMENT_MANAGER_PROCESS) || processType.equals("NodeAgent")) {
                this.ndEnvironment = true;
            }
            WSSecurity wSSecurity = null;
            WSSecurity wSSecurity2 = null;
            try {
                if (class$com$ibm$ws$runtime$service$Repository == null) {
                    cls = class$("com.ibm.ws.runtime.service.Repository");
                    class$com$ibm$ws$runtime$service$Repository = cls;
                } else {
                    cls = class$com$ibm$ws$runtime$service$Repository;
                }
                Repository repository = (Repository) getService(cls);
                ConfigRoot configRoot = repository.getConfigRoot();
                if (this.ndEnvironment) {
                    try {
                        Resource resource = configRoot.getResource(0, ConfigConstants.WS_SECURITY_RESOURCE_NAME);
                        if (resource != null) {
                            wSSecurity = (WSSecurity) resource.getContents().get(0);
                            if (wSSecurity != null && tc.isDebugEnabled()) {
                                Tr.debug(tc, new StringBuffer().append("Found document: ").append(configRoot.getAbsolutePath(0, ConfigConstants.WS_SECURITY_RESOURCE_NAME)).toString());
                            }
                        }
                    } catch (Exception e) {
                        String absolutePath = configRoot.getAbsolutePath(0, ConfigConstants.WS_SECURITY_RESOURCE_NAME);
                        FFDCFilter.processException(e, new StringBuffer().append(getClass().getName()).append(".initialize").toString(), "200", this);
                        Tr.warning(tc, "security.wssecurity.load.cell.wssecurity.xml", (Object) new Object[]{absolutePath});
                        throw new ConfigurationWarning(MessageFormat.format(ConfigConstants.getMessage("security.wssecurity.load.cell.wssecurity.xml"), absolutePath), e);
                    }
                }
                Resource resource2 = null;
                try {
                    resource2 = configRoot.getResource(4, ConfigConstants.WS_SECURITY_RESOURCE_NAME);
                } catch (Exception e2) {
                    if (!this.ndEnvironment) {
                        String absolutePath2 = configRoot.getAbsolutePath(4, ConfigConstants.WS_SECURITY_RESOURCE_NAME);
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, new StringBuffer().append("Can not load server level configuration file: ").append(absolutePath2).toString(), new Object[]{e2});
                        }
                        Tr.warning(tc, "security.wssecurity.load.server.wssecurity.xml", (Object) new Object[]{absolutePath2});
                    }
                }
                if (resource2 != null) {
                    wSSecurity2 = (WSSecurity) resource2.getContents().get(0);
                    if (wSSecurity2 != null && tc.isDebugEnabled()) {
                        Tr.debug(tc, new StringBuffer().append("Found document: ").append(configRoot.getAbsolutePath(4, ConfigConstants.WS_SECURITY_RESOURCE_NAME)).toString());
                    }
                }
                if (configRoot != null) {
                    releaseService(configRoot);
                }
                if (repository != null) {
                    releaseService(repository);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Cell WSSecurity: ", new Object[]{wSSecurity});
                    Tr.debug(tc, "Server WSSecurity: ", new Object[]{wSSecurity2});
                }
                if (class$com$ibm$ws$security$service$SecurityService == null) {
                    cls2 = class$("com.ibm.ws.security.service.SecurityService");
                    class$com$ibm$ws$security$service$SecurityService = cls2;
                } else {
                    cls2 = class$com$ibm$ws$security$service$SecurityService;
                }
                SecurityService securityService = (SecurityService) getService(cls2);
                if (securityService == null) {
                    throw new ConfigurationError(ConfigConstants.getMessage("security.wssecurity.secrutiyservice.isnull"));
                }
                securityService.addListener(new WSSecurityListener(this, wSSecurity, wSSecurity2, null));
                if (class$com$ibm$ws$runtime$service$WSSecurityService == null) {
                    cls3 = class$("com.ibm.ws.runtime.service.WSSecurityService");
                    class$com$ibm$ws$runtime$service$WSSecurityService = cls3;
                } else {
                    cls3 = class$com$ibm$ws$runtime$service$WSSecurityService;
                }
                addService(cls3);
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "initialize");
                }
            } catch (Throwable th) {
                if (0 != 0) {
                    releaseService(null);
                }
                if (0 != 0) {
                    releaseService(null);
                }
                throw th;
            }
        } catch (ConfigurationError e3) {
            FFDCFilter.processException(e3, new StringBuffer().append(getClass().getName()).append(".initialize").toString(), "257", this);
            Tr.error(tc, "security.wssecurity.init.startfail", new Object[]{e3});
            throw e3;
        } catch (SoapSecurityException e4) {
            FFDCFilter.processException(e4, new StringBuffer().append(getClass().getName()).append(".initialize").toString(), "261", this);
            Tr.error(tc, "security.wssecurity.init.startfail", new Object[]{e4});
            throw new ConfigurationError(ConfigConstants.getMessage("security.wssecurity.init.startfail"), e4);
        }
    }

    @Override // com.ibm.ws.runtime.component.ComponentImpl, com.ibm.wsspi.runtime.component.WsComponentImpl, com.ibm.wsspi.runtime.component.WsComponent
    public void destroy() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, CreateServletTemplateModel.DESTROY);
            Tr.exit(tc, CreateServletTemplateModel.DESTROY);
        }
    }

    @Override // com.ibm.ws.runtime.service.WSSecurityService
    public Object getConfig() {
        WSSecurityDefaultConfiguration wSSecurityDefaultConfiguration;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getConfig");
            Tr.exit(tc, "getConfig", this.config);
        }
        synchronized (this.lock) {
            wSSecurityDefaultConfiguration = this.config;
        }
        return wSSecurityDefaultConfiguration;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void loadConfig(WSSecurity wSSecurity, WSSecurityDefaultConfiguration wSSecurityDefaultConfiguration) throws SoapSecurityException {
        Class cls;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "loadConfig", new Object[]{wSSecurity, wSSecurityDefaultConfiguration});
        }
        VariableMap variableMap = null;
        try {
            if (class$com$ibm$ws$runtime$service$VariableMap == null) {
                cls = class$("com.ibm.ws.runtime.service.VariableMap");
                class$com$ibm$ws$runtime$service$VariableMap = cls;
            } else {
                cls = class$com$ibm$ws$runtime$service$VariableMap;
            }
            variableMap = (VariableMap) getService(cls);
            boolean isUseHardwareAcceleration = wSSecurity.isUseHardwareAcceleration();
            if (isUseHardwareAcceleration) {
                if (PlatformHelperFactory.getPlatformHelper().isZOS()) {
                    Tr.info(tc, "security.wssecurity.WSEC0158I", new Object[]{new Boolean(isUseHardwareAcceleration)});
                    isUseHardwareAcceleration = false;
                } else if (PlatformHelperFactory.getPlatformHelper().isOS400()) {
                    Tr.error(tc, "security.wssecurityHardware Crypto is not supported on this platform, continues to use software crypto provider");
                }
            }
            if (isUseHardwareAcceleration) {
                wSSecurityDefaultConfiguration.useHardwareAcceleration = isUseHardwareAcceleration;
                Tr.info(tc, "security.wssecurity.WSEC0158I", new Object[]{new Boolean(isUseHardwareAcceleration)});
                String hardwareConfigRef = wSSecurity.getHardwareConfigRef();
                if (hardwareConfigRef != null && hardwareConfigRef.length() != 0) {
                    wSSecurityDefaultConfiguration.hardwareConfigName = hardwareConfigRef;
                    Tr.info(tc, "security.wssecurity.WSEC0158I", new Object[]{hardwareConfigRef});
                }
            }
            EList properties = wSSecurity.getProperties();
            if (properties != null) {
                Map properties2 = ConfigConstants.getProperties(properties, variableMap);
                if (!this.initialized) {
                    wSSecurityDefaultConfiguration.addProperties(properties2);
                    String str = (String) properties2.get(ConfigConstants.DISTRIBUTED_CONFIG_CACHE_USED);
                    if (str != null) {
                        wSSecurityDefaultConfiguration.useConfigCache = ConfigUtil.isTrue(str);
                    } else {
                        wSSecurityDefaultConfiguration.useConfigCache = true;
                    }
                    String str2 = (String) properties2.get(ConfigConstants.HARDWARE_KEYSTORE_NAME);
                    if (str2 != null && str2.length() != 0) {
                        wSSecurityDefaultConfiguration.hardwareKeyStoreName = str2;
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, new StringBuffer().append("Hardware keystore name property is specified, value = ").append(str2).toString());
                        }
                    }
                    String str3 = (String) properties2.get(ConfigConstants.BASICAUTH_NONCE_CACHE_TIMEOUT);
                    if (str3 != null) {
                        String trim = str3.trim();
                        if (trim.length() != 0) {
                            try {
                                wSSecurityDefaultConfiguration.nonceCacheTimeout = ConfigConstants.validNonceCacheTimeout(Integer.parseInt(trim));
                            } catch (NumberFormatException e) {
                                wSSecurityDefaultConfiguration.nonceCacheTimeout = 600;
                                FFDCFilter.processException(e, new StringBuffer().append(getClass().getName()).append(".loadConfig").toString(), "314", this);
                                Tr.warning(tc, "security.wssecurity.WSEC0115W", (Object) new Object[]{trim, new Integer(600)});
                            }
                        }
                    }
                    String str4 = (String) properties2.get(ConfigConstants.CERTIFICATE_CACHE_TIMEOUT);
                    if (str4 != null) {
                        String trim2 = str4.trim();
                        if (trim2.length() != 0) {
                            try {
                                wSSecurityDefaultConfiguration.certCacheTimeOut = ConfigConstants.validCertCacheTimeout(Integer.parseInt(trim2));
                            } catch (NumberFormatException e2) {
                                wSSecurityDefaultConfiguration.certCacheTimeOut = 900;
                                FFDCFilter.processException(e2, new StringBuffer().append(getClass().getName()).append(".loadConfig").toString(), "330", this);
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, new StringBuffer().append("WARNING: Exception occurred during parsing the certificate cache timeout ").append(trim2).append("seconds, default ").append(900).append(" seconds is used instead.").toString());
                                }
                            }
                        }
                    }
                    String str5 = (String) properties2.get(ConfigConstants.DISTRIBUTED_CONFIG_CACHE_TIMETOLIVE);
                    if (str5 != null) {
                        String trim3 = str5.trim();
                        if (trim3.length() != 0) {
                            try {
                                wSSecurityDefaultConfiguration.configCacheTimeToLive = Integer.parseInt(trim3);
                            } catch (NumberFormatException e3) {
                                wSSecurityDefaultConfiguration.configCacheTimeToLive = 900;
                                FFDCFilter.processException(e3, new StringBuffer().append(getClass().getName()).append(".loadConfig").toString(), "349", this);
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, new StringBuffer().append("WARNING: Exception occurred during parsing the config cache timeToLive ").append(trim3).append("seconds, default ").append(900).append(" seconds is used instead.").toString());
                                }
                            }
                        }
                    } else {
                        wSSecurityDefaultConfiguration.configCacheTimeToLive = 900;
                    }
                    String str6 = (String) properties2.get(ConfigConstants.TOKEN_CACHE_TIMEOUT);
                    if (str6 != null) {
                        String trim4 = str6.trim();
                        if (trim4.length() != 0) {
                            try {
                                wSSecurityDefaultConfiguration.tokenCacheTimeOut = ConfigConstants.validTokenCacheTimeout(Integer.parseInt(trim4));
                            } catch (NumberFormatException e4) {
                                wSSecurityDefaultConfiguration.tokenCacheTimeOut = 900;
                                FFDCFilter.processException(e4, new StringBuffer().append(getClass().getName()).append(".loadConfig").toString(), "391", this);
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, new StringBuffer().append("WARNING: Exception occurred during parsing the token cache timeout ").append(trim4).append("seconds, default ").append(900).append(" seconds is used instead.").toString());
                                }
                            }
                        }
                    } else {
                        wSSecurityDefaultConfiguration.tokenCacheTimeOut = 900;
                    }
                    String str7 = (String) properties2.get(ConfigConstants.TOKEN_CACHE_CUSHION);
                    if (str7 != null) {
                        String trim5 = str7.trim();
                        if (trim5.length() != 0) {
                            try {
                                wSSecurityDefaultConfiguration.tokenCacheCushion = ConfigConstants.validTokenCushion(Integer.parseInt(trim5) * 1000);
                            } catch (NumberFormatException e5) {
                                wSSecurityDefaultConfiguration.tokenCacheCushion = Constants.DEFAULT_CACHE_TIMEOUT;
                                FFDCFilter.processException(e5, new StringBuffer().append(getClass().getName()).append(".loadConfig").toString(), "412", this);
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, new StringBuffer().append("WARNING: Exception occurred during parsing the token cushion ").append(trim5).append("seconds, default ").append(600).append(" seconds is used instead.").toString());
                                }
                            }
                        }
                    } else {
                        wSSecurityDefaultConfiguration.tokenCacheCushion = Constants.DEFAULT_CACHE_TIMEOUT;
                    }
                    String str8 = (String) properties2.get("com.ibm.ws.wssecurity.handler.OffloadAllCryptography");
                    if (str8 != null) {
                        wSSecurityDefaultConfiguration.useOffloadAllCrypto = str8;
                    }
                    String str9 = (String) properties2.get(ConfigConstants.OFFLOAD_RSA_PUBKEY_CRYPTO);
                    if (str9 != null) {
                        wSSecurityDefaultConfiguration.offloadRSAPublicKeyCrypto = ConfigUtil.isTrue(str9);
                    } else {
                        wSSecurityDefaultConfiguration.offloadRSAPublicKeyCrypto = true;
                    }
                    String str10 = (String) properties2.get(ConfigConstants.HARDWARE_CACHE_SIZE);
                    if (str10 != null) {
                        wSSecurityDefaultConfiguration.hardwareCacheSize = ConfigConstants.processHardwareCacheSize(str10);
                    } else {
                        wSSecurityDefaultConfiguration.hardwareCacheSize = 1000;
                    }
                    String str11 = (String) properties2.get(ConfigConstants.HARDWARE_CACHE_ENTRY_REFRESH);
                    HWKeyCache.getInstance().setScanParameters(str11 != null ? ConfigConstants.processHardwareCacheEntryRefresh(str11) : 8L);
                    String str12 = (String) properties2.get(ConfigConstants.CERTIFICATE_CACHE_USED);
                    if (str12 != null) {
                        wSSecurityDefaultConfiguration.useCertCache = ConfigUtil.isTrue(str12);
                    }
                    String str13 = (String) properties2.get(ConfigConstants.DISTRIBUTED_CONFIG_CACHE_USED);
                    if (str13 != null) {
                        wSSecurityDefaultConfiguration.useConfigCache = ConfigUtil.isTrue(str13);
                    } else {
                        wSSecurityDefaultConfiguration.useConfigCache = true;
                    }
                    String str14 = (String) properties2.get(ConfigConstants.TOKEN_CACHE_USED);
                    if (str14 != null) {
                        wSSecurityDefaultConfiguration.useTokenCache = ConfigUtil.isTrue(str14);
                    } else {
                        wSSecurityDefaultConfiguration.useTokenCache = true;
                    }
                    String str15 = (String) properties2.get(ConfigConstants.BASICAUTH_NONCE_CACHE_NAME);
                    if (str15 != null) {
                        wSSecurityDefaultConfiguration.nonceCacheName = str15;
                    }
                    String str16 = (String) properties2.get(ConfigConstants.CERTIFICATE_CACHE_NAME);
                    if (str16 != null) {
                        wSSecurityDefaultConfiguration.certCacheName = str16;
                    }
                    String str17 = (String) properties2.get(ConfigConstants.CONFIG_CACHENAME);
                    if (str17 != null) {
                        wSSecurityDefaultConfiguration.configCacheName = str17;
                    } else {
                        wSSecurityDefaultConfiguration.configCacheName = ConfigConstants.DEFAULT_CONFIG_CACHENAME;
                    }
                    String str18 = (String) properties2.get(ConfigConstants.TOKEN_CACHE_NAME);
                    if (str18 != null) {
                        wSSecurityDefaultConfiguration.tokenCacheName = str18;
                    } else {
                        wSSecurityDefaultConfiguration.tokenCacheName = ConfigConstants.DEFAULT_TOKEN_CACHENAME;
                    }
                    String str19 = (String) properties2.get(ConfigConstants.BASICAUTH_NONCE_CACHE_SIZE);
                    if (str19 != null) {
                        wSSecurityDefaultConfiguration.nonceCacheSize = ConfigConstants.processNonceCacheSize(str19);
                    }
                    String str20 = (String) properties2.get(ConfigConstants.CERTIFICATE_CACHE_SIZE);
                    if (str20 != null) {
                        wSSecurityDefaultConfiguration.certCacheSize = ConfigConstants.processCertCacheSize(str20);
                    }
                    String str21 = (String) properties2.get(ConfigConstants.BASICAUTH_NONCE_LENGTH);
                    if (str21 != null) {
                        wSSecurityDefaultConfiguration.nonceCacheSize = ConfigConstants.processNonceLength(str21);
                    }
                    String str22 = (String) properties2.get(ConfigConstants.DISTRIBUTED_CONFIG_CACHE_SIZE);
                    if (str22 != null) {
                        try {
                            wSSecurityDefaultConfiguration.configCacheSize = Integer.parseInt(str22);
                        } catch (NumberFormatException e6) {
                            wSSecurityDefaultConfiguration.configCacheSize = 128;
                            FFDCFilter.processException(e6, new StringBuffer().append(getClass().getName()).append(".loadConfig").toString(), "420", this);
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, new StringBuffer().append("WARNING: Exception occurred during parsing the config cache size ").append(str22).append("default size").append(128).append(" is used instead.").toString());
                            }
                        }
                    } else {
                        wSSecurityDefaultConfiguration.configCacheSize = 128;
                    }
                    String str23 = (String) properties2.get(ConfigConstants.TOKEN_CACHE_SIZE);
                    if (str23 != null) {
                        wSSecurityDefaultConfiguration.tokenCacheSize = ConfigConstants.processTokenCacheSize(str23);
                    }
                    String str24 = (String) properties2.get(ConfigConstants.BASICAUTH_NONCE_MAX_AGE);
                    if (str24 != null) {
                        wSSecurityDefaultConfiguration.nonceMaxAge = ConfigConstants.processNonceMaxAge(str24, wSSecurityDefaultConfiguration.nonceCacheTimeout);
                    }
                    String str25 = (String) properties2.get(ConfigConstants.BASICAUTH_NONCE_CLOCK_SKEW);
                    if (str25 != null) {
                        wSSecurityDefaultConfiguration.nonceClockSkew = ConfigConstants.processNonceClockSkew(str25, wSSecurityDefaultConfiguration.nonceMaxAge);
                    }
                    String str26 = (String) properties2.get(ConfigConstants.DECOUPLE_TOKEN);
                    if (str26 != null) {
                        wSSecurityDefaultConfiguration.decoupleToken = ConfigUtil.isTrue(str26);
                    } else {
                        wSSecurityDefaultConfiguration.decoupleToken = true;
                    }
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append("Nonce cache timeout = ").append(wSSecurityDefaultConfiguration.nonceCacheTimeout).append(", Nonce max age = ").append(wSSecurityDefaultConfiguration.nonceMaxAge).append(", Nonce clock skew = ").append(wSSecurityDefaultConfiguration.nonceClockSkew).toString());
                }
            }
            EList loginMappings = wSSecurity.getLoginMappings();
            if (loginMappings != null && !loginMappings.isEmpty()) {
                int size = loginMappings.size();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append(size).append(" LoginMappings found.").toString());
                }
                for (int i = 0; i < size; i++) {
                    LoginMapping loginMapping = (LoginMapping) loginMappings.get(i);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Processing LoginMapping: ", new Object[]{loginMapping});
                    }
                    try {
                        com.ibm.xml.soapsec.token.LoginMapping readLoginMapping = ConfigConstants.readLoginMapping(loginMapping, variableMap, this.appClassLoader);
                        wSSecurityDefaultConfiguration.loginMappings.put(readLoginMapping.getAuthMethod(), readLoginMapping);
                        processNonceBindings(readLoginMapping.getAuthMethod(), readLoginMapping.getProperties(), wSSecurityDefaultConfiguration);
                    } catch (Throwable th) {
                        Tr.error(tc, "security.wssecurity.load.loginmapping.failed", new Object[]{loginMapping.getAuthMethod(), th});
                    }
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "No LoginMappings found.");
            }
            EList trustAnchors = wSSecurity.getTrustAnchors();
            if (trustAnchors != null && !trustAnchors.isEmpty()) {
                int size2 = trustAnchors.size();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append(size2).append(" TrustAnchors found.").toString());
                }
                for (int i2 = 0; i2 < size2; i2++) {
                    TrustAnchor trustAnchor = (TrustAnchor) trustAnchors.get(i2);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Processing TrustAnchor: ", new Object[]{trustAnchor});
                    }
                    KeyStore keyStore = trustAnchor.getKeyStore();
                    String keyStoreRef = keyStore.getKeyStoreRef();
                    String path = keyStore.getPath();
                    com.ibm.ws.webservices.wssecurity.config.KeyStore keyStore2 = null;
                    if (keyStoreRef != null && path != null) {
                        Tr.warning(tc, "Cannot refer to both keyStoreRef and keystore path in the configuration, continue to use keyStoreRef and ignore path information");
                    }
                    if (keyStoreRef != null && keyStoreRef.length() != 0) {
                        keyStore2 = (com.ibm.ws.webservices.wssecurity.config.KeyStore) wSSecurityDefaultConfiguration.keyStores.get(keyStoreRef);
                        if (keyStore2 == null) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, new StringBuffer().append("Creating keystore instance with keystore reference: ").append(keyStoreRef).toString());
                            }
                            keyStore2 = new com.ibm.ws.webservices.wssecurity.config.KeyStore(keyStoreRef);
                            wSSecurityDefaultConfiguration.keyStores.put(keyStoreRef, keyStore2);
                        }
                    } else if (path == null || path.length() == 0) {
                        Tr.error(tc, new StringBuffer().append("Missing keystore information in the trust anchor: ").append(trustAnchor.getName()).toString());
                    } else {
                        String expand = variableMap.expand(path);
                        keyStore2 = (com.ibm.ws.webservices.wssecurity.config.KeyStore) wSSecurityDefaultConfiguration.keyStores.get(expand);
                        if (keyStore2 == null) {
                            String type = keyStore.getType();
                            char[] charArray = keyStore.getStorepass().toCharArray();
                            keyStore.getKeyStoreRef();
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, new StringBuffer().append("Creating keystore instance ").append(expand).append(" of type ").append(type).toString());
                            }
                            keyStore2 = new com.ibm.ws.webservices.wssecurity.config.KeyStore(type, expand, charArray);
                            wSSecurityDefaultConfiguration.keyStores.put(expand, keyStore2);
                        }
                    }
                    wSSecurityDefaultConfiguration.trustAnchors.put(trustAnchor.getName(), keyStore2);
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "No TrustAnchors found.");
            }
            EList trustedIDEvaluators = wSSecurity.getTrustedIDEvaluators();
            if (trustedIDEvaluators != null && !trustedIDEvaluators.isEmpty()) {
                int size3 = trustedIDEvaluators.size();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append(size3).append(" TrustedIDEvaluators found.").toString());
                }
                for (int i3 = 0; i3 < size3; i3++) {
                    TrustedIDEvaluator trustedIDEvaluator = (TrustedIDEvaluator) trustedIDEvaluators.get(i3);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Processing TrustedIDEvaluator: ", new Object[]{trustedIDEvaluator});
                    }
                    try {
                        wSSecurityDefaultConfiguration.trustedIDEvaluators.put(trustedIDEvaluator.getName(), ConfigConstants.readTrustedIDEvaluator(trustedIDEvaluator, variableMap, this.appClassLoader));
                    } catch (Throwable th2) {
                        Tr.error(tc, "security.wssecurity.load.trustedidevaluator.failed", new Object[]{trustedIDEvaluator.getName(), th2});
                    }
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "No TrustedIDEvaluators found.");
            }
            EList keyLocators = wSSecurity.getKeyLocators();
            if (keyLocators != null && !keyLocators.isEmpty()) {
                int size4 = keyLocators.size();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append(size4).append(" KeyLocators found.").toString());
                }
                for (int i4 = 0; i4 < size4; i4++) {
                    KeyLocator keyLocator = (KeyLocator) keyLocators.get(i4);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Processing KeyLocator: ", new Object[]{keyLocator});
                    }
                    try {
                        wSSecurityDefaultConfiguration.keyLocators.put(keyLocator.getName(), ConfigConstants.readKeyLocator(keyLocator, variableMap));
                    } catch (Throwable th3) {
                        Tr.error(tc, "security.wssecurity.load.keylocator.failed", new Object[]{keyLocator.getName(), th3});
                    }
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "No KeyLocators found.");
            }
            CertStoreList certStoreList = wSSecurity.getCertStoreList();
            if (certStoreList != null) {
                EList ldapCertStores = certStoreList.getLdapCertStores();
                if (ldapCertStores != null && !ldapCertStores.isEmpty()) {
                    int size5 = ldapCertStores.size();
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, new StringBuffer().append(size5).append(" LDAPCertStores found.").toString());
                    }
                    for (int i5 = 0; i5 < size5; i5++) {
                        LDAPCertStore lDAPCertStore = (LDAPCertStore) ldapCertStores.get(i5);
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Processing LDAPCertStore: ", new Object[]{lDAPCertStore});
                        }
                        try {
                            wSSecurityDefaultConfiguration.certStores.put(lDAPCertStore.getName(), new com.ibm.ws.webservices.wssecurity.config.LDAPCertStore(lDAPCertStore, variableMap));
                        } catch (Throwable th4) {
                            Tr.error(tc, "security.wssecurity.load.ldapcertstore.failed", new Object[]{lDAPCertStore.getName(), th4});
                        }
                    }
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "No LDAPCertStores found.");
                }
                EList collectionCertStores = certStoreList.getCollectionCertStores();
                if (collectionCertStores != null && !collectionCertStores.isEmpty()) {
                    int size6 = collectionCertStores.size();
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, new StringBuffer().append(size6).append(" collectionCertStores found.").toString());
                    }
                    for (int i6 = 0; i6 < size6; i6++) {
                        CollectionCertStore collectionCertStore = (CollectionCertStore) collectionCertStores.get(i6);
                        if (collectionCertStore == null) {
                            Tr.error(tc, "security.wssecurity.collectioncertstore.is.null");
                        } else {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "Process CollectionCertStore: ", new Object[]{collectionCertStore});
                            }
                            String provider = collectionCertStore.getProvider();
                            HashSet hashSet = new HashSet();
                            EList x509Certificates = collectionCertStore.getX509Certificates();
                            EList crl = collectionCertStore.getCRL();
                            if ((x509Certificates == null || x509Certificates.isEmpty()) && (crl == null || crl.isEmpty())) {
                                Tr.error(tc, "security.wssecurity.x509certificates.is.null");
                                Tr.error(tc, "security.wssecurity.WSEC0134E");
                            } else {
                                try {
                                    ConfigUtil.createCertificateFactory("");
                                    if (x509Certificates != null && !x509Certificates.isEmpty()) {
                                        int size7 = x509Certificates.size();
                                        if (tc.isDebugEnabled()) {
                                            Tr.debug(tc, new StringBuffer().append(size7).append(" certificates found.").toString());
                                        }
                                        for (int i7 = 0; i7 < size7; i7++) {
                                            String expand2 = variableMap.expand(((X509Certificate) x509Certificates.get(i7)).getPath());
                                            if (expand2 == null) {
                                                Tr.error(tc, "security.wssecurity.cert.path.null", new Object[]{collectionCertStore.getName()});
                                            } else if (!hashSet.contains(expand2)) {
                                                if (tc.isDebugEnabled()) {
                                                    Tr.debug(tc, new StringBuffer().append("Adding href to HashSet: ").append(expand2).toString());
                                                }
                                                hashSet.add(expand2);
                                            } else if (tc.isDebugEnabled()) {
                                                Tr.debug(tc, new StringBuffer().append("href already in HashSet: ").append(expand2).toString());
                                            }
                                        }
                                    } else if (tc.isDebugEnabled()) {
                                        Tr.debug(tc, new StringBuffer().append("No X509 certificates in CollectionCertStore[").append(collectionCertStore).append(CeiString.END_SQUARE_BRACKET).toString());
                                    }
                                    if (crl != null && !crl.isEmpty()) {
                                        int size8 = crl.size();
                                        if (tc.isDebugEnabled()) {
                                            Tr.debug(tc, new StringBuffer().append(size8).append(" CRLs found.").toString());
                                        }
                                        for (int i8 = 0; i8 < size8; i8++) {
                                            String expand3 = variableMap.expand(((CRL) crl.get(i8)).getPath());
                                            if (expand3 == null) {
                                                Tr.error(tc, "security.wssecurity.cert.path.null", new Object[]{collectionCertStore.getName()});
                                            } else if (!hashSet.contains(expand3)) {
                                                if (tc.isDebugEnabled()) {
                                                    Tr.debug(tc, new StringBuffer().append("Adding href to HashSet: ").append(expand3).toString());
                                                }
                                                hashSet.add(expand3);
                                            } else if (tc.isDebugEnabled()) {
                                                Tr.debug(tc, new StringBuffer().append("href already in HashSet: ").append(expand3).toString());
                                            }
                                        }
                                    } else if (tc.isDebugEnabled()) {
                                        Tr.debug(tc, new StringBuffer().append("No X509 crls in CollectionCertStore[").append(collectionCertStore).append(CeiString.END_SQUARE_BRACKET).toString());
                                    }
                                    wSSecurityDefaultConfiguration.certStores.put(collectionCertStore.getName(), new com.ibm.ws.webservices.wssecurity.config.CollectionCertStore("Collection", hashSet, provider, collectionCertStore.getName()));
                                } catch (Throwable th5) {
                                    Tr.error(tc, "security.wssecurity.load.collectioncertstore.failed", new Object[]{collectionCertStore.getName(), th5});
                                }
                            }
                        }
                    }
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "No CollectionCertStores found.");
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "No CertStoreList found.");
            }
            EList algorithmMapping = wSSecurity.getAlgorithmMapping();
            if (algorithmMapping != null && !algorithmMapping.isEmpty()) {
                int size9 = algorithmMapping.size();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append(size9).append(" AlgorithmMappings found.").toString());
                }
                for (int i9 = 0; i9 < size9; i9++) {
                    AlgorithmMapping algorithmMapping2 = (AlgorithmMapping) algorithmMapping.get(i9);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Process AlgorithmMapping: ", new Object[]{algorithmMapping2});
                    }
                    try {
                        wSSecurityDefaultConfiguration.algorithmMappings.add(ConfigConstants.readAlgorithmMapping(algorithmMapping2, variableMap));
                    } catch (Throwable th6) {
                        Tr.error(tc, "security.wssecurity.load.algorithmmapping.failed", new Object[]{algorithmMapping2.getFactoryname(), th6});
                    }
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "No AlgorithmMappings found.");
            }
            NonceCaching nonceCaching = wSSecurity.getNonceCaching();
            if (nonceCaching != null) {
                wSSecurityDefaultConfiguration.nonceCacheDistributed = nonceCaching.isDistributed();
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "No NonceCaching found.");
            }
            Defaultbindings defaultbindings = wSSecurity.getDefaultbindings();
            if (defaultbindings != null) {
                Consumer consumer = defaultbindings.getConsumer();
                if (consumer != null) {
                    wSSecurityDefaultConfiguration.cconfig = new WSSecurityDefaultConsumerConfig(consumer, variableMap, wSSecurityDefaultConfiguration);
                }
                Generator generator = defaultbindings.getGenerator();
                if (generator != null) {
                    wSSecurityDefaultConfiguration.gconfig = null;
                    try {
                        wSSecurityDefaultConfiguration.gconfig = new WSSecurityDefaultGeneratorConfig(generator, variableMap, wSSecurityDefaultConfiguration);
                    } catch (SoapSecurityException e7) {
                        Tr.error(tc, "security.wssecurity.WSEC0135E", new Object[]{e7.getMessage()});
                    }
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "No default bindings found.");
            }
            if (variableMap != null) {
                releaseService(variableMap);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "loadConfig", new Object[]{wSSecurity, wSSecurityDefaultConfiguration});
            }
        } catch (Throwable th7) {
            if (variableMap != null) {
                releaseService(variableMap);
            }
            throw th7;
        }
    }

    private void processNonceBindings(String str, Map map, WSSecurityDefaultConfiguration wSSecurityDefaultConfiguration) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "processNonceBindings");
        }
        if (SecurityHelper.basicAuth.equals(str)) {
            String str2 = (String) map.get(ConfigConstants.BASICAUTH_NONCE_MAX_AGE);
            if (str2 != null) {
                wSSecurityDefaultConfiguration.nonceMaxAge = ConfigConstants.processNonceMaxAge(str2, wSSecurityDefaultConfiguration.nonceCacheTimeout);
            }
            String str3 = (String) map.get(ConfigConstants.BASICAUTH_NONCE_CLOCK_SKEW);
            if (str3 != null) {
                wSSecurityDefaultConfiguration.nonceClockSkew = ConfigConstants.processNonceClockSkew(str3, wSSecurityDefaultConfiguration.nonceMaxAge);
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, new StringBuffer().append(" Nonce max age = ").append(wSSecurityDefaultConfiguration.nonceMaxAge).append(", Nonce clock skew = ").append(wSSecurityDefaultConfiguration.nonceClockSkew).toString());
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "processNonceBindings");
        }
    }

    @Override // com.ibm.ws.runtime.service.WSSecurityService
    public void refresh() throws RuntimeWarning {
        Class cls;
        Class cls2;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "refresh");
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(REFRESH_PERM);
        }
        WSSecurityDefaultConfiguration wSSecurityDefaultConfiguration = new WSSecurityDefaultConfiguration();
        try {
            try {
                if (class$com$ibm$ws$runtime$service$Repository == null) {
                    cls2 = class$("com.ibm.ws.runtime.service.Repository");
                    class$com$ibm$ws$runtime$service$Repository = cls2;
                } else {
                    cls2 = class$com$ibm$ws$runtime$service$Repository;
                }
                Repository repository = (Repository) getService(cls2);
                ConfigRoot configRoot = repository.getConfigRoot();
                if (this.ndEnvironment) {
                    try {
                        Resource resource = configRoot.getResource(0, ConfigConstants.WS_SECURITY_RESOURCE_NAME);
                        if (resource != null) {
                            WSSecurity wSSecurity = (WSSecurity) resource.getContents().get(0);
                            if (wSSecurity != null && tc.isDebugEnabled()) {
                                Tr.debug(tc, new StringBuffer().append("Loading the Cell level configuration: ").append(configRoot.getAbsolutePath(0, ConfigConstants.WS_SECURITY_RESOURCE_NAME)).toString());
                            }
                            loadConfig(wSSecurity, wSSecurityDefaultConfiguration);
                        }
                    } catch (Exception e) {
                        String absolutePath = configRoot.getAbsolutePath(0, ConfigConstants.WS_SECURITY_RESOURCE_NAME);
                        FFDCFilter.processException(e, new StringBuffer().append(getClass().getName()).append(".refresh").toString(), "814", this);
                        String format = MessageFormat.format(ConfigConstants.getMessage("security.wssecurity.load.cell.wssecurity.xml"), absolutePath);
                        Tr.warning(tc, "security.wssecurity.load.cell.wssecurity.xml", (Object) new Object[]{absolutePath});
                        throw new RuntimeWarning(format, e);
                    }
                }
                Resource resource2 = null;
                try {
                    resource2 = configRoot.getResource(4, ConfigConstants.WS_SECURITY_RESOURCE_NAME);
                } catch (Exception e2) {
                    if (!this.ndEnvironment) {
                        String absolutePath2 = configRoot.getAbsolutePath(4, ConfigConstants.WS_SECURITY_RESOURCE_NAME);
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, new StringBuffer().append("Can not load server level configuration file: ").append(absolutePath2).toString(), new Object[]{e2});
                        }
                        Tr.warning(tc, "security.wssecurity.load.server.wssecurity.xml", (Object) new Object[]{absolutePath2});
                    }
                }
                if (resource2 != null) {
                    WSSecurity wSSecurity2 = (WSSecurity) resource2.getContents().get(0);
                    if (wSSecurity2 != null && tc.isDebugEnabled()) {
                        Tr.debug(tc, new StringBuffer().append("Loading the Server level configuration: ").append(configRoot.getAbsolutePath(4, ConfigConstants.WS_SECURITY_RESOURCE_NAME)).toString());
                    }
                    loadConfig(wSSecurity2, wSSecurityDefaultConfiguration);
                }
                synchronized (this.lock) {
                    wSSecurityDefaultConfiguration.keyStores.clear();
                    wSSecurityDefaultConfiguration.certs.clear();
                    this.config = wSSecurityDefaultConfiguration;
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Configuration: ", new Object[]{this.config});
                }
                if (configRoot != null) {
                    releaseService(configRoot);
                }
                if (repository != null) {
                    releaseService(repository);
                }
            } catch (SoapSecurityException e3) {
                StringBuffer stringBuffer = new StringBuffer();
                if (class$com$ibm$ws$webservices$wssecurity$core$WSSecurityClientComponentImpl == null) {
                    cls = class$("com.ibm.ws.webservices.wssecurity.core.WSSecurityClientComponentImpl");
                    class$com$ibm$ws$webservices$wssecurity$core$WSSecurityClientComponentImpl = cls;
                } else {
                    cls = class$com$ibm$ws$webservices$wssecurity$core$WSSecurityClientComponentImpl;
                }
                FFDCFilter.processException(e3, stringBuffer.append(cls.getName()).append(".initialize").toString(), "865", this);
                Tr.error(tc, "security.wssecurity.WSEC0126E", e3);
                if (0 != 0) {
                    releaseService(null);
                }
                if (0 != 0) {
                    releaseService(null);
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "refresh");
            }
        } catch (Throwable th) {
            if (0 != 0) {
                releaseService(null);
            }
            if (0 != 0) {
                releaseService(null);
            }
            throw th;
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        Class cls2;
        if (class$com$ibm$ws$webservices$wssecurity$core$WSSecurityComponentImpl == null) {
            cls = class$("com.ibm.ws.webservices.wssecurity.core.WSSecurityComponentImpl");
            class$com$ibm$ws$webservices$wssecurity$core$WSSecurityComponentImpl = cls;
        } else {
            cls = class$com$ibm$ws$webservices$wssecurity$core$WSSecurityComponentImpl;
        }
        tc = Tr.register(cls, ConfigConstants.TR_GROUP, ConfigConstants.TR_NLSPROPS);
        if (class$com$ibm$ws$webservices$wssecurity$core$WSSecurityComponentImpl == null) {
            cls2 = class$("com.ibm.ws.webservices.wssecurity.core.WSSecurityComponentImpl");
            class$com$ibm$ws$webservices$wssecurity$core$WSSecurityComponentImpl = cls2;
        } else {
            cls2 = class$com$ibm$ws$webservices$wssecurity$core$WSSecurityComponentImpl;
        }
        clsName = cls2.getName();
        REFRESH_PERM = new WebSphereRuntimePermission("wssecurity.refreshConfig");
    }
}
