package com.ibm.ws.gridcontainer.security;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ws.batch.SecurityUtilsHelper;
import com.ibm.ws.management.AdminHelper;
import com.ibm.ws.management.util.SecurityHelper;
import com.ibm.ws.security.auth.j2c.WSLoginLocalOSExtension;
import com.ibm.ws.security.auth.j2c.WSLoginLocalOSExtensionFactory;
import com.ibm.ws.security.core.ContextManager;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.security.core.SecurityContext;
import java.security.Principal;
import java.util.Iterator;
import java.util.List;
import javax.security.auth.Subject;

/* loaded from: input_file:com/ibm/ws/gridcontainer/security/SecurityUtils.class */
public class SecurityUtils {
    private static SecurityUtilsHelper secUtilsHelper;
    public static WSLoginLocalOSExtension wsLoginLocalOSExtention;
    public static boolean isApplicationSynToOSEnabled;
    public static boolean isSyncToThreadEnabled;
    public static boolean isThreadLocalApplSyncEnabled;
    private static final String className = SecurityUtils.class.getName();
    private static final String bundle = "com.ibm.ws.bjee.resources.batchMessages";
    private static final TraceComponent tc = Tr.register(className, "Batch_Container", bundle);
    private static final boolean isSecurityON = SecurityContext.isSecurityEnabled();
    public static final boolean isZOS = AdminHelper.getPlatformHelper().isZOS();
    private static ContextManager contextManager = ContextManagerFactory.getInstance();

    public static void setServerCredentials() {
        Subject serverSubject = SecurityHelper.getServerSubject();
        if (serverSubject == null || serverSubject.equals(SecurityHelper.getInvocationSubject())) {
            return;
        }
        SecurityHelper.pushInvocationSubject(serverSubject);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Server credential is now in the thread.");
        }
    }

    public static Subject pushServerSubject() {
        Subject invocationSubject = SecurityHelper.getInvocationSubject();
        Subject serverSubject = SecurityHelper.getServerSubject();
        if (serverSubject != null && !serverSubject.equals(invocationSubject)) {
            invocationSubject = SecurityHelper.pushInvocationSubject(serverSubject);
        }
        return invocationSubject;
    }

    public static void popServerSubject(Subject subject) {
        if (subject == null || subject.equals(SecurityHelper.getInvocationSubject())) {
            return;
        }
        SecurityHelper.setInvocationSubject(subject);
    }

    public static boolean isSecurityOn() {
        return isSecurityON;
    }

    public static boolean isRunUnderUserCredential() {
        if (secUtilsHelper == null) {
            secUtilsHelper = SecurityUtilsHelper.getInstance();
        }
        return secUtilsHelper.isRunUnderUserCredential;
    }

    public static boolean isUseHTTPSConnection() {
        if (secUtilsHelper == null) {
            secUtilsHelper = SecurityUtilsHelper.getInstance();
        }
        return secUtilsHelper.isUseHTTPSConnection;
    }

    public static Subject getInvocationSubject() {
        return SecurityHelper.getInvocationSubject();
    }

    public static void showCredentials(String str) {
        Subject invocationSubject = SecurityHelper.getInvocationSubject();
        if (invocationSubject != null) {
            Iterator<Principal> it = invocationSubject.getPrincipals().iterator();
            while (it.hasNext()) {
                Tr.debug(tc, "showCredentials [" + str + " InvocationPrincipalName " + it.next().getName() + "] [UserName " + SecurityHelper.getUserName() + "]");
            }
        } else {
            Tr.debug(tc, "showCredentials [" + str + " : Subject is NULL]");
        }
        Tr.debug(tc, "Default Realm is " + contextManager.getDefaultRealm());
        List realms = contextManager.getRealms();
        if (realms == null) {
            Tr.debug(tc, "Realm List is NULL");
            return;
        }
        Tr.debug(tc, "Number of Securty Realms [" + realms.size() + "]");
        Iterator it2 = realms.iterator();
        while (it2.hasNext()) {
            Tr.debug(tc, "    -> " + ((String) it2.next()));
        }
    }

    public static void showSubjectCredentials(String str, Subject subject) {
        if (subject == null) {
            Tr.debug(tc, str + " [Subject is NULL]");
            return;
        }
        Iterator<Principal> it = subject.getPrincipals().iterator();
        while (it.hasNext()) {
            Tr.debug(tc, str + " [Principal: " + it.next().getName() + "] [User: " + SecurityHelper.getUserName() + "]");
        }
    }

    static {
        if (isZOS && isSecurityON) {
            wsLoginLocalOSExtention = WSLoginLocalOSExtensionFactory.getInstance();
            isApplicationSynToOSEnabled = wsLoginLocalOSExtention.isApplicationSyncToOSThreadEnabled();
            isSyncToThreadEnabled = wsLoginLocalOSExtention.isSyncToThreadEnabled();
            if (isApplicationSynToOSEnabled || isSyncToThreadEnabled) {
                wsLoginLocalOSExtention.setThreadLocalApplicationSyncEnabled(true);
            } else {
                wsLoginLocalOSExtention.setThreadLocalApplicationSyncEnabled(false);
                Tr.warning(tc, "thread.synch.not.enable.warning", className);
            }
            isThreadLocalApplSyncEnabled = wsLoginLocalOSExtention.isThreadLocalApplicationSyncEnabled();
            if (tc.isEntryEnabled()) {
                Tr.debug(tc, className + " ** [isApplicationSyncToOSThreadEnabled " + (isApplicationSynToOSEnabled ? "TRUE" : "FALSE") + "]");
                Tr.debug(tc, className + " ** [isSyncToThreadEnabled " + (isSyncToThreadEnabled ? "TRUE" : "FALSE") + "]");
                Tr.debug(tc, className + " ** [isThreadLocalApplicationSyncEnabled " + (isThreadLocalApplSyncEnabled ? "TRUE" : "FALSE") + "]");
            }
        }
    }
}
