package com.ibm.ws.security.web;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.portletcontainer.om.security.PortletApplication;
import com.ibm.ws.portletcontainer.om.security.PortletDefinition;
import com.ibm.ws.portletcontainer.om.security.SecurityConstraint;
import com.ibm.ws.portletcontainer.util.PortletModelHelper;
import com.ibm.ws.runtime.deploy.DeployedModule;
import com.ibm.ws.security.config.SecurityConfig;
import com.ibm.ws.security.config.SecurityObjectLocator;
import com.ibm.ws.security.core.AccessContext;
import com.ibm.ws.security.core.PermissionRoleMap;
import com.ibm.ws.security.util.LRUCache;
import com.ibm.ws.security.util.WCCMHelper;
import com.ibm.wsspi.webcontainer.servlet.IServletConfig;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Vector;
import javax.servlet.HttpConstraintElement;
import javax.servlet.HttpMethodConstraintElement;
import javax.servlet.ServletRegistration;
import javax.servlet.ServletSecurityElement;
import javax.servlet.annotation.ServletSecurity;
import javax.servlet.http.HttpServletRequest;
import org.eclipse.emf.common.util.BasicEList;
import org.eclipse.emf.common.util.EList;
import org.eclipse.jst.j2ee.common.SecurityRole;
import org.eclipse.jst.j2ee.webapplication.AuthConstraint;
import org.eclipse.jst.j2ee.webapplication.HTTPMethodType;
import org.eclipse.jst.j2ee.webapplication.UserDataConstraint;
import org.eclipse.jst.j2ee.webapplication.WebApp;
import org.eclipse.jst.j2ee.webapplication.WebResourceCollection;

/* loaded from: input_file:com/ibm/ws/security/web/WebConstraintsTable.class */
public class WebConstraintsTable extends PermissionRoleMap {
    private static final TraceComponent tc = Tr.register((Class<?>) WebConstraintsTable.class);
    private static String NO_MATCH = "";
    private WebResourceCollectionConstraints[] webConstraintsTable = null;
    private WebApp webApp = null;
    LRUCache userDataConstraintsMap;
    public static final int NO_TRANSPORT_GUARANTEE_REQUIRED = 0;
    public static final int SSL_TRANSPORT_GUARANTEE_REQUIRED = 1;
    public static final String WEB_HASH_SIZE = "com.ibm.websphere.security.web.hashsize";

    public WebConstraintsTable() {
    }

    public WebConstraintsTable(WebApp webApp, String str, DeployedModule deployedModule) {
        init(webApp, str, deployedModule, null, null);
    }

    public WebConstraintsTable(WebApp webApp, String str, DeployedModule deployedModule, Map<String, ? extends ServletRegistration> map, WebConstraintsTable webConstraintsTable) {
        init(webApp, str, deployedModule, map, webConstraintsTable);
    }

    private void init(WebApp webApp, String str, DeployedModule deployedModule, Map<String, ? extends ServletRegistration> map, WebConstraintsTable webConstraintsTable) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "WebConstraintsTable: ", new Object[]{webApp, str, deployedModule, map, webConstraintsTable});
        }
        String property = System.getProperty(WEB_HASH_SIZE);
        if (property == null || property == "" || new Integer(property).intValue() <= 0) {
            this.userDataConstraintsMap = new LRUCache(600);
        } else {
            this.userDataConstraintsMap = new LRUCache(new Integer(property).intValue());
        }
        this.webApp = webApp;
        if (map != null) {
            initializeTable(webApp, str, map, webConstraintsTable);
        } else {
            initializeTable(webApp.getConstraints(), str, deployedModule);
        }
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "WebConstraintsTable");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.ws.security.core.PermissionRoleMap
    public SecurityRole[] getRequiredRoles(AccessContext accessContext, String str, String str2) {
        return getRequiredRoles(accessContext, str, str2, null);
    }

    @Override // com.ibm.ws.security.core.PermissionRoleMap
    protected SecurityRole[] getRequiredRoles(AccessContext accessContext, String str, String str2, HttpServletRequest httpServletRequest) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getRequiredRoles :  " + str + " " + str2);
        }
        String str3 = NO_MATCH;
        Vector vector = null;
        Vector vector2 = null;
        Vector vector3 = null;
        SecurityRole[] securityRoleArr = null;
        SecurityRole[] securityRoleArr2 = null;
        String str4 = NO_MATCH;
        SecurityRole[] securityRoleArr3 = null;
        SecurityRole[] securityRoleArr4 = null;
        String str5 = NO_MATCH;
        boolean propertyBool = SecurityObjectLocator.getSecurityConfig().getPropertyBool(SecurityConfig.ALLOW_CUSTOM_HTTP_METHODS);
        boolean z = false;
        int i = 0;
        while (i < 2 && !z) {
            boolean z2 = true;
            if (propertyBool || WebResourceCollectionConstraints.isStandardHTTPMethod(str2)) {
                i++;
            } else if (i == 1) {
                z2 = false;
            }
            for (int i2 = 0; i2 < this.webConstraintsTable.length; i2++) {
                WebResourceCollectionConstraints webResourceCollectionConstraints = this.webConstraintsTable[i2];
                WebConstraintsMatchObject matches = webResourceCollectionConstraints.matches(str, str2, z2);
                if (matches == null && "HEAD".equals((String) httpServletRequest.getAttribute("com.ibm.ws.webcontainer.security.checkdefaultmethod"))) {
                    matches = webResourceCollectionConstraints.matches(str, "GET", z2);
                }
                if (matches != null) {
                    z = true;
                    int matchedType = matches.getMatchedType();
                    boolean isMethodMatch = matches.isMethodMatch();
                    String matchedURI = matches.getMatchedURI();
                    if (matchedType == WebResourceCollectionConstraints.EXACT_MATCH) {
                        SecurityRole[] requiredRoles = webResourceCollectionConstraints.getRequiredRoles();
                        if (requiredRoles == PermissionRoleMap.EMPTY_REQUIRED_ROLES || (requiredRoles == PermissionRoleMap.NO_REQUIRED_ROLES && isMethodMatch)) {
                            return requiredRoles;
                        }
                        if (vector2 != null) {
                            for (int i3 = 0; i3 < requiredRoles.length; i3++) {
                                if (!vector2.contains(requiredRoles[i3])) {
                                    vector2.add(requiredRoles[i3]);
                                }
                            }
                        } else {
                            vector2 = new Vector();
                            for (SecurityRole securityRole : requiredRoles) {
                                vector2.add(securityRole);
                            }
                        }
                    } else if (matchedType == WebResourceCollectionConstraints.PATHNAME_MATCH && matchedURI.length() == str3.length()) {
                        str3 = matchedURI;
                        SecurityRole[] requiredRoles2 = webResourceCollectionConstraints.getRequiredRoles();
                        if (requiredRoles2 == PermissionRoleMap.EMPTY_REQUIRED_ROLES) {
                            securityRoleArr = PermissionRoleMap.EMPTY_REQUIRED_ROLES;
                            str4 = matchedURI;
                        } else if (requiredRoles2 == PermissionRoleMap.NO_REQUIRED_ROLES) {
                            if (isMethodMatch) {
                                securityRoleArr3 = PermissionRoleMap.NO_REQUIRED_ROLES;
                                str5 = matchedURI;
                            }
                        } else if (str4.length() < matchedURI.length() && (str5.length() < matchedURI.length() || (str5.length() == matchedURI.length() && !isMethodMatch))) {
                            securityRoleArr3 = null;
                            str5 = NO_MATCH;
                            if (vector != null) {
                                for (int i4 = 0; i4 < requiredRoles2.length; i4++) {
                                    if (!vector.contains(requiredRoles2[i4])) {
                                        vector.add(requiredRoles2[i4]);
                                    }
                                }
                            } else {
                                vector = new Vector();
                                for (SecurityRole securityRole2 : requiredRoles2) {
                                    vector.add(securityRole2);
                                }
                            }
                        }
                    } else if (matchedType == WebResourceCollectionConstraints.PATHNAME_MATCH && matchedURI.length() > str3.length()) {
                        str3 = matchedURI;
                        vector = new Vector();
                        SecurityRole[] requiredRoles3 = webResourceCollectionConstraints.getRequiredRoles();
                        if (requiredRoles3 == PermissionRoleMap.EMPTY_REQUIRED_ROLES) {
                            securityRoleArr = PermissionRoleMap.EMPTY_REQUIRED_ROLES;
                            str4 = matchedURI;
                        } else if (requiredRoles3 == PermissionRoleMap.NO_REQUIRED_ROLES) {
                            securityRoleArr3 = PermissionRoleMap.NO_REQUIRED_ROLES;
                            str5 = matchedURI;
                        } else {
                            for (SecurityRole securityRole3 : requiredRoles3) {
                                vector.add(securityRole3);
                            }
                        }
                    } else if (matchedType == WebResourceCollectionConstraints.EXTENSION_MATCH) {
                        SecurityRole[] requiredRoles4 = webResourceCollectionConstraints.getRequiredRoles();
                        if (requiredRoles4 == PermissionRoleMap.EMPTY_REQUIRED_ROLES) {
                            securityRoleArr2 = PermissionRoleMap.EMPTY_REQUIRED_ROLES;
                        } else if (requiredRoles4 == PermissionRoleMap.NO_REQUIRED_ROLES) {
                            securityRoleArr4 = PermissionRoleMap.NO_REQUIRED_ROLES;
                        } else if (securityRoleArr2 == null && securityRoleArr4 == null) {
                            if (vector3 != null) {
                                for (int i5 = 0; i5 < requiredRoles4.length; i5++) {
                                    if (!vector3.contains(requiredRoles4[i5])) {
                                        vector3.add(requiredRoles4[i5]);
                                    }
                                }
                            } else {
                                vector3 = new Vector();
                                for (SecurityRole securityRole4 : requiredRoles4) {
                                    vector3.add(securityRole4);
                                }
                            }
                        }
                    }
                }
            }
            i++;
        }
        SecurityRole[] securityRoleArr5 = PermissionRoleMap.NO_REQUIRED_ROLES;
        if (vector2 != null) {
            if (vector2.size() > 0) {
                securityRoleArr5 = (SecurityRole[]) vector2.toArray(new SecurityRole[0]);
            }
        } else if (securityRoleArr != null && str4.length() >= str3.length()) {
            securityRoleArr5 = PermissionRoleMap.EMPTY_REQUIRED_ROLES;
        } else if (securityRoleArr3 != null && str5.length() >= str3.length()) {
            securityRoleArr5 = PermissionRoleMap.NO_REQUIRED_ROLES;
        } else if (vector != null) {
            if (vector.size() > 0) {
                securityRoleArr5 = (SecurityRole[]) vector.toArray(new SecurityRole[0]);
            }
        } else if (securityRoleArr2 != null) {
            securityRoleArr5 = PermissionRoleMap.EMPTY_REQUIRED_ROLES;
        } else if (securityRoleArr4 != null) {
            securityRoleArr5 = PermissionRoleMap.NO_REQUIRED_ROLES;
        } else if (vector3 != null && vector3.size() > 0) {
            securityRoleArr5 = (SecurityRole[]) vector3.toArray(new SecurityRole[0]);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Required roles are");
            if (securityRoleArr5 == PermissionRoleMap.EMPTY_REQUIRED_ROLES) {
                Tr.debug(tc, "EMPTY_REQUIRED_ROLES");
            } else if (securityRoleArr5 == PermissionRoleMap.NO_REQUIRED_ROLES) {
                Tr.debug(tc, "NO_REQUIRED_ROLES");
            } else {
                for (SecurityRole securityRole5 : securityRoleArr5) {
                    Tr.debug(tc, securityRole5.getRoleName());
                }
            }
            Tr.debug(tc, ".");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getRequiredRoles");
        }
        return securityRoleArr5;
    }

    public boolean isSSLRequired(WebAccessContext webAccessContext, WebAccessPermission webAccessPermission) {
        Boolean bool = (Boolean) this.userDataConstraintsMap.get(webAccessPermission);
        if (bool != null) {
            return bool.booleanValue();
        }
        boolean isSSLRequired = isSSLRequired(webAccessPermission.getResourceName(), webAccessPermission.getMethodName());
        this.userDataConstraintsMap.put(webAccessPermission, new Boolean(isSSLRequired));
        return isSSLRequired;
    }

    public boolean isSSLRequired(String str, String str2) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isSSLRequired");
        }
        String str3 = NO_MATCH;
        String str4 = NO_MATCH;
        int i = 0;
        int i2 = 0;
        int i3 = 0;
        boolean z = false;
        boolean z2 = false;
        boolean propertyBool = SecurityObjectLocator.getSecurityConfig().getPropertyBool(SecurityConfig.ALLOW_CUSTOM_HTTP_METHODS);
        boolean z3 = false;
        int i4 = 0;
        while (i4 < 2 && !z3) {
            boolean z4 = true;
            if (propertyBool || WebResourceCollectionConstraints.isStandardHTTPMethod(str2)) {
                i4++;
            } else if (i4 == 1) {
                z4 = false;
            }
            for (int i5 = 0; i5 < this.webConstraintsTable.length; i5++) {
                WebResourceCollectionConstraints webResourceCollectionConstraints = this.webConstraintsTable[i5];
                WebConstraintsMatchObject matches = webResourceCollectionConstraints.matches(str, str2, z4);
                if (matches != null) {
                    z3 = true;
                    int matchedType = matches.getMatchedType();
                    matches.isMethodMatch();
                    String matchedURI = matches.getMatchedURI();
                    if (matchedType == WebResourceCollectionConstraints.EXACT_MATCH) {
                        str3 = matchedURI;
                        i = webResourceCollectionConstraints.getTransportGuarantee();
                        str4 = matchedURI;
                        if (i == 0) {
                            break;
                        }
                    } else if (matchedType == WebResourceCollectionConstraints.PATHNAME_MATCH && matchedURI.length() == str3.length()) {
                        int transportGuarantee = webResourceCollectionConstraints.getTransportGuarantee();
                        if (!z) {
                            i2 = transportGuarantee;
                            z = true;
                        } else if (i2 != 0) {
                            i2 = transportGuarantee;
                        }
                        str3 = matchedURI;
                    } else if (matchedType == WebResourceCollectionConstraints.PATHNAME_MATCH && matchedURI.length() > str3.length()) {
                        str3 = matchedURI;
                        if (!z) {
                            z = true;
                        }
                        i2 = webResourceCollectionConstraints.getTransportGuarantee();
                    } else if (matchedType == WebResourceCollectionConstraints.EXTENSION_MATCH) {
                        int transportGuarantee2 = webResourceCollectionConstraints.getTransportGuarantee();
                        if (!z2) {
                            i3 = transportGuarantee2;
                            z2 = true;
                        } else if (i3 != 0) {
                            i3 = transportGuarantee2;
                        }
                    }
                }
            }
            i4++;
        }
        return (str4 != NO_MATCH ? i : str3 != NO_MATCH ? i2 : i3) != 0;
    }

    public WebResourceCollectionConstraints getConstraints(AccessContext accessContext, String str, String str2) {
        return getConstraints(accessContext, str, str2, null);
    }

    public WebResourceCollectionConstraints getConstraints(AccessContext accessContext, String str, String str2, HttpServletRequest httpServletRequest) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getConstraints: ", new Object[]{str, str2});
        }
        String str3 = NO_MATCH;
        WebResourceCollectionConstraints webResourceCollectionConstraints = null;
        WebResourceCollectionConstraints webResourceCollectionConstraints2 = null;
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "webConstraintsTable.length = " + this.webConstraintsTable.length);
        }
        boolean propertyBool = SecurityObjectLocator.getSecurityConfig().getPropertyBool(SecurityConfig.ALLOW_CUSTOM_HTTP_METHODS);
        int i = 0;
        while (i < 2 && 0 == 0) {
            boolean z = true;
            if (propertyBool || WebResourceCollectionConstraints.isStandardHTTPMethod(str2)) {
                i++;
            } else if (i == 1) {
                z = false;
            }
            for (int i2 = 0; i2 < this.webConstraintsTable.length; i2++) {
                WebResourceCollectionConstraints webResourceCollectionConstraints3 = this.webConstraintsTable[i2];
                WebConstraintsMatchObject matches = webResourceCollectionConstraints3.matches(str, str2, z);
                if (matches == null && httpServletRequest != null && "HEAD".equals((String) httpServletRequest.getAttribute("com.ibm.ws.webcontainer.security.checkdefaultmethod"))) {
                    matches = webResourceCollectionConstraints3.matches(str, "GET", z);
                }
                if (matches != null) {
                    int matchedType = matches.getMatchedType();
                    boolean isMethodMatch = matches.isMethodMatch();
                    String matchedURI = matches.getMatchedURI();
                    if (matchedType == WebResourceCollectionConstraints.EXACT_MATCH) {
                        return webResourceCollectionConstraints3;
                    }
                    if (matchedType == WebResourceCollectionConstraints.PATHNAME_MATCH && matchedURI.length() == str3.length()) {
                        if (webResourceCollectionConstraints3.getRequiredRoles() != PermissionRoleMap.NO_REQUIRED_ROLES) {
                            str3 = matchedURI;
                            webResourceCollectionConstraints = webResourceCollectionConstraints3;
                        } else if (isMethodMatch) {
                            str3 = matchedURI;
                            webResourceCollectionConstraints = webResourceCollectionConstraints3;
                        }
                    } else if (matchedType != WebResourceCollectionConstraints.PATHNAME_MATCH || matchedURI.length() <= str3.length()) {
                        webResourceCollectionConstraints2 = webResourceCollectionConstraints3;
                    } else {
                        str3 = matchedURI;
                        webResourceCollectionConstraints = webResourceCollectionConstraints3;
                    }
                }
            }
            i++;
        }
        if (webResourceCollectionConstraints != null) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getConstraints not null");
            }
            return webResourceCollectionConstraints;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getConstraints");
        }
        return webResourceCollectionConstraints2;
    }

    public boolean existsExactMatchURI(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "existsExactMatchURI", new Object[]{str});
        }
        if (str == null || str.length() == 0) {
            if (!tc.isEntryEnabled()) {
                return false;
            }
            Tr.exit(tc, "existsExactMatchURI : uriName is null or empty, returning false");
            return false;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "webConstraintsTable.length = " + this.webConstraintsTable.length);
        }
        for (int i = 0; i < this.webConstraintsTable.length; i++) {
            List uRIPatterns = this.webConstraintsTable[i].getURIPatterns();
            if (uRIPatterns != null) {
                for (int i2 = 0; i2 < uRIPatterns.size(); i2++) {
                    if (str.equalsIgnoreCase((String) uRIPatterns.get(i2))) {
                        if (!tc.isEntryEnabled()) {
                            return true;
                        }
                        Tr.exit(tc, "existsExactMatchURI : a match is found");
                        return true;
                    }
                }
            }
        }
        if (!tc.isEntryEnabled()) {
            return false;
        }
        Tr.exit(tc, "existsExactMatchURI : no match, returning false");
        return false;
    }

    protected void setWebConstraintsTable(WebResourceCollectionConstraints[] webResourceCollectionConstraintsArr) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setWebConstraintsTable :" + webResourceCollectionConstraintsArr);
        }
        if (this.webConstraintsTable == null || this.webConstraintsTable.length == 0) {
            this.webConstraintsTable = webResourceCollectionConstraintsArr;
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "new table is set. length = " + this.webConstraintsTable.length);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setWebConstraintsTable");
        }
    }

    private void initializeTable(EList eList, String str, DeployedModule deployedModule) {
        List<SecurityConstraint> securityConstraints;
        SecurityRole[] securityRoleArr;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initializeTable: ", new Object[]{eList, str, deployedModule});
        }
        Hashtable hashtable = new Hashtable();
        PortletApplication portletApplication = deployedModule != null ? PortletModelHelper.getPortletApplication(deployedModule) : null;
        if (tc.isDebugEnabled() && portletApplication != null) {
            Tr.debug(tc, "Portlet app: " + portletApplication + " exists for app " + str);
        }
        Vector vector = new Vector();
        Iterator it = eList != null ? eList.iterator() : null;
        while (it != null) {
            try {
                if (!it.hasNext()) {
                    break;
                }
                org.eclipse.jst.j2ee.webapplication.SecurityConstraint securityConstraint = (org.eclipse.jst.j2ee.webapplication.SecurityConstraint) it.next();
                if (securityConstraint != null && tc.isDebugEnabled()) {
                    Tr.debug(tc, "SecurityConstraint: ", new Object[]{securityConstraint});
                }
                AuthConstraint authConstraint = securityConstraint.getAuthConstraint();
                if (authConstraint != null) {
                    EList roles = authConstraint.getRoles();
                    if (roles == null || roles.size() == 0) {
                        securityRoleArr = PermissionRoleMap.EMPTY_REQUIRED_ROLES;
                    } else {
                        securityRoleArr = new SecurityRole[roles.size()];
                        Iterator it2 = roles.iterator();
                        int i = 0;
                        while (true) {
                            if (!it2.hasNext()) {
                                break;
                            }
                            String str2 = (String) it2.next();
                            if (str2.equals("*")) {
                                EList<SecurityRole> securityRoles = this.webApp.getSecurityRoles();
                                int i2 = 0;
                                securityRoleArr = new SecurityRole[securityRoles.size()];
                                for (SecurityRole securityRole : securityRoles) {
                                    int i3 = i2;
                                    i2++;
                                    securityRoleArr[i3] = WCCMHelper.createSecurityRole(securityRole.getRoleName(), securityRole.getRoleName());
                                }
                            } else {
                                int i4 = i;
                                i++;
                                securityRoleArr[i4] = WCCMHelper.createSecurityRole(str2, str2);
                            }
                        }
                        if (tc.isDebugEnabled()) {
                            StringBuffer stringBuffer = new StringBuffer("Number of security roles defined: ");
                            stringBuffer.append(securityRoleArr.length);
                            Tr.debug(tc, stringBuffer.toString());
                        }
                    }
                } else {
                    securityRoleArr = PermissionRoleMap.NO_REQUIRED_ROLES;
                }
                UserDataConstraint userDataConstraint = securityConstraint.getUserDataConstraint();
                boolean z = false;
                int i5 = 0;
                if (userDataConstraint != null) {
                    z = userDataConstraint.isSetTransportGuarantee();
                    if (z) {
                        i5 = userDataConstraint.getTransportGuarantee().getValue();
                    }
                }
                for (WebResourceCollection webResourceCollection : securityConstraint.getWebResourceCollections()) {
                    EList urlPattern = webResourceCollection.getUrlPattern();
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "appName:" + str + " WebApp version:" + this.webApp.getVersion());
                    }
                    EList httpMethodString = webResourceCollection.getHttpMethodString();
                    EList httpMethodOmission = webResourceCollection.getHttpMethodOmission();
                    if (urlPattern != null) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Methods list\n");
                        }
                        String[] ListToArray = ListToArray(httpMethodString);
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Omission Methods list\n");
                        }
                        String[] ListToArray2 = ListToArray(httpMethodOmission);
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "URL Lists: " + urlPattern);
                        }
                        WebResourceCollectionConstraints webResourceCollectionConstraints = new WebResourceCollectionConstraints(urlPattern, ListToArray, ListToArray2);
                        if (securityRoleArr.length > 0 || securityRoleArr == PermissionRoleMap.EMPTY_REQUIRED_ROLES) {
                            webResourceCollectionConstraints.setRequiredRoles(securityRoleArr);
                        }
                        if (z) {
                            webResourceCollectionConstraints.setTransportGuarantee(i5);
                        }
                        vector.addElement(webResourceCollectionConstraints);
                        if (portletApplication != null) {
                            for (int i6 = 0; i6 < urlPattern.size(); i6++) {
                                hashtable.put(urlPattern.get(i6), webResourceCollectionConstraints);
                            }
                        }
                    }
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.web.WebConstraintsTable.initializeTable", "1012", this);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Exception message:  " + e.getMessage(), new Object[]{e});
                }
            }
        }
        int i7 = 0;
        if (portletApplication != null && (securityConstraints = portletApplication.getSecurityConstraints()) != null) {
            for (SecurityConstraint securityConstraint2 : securityConstraints) {
                if (securityConstraint2 != null) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "SecurityConstraint for Portlet is : ", new Object[]{securityConstraint2});
                    }
                    com.ibm.ws.portletcontainer.om.security.UserDataConstraint userDataConstraint2 = securityConstraint2.getUserDataConstraint();
                    if (userDataConstraint2 != null) {
                        userDataConstraint2.getTransportGuarantee();
                        String name = userDataConstraint2.getTransportGuarantee().getName();
                        if (name.equals("INTEGRAL")) {
                            i7 = 1;
                        } else if (name.equals("CONFIDENTIAL")) {
                            i7 = 2;
                        }
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "transport is set for Portlet is: " + name);
                        }
                    }
                    List portletDefinitions = securityConstraint2.getPortletDefinitions();
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "PortletDefinitions are: " + portletDefinitions);
                    }
                    Iterator it3 = portletDefinitions.iterator();
                    while (it3.hasNext()) {
                        String name2 = ((PortletDefinition) it3.next()).getName();
                        if (!name2.endsWith("/*")) {
                            name2 = new StringBuffer("/").append(name2).append("/*").toString();
                        }
                        WebResourceCollectionConstraints webResourceCollectionConstraints2 = (WebResourceCollectionConstraints) hashtable.get(name2);
                        if (webResourceCollectionConstraints2 == null) {
                            HTTPMethodType[] hTTPMethodTypeArr = new HTTPMethodType[0];
                            ArrayList arrayList = new ArrayList();
                            arrayList.add(name2);
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "Creating new constriant collection for portlet URI : " + name2);
                            }
                            WebResourceCollectionConstraints webResourceCollectionConstraints3 = new WebResourceCollectionConstraints(arrayList, null);
                            webResourceCollectionConstraints3.setTransportGuarantee(i7);
                            vector.addElement(webResourceCollectionConstraints3);
                        } else {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "Using existing constriant collection for portlet URI : " + name2);
                            }
                            webResourceCollectionConstraints2.removeUri(name2);
                            ArrayList arrayList2 = new ArrayList();
                            arrayList2.add(name2);
                            WebResourceCollectionConstraints webResourceCollectionConstraints4 = new WebResourceCollectionConstraints(arrayList2, null);
                            webResourceCollectionConstraints4.setRequiredRoles(webResourceCollectionConstraints2.getRequiredRoles());
                            webResourceCollectionConstraints4.setTransportGuarantee(i7);
                            vector.addElement(webResourceCollectionConstraints4);
                        }
                    }
                }
            }
        }
        int size = vector.size();
        this.webConstraintsTable = new WebResourceCollectionConstraints[size];
        for (int i8 = 0; i8 < size; i8++) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "webConstraintsTable:" + vector.elementAt(i8).toString());
            }
            this.webConstraintsTable[i8] = (WebResourceCollectionConstraints) vector.elementAt(i8);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "initializeTable");
        }
    }

    private void initializeTable(WebApp webApp, String str, Map<String, ? extends ServletRegistration> map, WebConstraintsTable webConstraintsTable) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initializeTable: ", new Object[]{webApp, str, map, webConstraintsTable});
        }
        Vector vector = new Vector();
        if (map != null) {
            try {
                for (Map.Entry<String, ? extends ServletRegistration> entry : map.entrySet()) {
                    String key = entry.getKey();
                    IServletConfig iServletConfig = (ServletRegistration) entry.getValue();
                    Collection mappings = iServletConfig.getMappings();
                    if (tc.isDebugEnabled()) {
                        DynamicHelper.printMappings(mappings);
                    }
                    EList urlList = getUrlList(iServletConfig, webConstraintsTable);
                    ServletSecurityElement servletSecurity = iServletConfig.getServletSecurity();
                    if (servletSecurity != null && urlList != null && !urlList.isEmpty()) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "*** Add dynamic/static security constraints: " + key);
                        }
                        String runAsRole = iServletConfig.getRunAsRole();
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "runAsRole->" + runAsRole);
                            DynamicHelper.printMappings(mappings);
                        }
                        vector.addElement(processHttpConstraint(urlList, servletSecurity));
                        Collection httpMethodConstraints = servletSecurity.getHttpMethodConstraints();
                        if (httpMethodConstraints != null && httpMethodConstraints.size() > 0) {
                            Iterator it = httpMethodConstraints.iterator();
                            while (it.hasNext()) {
                                vector.addElement(processHttpMethodConstraint(urlList, (HttpMethodConstraintElement) it.next()));
                            }
                        }
                    } else if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "*** Skip dynamic/static servlet: " + key);
                    }
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Number entries of servlet in webConstraintsTable: " + (vector != null ? Integer.valueOf(vector.size()) : "null"));
                }
                if (webConstraintsTable != null && vector != null && vector.size() > 0) {
                    vector = mergeStaticAndDynamicConstraints(webConstraintsTable, vector);
                } else if (webConstraintsTable != null) {
                    this.webConstraintsTable = webConstraintsTable.getWebConstrainsTable();
                    if (tc.isDebugEnabled() && this.webConstraintsTable != null) {
                        int length = this.webConstraintsTable.length;
                        Tr.debug(tc, "Number entries of staticSWebConstraintsTable: " + length);
                        for (int i = 0; i < length; i++) {
                            Tr.debug(tc, "webConstraintsTable:" + this.webConstraintsTable[i].toString());
                        }
                    }
                }
                if (vector != null && vector.size() > 0) {
                    createWebConstraintsTable(vector);
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.web.WebConstraintsTable.initializeTable", "1092", this);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Exception message:  " + e.getMessage(), new Object[]{e});
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "initializeTable");
        }
    }

    private String[] ListToArray(EList eList) {
        String[] strArr = null;
        if (eList != null && eList.size() > 0) {
            strArr = (String[]) eList.toArray(new String[0]);
        }
        if (tc.isDebugEnabled()) {
            if (strArr != null) {
                StringBuffer stringBuffer = new StringBuffer("Number of methods: ");
                stringBuffer.append(strArr.length);
                stringBuffer.append("\nArray: " + strArr);
                for (String str : strArr) {
                    stringBuffer.append("\nmethod=" + str);
                }
                Tr.debug(tc, stringBuffer.toString());
            } else {
                Tr.debug(tc, "<null>");
            }
        }
        return strArr;
    }

    public SecurityRole[] createSecurityRoles(String[] strArr) {
        SecurityRole[] securityRoleArr = null;
        if (strArr != null) {
            securityRoleArr = new SecurityRole[strArr.length];
            int i = 0;
            for (String str : strArr) {
                securityRoleArr[i] = WCCMHelper.createSecurityRole(str, str);
                i++;
            }
            if (tc.isDebugEnabled()) {
                StringBuffer stringBuffer = new StringBuffer("security roles: ");
                for (SecurityRole securityRole : securityRoleArr) {
                    stringBuffer.append(securityRole.getRoleName());
                }
                Tr.debug(tc, stringBuffer.toString());
            }
        }
        return securityRoleArr;
    }

    public EList collectionToList(Collection<String> collection) {
        EList eList = null;
        if (collection != null && !collection.isEmpty()) {
            eList = new BasicEList();
            Iterator<String> it = collection.iterator();
            while (it.hasNext()) {
                eList.add(it.next());
            }
        }
        return eList;
    }

    public String[] getDynamicMethodOmissions(ServletSecurityElement servletSecurityElement) {
        String[] strArr = null;
        if (servletSecurityElement != null) {
            Collection methodNames = servletSecurityElement.getMethodNames();
            if (tc.isDebugEnabled()) {
                DynamicHelper.printMethodOmissions(methodNames);
            }
            if (methodNames != null && methodNames.size() > 0) {
                ArrayList arrayList = new ArrayList();
                Iterator it = methodNames.iterator();
                while (it.hasNext()) {
                    arrayList.add((String) it.next());
                }
                strArr = (String[]) arrayList.toArray(new String[0]);
            }
        }
        return strArr;
    }

    public SecurityRole[] getDynamicSecurityRoles(HttpConstraintElement httpConstraintElement) {
        SecurityRole[] securityRoleArr = null;
        ServletSecurity.EmptyRoleSemantic emptyRoleSemantic = null;
        String[] strArr = null;
        if (httpConstraintElement != null) {
            emptyRoleSemantic = httpConstraintElement.getEmptyRoleSemantic();
            strArr = httpConstraintElement.getRolesAllowed();
        }
        if (strArr != null && strArr.length > 0) {
            securityRoleArr = createSecurityRoles(strArr);
        } else if (emptyRoleSemantic != null && emptyRoleSemantic.equals(ServletSecurity.EmptyRoleSemantic.DENY)) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "security role: EMPTY_REQUIRED_ROLES");
            }
            securityRoleArr = PermissionRoleMap.EMPTY_REQUIRED_ROLES;
        } else if (emptyRoleSemantic == null || (emptyRoleSemantic != null && emptyRoleSemantic.equals(ServletSecurity.EmptyRoleSemantic.PERMIT))) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "security role: NO_REQUIRED_ROLES");
            }
            securityRoleArr = PermissionRoleMap.NO_REQUIRED_ROLES;
        }
        return securityRoleArr;
    }

    public String[] getDynamicMethod(HttpMethodConstraintElement httpMethodConstraintElement) {
        String[] strArr = null;
        if (httpMethodConstraintElement != null) {
            String methodName = httpMethodConstraintElement.getMethodName();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "HttpMethodConstraint->" + methodName);
            }
            if (methodName != null && methodName.length() > 0) {
                strArr = new String[]{methodName};
            }
        }
        return strArr;
    }

    public int getDynamicTransportGuarantee(HttpConstraintElement httpConstraintElement) {
        int i = 0;
        if (httpConstraintElement != null) {
            ServletSecurity.TransportGuarantee transportGuarantee = httpConstraintElement.getTransportGuarantee();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "transportGuarantee->" + transportGuarantee);
            }
            if (transportGuarantee != null && ServletSecurity.TransportGuarantee.CONFIDENTIAL.equals(transportGuarantee)) {
                i = 1;
            }
        }
        return i;
    }

    public EList getUrlList(ServletRegistration servletRegistration, WebConstraintsTable webConstraintsTable) {
        Collection<String> mappings;
        EList eList = null;
        if (servletRegistration != null && (mappings = servletRegistration.getMappings()) != null && !mappings.isEmpty()) {
            eList = new BasicEList();
            for (String str : mappings) {
                if (webConstraintsTable == null || !webConstraintsTable.existsExactMatchURI(str)) {
                    eList.add(str);
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Skip an exact match URL: " + str);
                }
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "url_list->" + eList);
        }
        return eList;
    }

    public WebResourceCollectionConstraints[] getWebConstrainsTable() {
        return this.webConstraintsTable;
    }

    public void dumpWebConstrainsTable(WebResourceCollectionConstraints webResourceCollectionConstraints) {
        if (webResourceCollectionConstraints != null) {
            List uRIPatterns = webResourceCollectionConstraints.getURIPatterns();
            if (uRIPatterns != null) {
                StringBuffer stringBuffer = new StringBuffer();
                for (int i = 0; i < uRIPatterns.size(); i++) {
                    stringBuffer.append((String) uRIPatterns.get(i));
                }
                Tr.debug(tc, "webConstraintsTable URI: " + stringBuffer.toString());
            }
            Tr.debug(tc, "webConstraintsTable Method: " + arrayToString(webResourceCollectionConstraints.getMethods()));
            SecurityRole[] requiredRoles = webResourceCollectionConstraints.getRequiredRoles();
            if (requiredRoles != null) {
                StringBuffer stringBuffer2 = new StringBuffer();
                for (SecurityRole securityRole : requiredRoles) {
                    stringBuffer2.append(securityRole.getRoleName());
                }
                Tr.debug(tc, "webConstraintsTable requireRole: " + stringBuffer2.toString());
            }
            Tr.debug(tc, "webConstraintsTable: all method: " + WebResourceCollectionConstraints.getAllHttpMethods());
        }
    }

    public String arrayToString(String[] strArr) {
        if (strArr == null) {
            return null;
        }
        StringBuffer stringBuffer = new StringBuffer();
        for (String str : strArr) {
            stringBuffer.append(str);
        }
        return stringBuffer.toString();
    }

    public WebResourceCollectionConstraints processHttpConstraint(EList eList, ServletSecurityElement servletSecurityElement) {
        return createSecurityConstraint(eList, servletSecurityElement, getDynamicMethodOmissions(servletSecurityElement), true);
    }

    public WebResourceCollectionConstraints processHttpMethodConstraint(EList eList, HttpMethodConstraintElement httpMethodConstraintElement) {
        return createSecurityConstraint(eList, httpMethodConstraintElement, getDynamicMethod(httpMethodConstraintElement), false);
    }

    public WebResourceCollectionConstraints createSecurityConstraint(EList eList, HttpConstraintElement httpConstraintElement, String[] strArr, boolean z) {
        WebResourceCollectionConstraints webResourceCollectionConstraints = z ? new WebResourceCollectionConstraints(eList, null, strArr) : new WebResourceCollectionConstraints(eList, strArr, null);
        SecurityRole[] dynamicSecurityRoles = getDynamicSecurityRoles(httpConstraintElement);
        if ((dynamicSecurityRoles != null && dynamicSecurityRoles.length > 0) || dynamicSecurityRoles == PermissionRoleMap.EMPTY_REQUIRED_ROLES || dynamicSecurityRoles == PermissionRoleMap.NO_REQUIRED_ROLES) {
            webResourceCollectionConstraints.setRequiredRoles(dynamicSecurityRoles);
        }
        webResourceCollectionConstraints.setTransportGuarantee(getDynamicTransportGuarantee(httpConstraintElement));
        return webResourceCollectionConstraints;
    }

    public Vector mergeStaticAndDynamicConstraints(WebConstraintsTable webConstraintsTable, Vector vector) {
        WebResourceCollectionConstraints[] webConstrainsTable = webConstraintsTable.getWebConstrainsTable();
        if (webConstrainsTable != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Number entries of static servlet webConstraintsTable: " + webConstrainsTable.length);
            }
            for (WebResourceCollectionConstraints webResourceCollectionConstraints : webConstrainsTable) {
                vector.addElement(webResourceCollectionConstraints);
            }
        }
        return vector;
    }

    public void createWebConstraintsTable(Vector vector) {
        int size = vector.size();
        this.webConstraintsTable = new WebResourceCollectionConstraints[size];
        for (int i = 0; i < size; i++) {
            this.webConstraintsTable[i] = (WebResourceCollectionConstraints) vector.elementAt(i);
            if (tc.isDebugEnabled()) {
                dumpWebConstrainsTable(this.webConstraintsTable[i]);
            }
        }
    }
}
