package com.ibm.ws.wim.config;

import com.ibm.websphere.wim.ConfigConstants;
import com.ibm.websphere.wim.copyright.IBMCopyright;
import com.ibm.websphere.wim.exception.InvalidPropertyValueException;
import com.ibm.websphere.wim.exception.WIMConfigurationException;
import com.ibm.websphere.wim.exception.WIMException;
import com.ibm.websphere.wim.ras.WIMLogger;
import com.ibm.websphere.wim.ras.WIMMessageHelper;
import com.ibm.websphere.wim.ras.WIMTraceHelper;
import com.ibm.websphere.wim.util.PasswordUtil;
import com.ibm.ws.wim.EnvironmentManager;
import com.ibm.ws.wim.FactoryManager;
import com.ibm.ws.wim.SchemaManager;
import com.ibm.ws.wim.adapter.ldap.LdapConnectionBase;
import com.ibm.ws.wim.adapter.ldap.LdapConstants;
import com.ibm.ws.wim.configmodel.BaseEntriesType;
import com.ibm.ws.wim.configmodel.ConfigurationProviderType;
import com.ibm.ws.wim.configmodel.ParticipatingBaseEntriesType;
import com.ibm.ws.wim.configmodel.ProfileRepositoryType;
import com.ibm.ws.wim.configmodel.RealmConfigurationType;
import com.ibm.ws.wim.configmodel.RealmType;
import com.ibm.ws.wim.configmodel.RepositoryType;
import com.ibm.ws.wim.dao.DAOHelper;
import com.ibm.ws.wim.dao.DAOHelperBase;
import com.ibm.ws.wim.dao.DataAccessObject;
import com.sun.jndi.ldap.LdapName;
import commonj.sdo.Property;
import java.io.File;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.sql.Connection;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.naming.AuthenticationException;
import javax.naming.InvalidNameException;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InvalidSearchFilterException;
import javax.naming.directory.SearchControls;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;

/* loaded from: input_file:com/ibm/ws/wim/config/ConfigValidator.class */
public class ConfigValidator implements ConfigConstants {
    private static final String WIM_CONFIG_VALIDATION = "wim.config.validation";
    static final String COPYRIGHT_NOTICE = IBMCopyright.COPYRIGHT_NOTICE_LONG_2005_2011;
    private static final String CLASSNAME = ConfigValidator.class.getName();
    private static final Logger trcLogger = WIMLogger.getTraceLogger(CLASSNAME);
    protected static final String[] DB_CONNECTION_PARAMS = {"dataSourceName", "databaseType", "dbURL", "dbAdminId", "dbAdminPassword", "JDBCDriverClass", "dbSchema"};
    protected static final String[] LDAP_CONNECTION_PARAMS = {"host", "port", "bindDN", "bindPassword", "authentication", "sslEnabled"};

    public static void validateRepositoryParams(String str, String str2, Map map) throws WIMConfigurationException {
        if (trcLogger.isLoggable(Level.FINER)) {
            trcLogger.entering(CLASSNAME, "validateRepositoryParams", "id=" + str + ", type=" + str2 + ", params=" + WIMTraceHelper.printMapWithoutPassword(map));
        }
        if (validateConfig()) {
            if (str.contains("<") || str.contains("&") || str.contains(">") || str.contains("\"") || str.contains("'")) {
                throw new WIMConfigurationException("INVALID_REPOSITORY_ID", WIMMessageHelper.generateMsgParms(str), CLASSNAME, "validateRepositoryParams");
            }
            validateLoginProperties((List) map.get("loginProperties"));
            String str3 = (String) map.get("adapterClassName");
            if (str3 != null) {
                try {
                    Class.forName(str3);
                } catch (ClassNotFoundException e) {
                    ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
                    if (contextClassLoader == null) {
                        contextClassLoader = ConfigValidator.class.getClassLoader();
                    }
                    try {
                        Class.forName(str3, true, contextClassLoader);
                    } catch (ClassNotFoundException e2) {
                        throw new WIMConfigurationException("MISSING_OR_INVALID_ADAPTER_CLASS_NAME", WIMMessageHelper.generateMsgParms(str3), CLASSNAME, "validateRepositoryParams", e);
                    }
                }
            }
            if ("DatabaseRepositoryType".equals(str2) || "propertyExtensionRepository".equals(str2) || "entryMappingRepository".equals(str2)) {
                validateDBParams(str, map);
            } else if ("FileRepositoryType".equals(str2)) {
                validateFileParams(str, map);
            } else if ("LdapRepositoryType".equals(str2)) {
                validateLDAPParams(str, map);
            } else if (trcLogger.isLoggable(Level.FINER)) {
                trcLogger.logp(Level.FINER, CLASSNAME, "validateRepositoryParams", "No Validation performed for repository type=" + str2);
            }
            if (trcLogger.isLoggable(Level.FINER)) {
                trcLogger.exiting(CLASSNAME, "validateRepositoryParams");
            }
        }
    }

    public static void validateDBParams(String str, Map map) throws WIMConfigurationException {
        Throwable th;
        if (trcLogger.isLoggable(Level.FINER)) {
            trcLogger.entering(CLASSNAME, "validateDBParams", "id=" + str + ", params=" + WIMTraceHelper.printMapWithoutPassword(map));
        }
        if (validateConfig()) {
            boolean z = false;
            boolean z2 = false;
            String str2 = (String) map.get("databaseType");
            validateSupportedDBType(str2);
            String str3 = (String) map.get("dataSourceName");
            String str4 = (String) map.get("dbURL");
            String str5 = (String) map.get("dbAdminId");
            String str6 = (String) map.get("dbAdminPassword");
            String str7 = (String) map.get("JDBCDriverClass");
            String str8 = (String) map.get("dbSchema");
            if (str2 != null && str3 != null && str4 != null) {
                if (str6 != null) {
                    try {
                        str6 = FactoryManager.getEncryptionUtil().decode(str6);
                    } catch (WIMException e) {
                        Throwable th2 = e;
                        while (true) {
                            th = th2;
                            if (th.getCause() == null) {
                                break;
                            } else {
                                th2 = th.getCause();
                            }
                        }
                        throw new WIMConfigurationException("REPOSITORY_CONNECTION_FAILED", WIMMessageHelper.generateMsgParms(str4, WIMTraceHelper.printMapWithoutPassword(map), th.getClass().getName()), CLASSNAME, "validateDBParams", e);
                    }
                }
                if (trcLogger.isLoggable(Level.FINER)) {
                    trcLogger.logp(Level.FINER, CLASSNAME, "validateDBParams", "connecting to DB.");
                }
                DataAccessObject newDAOClass = DAOHelper.getNewDAOClass(str2, str3, str4, str8, str5, str6, str7);
                if (newDAOClass.dsLookup() != null) {
                    z = true;
                    trcLogger.logp(Level.FINER, CLASSNAME, "validateDBParams", "the datasource was found: " + str3);
                } else {
                    trcLogger.logp(Level.FINER, CLASSNAME, "validateDBParams", "the datasource was NOT found: " + str3);
                }
                Connection directAccessConnection = newDAOClass.getDirectAccessConnection();
                trcLogger.logp(Level.FINER, CLASSNAME, "validateDBParams", "connected to DB using direct connection.");
                if (DAOHelperBase.DBTYPE_DB2ZOS.equals(str2) || DAOHelperBase.DBTYPE_DB2ISERIES.equals(str2)) {
                    z2 = true;
                } else if (str8 != null && !str8.trim().equals(LdapConstants.ROOT_DSE_BASE)) {
                    z2 = newDAOClass.isValidSchema(str8);
                }
                try {
                    newDAOClass.closeConnection(directAccessConnection);
                } catch (Exception e2) {
                    trcLogger.logp(Level.FINE, CLASSNAME, "validateDBParams", "Error closing the DB direct connection:" + e2.getMessage(), (Throwable) e2);
                }
                if (str8 != null && !str8.trim().equals(LdapConstants.ROOT_DSE_BASE) && !z2) {
                    throw new WIMConfigurationException("DBSCHEMA_NOT_AVAILABLE", WIMMessageHelper.generateMsgParms(str8), CLASSNAME, "validateDBParams");
                }
                if (!z && EnvironmentManager.singleton().isAminServiceAvailable()) {
                    InvalidPropertyValueException invalidPropertyValueException = new InvalidPropertyValueException("INVALID_PARAMETER_VALUE", WIMMessageHelper.generateMsgParms("dataSourceName"), Level.SEVERE, CLASSNAME, "validateDBParams");
                    trcLogger.logp(Level.FINE, CLASSNAME, "validateDBParams", "DataSource is not found in server mode");
                    throw new WIMConfigurationException("REPOSITORY_CONNECTION_FAILED", WIMMessageHelper.generateMsgParms(str4, WIMTraceHelper.printMapWithoutPassword(map), invalidPropertyValueException.getClass().getName()), CLASSNAME, "validateDBParams");
                }
            }
            if (trcLogger.isLoggable(Level.FINER)) {
                trcLogger.exiting(CLASSNAME, "validateDBParams");
            }
        }
    }

    public static void validateSupportedDBType(String str) throws WIMConfigurationException {
        if (validateConfig() && str != null) {
            ValidationHelper.validateParam("databaseType", str, CONFIG_DB_SUPPORTED_TYPES);
        }
    }

    public static void validateFileParams(String str, Map map) throws WIMConfigurationException {
        if (trcLogger.isLoggable(Level.FINER)) {
            trcLogger.entering(CLASSNAME, "validateFileParams", "id=" + str + ", params=" + map);
        }
        if (validateConfig()) {
            String str2 = (String) map.get("messageDigestAlgorithm");
            if (str2 != null) {
                try {
                    MessageDigest.getInstance(str2);
                } catch (NoSuchAlgorithmException e) {
                    throw new WIMConfigurationException("CONFIG_VALUE_NOT_VALID", WIMMessageHelper.generateMsgParms(str2, "messageDigestAlgorithm", WIMTraceHelper.printObjectArray(CONFIG_SUPPORTED_MDALGORITHMS)), Level.SEVERE, CLASSNAME, "validateFileParams");
                }
            }
            String str3 = (String) map.get("baseDirectory");
            if (str3 != null && str3.trim().length() > 0 && !fileExists(str3)) {
                throw new WIMConfigurationException("DIRECTORY_NOT_FOUND", WIMMessageHelper.generateMsgParms(str3), Level.SEVERE, CLASSNAME, "validateFileParams");
            }
            if (trcLogger.isLoggable(Level.FINER)) {
                trcLogger.exiting(CLASSNAME, "validateFileParams");
            }
        }
    }

    public static void validateLDAPParams(String str, Map map) throws WIMConfigurationException {
        int intValue;
        if (trcLogger.isLoggable(Level.FINER)) {
            trcLogger.entering(CLASSNAME, "validateLDAPParams", "id=" + str + ", params=" + WIMTraceHelper.printMapWithoutPassword(map));
        }
        if (validateConfig()) {
            String str2 = (String) map.get("ldapServerType");
            if (str2 != null) {
                if (str2.equals("IDS4") || str2.equals("IDS51") || str2.equals("IDS52") || str2.equals("IDS6") || str2.equals("SECUREWAY")) {
                    str2 = "IDS";
                }
                if (str2.equals("DOMINO5") || str2.equals("DOMINO6") || str2.equals("DOMINO65")) {
                    str2 = "DOMINO";
                }
                if (str2.equals("AD2000") || str2.equals("AD2003")) {
                    str2 = "AD";
                }
            }
            validateLDAPServerType(str2);
            if (str2 != null) {
                ValidationHelper.validateParam("ldapServerType", str2, CONFIG_LDAP_SUPPORTED_TYPES);
            }
            map.put("ldapServerType", str2);
            InitialLdapContext initialLdapContext = null;
            String str3 = null;
            if (isParamSet(map, LDAP_CONNECTION_PARAMS)) {
                Hashtable hashtable = new Hashtable();
                hashtable.put("java.naming.factory.initial", LdapConstants.LDAP_SUN_SPI);
                String str4 = (String) map.get("host");
                if ((!str4.startsWith("[") || !str4.endsWith("]")) && com.ibm.ws.security.util.ConfigUtils.isIPv6Addr(str4)) {
                    str4 = com.ibm.ws.security.util.ConfigUtils.formatIPv6Addr(str4);
                    map.put("host", str4);
                }
                Integer num = (Integer) map.get("port");
                boolean z = false;
                if (map.get("sslEnabled") != null) {
                    z = ((Boolean) map.get("sslEnabled")).booleanValue();
                }
                String str5 = z ? LdapConstants.LDAP_URL_SSL_PREFIX : LdapConstants.LDAP_URL_PREFIX;
                str3 = num != null ? str5 + str4 + ":" + num : str5 + str4;
                hashtable.put("java.naming.provider.url", str3);
                if (z) {
                    String str6 = (String) map.get("sslConfiguration");
                    if (str6 != null) {
                        trcLogger.logp(Level.FINE, CLASSNAME, "validateLDAPParams", "Use WAS SSL Configuration. sslAlias=" + str6);
                        LdapConnectionBase.setWASSSLAlias(str6, hashtable);
                        hashtable.put(LdapConstants.LDAP_ENV_PROP_FACTORY_SOCKET, "com.ibm.websphere.ssl.protocol.SSLSocketFactory");
                    }
                    hashtable.put("java.naming.security.protocol", "ssl");
                }
                try {
                    try {
                        String str7 = (String) map.get("bindDN");
                        if (str7 != null && str7.trim().length() > 0) {
                            hashtable.put("java.naming.security.principal", str7);
                            String str8 = (String) map.get("bindPassword");
                            if (str8 != null) {
                                if (str8 != null) {
                                    str8 = FactoryManager.getEncryptionUtil().decode(str8);
                                }
                                hashtable.put("java.naming.security.credentials", PasswordUtil.getByteArrayPassword(str8));
                            }
                        }
                        String str9 = (String) map.get("authentication");
                        if (str9 != null) {
                            hashtable.put("java.naming.security.authentication", str9);
                        }
                        int i = 20;
                        if (map.get("connectTimeout") != null && (intValue = ((Integer) map.get("connectTimeout")).intValue()) > 0) {
                            i = intValue;
                        }
                        hashtable.put(LdapConstants.LDAP_ENV_PROP_CONNECT_TIMEOUT, Integer.toString(i * 1000));
                        if (trcLogger.isLoggable(Level.FINER)) {
                            trcLogger.logp(Level.FINER, CLASSNAME, "validateLDAPParams", "connecting to LDAP with:" + hashtable);
                        }
                        initialLdapContext = new InitialLdapContext(hashtable, (Control[]) null);
                        if (trcLogger.isLoggable(Level.FINER)) {
                            trcLogger.logp(Level.FINER, CLASSNAME, "validateLDAPParams", "connected to LDAP.");
                        }
                        LdapConnectionBase.resetWASSSLAlias();
                    } catch (Exception e) {
                        Exception exc = e;
                        while (exc.getCause() != null) {
                            exc = exc.getCause();
                        }
                        if (!(e instanceof AuthenticationException)) {
                            throw new WIMConfigurationException("REPOSITORY_CONNECTION_FAILED", WIMMessageHelper.generateMsgParms(str3, WIMTraceHelper.printMapWithoutPassword(map), exc.getClass().getName()), CLASSNAME, "validateLDAPParams", e);
                        }
                        throw new WIMConfigurationException("REPOSITORY_CONNECTION_FAILED", WIMMessageHelper.generateMsgParms(str3, WIMTraceHelper.printMapWithoutPassword(map), exc.getClass().getName()), CLASSNAME, "validateLDAPParams");
                    }
                } catch (Throwable th) {
                    LdapConnectionBase.resetWASSSLAlias();
                    throw th;
                }
            }
            validateSearchBases(initialLdapContext, str, str3, (List) map.get("searchBases"));
            validateSearchFilter(initialLdapContext, str, str3, (String) map.get("searchFilter"));
            validateObjectClasses(initialLdapContext, str, str3, (List) map.get("objectClasses"));
            validateBaseEntryNameInRepository(initialLdapContext, str, str3, (List) map.get("nameInRepository"));
            validateSupportChangeLogParameter((String) map.get("supportChangeLog"));
            if (initialLdapContext != null) {
                try {
                    initialLdapContext.close();
                } catch (Exception e2) {
                    trcLogger.logp(Level.FINE, CLASSNAME, "validateLDAPParams", "Error closing the LDAP connection:" + e2.getMessage(), (Throwable) e2);
                }
            }
            if (trcLogger.isLoggable(Level.FINER)) {
                trcLogger.exiting(CLASSNAME, "validateLDAPParams");
            }
        }
    }

    public static void validateLDAPServerType(String str) throws WIMConfigurationException {
        if (validateConfig() && str != null) {
            ValidationHelper.validateParam("ldapServerType", str, CONFIG_LDAP_SUPPORTED_TYPES);
        }
    }

    public static void validateLoginProperties(List list) throws WIMConfigurationException {
        if (trcLogger.isLoggable(Level.FINER)) {
            trcLogger.entering(CLASSNAME, "validateLoginProperties", "loginProps=" + list);
        }
        if (validateConfig()) {
            if (list != null && list.size() > 0) {
                try {
                    SchemaManager singleton = SchemaManager.singleton();
                    Set subEntityTypes = singleton.getSubEntityTypes("LoginAccount");
                    if (trcLogger.isLoggable(Level.FINER)) {
                        trcLogger.logp(Level.FINER, CLASSNAME, "validateLoginProperties", "LoginAccount subtypes: " + subEntityTypes);
                    }
                    boolean z = false;
                    Iterator it = subEntityTypes.iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        String str = (String) it.next();
                        List properties = singleton.getProperties(str);
                        ArrayList arrayList = new ArrayList();
                        for (int i = 0; i < properties.size(); i++) {
                            arrayList.add(((Property) properties.get(i)).getName());
                        }
                        if (trcLogger.isLoggable(Level.FINER)) {
                            trcLogger.logp(Level.FINER, CLASSNAME, "validateLoginProperties", "props of " + str + ":" + arrayList);
                        }
                        if (arrayList.contains("ibmPrimaryEmail")) {
                            arrayList.add("ibm-primaryEmail");
                        } else if (arrayList.contains("ibmJobTitle")) {
                            arrayList.add("ibm-jobTitle");
                        }
                        boolean z2 = true;
                        int i2 = 0;
                        while (true) {
                            if (i2 >= list.size()) {
                                break;
                            }
                            if (!arrayList.contains(list.get(i2))) {
                                z2 = false;
                                break;
                            }
                            i2++;
                        }
                        if (z2) {
                            z = true;
                            break;
                        }
                    }
                    if (!z) {
                        throw new WIMConfigurationException("INVALID_LOGIN_PROPERTIES", WIMMessageHelper.generateMsgParms(list.toString()), CLASSNAME, "validateLoginProperties");
                    }
                } catch (WIMException e) {
                    throw new WIMConfigurationException(e.getMessageKey(), e.getMessageParams(), CLASSNAME, "validateLoginProperties");
                }
            }
            if (trcLogger.isLoggable(Level.FINER)) {
                trcLogger.exiting(CLASSNAME, "validateLoginProperties");
            }
        }
    }

    public static void validateDeleteIdMgrRealm(ConfigurationProviderType configurationProviderType, String str) throws WIMException {
        if (trcLogger.isLoggable(Level.FINER)) {
            trcLogger.entering(CLASSNAME, "validateDeleteIdMgrRealm", "realmName=" + str);
        }
        if (validateConfig()) {
            RealmConfigurationType realmConfig = getRealmConfig(configurationProviderType);
            if (str.equals(realmConfig.getDefaultRealm())) {
                throw new WIMConfigurationException("CANNOT_DELETE_DEFAULT_REALM", WIMMessageHelper.generateMsgParms(str), Level.SEVERE, CLASSNAME, "validateDeleteIdMgrRealm");
            }
            ConfigUtils.getRealm(str, realmConfig);
            if (realmConfig.getRealms().size() == 1) {
                throw new WIMConfigurationException("CANNOT_DELETE_ONLY_REALM", WIMMessageHelper.generateMsgParms(str), Level.SEVERE, CLASSNAME, "validateDeleteIdMgrRealm");
            }
            if (trcLogger.isLoggable(Level.FINER)) {
                trcLogger.exiting(CLASSNAME, "validateDeleteIdMgrRealm");
            }
        }
    }

    public static void validateAddIdMgrRealmBaseEntry(ConfigurationProviderType configurationProviderType, String str, String str2) throws WIMException {
        if (trcLogger.isLoggable(Level.FINER)) {
            trcLogger.entering(CLASSNAME, "validateAddIdMgrRealmBaseEntry", "realmName=" + str + ", baseEntryName=" + str2);
        }
        if (validateConfig()) {
            if (!isDN(str2)) {
                throw new WIMConfigurationException("BASE_ENTRY_MUST_BE_DN", WIMMessageHelper.generateMsgParms(str2), Level.SEVERE, CLASSNAME, "validateAddIdMgrRealmBaseEntry");
            }
            if (!isBaseEntryInRepository(configurationProviderType, str2)) {
                throw new WIMConfigurationException("BASE_ENTRY_CANNOT_BE_ADDED_TO_REALM", WIMMessageHelper.generateMsgParms(str2, str), Level.SEVERE, CLASSNAME, "validateAddIdMgrRealmBaseEntry");
            }
            if (trcLogger.isLoggable(Level.FINER)) {
                trcLogger.exiting(CLASSNAME, "validateAddIdMgrRealmBaseEntry");
            }
        }
    }

    public static void validateDeleteIdMgrRealmBaseEntry(ConfigurationProviderType configurationProviderType, String str, String str2) throws WIMException {
        if (trcLogger.isLoggable(Level.FINER)) {
            trcLogger.entering(CLASSNAME, "validateDeleteIdMgrRealmBaseEntry", "realmName=" + str + ", baseEntryName=" + str2);
        }
        if (validateConfig()) {
            if (str.equals(getRealmConfig(configurationProviderType).getDefaultRealm()) && isLastBaseEntryInRealm(configurationProviderType, str, str2)) {
                throw new WIMConfigurationException("CANNOT_DELETE_ONLY_BASE_ENTRY_IN_REALM", WIMMessageHelper.generateMsgParms(str2, str), Level.SEVERE, CLASSNAME, "validateDeleteIdMgrRealmBaseEntry");
            }
            if (trcLogger.isLoggable(Level.FINER)) {
                trcLogger.exiting(CLASSNAME, "validateDeleteIdMgrRealmBaseEntry");
            }
        }
    }

    public static void validateAddIdMgrRepositoryBaseEntry(ConfigurationProviderType configurationProviderType, String str, String str2) throws WIMException {
        if (trcLogger.isLoggable(Level.FINER)) {
            trcLogger.entering(CLASSNAME, "validateAddIdMgrRepositoryBaseEntry", "repoId=" + str + ", baseEntryName=" + str2);
        }
        if (validateConfig()) {
            if (!isDN(str2)) {
                throw new WIMConfigurationException("BASE_ENTRY_MUST_BE_DN", WIMMessageHelper.generateMsgParms(str2), Level.SEVERE, CLASSNAME, "validateAddIdMgrRepositoryBaseEntry");
            }
            if (isBaseEntryInRepository(configurationProviderType, str2)) {
                throw new WIMConfigurationException("BASE_ENTRY_ALREADY_IN_REPOSITORY", WIMMessageHelper.generateMsgParms(str2, str), Level.SEVERE, CLASSNAME, "validateAddIdMgrRepositoryBaseEntry");
            }
            if (trcLogger.isLoggable(Level.FINER)) {
                trcLogger.exiting(CLASSNAME, "validateAddIdMgrRepositoryBaseEntry");
            }
        }
    }

    public static void validateDeleteIdMgrRepositoryBaseEntry(ConfigurationProviderType configurationProviderType, String str, String str2) throws WIMException {
        if (trcLogger.isLoggable(Level.FINER)) {
            trcLogger.entering(CLASSNAME, "validateDeleteIdMgrRepositoryBaseEntry", "repoId=" + str + ", baseEntryName=" + str2);
        }
        if (validateConfig()) {
            if (isLastBaseEntryInRepository(configurationProviderType, str, str2)) {
                throw new WIMConfigurationException("CANNOT_DELETE_ONLY_BASE_ENTRY_IN_REPOSITORY", WIMMessageHelper.generateMsgParms(str2, str), Level.SEVERE, CLASSNAME, "validateDeleteIdMgrRepositoryBaseEntry");
            }
            if (isBaseEntryInRealms(configurationProviderType, str2)) {
                throw new WIMConfigurationException("BASE_ENTRY_STILL_REFERENCED_BY_REALM", WIMMessageHelper.generateMsgParms(str2), Level.SEVERE, CLASSNAME, "validateDeleteIdMgrRepositoryBaseEntry");
            }
            if (trcLogger.isLoggable(Level.FINER)) {
                trcLogger.exiting(CLASSNAME, "validateDeleteIdMgrRepositoryBaseEntry");
            }
        }
    }

    public static void validateDeleteIdMgrRepository(ConfigurationProviderType configurationProviderType, String str) throws WIMException {
        if (trcLogger.isLoggable(Level.FINER)) {
            trcLogger.entering(CLASSNAME, "validateDeleteIdMgrRepository", "repoId=" + str);
        }
        if (validateConfig()) {
            List baseEntries = ((ProfileRepositoryType) ConfigUtils.getRepositoryById(configurationProviderType, str)).getBaseEntries();
            for (int i = 0; i < baseEntries.size(); i++) {
                if (isBaseEntryInRealms(configurationProviderType, ((BaseEntriesType) baseEntries.get(i)).getName())) {
                    throw new WIMConfigurationException("DELETE_REPOSITORY_PREREQUISITE_ERROR", WIMMessageHelper.generateMsgParms(str), Level.SEVERE, CLASSNAME, "validateDeleteIdMgrRepository");
                }
            }
            if (trcLogger.isLoggable(Level.FINER)) {
                trcLogger.exiting(CLASSNAME, "validateDeleteIdMgrRepository");
            }
        }
    }

    public static void validateRepositoriesForGroup(ConfigurationProviderType configurationProviderType, List list) throws WIMException {
        if (trcLogger.isLoggable(Level.FINER)) {
            trcLogger.entering(CLASSNAME, "validateRepositoriesForGroup", "reposForGroups=" + list);
        }
        if (list != null && list.size() > 0) {
            List profileRepositories = ConfigUtils.getProfileRepositories(configurationProviderType);
            ArrayList arrayList = new ArrayList();
            for (int i = 0; i < profileRepositories.size(); i++) {
                arrayList.add(((RepositoryType) profileRepositories.get(i)).getId());
            }
            if (trcLogger.isLoggable(Level.FINER)) {
                trcLogger.logp(Level.FINER, CLASSNAME, "validateRepositoriesForGroup", "currentRepoIds=" + arrayList);
            }
            for (int i2 = 0; i2 < list.size(); i2++) {
                String str = (String) list.get(i2);
                if (!arrayList.contains(str)) {
                    throw new WIMConfigurationException("INVALID_REPOSITORY_FOR_GROUPS", WIMMessageHelper.generateMsgParms(str), Level.SEVERE, CLASSNAME, "validateRepositoriesForGroup");
                }
            }
        }
        if (trcLogger.isLoggable(Level.FINER)) {
            trcLogger.exiting(CLASSNAME, "validateRepositoriesForGroup");
        }
    }

    private static boolean isParamSet(Map map, String[] strArr) {
        boolean z = false;
        int i = 0;
        while (true) {
            if (i >= strArr.length) {
                break;
            }
            if (map.containsKey(strArr[i])) {
                z = true;
                break;
            }
            i++;
        }
        return z;
    }

    private static boolean validateConfig() {
        boolean z = true;
        String property = System.getProperty(WIM_CONFIG_VALIDATION);
        if (property != null) {
            z = Boolean.getBoolean(property);
            if (!z) {
                trcLogger.log(Level.FINER, "wim.config.validation=" + property);
                trcLogger.log(Level.FINER, "Virtual member manager CONFIG VALIDATION IS TURNED OFF. **** DO NOT TURN IT OFF ****");
            }
        }
        return z;
    }

    public static void validateSupportChangeLogParameter(String str) throws WIMConfigurationException {
        if (str != null && !"native".equalsIgnoreCase(str) && !"none".equalsIgnoreCase(str)) {
            throw new WIMConfigurationException("INVALID_SUPPORT_CHANGE_LOG", WIMMessageHelper.generateMsgParms(str), CLASSNAME, "validateSupportChangeLogParameter");
        }
    }

    private static void validateSearchFilter(DirContext dirContext, String str, String str2, String str3) throws WIMConfigurationException {
        if (str3 == null || str3.trim().length() <= 0) {
            return;
        }
        if (dirContext == null) {
            throw new WIMConfigurationException("MISSING_OR_INVALID_CONNECTION_DATA", WIMMessageHelper.generateMsgParms(str2 == null ? str : str2), CLASSNAME, "validateSearchFilter");
        }
        try {
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(0);
            dirContext.search(LdapConstants.ROOT_DSE_BASE, str3, searchControls);
        } catch (NamingException e) {
            trcLogger.logp(Level.FINE, CLASSNAME, "validateSearchFilter", "invalid search filter: " + str3, e);
        } catch (InvalidSearchFilterException e2) {
            throw new WIMConfigurationException("INVALID_SEARCH_FILTER", WIMMessageHelper.generateMsgParms(str3), CLASSNAME, "validateSearchFilter", e2);
        }
    }

    private static void validateSearchBases(DirContext dirContext, String str, String str2, List list) throws WIMConfigurationException {
        if (list == null || list.size() <= 0) {
            return;
        }
        if (dirContext == null) {
            throw new WIMConfigurationException("MISSING_OR_INVALID_CONNECTION_DATA", WIMMessageHelper.generateMsgParms(str2 == null ? str : str2), CLASSNAME, "validateSearchBases");
        }
        try {
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(0);
            for (int i = 0; i < list.size(); i++) {
                dirContext.search(new LdapName((String) list.get(i)), LdapConstants.DEFAULT_LDAP_FILTER, searchControls);
            }
        } catch (InvalidNameException e) {
            throw new WIMConfigurationException("INVALID_SEARCH_BASE", WIMMessageHelper.generateMsgParms(list), CLASSNAME, "validateSearchBases", e);
        } catch (NamingException e2) {
            trcLogger.logp(Level.FINE, CLASSNAME, "validateSearchBases", "invalid searchBases: " + list, e2);
            String message = e2.getMessage();
            if (message != null && message.contains("[LDAP: error code 32 - No Such Object]")) {
                throw new WIMConfigurationException("INVALID_SEARCH_BASE", WIMMessageHelper.generateMsgParms(list), CLASSNAME, "validateSearchBases");
            }
        }
    }

    private static void validateObjectClasses(DirContext dirContext, String str, String str2, List list) throws WIMConfigurationException {
        if (list == null || list.size() <= 0) {
            return;
        }
        if (dirContext == null) {
            throw new WIMConfigurationException("MISSING_OR_INVALID_CONNECTION_DATA", WIMMessageHelper.generateMsgParms(str2 == null ? str : str2), CLASSNAME, "validateObjectClasses");
        }
        String str3 = null;
        try {
            DirContext schema = dirContext.getSchema(LdapConstants.ROOT_DSE_BASE);
            trcLogger.logp(Level.FINER, CLASSNAME, "validateObjectClasses", "getSchema=" + schema);
            for (int i = 0; i < list.size(); i++) {
                str3 = (String) list.get(i);
                String str4 = "ClassDefinition/" + str3;
                trcLogger.logp(Level.FINER, CLASSNAME, "validateObjectClasses", "checking object class=" + str4);
                schema.getAttributes(str4);
            }
        } catch (NamingException e) {
            if (str3 == null) {
                throw new WIMConfigurationException("INVALID_OBJECT_CLASSES", WIMMessageHelper.generateMsgParms(list), CLASSNAME, "validateObjectClasses", e);
            }
            throw new WIMConfigurationException("INVALID_OBJECT_CLASSES", WIMMessageHelper.generateMsgParms(str3), CLASSNAME, "validateObjectClasses", e);
        }
    }

    private static void validateBaseEntryNameInRepository(DirContext dirContext, String str, String str2, List list) throws WIMConfigurationException {
        if (list == null || list.size() <= 0) {
            return;
        }
        if (dirContext == null) {
            throw new WIMConfigurationException("MISSING_OR_INVALID_CONNECTION_DATA", WIMMessageHelper.generateMsgParms(str2 == null ? str : str2), CLASSNAME, "validateBaseEntryNameInRepository");
        }
        String str3 = null;
        try {
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(0);
            for (int i = 0; i < list.size(); i++) {
                str3 = (String) list.get(i);
                trcLogger.logp(Level.FINER, CLASSNAME, "validateBaseEntryNameInRepository", "validating nameInRepository " + str3);
                dirContext.search(new LdapName(str3), LdapConstants.DEFAULT_LDAP_FILTER, searchControls);
            }
        } catch (NamingException e) {
            if (str3 == null) {
                throw new WIMConfigurationException("INVALID_BASE_ENTRY_NAME_IN_REPOSITORY", WIMMessageHelper.generateMsgParms(list, e.getMessage()), CLASSNAME, "validateBaseEntryNameInRepository", e);
            }
            throw new WIMConfigurationException("INVALID_BASE_ENTRY_NAME_IN_REPOSITORY", WIMMessageHelper.generateMsgParms(str3, e.getMessage()), CLASSNAME, "validateBaseEntryNameInRepository", e);
        }
    }

    private static boolean isStringEqual(String str, String str2) {
        boolean z = false;
        if (str == null && str2 == null) {
            z = true;
        } else if (str != null && str2 != null) {
            z = str.equalsIgnoreCase(str2);
        }
        return z;
    }

    private static boolean isLastBaseEntryInRepository(ConfigurationProviderType configurationProviderType, String str, String str2) throws WIMException {
        boolean z = false;
        List baseEntries = ((ProfileRepositoryType) ConfigUtils.getRepositoryById(configurationProviderType, str)).getBaseEntries();
        if (baseEntries.size() == 1 && isStringEqual(str2, ((BaseEntriesType) baseEntries.get(0)).getName())) {
            z = true;
        }
        return z;
    }

    private static boolean isLastBaseEntryInRealm(ConfigurationProviderType configurationProviderType, String str, String str2) throws WIMException {
        boolean z = false;
        List participatingBaseEntries = ConfigUtils.getRealm(str, getRealmConfig(configurationProviderType)).getParticipatingBaseEntries();
        if (participatingBaseEntries.size() == 1 && isStringEqual(str2, ((ParticipatingBaseEntriesType) participatingBaseEntries.get(0)).getName())) {
            z = true;
        }
        return z;
    }

    private static boolean isBaseEntryInRealms(ConfigurationProviderType configurationProviderType, String str) throws WIMException {
        boolean z = false;
        List realms = getRealmConfig(configurationProviderType).getRealms();
        for (int i = 0; i < realms.size(); i++) {
            List participatingBaseEntries = ((RealmType) realms.get(i)).getParticipatingBaseEntries();
            int i2 = 0;
            while (true) {
                if (i2 >= participatingBaseEntries.size()) {
                    break;
                }
                if (isStringEqual(str, ((ParticipatingBaseEntriesType) participatingBaseEntries.get(i2)).getName())) {
                    z = true;
                    break;
                }
                i2++;
            }
            if (z) {
                break;
            }
        }
        return z;
    }

    public static boolean isBaseEntryInRepository(ConfigurationProviderType configurationProviderType, String str) throws WIMException {
        boolean z = false;
        List profileRepositories = ConfigUtils.getProfileRepositories(configurationProviderType);
        for (int i = 0; i < profileRepositories.size(); i++) {
            List baseEntries = ((ProfileRepositoryType) profileRepositories.get(i)).getBaseEntries();
            int i2 = 0;
            while (true) {
                if (i2 >= baseEntries.size()) {
                    break;
                }
                if (isStringEqual(str, ((BaseEntriesType) baseEntries.get(i2)).getName())) {
                    z = true;
                    break;
                }
                i2++;
            }
        }
        return z;
    }

    private static boolean isDN(String str) {
        boolean z = false;
        if (str != null) {
            try {
                if (!str.startsWith(",") && !str.endsWith(",")) {
                    new LdapName(str);
                    z = true;
                }
            } catch (InvalidNameException e) {
                trcLogger.logp(Level.FINER, CLASSNAME, "isDN", "not a DN:" + str, e);
            }
        }
        return z;
    }

    public static RealmConfigurationType getRealmConfig(ConfigurationProviderType configurationProviderType) throws WIMException {
        RealmConfigurationType realmConfiguration = configurationProviderType.getRealmConfiguration();
        if (realmConfiguration == null) {
            throw new WIMConfigurationException("MISSING_REALM_CONFIGURATION", Level.SEVERE, CLASSNAME, "getRealmConfig");
        }
        return realmConfiguration;
    }

    public static boolean fileExists(String str) {
        if (str == null) {
            return false;
        }
        try {
            return new File(str).exists();
        } catch (Exception e) {
            trcLogger.logp(Level.FINER, CLASSNAME, "fileExists", "checking for file: " + str, (Throwable) e);
            return false;
        }
    }
}
