package com.ibm.isclite.servlet;

import com.ibm.isclite.runtime.Constants;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.struts.util.ResponseUtils;

/* loaded from: input_file:com/ibm/isclite/servlet/SessionFilter.class */
public class SessionFilter implements Filter {
    private FilterConfig filterConfig;
    private static String CLASSNAME = "SessionFilter";
    private static Logger logger = Logger.getLogger(SessionFilter.class.getName());

    public void init(FilterConfig filterConfig) throws ServletException {
        this.filterConfig = filterConfig;
    }

    public void destroy() {
        this.filterConfig = null;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (logger.isLoggable(Level.FINE)) {
            logger.entering(CLASSNAME, "doFilter");
        }
        if (servletRequest instanceof HttpServletRequest) {
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            if (httpServletRequest.getRequestURI().equals("/ibm/console/j_security_check")) {
                HttpSession session = httpServletRequest.getSession();
                if (httpServletRequest.getMethod().equals("GET") && "true".equals(System.getProperty("com.ibm.ws.console.disable.GET.j_security_check", "false"))) {
                    if ("true".equals(System.getProperty("com.ibm.ws.console.disable.GET.j_security_check.user", "false"))) {
                        this.filterConfig.getServletContext().log("j_security_check: GET- " + ResponseUtils.filter(servletRequest.getParameter("j_username")));
                    }
                    session.invalidate();
                    throw new FileNotFoundException("Message:SRVE0190E: File not found: /j_security_check");
                }
                HashMap hashMap = new HashMap();
                if (session.getAttribute(Constants.USER_KEY) == null) {
                    Enumeration attributeNames = session.getAttributeNames();
                    while (attributeNames.hasMoreElements()) {
                        String str = (String) attributeNames.nextElement();
                        hashMap.put(str, session.getAttribute(str));
                    }
                    logger.logp(Level.FINE, CLASSNAME, "doFilter", "invalidating session created by login page=" + session.getId());
                    session.invalidate();
                }
                HttpSession session2 = httpServletRequest.getSession();
                if (session2.isNew()) {
                    logger.logp(Level.FINE, CLASSNAME, "doFilter", "creating a new session after authentication=" + session2.getId());
                    for (String str2 : hashMap.keySet()) {
                        session2.setAttribute(str2, hashMap.get(str2));
                    }
                }
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }
}
