package com.ibm.ws.console.appmanagement.action;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.AdminService;
import com.ibm.websphere.management.AdminServiceFactory;
import com.ibm.websphere.management.cmdframework.AdminCommand;
import com.ibm.websphere.management.cmdframework.CommandResult;
import com.ibm.websphere.security.Result;
import com.ibm.ws.console.appmanagement.AppCommandUtils;
import com.ibm.ws.console.appmanagement.form.AppInstallForm;
import com.ibm.ws.console.core.utils.ConsoleUtils;
import com.ibm.ws.management.AdminHelper;
import com.ibm.ws.security.core.SecurityContext;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.Properties;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.management.ObjectName;
import javax.management.QueryExp;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:com/ibm/ws/console/appmanagement/action/CheckSecurityAdmin.class */
public class CheckSecurityAdmin {
    protected static final TraceComponent tc = Tr.register(CheckSecurityAdmin.class.getName(), "Webui");

    public static Result getUsersGroups(String str, String str2, int i) {
        AdminService adminService;
        Iterator it;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "Entering CheckSecurityAdmin.getUsersGroups()");
        }
        Result result = null;
        String str3 = "get" + str;
        try {
            adminService = AdminServiceFactory.getAdminService();
            it = adminService.queryNames(new ObjectName("WebSphere:type=SecurityAdmin,process=" + adminService.getProcessName() + ",*"), (QueryExp) null).iterator();
        } catch (Exception e) {
            e.getCause().getLocalizedMessage();
            e.printStackTrace();
        }
        if (!it.hasNext()) {
            if (!tc.isDebugEnabled()) {
                return null;
            }
            Tr.event(tc, "No SecurityAdmin MBean found!!");
            return null;
        }
        ObjectName objectName = (ObjectName) it.next();
        if (tc.isDebugEnabled()) {
            Tr.event(tc, " SecurityAdmin object name = " + objectName);
        }
        result = (Result) adminService.invoke(objectName, str3, new Object[]{str2, new Integer(i), null}, new String[]{"java.lang.String", "java.lang.Integer", "java.util.Properties"});
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "Exiting CheckSecurityAdmin.getUsersGroups()");
        }
        return result;
    }

    public static Result getUsersGroups(String str, String str2, int i, String str3) {
        AdminService adminService;
        Iterator it;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "Entering CheckSecurityAdmin.getUsersGroups()");
        }
        Result result = null;
        String str4 = "get" + str;
        try {
            adminService = AdminServiceFactory.getAdminService();
            it = adminService.queryNames(new ObjectName("WebSphere:type=SecurityAdmin,process=" + adminService.getProcessName() + ",*"), (QueryExp) null).iterator();
        } catch (Exception e) {
            e.getCause().getLocalizedMessage();
            e.printStackTrace();
        }
        if (!it.hasNext()) {
            if (!tc.isDebugEnabled()) {
                return null;
            }
            Tr.event(tc, "No SecurityAdmin MBean found!!");
            return null;
        }
        ObjectName objectName = (ObjectName) it.next();
        if (tc.isDebugEnabled()) {
            Tr.event(tc, " SecurityAdmin object name = " + objectName);
        }
        result = (Result) adminService.invoke(objectName, str4, new Object[]{str2, new Integer(i), null}, new String[]{"java.lang.String", "java.lang.Integer", "java.util.Properties"});
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "Exiting CheckSecurityAdmin.getUsersGroups()");
        }
        return result;
    }

    public static CommandResult getUsersGroups(String str, String str2, int i, String str3, String str4, HttpServletRequest httpServletRequest) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "Entering CheckSecurityAdmin.getUsersGroups()");
        }
        String str5 = "listRegistry" + str;
        CommandResult commandResult = null;
        Boolean bool = new Boolean(true);
        Integer num = new Integer(i);
        String str6 = str.equals("Users") ? "user" : "group";
        try {
            final AdminCommand createCommand = ConsoleUtils.createCommand(str5, httpServletRequest);
            if (tc.isDebugEnabled()) {
                Tr.event(tc, "getUsersGroups: realm for " + str5 + " is " + str4);
            }
            if (str4 != null) {
                createCommand.setParameter("securityRealmName", str4);
            }
            createCommand.setParameter(str6 + "Filter", str2);
            createCommand.setParameter("numberOf" + str, num);
            createCommand.setParameter("displayAccessIds", bool);
            if (SecurityContext.isSecurityEnabled()) {
                try {
                    SecurityContext.runAsSystem(new PrivilegedExceptionAction() { // from class: com.ibm.ws.console.appmanagement.action.CheckSecurityAdmin.1
                        @Override // java.security.PrivilegedExceptionAction
                        public Object run() throws Exception {
                            createCommand.execute();
                            return null;
                        }
                    });
                } catch (Exception e) {
                    e.printStackTrace();
                    Tr.debug(tc, "Unable to verify password: ", e);
                }
            } else {
                createCommand.execute();
            }
            commandResult = createCommand.getCommandResult();
            if (commandResult.isSuccessful()) {
                httpServletRequest.getSession().setAttribute("realmAccessible", "true");
            } else {
                httpServletRequest.getSession().removeAttribute("realmAccessible");
                commandResult = null;
            }
        } catch (Exception e2) {
            httpServletRequest.getSession().removeAttribute("realmAccessible");
            e2.getMessage().toString();
            e2.printStackTrace();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "Exiting CheckSecurityAdmin.getUsersGroups()");
        }
        return commandResult;
    }

    public static boolean authenticate(String str, String str2, Properties properties) {
        AdminService adminService;
        Iterator it;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "Entering CheckSecurityAdmin.authenticate()");
        }
        Boolean bool = new Boolean(false);
        try {
            adminService = AdminServiceFactory.getAdminService();
            it = adminService.queryNames(new ObjectName("WebSphere:type=SecurityAdmin,process=" + adminService.getProcessName() + ",*"), (QueryExp) null).iterator();
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (!it.hasNext()) {
            if (!tc.isDebugEnabled()) {
                return false;
            }
            Tr.event(tc, "No SecurityAdmin MBean found!!");
            return false;
        }
        ObjectName objectName = (ObjectName) it.next();
        if (tc.isDebugEnabled()) {
            Tr.event(tc, " SecurityAdmin object name = " + objectName);
        }
        AdminHelper.getInstance();
        bool = AdminHelper.getPlatformHelper().isZOS() ? (Boolean) AdminServiceFactory.getMBeanFactory().getMBeanServer().invoke(objectName, "checkPassword", new Object[]{str, str2, properties}, new String[]{"java.lang.String", "java.lang.String", "java.util.Properties"}) : (Boolean) adminService.invoke(objectName, "checkPassword", new Object[]{str, str2, properties}, new String[]{"java.lang.String", "java.lang.String", "java.util.Properties"});
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "Exiting CheckSecurityAdmin.authenticate()");
        }
        if (bool == null) {
            return false;
        }
        return bool.booleanValue();
    }

    public static boolean authenticate(HttpServletRequest httpServletRequest, String str, String str2, Properties properties) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "Entering CheckSecurityAdmin.authenticate()");
        }
        Boolean bool = new Boolean(false);
        try {
            Vector vector = (Vector) httpServletRequest.getSession().getAttribute("availableRealms");
            String str3 = null;
            if (vector != null) {
                str3 = (String) vector.firstElement();
            }
            final AdminCommand createCommand = ConsoleUtils.createCommand("checkRegistryUserPassword", httpServletRequest);
            if (str.contains(":")) {
                int indexOf = str.indexOf(":");
                str3 = str.substring(indexOf + 1);
                str = str.substring(0, indexOf);
            }
            createCommand.setParameter("username", str);
            createCommand.setParameter("password", str2);
            if (str3 != null) {
                createCommand.setParameter("realmName", str3);
            }
            if (SecurityContext.isSecurityEnabled()) {
                try {
                    SecurityContext.runAsSystem(new PrivilegedExceptionAction() { // from class: com.ibm.ws.console.appmanagement.action.CheckSecurityAdmin.2
                        @Override // java.security.PrivilegedExceptionAction
                        public Object run() throws Exception {
                            createCommand.execute();
                            return null;
                        }
                    });
                } catch (Exception e) {
                    e.printStackTrace();
                    Tr.debug(tc, "Unable to verify password: ", e);
                }
            } else {
                createCommand.execute();
            }
            CommandResult commandResult = createCommand.getCommandResult();
            if (commandResult.isSuccessful()) {
                bool = (Boolean) commandResult.getResult();
            }
        } catch (Exception e2) {
            e2.printStackTrace();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "Exiting CheckSecurityAdmin.authenticate()");
        }
        if (bool == null) {
            return false;
        }
        return bool.booleanValue();
    }

    public static boolean checkRunAsUser(String str, String str2, HttpSession httpSession) {
        AdminService adminService;
        Iterator it;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "Entering CheckSecurityAdmin.checkRunAsUser()");
        }
        Boolean bool = new Boolean(false);
        try {
            adminService = AdminServiceFactory.getAdminService();
            it = adminService.queryNames(new ObjectName("WebSphere:type=SecurityAdmin,process=" + adminService.getProcessName() + ",*"), (QueryExp) null).iterator();
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (!it.hasNext()) {
            if (!tc.isDebugEnabled()) {
                return false;
            }
            Tr.event(tc, "No SecurityAdmin MBean found!!");
            return false;
        }
        ObjectName objectName = (ObjectName) it.next();
        AppInstallForm appInstallForm = (AppInstallForm) httpSession.getAttribute("MapRolesToUsersForm");
        if (appInstallForm == null) {
            if (!tc.isDebugEnabled()) {
                return false;
            }
            Tr.event(tc, "MapRolesToUsersForm not in session !");
            return false;
        }
        String[] column0 = appInstallForm.getColumn0();
        int i = 0;
        while (i < column0.length && !column0[i].equals(str2)) {
            i++;
        }
        if (i == column0.length) {
            if (!tc.isDebugEnabled()) {
                return true;
            }
            Tr.event(tc, str2 + " does not exist in security roles");
            return true;
        }
        String[] column1 = appInstallForm.getColumn1();
        String[] column2 = appInstallForm.getColumn2();
        if (column1[i].equals("AppDeploymentOption.Yes") || column2[i].equals("AppDeploymentOption.Yes")) {
            if (!tc.isDebugEnabled()) {
                return true;
            }
            Tr.event(tc, "Special subjects for " + str2 + " is checked");
            return true;
        }
        String str3 = appInstallForm.getColumn3()[i];
        ArrayList arrayList = new ArrayList();
        StringTokenizer stringTokenizer = new StringTokenizer(str3, "|");
        while (stringTokenizer.hasMoreTokens()) {
            arrayList.add(stringTokenizer.nextToken());
        }
        String str4 = appInstallForm.getColumn4()[i];
        ArrayList arrayList2 = new ArrayList();
        StringTokenizer stringTokenizer2 = new StringTokenizer(str4, "|");
        while (stringTokenizer2.hasMoreTokens()) {
            arrayList2.add(stringTokenizer2.nextToken());
        }
        if (tc.isDebugEnabled()) {
            Tr.event(tc, " SecurityAdmin object name = " + objectName);
        }
        bool = (Boolean) adminService.invoke(objectName, "checkRunAsUser", new Object[]{arrayList, arrayList2, str, null}, new String[]{"java.util.List", "java.util.List", "java.lang.String", "java.util.Properties"});
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "Exiting CheckSecurityAdmin.checkRunAsUser()");
        }
        return bool.booleanValue();
    }

    public static boolean checkRunAsUser(String str, String str2, HttpServletRequest httpServletRequest) {
        AppInstallForm appInstallForm;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "Entering CheckSecurityAdmin.checkRunAsUser()");
        }
        Boolean bool = new Boolean(false);
        try {
            appInstallForm = (AppInstallForm) httpServletRequest.getSession().getAttribute("MapRolesToUsersForm");
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (appInstallForm == null) {
            if (!tc.isDebugEnabled()) {
                return false;
            }
            Tr.event(tc, "MapRolesToUsersForm not in session !");
            return false;
        }
        String[] column0 = appInstallForm.getColumn0();
        int i = 0;
        while (i < column0.length && !column0[i].equals(str2)) {
            i++;
        }
        if (i == column0.length) {
            if (!tc.isDebugEnabled()) {
                return true;
            }
            Tr.event(tc, str2 + " does not exist in security roles");
            return true;
        }
        String[] column1 = appInstallForm.getColumn1();
        String[] column2 = appInstallForm.getColumn2();
        if (column1[i].equals("AppDeploymentOption.Yes") || column2[i].equals("AppDeploymentOption.Yes")) {
            if (!tc.isDebugEnabled()) {
                return true;
            }
            Tr.event(tc, "Special subjects for " + str2 + " is checked");
            return true;
        }
        String str3 = appInstallForm.getColumn3()[i];
        String str4 = appInstallForm.getColumn4()[i];
        Vector vector = new Vector(AppCommandUtils.getTrustedRealms(httpServletRequest, AppCommandUtils.getOneResource(httpServletRequest)));
        String str5 = null;
        if (vector != null && !vector.isEmpty()) {
            str5 = (String) vector.firstElement();
        }
        final AdminCommand createCommand = ConsoleUtils.createCommand("checkRegistryRunAsUser", httpServletRequest);
        createCommand.setParameter("userList", str3);
        createCommand.setParameter("groupList", str4);
        createCommand.setParameter("username", str);
        if (str5 != null) {
            createCommand.setParameter("realmName", str5);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "userList = " + str3);
            Tr.debug(tc, "groupList = " + str4);
            Tr.debug(tc, "username = " + str);
            Tr.debug(tc, "realmName = " + str5);
        }
        if (SecurityContext.isSecurityEnabled()) {
            try {
                SecurityContext.runAsSystem(new PrivilegedExceptionAction() { // from class: com.ibm.ws.console.appmanagement.action.CheckSecurityAdmin.3
                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws Exception {
                        createCommand.execute();
                        return null;
                    }
                });
            } catch (Exception e2) {
                e2.printStackTrace();
                Tr.debug(tc, "unable to verify runAsUser: ", e2);
            }
        } else {
            createCommand.execute();
        }
        CommandResult commandResult = createCommand.getCommandResult();
        if (commandResult.isSuccessful()) {
            bool = (Boolean) commandResult.getResult();
        }
        if (tc.isDebugEnabled()) {
            Tr.event(tc, "retValue form checkRegistryRunAsUser = " + bool.toString());
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "Exiting CheckSecurityAdmin.checkRunAsUser()");
        }
        return bool.booleanValue();
    }

    public static boolean checkRunAsUserWithList(String str, String str2, String str3, String str4, HttpServletRequest httpServletRequest) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "Entering CheckSecurityAdmin.checkRunAsUserList()");
        }
        Boolean bool = new Boolean(false);
        try {
            Vector vector = (Vector) httpServletRequest.getSession().getAttribute("availableRealms");
            String str5 = null;
            if (vector != null) {
                str5 = (String) vector.firstElement();
            }
            AdminCommand createCommand = ConsoleUtils.createCommand("checkRegistryRunAsUser", httpServletRequest);
            createCommand.setParameter("userList", str3);
            createCommand.setParameter("groupList", str4);
            createCommand.setParameter("username", str);
            if (str5 != null) {
                createCommand.setParameter("realmName", str5);
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "userList = " + str3);
                Tr.debug(tc, "groupList = " + str4);
                Tr.debug(tc, "username = " + str);
                Tr.debug(tc, "realmName = " + str5);
            }
            createCommand.execute();
            CommandResult commandResult = createCommand.getCommandResult();
            if (commandResult.isSuccessful()) {
                bool = (Boolean) commandResult.getResult();
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "retValue form checkRegistryRunAsUser = " + bool.toString());
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "Exiting CheckSecurityAdmin.checkRunAsUserWithList()");
        }
        return bool.booleanValue();
    }

    public static String checkUpdate(ArrayList arrayList, String str, String str2, boolean z, HttpSession httpSession) {
        AdminService adminService;
        Iterator it;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "Entering CheckSecurityAdmin.checkUpdate()");
        }
        Boolean bool = new Boolean(false);
        String str3 = null;
        try {
            adminService = AdminServiceFactory.getAdminService();
            it = adminService.queryNames(new ObjectName("WebSphere:type=SecurityAdmin,process=" + adminService.getProcessName() + ",*"), (QueryExp) null).iterator();
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (!it.hasNext()) {
            if (!tc.isDebugEnabled()) {
                return null;
            }
            Tr.event(tc, "No SecurityAdmin MBean found!!");
            return null;
        }
        ObjectName objectName = (ObjectName) it.next();
        AppInstallForm appInstallForm = (AppInstallForm) httpSession.getAttribute("MapRunAsRolesToUsersForm");
        if (appInstallForm == null) {
            if (!tc.isDebugEnabled()) {
                return null;
            }
            Tr.event(tc, "MapRunAsRolesToUsersForm not in session !");
            return null;
        }
        String[] column0 = appInstallForm.getColumn0();
        int i = 0;
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "roleName = " + str);
        }
        while (i < column0.length) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "role in array = " + column0[i]);
            }
            if (column0[i].equals(str)) {
                break;
            }
            i++;
        }
        if (i == column0.length) {
            if (!tc.isDebugEnabled()) {
                return null;
            }
            Tr.debug(tc, str + " does not exist as run as roles");
            return null;
        }
        str3 = appInstallForm.getColumn1()[i].trim();
        ArrayList arrayList2 = new ArrayList();
        StringTokenizer stringTokenizer = new StringTokenizer(str2, "|");
        while (stringTokenizer.hasMoreTokens()) {
            arrayList2.add(stringTokenizer.nextToken());
        }
        if (tc.isDebugEnabled()) {
            Tr.event(tc, " SecurityAdmin object name = " + objectName);
        }
        bool = z ? (Boolean) adminService.invoke(objectName, "checkRunAsUser", new Object[]{arrayList2, arrayList, str3, null}, new String[]{"java.util.List", "java.util.List", "java.lang.String", "java.util.Properties"}) : (Boolean) adminService.invoke(objectName, "checkRunAsUser", new Object[]{arrayList, arrayList2, str3, null}, new String[]{"java.util.List", "java.util.List", "java.lang.String", "java.util.Properties"});
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "Exiting CheckSecurityAdmin.checkUpdate()");
        }
        if (bool.booleanValue()) {
            return null;
        }
        return str3;
    }

    public static String checkUpdate(String str, String str2, String str3, boolean z, HttpServletRequest httpServletRequest) {
        AppInstallForm appInstallForm;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "Entering CheckSecurityAdmin.checkUpdate()");
            Tr.debug(tc, "updateColumn = " + str);
            Tr.debug(tc, "roleName = " + str2);
            Tr.debug(tc, "otherColumn = " + str3);
        }
        boolean z2 = false;
        String str4 = null;
        try {
            appInstallForm = (AppInstallForm) httpServletRequest.getSession().getAttribute("MapRunAsRolesToUsersForm");
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (appInstallForm == null) {
            if (!tc.isDebugEnabled()) {
                return null;
            }
            Tr.event(tc, "MapRunAsRolesToUsersForm not in session !");
            return null;
        }
        String[] column0 = appInstallForm.getColumn0();
        int i = 0;
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "roleName = " + str2);
        }
        while (i < column0.length) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "role in array = " + column0[i]);
            }
            if (column0[i].equals(str2)) {
                break;
            }
            i++;
        }
        if (i == column0.length) {
            if (!tc.isDebugEnabled()) {
                return null;
            }
            Tr.debug(tc, str2 + " does not exist as run as roles");
            return null;
        }
        String[] column1 = appInstallForm.getColumn1();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "usersArray = " + column1);
            Tr.debug(tc, "rowNumber = " + i);
        }
        str4 = column1[i].trim();
        if (str4 == null || str4.equals("")) {
            return null;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "runaAsUserName = " + str4);
        }
        z2 = z ? checkRunAsUserWithList(str4, str2, str3, str, httpServletRequest) : checkRunAsUserWithList(str4, str2, str, str3, httpServletRequest);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "Exiting CheckSecurityAdmin.checkUpdate()");
        }
        if (z2) {
            return null;
        }
        return str4;
    }

    public static String anyRunAsRoles(String str, String str2, HttpServletRequest httpServletRequest) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "Entering CheckSecurityAdmin.anyRunAsRoles()");
            Tr.debug(tc, "roleName = " + str);
        }
        try {
            AppInstallForm appInstallForm = (AppInstallForm) httpServletRequest.getSession().getAttribute("MapRunAsRolesToUsersForm");
            if (appInstallForm == null) {
                if (!tc.isDebugEnabled()) {
                    return null;
                }
                Tr.event(tc, "MapRunAsRolesToUsersForm not in session !");
                return null;
            }
            String[] column0 = appInstallForm.getColumn0();
            String[] column1 = appInstallForm.getColumn1();
            int i = 1;
            while (i < column0.length) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "role in array = " + column0[i]);
                    Tr.debug(tc, "user in array = " + column1[i]);
                }
                if (column0[i].equals(str)) {
                    break;
                }
                i++;
            }
            if (i == column0.length) {
                if (!tc.isDebugEnabled()) {
                    return null;
                }
                Tr.debug(tc, str + " does not exist as run as roles");
                return null;
            }
            String trim = column1[i].trim();
            Tr.debug(tc, "runAsUserName = " + trim);
            if (trim == null || trim.equals("")) {
                return null;
            }
            if (str2 == null || str2 == "") {
                return trim;
            }
            for (String str3 : str2.split("\\|")) {
                if (str3.equals(trim)) {
                    System.out.println("RunAsUser = " + trim);
                    return null;
                }
            }
            return trim;
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }
}
