package jeus.security.container.ejb;

import com.sun.corba.ee.spi.extension.ZeroPortPolicy;
import java.io.File;
import java.lang.reflect.Method;
import java.security.Permission;
import java.security.Permissions;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.security.jacc.EJBMethodPermission;
import javax.security.jacc.EJBRoleRefPermission;
import javax.xml.soap.SOAPMessage;
import jeus.corba.ORBManager;
import jeus.ejb.EJBLoggers;
import jeus.ejb.container.ContainerException;
import jeus.ejb.interop.csi.EJBCSIPolicyImpl;
import jeus.ejb.metadata.BeanInfo;
import jeus.ejb.metadata.BusinessInterface;
import jeus.ejb.metadata.ModuleInfo;
import jeus.ejb.metadata.SessionBeanInfo;
import jeus.management.j2ee.DeploymentContext;
import jeus.security.base.AnonymousSubject;
import jeus.security.base.Domain;
import jeus.security.base.PermissionMap;
import jeus.security.base.Policy;
import jeus.security.base.SecurityCommonService;
import jeus.security.base.SecurityException;
import jeus.security.base.ServiceException;
import jeus.security.base.Subject;
import jeus.security.container.shared.J2EESecurityUtil;
import jeus.security.container.shared.SecurityContext;
import jeus.security.impl.atnrep.XMLAccountConverter;
import jeus.security.resource.PrincipalImpl;
import jeus.security.resource.RoleImpl;
import jeus.security.resource.RolePermission;
import jeus.security.spi.AuthenticationRepositoryService;
import jeus.security.spi.AuthenticationService;
import jeus.security.spi.SecurityInstaller;
import jeus.security.util.Constants;
import jeus.security.util.JACCUtil;
import jeus.security.util.LoggerUtil;
import jeus.server.PatchContentsRelated;
import jeus.util.ErrorMsgManager;
import jeus.util.JeusProperties;
import jeus.util.XmlUtils;
import jeus.util.message.JeusMessage_EJB3;
import jeus.util.message.JeusMessage_Security;
import jeus.util.message.JeusMessage_Security_Exception;
import jeus.xml.binding.j2ee.EjbJarType;
import jeus.xml.binding.j2ee.EjbNameType;
import jeus.xml.binding.j2ee.EnterpriseBeansType;
import jeus.xml.binding.j2ee.EntityBeanType;
import jeus.xml.binding.j2ee.FullyQualifiedClassType;
import jeus.xml.binding.j2ee.HomeType;
import jeus.xml.binding.j2ee.LocalHomeType;
import jeus.xml.binding.j2ee.LocalType;
import jeus.xml.binding.j2ee.RemoteType;
import jeus.xml.binding.j2ee.SessionBeanType;
import jeus.xml.binding.jeusDD.JeusEjbDdType;
import jeus.xml.binding.jeusDD.SecurityInteropType;

/* loaded from: input_file:jeus/security/container/ejb/EJBSecurity.class */
public class EJBSecurity {
    private static Map subjectsTableForRemove = new Hashtable();

    public static void setEJBSecurityContext(String str, Object obj, Object[] objArr, SOAPMessage sOAPMessage) throws ServiceException, SecurityException {
        if (SecurityInstaller.isSecurityOff()) {
            return;
        }
        SecurityContext securityContext = J2EESecurityUtil.getSecurityContext();
        securityContext.put(SecurityContext.POLICY_ID_KEY, (Object) str);
        if (obj != null) {
            securityContext.put("javax.ejb.EnterpriseBean", obj);
        }
        if (objArr != null) {
            securityContext.put("javax.ejb.arguments", (Object) objArr);
        } else if (sOAPMessage != null) {
            securityContext.put("javax.xml.soap.SOAPMessage", (Object) sOAPMessage);
        }
        setCallerIdentity(securityContext);
        J2EESecurityUtil.pushSecurityContext(securityContext);
    }

    private static void setCallerIdentity(SecurityContext securityContext) throws ServiceException, SecurityException {
        if (SecurityInstaller.isSecurityOff()) {
            return;
        }
        Subject currentSubject = SecurityCommonService.getCurrentSubject();
        Object principal = currentSubject.getPrincipal();
        securityContext.put(SecurityContext.CALLER_SUBJECT_KEY, (Object) currentSubject);
        securityContext.put(SecurityContext.CALLER_PRINCIPAL_KEY, principal);
    }

    public static void clearEJBSecurityContext() {
        if (SecurityInstaller.isSecurityOff()) {
            return;
        }
        J2EESecurityUtil.popSecurityContext();
    }

    public static void checkEJBMethodPermission(EJBMethodPermission eJBMethodPermission) throws ServiceException, SecurityException {
        SecurityContext peekSecurityContext;
        if (SecurityInstaller.isSecurityOff() || (peekSecurityContext = J2EESecurityUtil.peekSecurityContext()) == null) {
            return;
        }
        SecurityCommonService.checkPermission((String) peekSecurityContext.get(SecurityContext.POLICY_ID_KEY), eJBMethodPermission);
    }

    public static void checkEJBRolePermission(String str, String str2, String str3, String str4) throws ServiceException, SecurityException {
        try {
            try {
                try {
                    SecurityCommonService.loginDefault(new Subject(str2, new PrincipalImpl(str3)), true);
                    SecurityCommonService.checkPermission(str, new RolePermission(str4));
                } catch (ServiceException e) {
                    throw e;
                }
            } catch (SecurityException e2) {
                throw e2;
            }
        } finally {
            SecurityCommonService.logout();
        }
    }

    public static void checkEJBRolePermission(String str, Subject subject, String str2) throws ServiceException, SecurityException {
        try {
            try {
                SecurityCommonService.loginDefault(subject, true);
                SecurityCommonService.checkPermission(str, new RolePermission(str2));
            } catch (SecurityException e) {
                throw e;
            } catch (ServiceException e2) {
                throw e2;
            }
        } finally {
            SecurityCommonService.logout();
        }
    }

    public static void checkEJBCallerInRole(EJBRoleRefPermission eJBRoleRefPermission) throws ServiceException, SecurityException {
        if (SecurityInstaller.isSecurityOff()) {
            return;
        }
        boolean z = false;
        try {
            SecurityContext peekSecurityContext = J2EESecurityUtil.peekSecurityContext();
            SecurityCommonService.loginDefault((Subject) peekSecurityContext.get(SecurityContext.CALLER_SUBJECT_KEY));
            z = true;
            SecurityCommonService.checkPermission((String) peekSecurityContext.get(SecurityContext.POLICY_ID_KEY), eJBRoleRefPermission);
            if (1 != 0) {
                SecurityCommonService.logout();
            }
        } catch (Throwable th) {
            if (z) {
                SecurityCommonService.logout();
            }
            throw th;
        }
    }

    public static void checkEJBRunasCallerInRole(EJBRoleRefPermission eJBRoleRefPermission) throws ServiceException, SecurityException {
        if (SecurityInstaller.isSecurityOff()) {
            return;
        }
        boolean z = false;
        try {
            SecurityContext peekRunasSecurityContext = J2EESecurityUtil.peekRunasSecurityContext();
            SecurityCommonService.loginDefault((Subject) peekRunasSecurityContext.get(SecurityContext.CALLER_SUBJECT_KEY));
            z = true;
            SecurityCommonService.checkPermission((String) peekRunasSecurityContext.get(SecurityContext.POLICY_ID_KEY), eJBRoleRefPermission);
            if (1 != 0) {
                SecurityCommonService.logout();
            }
        } catch (Throwable th) {
            if (z) {
                SecurityCommonService.logout();
            }
            throw th;
        }
    }

    public static Principal getEJBCallerPrincipal() {
        try {
            SecurityContext peekSecurityContext = J2EESecurityUtil.peekSecurityContext();
            return peekSecurityContext == null ? AnonymousSubject.ANONYMOUS_PRINCIPAL : (Principal) peekSecurityContext.get(SecurityContext.CALLER_PRINCIPAL_KEY);
        } catch (Exception e) {
            if (!LoggerUtil.logger.isLoggable(JeusMessage_Security._10_LEVEL)) {
                return null;
            }
            LoggerUtil.logger.log(JeusMessage_Security._10_LEVEL, JeusMessage_Security._10, e);
            return null;
        }
    }

    public static Principal getEJBRunasCallerPrincipal() {
        try {
            SecurityContext peekRunasSecurityContext = J2EESecurityUtil.peekRunasSecurityContext();
            return peekRunasSecurityContext == null ? AnonymousSubject.ANONYMOUS_PRINCIPAL : (Principal) peekRunasSecurityContext.get(SecurityContext.CALLER_PRINCIPAL_KEY);
        } catch (Exception e) {
            if (LoggerUtil.logger.isLoggable(JeusMessage_Security._10_LEVEL)) {
                LoggerUtil.logger.log(JeusMessage_Security._10_LEVEL, JeusMessage_Security._10, e);
            }
            e.printStackTrace();
            return null;
        }
    }

    public static void setEJBRunAsIdentity(String str) throws ServiceException, SecurityException {
        setEJBRunAsIdentity(new Subject(new PrincipalImpl(str)));
    }

    public static void setEJBRunAsIdentity(String str, String str2) throws ServiceException, SecurityException {
        setEJBRunAsIdentity(new Subject(str, new PrincipalImpl(str2)));
    }

    public static void setEJBRunAsIdentity(Subject subject) throws ServiceException, SecurityException {
        SecurityCommonService.loginDefault(subject, true);
    }

    public static void clearEJBRunAsIdentity() throws ServiceException, SecurityException {
        SecurityCommonService.logout();
    }

    public static Object runEJBBusinessCode(Object obj, Method method, Object[] objArr) throws Throwable {
        return J2EESecurityUtil.runCode(obj, method, objArr);
    }

    public static Policy getEJBPolicyFromModuleInfo(ModuleInfo moduleInfo) throws Exception {
        Policy makePolicy = J2EESecurityUtil.makePolicy(moduleInfo, moduleInfo.getSecurityDomain());
        completePolicyContext(makePolicy.getResourcePolicy(moduleInfo.getAppName()), moduleInfo);
        return makePolicy;
    }

    public static void addEJBPolicyToApp(Policy policy, Policy policy2, String str, String str2) throws Exception {
        if (SecurityInstaller.isSecurityOff()) {
            return;
        }
        policy.add(policy2);
        J2EESecurityUtil.addPolicy(policy, str, str2);
    }

    private static void completePolicyContext(PermissionMap permissionMap, ModuleInfo moduleInfo) {
        JeusEjbDdType runtimeDD = moduleInfo.getRuntimeDD();
        String[] defaultRoles = getDefaultRoles(runtimeDD);
        boolean defaultExcluded = getDefaultExcluded(runtimeDD);
        boolean defaultUnchecked = getDefaultUnchecked(runtimeDD);
        if ((!(!defaultExcluded) || !(!defaultUnchecked)) || !(defaultRoles == null || defaultRoles.length == 0)) {
            completePolicyContext(permissionMap, defaultRoles, defaultExcluded, defaultUnchecked, moduleInfo);
        } else {
            completePolicyContext(permissionMap, null, false, true, moduleInfo);
        }
    }

    public static void removeEJBPolicy(String str, String str2, String str3) throws Exception {
        if (SecurityInstaller.isSecurityOff()) {
            return;
        }
        J2EESecurityUtil.removePolicy(str, str2, str3);
    }

    public static void addEJBSubjectsToApp(String str, String str2, String str3) throws ServiceException {
        File file = new File(str3 + File.separator + Constants.DEFAULT_ACCOUNTS_FILE_NAME);
        if (file.exists()) {
            if (str == null) {
                str = Domain.DEFAULT_APPLICATION_DOMAIN_NAME;
            } else if (str.equals("SYSTEM_DOMAIN")) {
                return;
            }
            try {
                try {
                    try {
                        Subject[] subjectArr = (Subject[]) new XMLAccountConverter(str).unmarshal(file);
                        try {
                            SecurityCommonService.loginCodeSubject(str);
                            AuthenticationRepositoryService.addSubjects(str, subjectArr, false);
                            try {
                                SecurityCommonService.logout();
                            } catch (Exception e) {
                            }
                        } catch (SecurityException e2) {
                        }
                        subjectsTableForRemove.put(str + PatchContentsRelated.COLON_SEPARATOR + str2, subjectArr);
                    } catch (Exception e3) {
                        throw new ServiceException(e3.toString());
                    }
                } finally {
                    try {
                        SecurityCommonService.logout();
                    } catch (Exception e4) {
                    }
                }
            } catch (Exception e5) {
            }
        }
    }

    public static void removeEJBSubjectsFromApp(String str, String str2) throws ServiceException {
        if (str == null) {
            str = Domain.DEFAULT_APPLICATION_DOMAIN_NAME;
        } else if (str.equals("SYSTEM_DOMAIN")) {
            return;
        }
        Subject[] subjectArr = (Subject[]) subjectsTableForRemove.remove(str + PatchContentsRelated.COLON_SEPARATOR + str2);
        try {
            if (subjectArr == null) {
                return;
            }
            try {
                SecurityCommonService.loginCodeSubject(str);
                AuthenticationRepositoryService.removeSubjects(str, subjectArr, false);
            } catch (SecurityException e) {
                try {
                    SecurityCommonService.logout();
                } catch (Exception e2) {
                }
            }
        } finally {
            try {
                SecurityCommonService.logout();
            } catch (Exception e3) {
            }
        }
    }

    public static Subject logoutEJBSubject() throws ServiceException, SecurityException {
        return SecurityCommonService.logout();
    }

    public static void loginEJBSubject(Subject subject) throws ServiceException, SecurityException {
        SecurityCommonService.loginDefault(subject);
    }

    public static void loginEJBSubject(String str, byte[] bArr) throws ServiceException, SecurityException {
        if (SecurityInstaller.isSecurityOff()) {
            return;
        }
        if (str == null) {
            str = SecurityInstaller.getEnvironment().defaultDomainName;
        }
        Subject deserialize = Subject.deserialize(bArr);
        deserialize.setDomainName(str);
        SecurityCommonService.loginDefault(deserialize);
    }

    public static void loginEJBCaller(String str, String str2) throws ServiceException, SecurityException {
        loginEJBCaller(null, str, str2);
    }

    public static void loginEJBCaller(String str, String str2, String str3) throws ServiceException, SecurityException {
        if (SecurityInstaller.isSecurityOff()) {
            return;
        }
        if (str == null) {
            str = SecurityInstaller.getEnvironment().defaultDomainName;
        }
        try {
            SecurityCommonService.loginDefault(Subject.makeSubject(str, str2, str3));
        } catch (Exception e) {
            throw new ServiceException(ErrorMsgManager.getErrorStringMessage(JeusMessage_Security_Exception._17), e);
        }
    }

    public static void loginEJBSubject(byte[] bArr) throws ServiceException, SecurityException {
        if (SecurityInstaller.isSecurityOff()) {
            return;
        }
        SecurityCommonService.loginDefault(Subject.deserialize(bArr));
    }

    public static Subject getCurrentEJBSubject() throws ServiceException, SecurityException {
        return SecurityInstaller.isSecurityOff() ? AnonymousSubject.singleton : SecurityCommonService.getLatestUserSubject();
    }

    public static Principal getCurrentEJBPrincipal() throws ServiceException, SecurityException {
        return SecurityInstaller.isSecurityOff() ? AnonymousSubject.ANONYMOUS_PRINCIPAL : SecurityCommonService.getCurrentPrincipal();
    }

    public static void authenticate(Subject subject, boolean z) throws ServiceException, SecurityException {
        AuthenticationService.authenticate(subject, z);
    }

    private static boolean implies(Collection collection, Permission permission) {
        Iterator it = collection.iterator();
        while (it.hasNext()) {
            if (((Permission) it.next()).implies(permission)) {
                return true;
            }
        }
        return false;
    }

    private static void completePolicyContext(PermissionMap permissionMap, EjbJarType ejbJarType, JeusEjbDdType jeusEjbDdType, ClassLoader classLoader) {
        String[] defaultRoles = getDefaultRoles(jeusEjbDdType);
        boolean defaultExcluded = getDefaultExcluded(jeusEjbDdType);
        boolean defaultUnchecked = getDefaultUnchecked(jeusEjbDdType);
        if ((!(!defaultExcluded) || !(!defaultUnchecked)) || !(defaultRoles == null || defaultRoles.length == 0)) {
            completePolicyContext(permissionMap, ejbJarType, defaultRoles, defaultExcluded, defaultUnchecked, classLoader);
        } else {
            completePolicyContext(permissionMap, ejbJarType, (String[]) null, false, true, classLoader);
        }
    }

    private static void completePolicyContext(PermissionMap permissionMap, String[] strArr, boolean z, boolean z2, ModuleInfo moduleInfo) {
        List<BeanInfo> allModule = moduleInfo.getAllModule();
        for (int i = 0; i < allModule.size(); i++) {
            completePolicyContext(permissionMap, allModule.get(i), strArr, z, z2, moduleInfo.getLoader());
        }
    }

    private static void completePolicyContext(PermissionMap permissionMap, EjbJarType ejbJarType, String[] strArr, boolean z, boolean z2, ClassLoader classLoader) {
        EnterpriseBeansType enterpriseBeans;
        if (ejbJarType == null || (enterpriseBeans = ejbJarType.getEnterpriseBeans()) == null) {
            return;
        }
        List sessionOrEntityOrMessageDriven = enterpriseBeans.getSessionOrEntityOrMessageDriven();
        for (int i = 0; i < sessionOrEntityOrMessageDriven.size(); i++) {
            Object obj = sessionOrEntityOrMessageDriven.get(i);
            if (obj instanceof EntityBeanType) {
                EntityBeanType entityBeanType = (EntityBeanType) obj;
                completePolicyContext(permissionMap, entityBeanType.getEjbName(), entityBeanType.getHome(), entityBeanType.getLocalHome(), entityBeanType.getRemote(), entityBeanType.getLocal(), null, strArr, z, z2, classLoader);
            } else if (obj instanceof SessionBeanType) {
                SessionBeanType sessionBeanType = (SessionBeanType) obj;
                completePolicyContext(permissionMap, sessionBeanType.getEjbName(), sessionBeanType.getHome(), sessionBeanType.getLocalHome(), sessionBeanType.getRemote(), sessionBeanType.getLocal(), sessionBeanType.getServiceEndpoint(), strArr, z, z2, classLoader);
            }
        }
    }

    private static void completePolicyContext(PermissionMap permissionMap, BeanInfo beanInfo, String[] strArr, boolean z, boolean z2, ClassLoader classLoader) {
        String serviceEndpointClassName;
        String beanName = beanInfo.getBeanName();
        if (beanName != null) {
            completePolicyContextWithUnspecifiedMethodInfo(permissionMap, beanName, strArr, z, z2);
            String eJBHomeClassName = beanInfo.getEJBHomeClassName();
            if (eJBHomeClassName != null) {
                completePolicyContext(permissionMap, beanName, "Home", eJBHomeClassName, strArr, z, z2, classLoader);
            }
            String eJBLocalHomeClassName = beanInfo.getEJBLocalHomeClassName();
            if (eJBLocalHomeClassName != null) {
                completePolicyContext(permissionMap, beanName, "LocalHome", eJBLocalHomeClassName, strArr, z, z2, classLoader);
            }
            String eJBObjectClassName = beanInfo.getEJBObjectClassName();
            if (eJBObjectClassName != null) {
                completePolicyContext(permissionMap, beanName, "Remote", eJBObjectClassName, strArr, z, z2, classLoader);
            }
            String eJBLocalObjectClassName = beanInfo.getEJBLocalObjectClassName();
            if (eJBLocalObjectClassName != null) {
                completePolicyContext(permissionMap, beanName, "Local", eJBLocalObjectClassName, strArr, z, z2, classLoader);
            }
            if (beanInfo instanceof SessionBeanInfo) {
                SessionBeanInfo sessionBeanInfo = (SessionBeanInfo) beanInfo;
                Iterator<BusinessInterface> it = sessionBeanInfo.getLocalBusinessInterfaces().iterator();
                while (it.hasNext()) {
                    completePolicyContext(permissionMap, beanName, "Local", it.next().getAsClassInstance(), strArr, z, z2);
                }
                Iterator<BusinessInterface> it2 = sessionBeanInfo.getRemoteBusinessInterfaces().iterator();
                while (it2.hasNext()) {
                    completePolicyContext(permissionMap, beanName, "Remote", it2.next().getAsClassInstance(), strArr, z, z2);
                }
            }
            if (!(beanInfo instanceof SessionBeanInfo) || (serviceEndpointClassName = ((SessionBeanInfo) beanInfo).getServiceEndpointClassName()) == null) {
                return;
            }
            completePolicyContext(permissionMap, beanName, "ServiceEndpoint", serviceEndpointClassName, strArr, z, z2, classLoader);
        }
    }

    private static void completePolicyContext(PermissionMap permissionMap, EjbNameType ejbNameType, HomeType homeType, LocalHomeType localHomeType, RemoteType remoteType, LocalType localType, FullyQualifiedClassType fullyQualifiedClassType, String[] strArr, boolean z, boolean z2, ClassLoader classLoader) {
        if (ejbNameType != null) {
            String value = ejbNameType.getValue();
            completePolicyContextWithUnspecifiedMethodInfo(permissionMap, value, strArr, z, z2);
            if (homeType != null) {
                completePolicyContext(permissionMap, value, "Home", homeType.getValue(), strArr, z, z2, classLoader);
            }
            if (localHomeType != null) {
                completePolicyContext(permissionMap, value, "LocalHome", localHomeType.getValue(), strArr, z, z2, classLoader);
            }
            if (remoteType != null) {
                completePolicyContext(permissionMap, value, "Remote", remoteType.getValue(), strArr, z, z2, classLoader);
            }
            if (localType != null) {
                completePolicyContext(permissionMap, value, "Local", localType.getValue(), strArr, z, z2, classLoader);
            }
            if (fullyQualifiedClassType != null) {
                completePolicyContext(permissionMap, value, "ServiceEndpoint", fullyQualifiedClassType.getValue(), strArr, z, z2, classLoader);
            }
        }
    }

    private static void completePolicyContextWithUnspecifiedMethodInfo(PermissionMap permissionMap, String str, String[] strArr, boolean z, boolean z2) {
        try {
            Permissions permissions = new Permissions();
            for (Method method : permissionMap.getUnspecifiedMethodInfo(str)) {
                if (method.getParameterTypes().length == 0 && JACCUtil.isRunningJACCCTS()) {
                    permissions.add(new EJBMethodPermission(str, method.getName() + ",Local"));
                    permissions.add(new EJBMethodPermission(str, method.getName() + ",LocalHome"));
                    permissions.add(new EJBMethodPermission(str, method.getName() + ",Remote"));
                    permissions.add(new EJBMethodPermission(str, method.getName() + ",Home"));
                    permissions.add(new EJBMethodPermission(str, method.getName() + ",ServiceEndpoint"));
                } else {
                    permissions.add(new EJBMethodPermission(str, "Local", method));
                    permissions.add(new EJBMethodPermission(str, "LocalHome", method));
                    permissions.add(new EJBMethodPermission(str, "Remote", method));
                    permissions.add(new EJBMethodPermission(str, "Home", method));
                    permissions.add(new EJBMethodPermission(str, "ServiceEndpoint", method));
                }
            }
            permissionMap.removeUnspecifiedMethods(str);
            Enumeration<Permission> elements = permissions.elements();
            Object[] objArr = new Object[0];
            if (strArr != null) {
                objArr = new Object[strArr.length];
                for (int i = 0; i < strArr.length; i++) {
                    objArr[i] = new RoleImpl(strArr[i]);
                }
            }
            if (elements.hasMoreElements()) {
                Collection<Permission> allPermissions = permissionMap.getAllPermissions();
                while (elements.hasMoreElements()) {
                    Permission nextElement = elements.nextElement();
                    if (!implies(allPermissions, nextElement)) {
                        permissionMap.addPermission(nextElement, objArr, z, z2);
                    }
                }
            }
        } catch (Exception e) {
            if (LoggerUtil.logger.isLoggable(JeusMessage_Security._11_LEVEL)) {
                LoggerUtil.logger.log(JeusMessage_Security._11_LEVEL, JeusMessage_Security._11, e);
            }
        }
    }

    private static void completePolicyContext(PermissionMap permissionMap, String str, String str2, Class cls, String[] strArr, boolean z, boolean z2) {
        try {
            Enumeration<Permission> elements = makeEJBMethodPermissions(new Permissions(), str, str2, cls).elements();
            Object[] objArr = new Object[0];
            if (strArr != null) {
                objArr = new Object[strArr.length];
                for (int i = 0; i < strArr.length; i++) {
                    objArr[i] = new RoleImpl(strArr[i]);
                }
            }
            if (elements.hasMoreElements()) {
                Collection<Permission> allPermissions = permissionMap.getAllPermissions();
                while (elements.hasMoreElements()) {
                    Permission nextElement = elements.nextElement();
                    if (!implies(allPermissions, nextElement)) {
                        permissionMap.addPermission(nextElement, objArr, z, z2);
                    }
                }
            }
        } catch (Exception e) {
            if (LoggerUtil.logger.isLoggable(JeusMessage_Security._11_LEVEL)) {
                LoggerUtil.logger.log(JeusMessage_Security._11_LEVEL, JeusMessage_Security._11, e);
            }
        }
    }

    private static void completePolicyContext(PermissionMap permissionMap, String str, String str2, String str3, String[] strArr, boolean z, boolean z2, ClassLoader classLoader) {
        try {
            Enumeration<Permission> elements = makeEJBMethodPermissions(new Permissions(), str, str2, classLoader.loadClass(str3)).elements();
            Object[] objArr = new Object[0];
            if (strArr != null) {
                objArr = new Object[strArr.length];
                for (int i = 0; i < strArr.length; i++) {
                    objArr[i] = new RoleImpl(strArr[i]);
                }
            }
            if (elements.hasMoreElements()) {
                Collection<Permission> allPermissions = permissionMap.getAllPermissions();
                while (elements.hasMoreElements()) {
                    Permission nextElement = elements.nextElement();
                    if (!implies(allPermissions, nextElement)) {
                        permissionMap.addPermission(nextElement, objArr, z, z2);
                    }
                }
            }
        } catch (Exception e) {
            if (LoggerUtil.logger.isLoggable(JeusMessage_Security._11_LEVEL)) {
                LoggerUtil.logger.log(JeusMessage_Security._11_LEVEL, JeusMessage_Security._11, e);
            }
        }
    }

    private static Permissions makeEJBMethodPermissions(Permissions permissions, String str, String str2, Class cls) {
        try {
            Method[] methods = cls.getMethods();
            if (methods == null) {
                return permissions;
            }
            for (Method method : methods) {
                if (method.getParameterTypes().length == 0 && JACCUtil.isRunningJACCCTS()) {
                    permissions.add(new EJBMethodPermission(str, method.getName() + "," + str2));
                } else {
                    permissions.add(new EJBMethodPermission(str, str2, method));
                }
            }
            return permissions;
        } catch (Throwable th) {
            if (LoggerUtil.logger.isLoggable(JeusMessage_Security._37_LEVEL)) {
                LoggerUtil.logger.log(JeusMessage_Security._37_LEVEL, JeusMessage_Security._37, th);
            }
            throw new RuntimeException(th);
        }
    }

    private static String[] getDefaultRoles(JeusEjbDdType jeusEjbDdType) {
        if (jeusEjbDdType.getModuleInfo() == null || jeusEjbDdType.getModuleInfo().getUnspecifiedMethodPermission() == null) {
            return null;
        }
        List role = jeusEjbDdType.getModuleInfo().getUnspecifiedMethodPermission().getRole();
        String[] strArr = new String[role.size()];
        for (int i = 0; i < strArr.length; i++) {
            strArr[i] = (String) role.get(i);
        }
        return strArr;
    }

    private static boolean getDefaultUnchecked(JeusEjbDdType jeusEjbDdType) {
        return (jeusEjbDdType.getModuleInfo() == null || jeusEjbDdType.getModuleInfo().getUnspecifiedMethodPermission() == null || jeusEjbDdType.getModuleInfo().getUnspecifiedMethodPermission().getUnchecked() == null) ? false : true;
    }

    private static boolean getDefaultExcluded(JeusEjbDdType jeusEjbDdType) {
        return (jeusEjbDdType.getModuleInfo() == null || jeusEjbDdType.getModuleInfo().getUnspecifiedMethodPermission() == null || jeusEjbDdType.getModuleInfo().getUnspecifiedMethodPermission().getExcluded() == null) ? false : true;
    }

    public static void setSecurityPolicy(SecurityInteropType securityInteropType, String str, ArrayList arrayList, Subject subject) throws ContainerException {
        if (!ORBManager.isEnableInterop()) {
            if (EJBLoggers.logger.isLoggable(JeusMessage_EJB3._2851_LEVEL)) {
                EJBLoggers.logger.logp(JeusMessage_EJB3._2851_LEVEL, "Container", "<init>", JeusMessage_EJB3._2851);
            }
            throw new ContainerException(JeusMessage_EJB3._2851, new String[0]);
        }
        ORBManager.addEJBCSIDescriptor(str, securityInteropType);
        arrayList.add(new EJBCSIPolicyImpl(str));
        checkZeroPortPolicy(securityInteropType, arrayList);
    }

    private static void checkZeroPortPolicy(SecurityInteropType securityInteropType, List list) {
        DeploymentContext currentContext;
        XmlUtils.strip(securityInteropType);
        if (!securityInteropType.getIntegrityConfidentiality().value().equalsIgnoreCase("REQUIRES") || (currentContext = DeploymentContext.currentContext()) == null) {
            return;
        }
        String applicationName = currentContext.getApplicationName();
        if (!JeusProperties.CTS_ENABLED || applicationName == null || applicationName.indexOf("csiv2") <= 0 || applicationName.indexOf("_r") <= 0) {
            return;
        }
        list.add(ZeroPortPolicy.getPolicy());
    }
}
