package org.globus.wsrf.impl.security.descriptor;

import java.util.HashMap;
import java.util.Map;
import javax.security.auth.Subject;
import org.apache.axis.MessageContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.globus.gsi.jaas.JaasGssUtil;
import org.globus.security.gridmap.GridMap;
import org.globus.util.I18n;
import org.globus.wsrf.config.ConfigException;
import org.globus.wsrf.config.ContainerConfig;
import org.globus.wsrf.impl.security.authorization.ServiceAuthorizationChain;
import org.globus.wsrf.impl.security.descriptor.util.ElementParserException;
import org.globus.wsrf.impl.security.util.PDPUtils;
import org.gridforum.jgss.ExtendedGSSManager;
import org.ietf.jgss.GSSCredential;
import org.w3c.dom.Document;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/wsrf-core-4.0.4.jar:org/globus/wsrf/impl/security/descriptor/ContainerSecurityConfig.class
 */
/* loaded from: input_file:WEB-INF/lib/ghn-core-runtime-1.0.0.jar:org/globus/wsrf/impl/security/descriptor/ContainerSecurityConfig.class */
public class ContainerSecurityConfig extends SecurityConfig {
    private static Log logger;
    private static I18n i18n;
    protected static ContainerSecurityConfig securityConfig;
    GSSCredential defaultCredential = null;
    boolean defaultCredUsed = false;
    private Map properties;
    static Class class$org$globus$wsrf$impl$security$descriptor$ContainerSecurityConfig;
    static Class class$org$globus$wsrf$impl$security$descriptor$SecurityConfig;

    ContainerSecurityConfig(String str) {
        this.properties = null;
        this.properties = new HashMap();
        this.descriptorFile = str;
    }

    public static synchronized ContainerSecurityConfig getConfig() throws ConfigException {
        return getConfig(getSecurityDescFile());
    }

    public static synchronized ContainerSecurityConfig getConfig(String str) throws ConfigException {
        logger.debug("initialize called");
        if (securityConfig == null) {
            logger.debug(new StringBuffer().append("The file is ").append(str).toString());
            securityConfig = new ContainerSecurityConfig(str);
            securityConfig.initialize();
        }
        return securityConfig;
    }

    @Override // org.globus.wsrf.impl.security.descriptor.SecurityConfig
    protected void storeSecurityDescriptor() throws ConfigException {
        this.properties.put(SecurityConfig.SECURITY_DESCRIPTOR, this.desc);
    }

    @Override // org.globus.wsrf.impl.security.descriptor.SecurityConfig
    protected void initialize() throws ConfigException {
        logger.debug(i18n.getMessage("containerDescInit"));
        try {
            super.initialize();
        } catch (ConfigException e) {
            throw new ConfigException(i18n.getMessage("containerInitFail"), e);
        }
    }

    protected boolean isInitialized() throws ConfigException {
        Boolean bool = (Boolean) this.properties.get(SecurityConfig.SECURITY_INIT_NAME);
        if (bool == null) {
            return false;
        }
        return bool.booleanValue();
    }

    @Override // org.globus.wsrf.impl.security.descriptor.SecurityConfig
    protected void setInitialized(boolean z) throws ConfigException {
        this.properties.put(SecurityConfig.SECURITY_INIT_NAME, new Boolean(z));
    }

    @Override // org.globus.wsrf.impl.security.descriptor.SecurityConfig
    protected void initSecurityDescriptor(Document document) throws ConfigException {
        this.desc = new ContainerSecurityDescriptor();
        if (document != null) {
            try {
                this.desc.parse(document.getDocumentElement());
            } catch (ElementParserException e) {
                throw new ConfigException(e);
            }
        }
    }

    @Override // org.globus.wsrf.impl.security.descriptor.SecurityConfig
    protected void loadAuthorization() throws ConfigException {
        String authz;
        if (this.desc == null || (authz = this.desc.getAuthz()) == null) {
            return;
        }
        this.desc.setAuthzChain(PDPUtils.getContainerAuthzChain(authz, this.jndiPathName));
    }

    @Override // org.globus.wsrf.impl.security.descriptor.SecurityConfig
    protected void initCredentials() throws ConfigException {
        logger.debug("Init creds called");
        boolean z = false;
        if (this.desc != null) {
            logger.debug("Not null, calling load creds");
            try {
                z = loadCredentials();
                this.desc.getSubject();
            } catch (Exception e) {
                throw new ConfigException(e);
            }
        }
        if (z) {
            logger.debug("Configured subject, credential is null");
            this.defaultCredential = null;
            return;
        }
        this.defaultCredUsed = true;
        logger.debug("No configured subject, credential is not null");
        Subject defaultSubject = getDefaultSubject();
        if (defaultSubject != null) {
            this.desc.setSubject(defaultSubject);
        }
    }

    private Subject getDefaultSubject() throws ConfigException {
        Subject subject = null;
        try {
            this.defaultCredential = ExtendedGSSManager.getInstance().createCredential(0);
            subject = JaasGssUtil.createSubject(this.defaultCredential);
            subject.setReadOnly();
        } catch (Exception e) {
            if (this.descriptorFile != null) {
                throw new ConfigException(e);
            }
            logger.debug(new StringBuffer().append("insecure container, error is ").append(e).toString());
        }
        return subject;
    }

    private static String getSecurityDescFile() throws ConfigException {
        MessageContext currentContext = MessageContext.getCurrentContext();
        return currentContext != null ? ContainerConfig.getConfig(currentContext.getAxisEngine()).getOption(SecurityConfig.CONT_SEC_DESCRIPTOR) : ContainerConfig.getConfig().getOption(SecurityConfig.CONT_SEC_DESCRIPTOR);
    }

    public synchronized void refresh() throws ConfigException {
        boolean isRefreshRequired;
        if (this.defaultCredUsed) {
            logger.debug("Default credentials used");
            isRefreshRequired = true;
        } else {
            SecurityDescriptor securityDescriptor = (SecurityDescriptor) this.properties.get(SecurityConfig.SECURITY_DESCRIPTOR);
            isRefreshRequired = securityDescriptor == null ? false : securityDescriptor.isRefreshRequired();
        }
        if (!isRefreshRequired) {
            logger.debug("Refresh not required");
            return;
        }
        logger.debug(i18n.getMessage("containerDescRefresh"));
        initCredentials();
        storeSecurityDescriptor();
    }

    public Subject getSubject() throws ConfigException {
        SecurityDescriptor securityDescriptor = (SecurityDescriptor) this.properties.get(SecurityConfig.SECURITY_DESCRIPTOR);
        if (securityDescriptor == null) {
            return null;
        }
        return securityDescriptor.getSubject();
    }

    public GridMap getGridMap() throws ConfigException {
        SecurityDescriptor securityDescriptor = (SecurityDescriptor) this.properties.get(SecurityConfig.SECURITY_DESCRIPTOR);
        if (securityDescriptor == null) {
            return null;
        }
        return securityDescriptor.getGridMap();
    }

    public ServiceAuthorizationChain getAuthzChain() throws ConfigException {
        SecurityDescriptor securityDescriptor = (SecurityDescriptor) this.properties.get(SecurityConfig.SECURITY_DESCRIPTOR);
        if (securityDescriptor == null) {
            return null;
        }
        return securityDescriptor.getAuthzChain();
    }

    public ContainerSecurityDescriptor getSecurityDescriptor() throws ConfigException {
        return (ContainerSecurityDescriptor) this.properties.get(SecurityConfig.SECURITY_DESCRIPTOR);
    }

    public void setSubject(Subject subject) throws ConfigException {
        this.defaultCredential = null;
        this.desc.setSubject(subject);
        storeSecurityDescriptor();
    }

    public void setGridMap(GridMap gridMap) throws ConfigException {
        this.desc.setGridMap(gridMap);
        storeSecurityDescriptor();
    }

    public void setAuthzChain(ServiceAuthorizationChain serviceAuthorizationChain) throws ConfigException {
        this.desc.setAuthzChain(serviceAuthorizationChain);
        storeSecurityDescriptor();
    }

    public void setSecurityDescriptor(ContainerSecurityDescriptor containerSecurityDescriptor) throws ConfigException {
        this.desc = containerSecurityDescriptor;
        this.properties.put(SecurityConfig.SECURITY_DESCRIPTOR, containerSecurityDescriptor);
    }

    public String getSecurityDescriptorFile() {
        return this.descriptorFile;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        Class cls2;
        if (class$org$globus$wsrf$impl$security$descriptor$ContainerSecurityConfig == null) {
            cls = class$("org.globus.wsrf.impl.security.descriptor.ContainerSecurityConfig");
            class$org$globus$wsrf$impl$security$descriptor$ContainerSecurityConfig = cls;
        } else {
            cls = class$org$globus$wsrf$impl$security$descriptor$ContainerSecurityConfig;
        }
        logger = LogFactory.getLog(cls.getName());
        if (class$org$globus$wsrf$impl$security$descriptor$SecurityConfig == null) {
            cls2 = class$("org.globus.wsrf.impl.security.descriptor.SecurityConfig");
            class$org$globus$wsrf$impl$security$descriptor$SecurityConfig = cls2;
        } else {
            cls2 = class$org$globus$wsrf$impl$security$descriptor$SecurityConfig;
        }
        i18n = I18n.getI18n("org.globus.wsrf.impl.security.descriptor.errors", cls2.getClassLoader());
    }
}
