package org.globus.wsrf.impl.security;

import java.security.Principal;
import java.util.Iterator;
import java.util.Set;
import java.util.Vector;
import javax.security.auth.Subject;
import javax.xml.rpc.handler.soap.SOAPMessageContext;
import org.apache.axis.MessageContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.globus.gsi.jaas.JaasSubject;
import org.globus.gsi.jaas.UserNamePrincipal;
import org.globus.security.gridmap.GridMap;
import org.globus.util.I18n;
import org.globus.wsrf.Resource;
import org.globus.wsrf.config.ConfigException;
import org.globus.wsrf.impl.security.authentication.Constants;
import org.globus.wsrf.impl.security.descriptor.ContainerSecurityConfig;
import org.globus.wsrf.impl.security.descriptor.ResourceSecurityDescriptor;
import org.globus.wsrf.impl.security.descriptor.SecureResourcePropertiesHelper;
import org.globus.wsrf.impl.security.descriptor.ServiceSecurityConfig;
import org.globus.wsrf.security.SecurityException;
import org.globus.wsrf.security.SecurityManager;
import org.globus.wsrf.utils.ContextUtils;

/* loaded from: input_file:WEB-INF/lib/wsrf-core-4.0.4.jar:org/globus/wsrf/impl/security/SecurityManagerImpl.class */
public class SecurityManagerImpl extends SecurityManager {
    private MessageContext context;
    private static Log logger;
    private static I18n i18n;
    static Class class$org$globus$wsrf$impl$security$SecurityManagerImpl;
    static Class class$org$globus$gsi$jaas$GlobusPrincipal;

    public SecurityManagerImpl() {
        this(null);
    }

    public SecurityManagerImpl(SOAPMessageContext sOAPMessageContext) {
        this.context = null;
        this.context = (MessageContext) sOAPMessageContext;
        if (this.context == null) {
            this.context = MessageContext.getCurrentContext();
        }
    }

    @Override // org.globus.wsrf.security.SecurityManager
    public Subject getSystemSubject() throws SecurityException {
        try {
            logger.debug("Get system subject");
            ContainerSecurityConfig config = ContainerSecurityConfig.getConfig();
            config.refresh();
            return config.getSubject();
        } catch (Exception e) {
            logger.debug(i18n.getMessage("failContainerCred"), e);
            throw new SecurityException(i18n.getMessage("failContainerCred"), e);
        }
    }

    @Override // org.globus.wsrf.security.SecurityManager
    public Subject getServiceSubject() throws SecurityException {
        if (this.context != null) {
            return getServiceSubject(ContextUtils.getTargetServicePath(this.context));
        }
        logger.debug(i18n.getMessage("noContext"));
        throw new SecurityException(i18n.getMessage("noContext"));
    }

    @Override // org.globus.wsrf.security.SecurityManager
    public Subject getServiceSubject(String str) throws SecurityException {
        try {
            Subject subject = ServiceSecurityConfig.getSubject(str);
            if (subject != null) {
                return subject;
            }
            try {
                return getSystemSubject();
            } catch (Exception e) {
                logger.debug(i18n.getMessage("failServiceContCred"), e);
                throw new SecurityException(i18n.getMessage("failServiceContCred"), e);
            }
        } catch (Exception e2) {
            logger.debug(i18n.getMessage("failServiceCred"), e2);
            throw new SecurityException(i18n.getMessage("failServiceCred"), e2);
        }
    }

    @Override // org.globus.wsrf.security.SecurityManager
    public Subject getSubject(Resource resource) throws SecurityException {
        Subject resourceSubject = getResourceSubject(resource);
        return resourceSubject == null ? getServiceSubject() : resourceSubject;
    }

    @Override // org.globus.wsrf.security.SecurityManager
    public Subject getSubject(String str, Resource resource) throws SecurityException {
        try {
            Subject resourceSubject = SecureResourcePropertiesHelper.getResourceSubject(resource);
            return resourceSubject == null ? getServiceSubject(str) : resourceSubject;
        } catch (Exception e) {
            logger.debug(i18n.getMessage("failSystemCred"), e);
            throw new SecurityException(i18n.getMessage("failSystemCred"), e);
        }
    }

    private Subject getResourceSubject(Resource resource) throws SecurityException {
        try {
            return SecureResourcePropertiesHelper.getResourceSubject(resource);
        } catch (Exception e) {
            logger.debug(i18n.getMessage("failSystemCred"), e);
            throw new SecurityException(i18n.getMessage("failSystemCred"), e);
        }
    }

    @Override // org.globus.wsrf.security.SecurityManager
    public String getCaller() {
        Principal callerPrincipal = getCallerPrincipal();
        if (callerPrincipal == null) {
            return null;
        }
        return callerPrincipal.getName();
    }

    @Override // org.globus.wsrf.security.SecurityManager
    public Principal getCallerPrincipal() {
        if (this.context == null) {
            return null;
        }
        return getCallerPrincipal((Subject) this.context.getProperty(Constants.PEER_SUBJECT));
    }

    @Override // org.globus.wsrf.security.SecurityManager
    public Principal getCallerPrincipal(Subject subject) {
        Set<Principal> principals;
        if (subject == null || (principals = subject.getPrincipals()) == null || principals.isEmpty()) {
            return null;
        }
        return principals.iterator().next();
    }

    @Override // org.globus.wsrf.security.SecurityManager
    public Subject setServiceOwnerFromContext() throws SecurityException {
        if (this.context != null) {
            return setServiceOwnerFromContext(ContextUtils.getTargetServicePath(this.context));
        }
        logger.error(i18n.getMessage("noContext"));
        throw new SecurityException(i18n.getMessage("noContext"));
    }

    @Override // org.globus.wsrf.security.SecurityManager
    public Subject setServiceOwnerFromContext(String str) throws SecurityException {
        Subject subject = getSubject();
        try {
            ServiceSecurityConfig.setSubject(subject, str);
            try {
                GridMap gridMap = ServiceSecurityConfig.getGridMap(str);
                if (gridMap == null) {
                    gridMap = new GridMap();
                    ServiceSecurityConfig.setGridMap(gridMap, str);
                }
                addAuthorizedUser(subject, gridMap);
                return subject;
            } catch (ConfigException e) {
                throw new SecurityException(e);
            }
        } catch (ConfigException e2) {
            throw new SecurityException(e2);
        }
    }

    @Override // org.globus.wsrf.security.SecurityManager
    public void setResourceOwnerFromContext(ResourceSecurityDescriptor resourceSecurityDescriptor) throws SecurityException {
        if (resourceSecurityDescriptor == null) {
            return;
        }
        Subject subject = getSubject();
        resourceSecurityDescriptor.setSubject(subject);
        GridMap gridMap = resourceSecurityDescriptor.getGridMap();
        if (gridMap == null) {
            gridMap = new GridMap();
        }
        resourceSecurityDescriptor.setGridMap(gridMap);
        addAuthorizedUser(subject, gridMap);
    }

    private void addAuthorizedUser(Subject subject, GridMap gridMap) {
        Class cls;
        if (class$org$globus$gsi$jaas$GlobusPrincipal == null) {
            cls = class$("org.globus.gsi.jaas.GlobusPrincipal");
            class$org$globus$gsi$jaas$GlobusPrincipal = cls;
        } else {
            cls = class$org$globus$gsi$jaas$GlobusPrincipal;
        }
        Set principals = subject.getPrincipals(cls);
        if (principals == null || principals.isEmpty()) {
            return;
        }
        Iterator it = principals.iterator();
        while (it.hasNext()) {
            gridMap.map(((Principal) it.next()).getName(), System.getProperty("user.name"));
        }
    }

    private Subject getSubject() throws SecurityException {
        Subject currentSubject = JaasSubject.getCurrentSubject();
        if (currentSubject == null) {
            throw new SecurityException(i18n.getMessage("noSubject"));
        }
        Set<Object> privateCredentials = currentSubject.getPrivateCredentials();
        if (privateCredentials == null || privateCredentials.isEmpty()) {
            throw new SecurityException(i18n.getMessage("noPrivateCred"));
        }
        currentSubject.setReadOnly();
        return currentSubject;
    }

    @Override // org.globus.wsrf.security.SecurityManager
    public String[] getLocalUsernames() throws SecurityException {
        if (this.context == null) {
            logger.debug(i18n.getMessage("noContext"));
            throw new SecurityException(i18n.getMessage("noContext"));
        }
        Subject subject = (Subject) this.context.getProperty(Constants.PEER_SUBJECT);
        if (subject == null) {
            logger.debug(i18n.getMessage("noPeerSubject"));
            throw new SecurityException(i18n.getMessage("noPeerSubject"));
        }
        Set<Principal> principals = subject.getPrincipals();
        Vector vector = new Vector();
        if (principals != null) {
            for (Principal principal : principals) {
                if (principal instanceof UserNamePrincipal) {
                    vector.add(((UserNamePrincipal) principal).getName());
                }
            }
        }
        String[] strArr = null;
        if (vector.size() > 0) {
            strArr = new String[vector.size()];
            vector.toArray(strArr);
        }
        return strArr;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        Class cls2;
        if (class$org$globus$wsrf$impl$security$SecurityManagerImpl == null) {
            cls = class$("org.globus.wsrf.impl.security.SecurityManagerImpl");
            class$org$globus$wsrf$impl$security$SecurityManagerImpl = cls;
        } else {
            cls = class$org$globus$wsrf$impl$security$SecurityManagerImpl;
        }
        logger = LogFactory.getLog(cls.getName());
        if (class$org$globus$wsrf$impl$security$SecurityManagerImpl == null) {
            cls2 = class$("org.globus.wsrf.impl.security.SecurityManagerImpl");
            class$org$globus$wsrf$impl$security$SecurityManagerImpl = cls2;
        } else {
            cls2 = class$org$globus$wsrf$impl$security$SecurityManagerImpl;
        }
        i18n = I18n.getI18n("org.globus.wsrf.impl.security.error", cls2.getClassLoader());
    }
}
