package com.ibm.eserver.zos.racf.userregistry;

import com.ibm.security.userregistry.SecAdminException;
import com.ibm.security.userregistry.User;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Locale;
import java.util.TreeMap;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.ModificationItem;

/* loaded from: input_file:com/ibm/eserver/zos/racf/userregistry/RACF_User.class */
public class RACF_User implements User {
    private String name;
    private InitialDirContext ctx;
    private static TreeMap sa2object;
    private static String thisclass;
    private static String passphrase_exists;
    private static String password_exists;
    private static String no_password;
    private static String PARMS_PROVIDED;
    private static String SET_OFF;
    private static String SET_ON;
    private String suffix;
    private String user_dn;
    private boolean user_has_pwd = true;
    private boolean user_has_phrase = false;
    private boolean expired_specified = false;
    private boolean noexpired_specified = false;
    private static BasicAttribute msg_type;
    private static BasicAttribute msg_all;
    private static TreeMap SDBM2racf;
    private static RACFattribute revoke_ra;
    private static RACFattribute resume_ra;
    public static final String sccsid = "@(#)81    1.4  JSec/src/com/ibm/eserver/zos/racf/userregistry/RACF_User.java, racf.jsec, hrf7740  1/22/07  13:19:05";
    public static final String COPYRIGHT = " Licensed Materials - Property of IBM, 5694-A01 (C) COPYRIGHT 2007 All Rights Reserved. US Government Users restricted Rights -  Use, Duplication or Disclosure restricted by GSA ADP Schedule Contract with IBM Corp.";
    private static Segment[] segments;
    static final boolean $assertionsDisabled;
    static Class class$com$ibm$eserver$zos$racf$userregistry$RACF_User;

    private BasicAttributes translate(BasicAttributes basicAttributes) throws Exception {
        BasicAttributes basicAttributes2 = new BasicAttributes(true);
        Object[] objArr = {null, null};
        objArr[0] = basicAttributes;
        boolean z = true;
        try {
            MyLogger.log("verbose", thisclass, "translate input", objArr);
            NamingEnumeration all = basicAttributes.getAll();
            while (all.hasMore()) {
                Attribute attribute = (Attribute) all.next();
                String id = attribute.getID();
                MyLogger.log("verbose", thisclass, new StringBuffer().append("processing attribute named: ").append(id).toString(), null);
                if (id.equalsIgnoreCase("objectclass")) {
                    for (int i = 0; i < segments.length; i++) {
                        if (attribute.contains(segments[i].obj_class_name) || attribute.contains(segments[i].obj_class_name.toUpperCase())) {
                            basicAttributes2.put(new BasicAttribute(segments[i].on_value));
                        }
                    }
                } else if (id.equalsIgnoreCase("racfattributes")) {
                    for (int i2 = 0; i2 < attribute.size(); i2++) {
                        String str = (String) attribute.get(i2);
                        for (String str2 : str.indexOf(32) > -1 ? str.split(" ") : new String[]{str}) {
                            if (str2.equalsIgnoreCase("PASSWORD")) {
                                MyLogger.log("debug", thisclass, "User has Password, no processing needed", null);
                            } else if (str2.equalsIgnoreCase("PASSPHRASE")) {
                                basicAttributes2.put(new BasicAttribute("BASE_PHRASE", passphrase_exists));
                            } else if (str2.equalsIgnoreCase("PROTECTED")) {
                                z = false;
                                basicAttributes2.put(new BasicAttribute("BASE_PASSWORD", no_password));
                            } else if (!str2.equalsIgnoreCase("NONE")) {
                                String str3 = (String) SDBM2racf.get(str2);
                                if (str3 == null) {
                                    throw new SecAdminException(new StringBuffer().append("Unexpected internal error.  Value of racfattributes: ").append(str).append(" was not found in SDBM list.").toString());
                                }
                                RACFattribute rACFattribute = (RACFattribute) sa2object.get(str3);
                                if (rACFattribute == null) {
                                    throw new SecAdminException(new StringBuffer().append("Unexpected internal error.  attribute: ").append(str3).append(" was not found in lookup list.").toString());
                                }
                                MyLogger.log("verbose", thisclass, new StringBuffer().append("examining racfattribute with on_name value: ").append(rACFattribute.on_name).append(",racf_name: ").append(rACFattribute.racf_name).toString(), null);
                                if (!rACFattribute.segment) {
                                    basicAttributes2.put(new BasicAttribute(rACFattribute.racf_name));
                                }
                            } else if (!$assertionsDisabled && attribute.size() != 1) {
                                throw new AssertionError("RACF_ATTRIBUTES says NONE, yet other values passed.");
                            }
                        }
                    }
                } else {
                    String str4 = (String) SDBM2racf.get(id);
                    if (str4 == null) {
                        MyLogger.log("debug", thisclass, new StringBuffer().append("translate is ignoring input attribute with name: ").append(id).append(". Not found in SDBM list of attributes").toString(), null);
                    } else {
                        RACFattribute rACFattribute2 = (RACFattribute) sa2object.get(str4);
                        if (rACFattribute2 == null) {
                            throw new SecAdminException(new StringBuffer().append("Unexpected internal error.  racf value: ").append(str4).append(" was not found in lookup list.").toString());
                        }
                        BasicAttribute basicAttribute = new BasicAttribute(rACFattribute2.racf_name);
                        if (rACFattribute2.on_off) {
                            if (attribute.size() > 0 && ((String) attribute.get()).equalsIgnoreCase(rACFattribute2.on_name)) {
                                basicAttributes2.put(basicAttribute);
                            }
                        } else if (attribute.size() == 0) {
                            if (!$assertionsDisabled) {
                                throw new AssertionError("Not expecting LDAP/SDBM to return attributes with no value.");
                            }
                            MyLogger.log("error", thisclass, "Not expecting LDAP/SDBM to return attributes with no value.", null);
                            basicAttributes2.put(basicAttribute);
                        } else if (((String) attribute.get()).equalsIgnoreCase(rACFattribute2.none_value)) {
                            MyLogger.log("verbose", thisclass, new StringBuffer().append("Ignoring none value for attribute: ").append(rACFattribute2.sdbm_name).toString(), null);
                        } else if (rACFattribute2.racf_name.equalsIgnoreCase("PROXY_BINDPW")) {
                            MyLogger.log("verbose", thisclass, "Discarding PROXY_BINDPW, not returned via r_admin extract.  Assume you're using LDAP 1.6 ", null);
                        } else {
                            if (rACFattribute2.split_value != null) {
                                parmize(attribute, basicAttribute, rACFattribute2);
                            } else if (rACFattribute2.racf_name.equalsIgnoreCase("CICS_TIMEOUT")) {
                                if (!$assertionsDisabled && attribute.size() != 1) {
                                    throw new AssertionError(new StringBuffer().append("Expected exactly one value for attribute CICS_TIMEOUT, found ").append(attribute.size()).append(".  Attribute looked like: ").append(attribute).toString());
                                }
                                basicAttribute.add(format_time((String) attribute.get(0)));
                            } else if (rACFattribute2.racf_name.equalsIgnoreCase("KERB_KERBNAME")) {
                                if (!$assertionsDisabled && attribute.size() != 1) {
                                    throw new AssertionError(new StringBuffer().append("Expected exactly one value for attribute CICS_TIMEOUT, found ").append(attribute.size()).append(".  Attribute looked like: ").append(attribute).toString());
                                }
                                basicAttribute.add(format_kerbname((String) attribute.get(0)));
                            } else if (rACFattribute2.racf_name.equalsIgnoreCase("BASE_TIME")) {
                                if (!$assertionsDisabled && attribute.size() != 1) {
                                    throw new AssertionError(new StringBuffer().append("Expected exactly one value for attribute BASE_TIME, found ").append(attribute.size()).append(".  Attribute looked like: ").append(attribute).toString());
                                }
                                basicAttribute.add(format_base_time((String) attribute.get(0)));
                            } else if (rACFattribute2.racf_name.equalsIgnoreCase("BASE_REVOKE") || rACFattribute2.racf_name.equalsIgnoreCase("BASE_RESUME")) {
                                if (!$assertionsDisabled && attribute.size() != 1) {
                                    throw new AssertionError(new StringBuffer().append("Exactly one value for attribute BASE_RESUME or BASE_REVOKE expected.  Found ").append(attribute.size()).append(".  Attribute looked like: ").append(attribute).toString());
                                }
                                basicAttribute.add(RACF_Utilities.format_date((String) attribute.get(0)));
                            } else {
                                for (int i3 = 0; i3 < attribute.size(); i3++) {
                                    String deLDAP = RACF_Utilities.deLDAP((String) attribute.get(i3));
                                    MyLogger.log("verbose", thisclass, new StringBuffer().append("attribute name ").append(id).append(" adding value ").append(deLDAP).toString(), null);
                                    basicAttribute.add(deLDAP);
                                }
                            }
                            basicAttributes2.put(basicAttribute);
                        }
                    }
                }
            }
            if (z) {
                basicAttributes2.put(new BasicAttribute("BASE_PASSWORD", password_exists));
            }
            objArr[0] = basicAttributes2;
            MyLogger.log("debug", thisclass, "translate output", objArr);
            return basicAttributes2;
        } catch (Exception e) {
            throw new SecAdminException("Error translating user attributes.", e);
        }
    }

    public static BasicAttributes attributesInfo() {
        Iterator it = sa2object.keySet().iterator();
        BasicAttributes basicAttributes = new BasicAttributes();
        while (it.hasNext()) {
            RACFattribute rACFattribute = (RACFattribute) sa2object.get(it.next());
            BasicAttribute basicAttribute = new BasicAttribute(rACFattribute.racf_name);
            if (rACFattribute.segment) {
                basicAttribute.add("Segment");
            }
            if (rACFattribute.modifiable) {
                basicAttribute.add("Modifiable");
            } else {
                basicAttribute.add("Not Modifiable");
            }
            if (rACFattribute.on_off) {
                if (!$assertionsDisabled && rACFattribute.multiple_allowed) {
                    throw new AssertionError(new StringBuffer().append("On/Off attribute should not allow multiple values.  Error on attribute ").append(rACFattribute.racf_name).toString());
                }
                basicAttribute.add("Boolean attribute");
            }
            if (rACFattribute.multiple_allowed) {
                basicAttribute.add("Multiple values allowed");
            } else {
                basicAttribute.add("Single value only");
            }
            basicAttribute.add(new StringBuffer().append("Description:  ").append(rACFattribute.description).toString());
            basicAttributes.put(basicAttribute);
        }
        return basicAttributes;
    }

    public static String attributesHTML() {
        String str = "<table summary=\"Description and Characteristics of User Attributes\"  border=\"1\"><tr><th colspan=\"6\">User Attributes</th></tr><tr><th>Attribute Name</th><th>Description</th><th>Modifiable</th><th>Segment</th><th>Boolean Attribute</th><th>Multi-Value Attribute</th></tr>";
        Iterator it = sa2object.keySet().iterator();
        new BasicAttributes();
        int i = 0;
        while (it.hasNext()) {
            i++;
            RACFattribute rACFattribute = (RACFattribute) sa2object.get(it.next());
            String stringBuffer = new StringBuffer().append(new StringBuffer().append(str).append("<tr><td>").append(rACFattribute.racf_name).append("</td>").toString()).append("<td>").append(rACFattribute.description).append("</td>").toString();
            String stringBuffer2 = rACFattribute.modifiable ? new StringBuffer().append(stringBuffer).append("<td align=\"center\">Yes</td>").toString() : new StringBuffer().append(stringBuffer).append("<td align=\"center\">No</td>").toString();
            String stringBuffer3 = rACFattribute.segment ? new StringBuffer().append(stringBuffer2).append("<td align=\"center\">Yes</td>").toString() : new StringBuffer().append(stringBuffer2).append("<td align=\"center\">No</td>").toString();
            String stringBuffer4 = rACFattribute.on_off ? new StringBuffer().append(stringBuffer3).append("<td align=\"center\">Yes</td>").toString() : new StringBuffer().append(stringBuffer3).append("<td align=\"center\">No</td>").toString();
            str = new StringBuffer().append(rACFattribute.multiple_allowed ? new StringBuffer().append(stringBuffer4).append("<td align=\"center\">Yes</td>").toString() : new StringBuffer().append(stringBuffer4).append("<td align=\"center\">No</td>").toString()).append("</tr>").toString();
        }
        return new StringBuffer().append(new StringBuffer().append(str).append("</table>").toString()).append("<p>").append(i).append(" attributes total.</p>").toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public RACF_User(InitialDirContext initialDirContext, String str, String str2) throws SecAdminException {
        this.name = null;
        this.ctx = null;
        MyLogger.log("debug", thisclass, new StringBuffer().append("constructor  ").append(str2).toString(), null);
        this.ctx = initialDirContext;
        this.name = str2;
        this.suffix = str;
        this.user_dn = suffix_it(str2);
        if (!user_exists(this.user_dn, this.name, false)) {
            throw new SecAdminException(new StringBuffer().append("Userid ").append(str2).append(" not found.").toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public RACF_User(InitialDirContext initialDirContext, String str, String str2, BasicAttributes basicAttributes) throws SecAdminException {
        this.name = null;
        this.ctx = null;
        this.ctx = initialDirContext;
        this.name = str2;
        this.suffix = str;
        ModificationItem[] modificationItemArr = null;
        Attribute attribute = null;
        Attribute attribute2 = null;
        this.user_dn = suffix_it(str2);
        if (user_exists(this.user_dn, this.name, true)) {
            throw new SecAdminException(new StringBuffer().append("Userid ").append(str2).append(" already exists.").toString());
        }
        if (basicAttributes != null && !basicAttributes.isCaseIgnored()) {
            try {
                basicAttributes = new BasicAttributes(true);
                NamingEnumeration all = basicAttributes.getAll();
                while (all.hasMore()) {
                    basicAttributes.put((Attribute) all.next());
                }
            } catch (NamingException e) {
                throw new SecAdminException("Error in RACF_User contructor trying to convert case sensitive attributes to case INsensitive attributes.", e);
            }
        }
        MyLogger.log("debug", thisclass, new StringBuffer().append("constructor(").append(str2).append(") with input attributes: ").append(basicAttributes).toString(), null);
        BasicAttributes basicAttributes2 = new BasicAttributes(true);
        basicAttributes2.put("racfid", str2);
        BasicAttribute basicAttribute = new BasicAttribute("objectclass", "racfUser");
        basicAttribute.add("racfBaseCommon");
        BasicAttribute basicAttribute2 = new BasicAttribute("racfattributes");
        BasicAttributes basicAttributes3 = new BasicAttributes();
        if (basicAttributes != null) {
            for (int i = 0; i < segments.length; i++) {
                BasicAttribute basicAttribute3 = new BasicAttribute(segments[i].on_value);
                Attribute attribute3 = basicAttributes.get(segments[i].on_value);
                if (attribute3 != null) {
                    if (attribute3.size() != 0) {
                        throw new SecAdminException(new StringBuffer().append(attribute3.getID()).append(" attribute is a boolean attribute.  It should be provided without any specific values.").toString());
                    }
                    basicAttribute.add(segments[i].obj_class_name);
                    basicAttribute3.add(SET_ON);
                }
                basicAttributes3.put(basicAttribute3);
            }
        }
        if (basicAttributes != null) {
            try {
                NamingEnumeration all2 = basicAttributes.getAll();
                while (all2.hasMore()) {
                    Attribute attribute4 = (Attribute) all2.next();
                    String upperCase = attribute4.getID().toUpperCase(Locale.US);
                    RACFattribute rACFattribute = (RACFattribute) sa2object.get(upperCase);
                    if (rACFattribute == null) {
                        throw new SecAdminException(new StringBuffer().append("Unrecognized attribute: ").append(upperCase).append(" on userCreate for userid: ").append(str2).append(".").toString());
                    }
                    if (!rACFattribute.modifiable) {
                        throw new SecAdminException(new StringBuffer().append("Attribute: ").append(attribute4.getID()).append(" is not modifiable.").toString());
                    }
                    RACF_Utilities.check_null(rACFattribute, attribute4, false);
                    if (upperCase.equalsIgnoreCase("omvs_uid")) {
                        if (parse_uid(basicAttributes2, attribute4, null, rACFattribute.none_value)) {
                            RACF_Utilities.update_seg_status(basicAttributes3, upperCase);
                        }
                    } else if (upperCase.equalsIgnoreCase("base_revoke")) {
                        attribute = attribute4;
                    } else if (upperCase.equalsIgnoreCase("base_resume")) {
                        attribute2 = attribute4;
                    } else {
                        if (upperCase.equalsIgnoreCase("base_uaudit")) {
                            throw new SecAdminException("BASE_UAUDIT attribute should be set by an auditor.  Auditor should not have the ability to create userids.  Therefore BASE_UAUDIT attribute can't be set when creating a userid.");
                        }
                        if (upperCase.equalsIgnoreCase("base_phrase")) {
                            parse_phrase(basicAttributes2, attribute4, null);
                        } else if (upperCase.equalsIgnoreCase("base_password")) {
                            modificationItemArr = parse_password(basicAttributes2, attribute4, basicAttribute2, null);
                        } else if (rACFattribute.segment) {
                            continue;
                        } else if (rACFattribute.on_off) {
                            boolean is_on_off = RACF_Utilities.is_on_off(attribute4, rACFattribute);
                            RACF_Utilities.update_seg_status(basicAttributes3, upperCase);
                            if (!$assertionsDisabled && !is_on_off) {
                                throw new AssertionError("No way to provide an attribute to constructor that indicates to turn something OFF");
                            }
                            if (rACFattribute.sdbm_name.equalsIgnoreCase("racfattributes")) {
                                basicAttribute2.add(rACFattribute.on_name);
                            } else {
                                basicAttributes2.put(new BasicAttribute(rACFattribute.sdbm_name, rACFattribute.on_name));
                            }
                        } else {
                            special_case_checking(rACFattribute, attribute4);
                            BasicAttribute convert_attribute = RACF_Utilities.convert_attribute(rACFattribute, attribute4);
                            RACF_Utilities.update_seg_status(basicAttributes3, upperCase);
                            basicAttributes2.put(convert_attribute);
                        }
                    }
                }
                for (int i2 = 0; i2 < segments.length; i2++) {
                    Attribute attribute5 = basicAttributes3.get(segments[i2].on_value);
                    if (attribute5.contains(SET_ON) && !attribute5.contains(PARMS_PROVIDED)) {
                        basicAttribute2.add(segments[i2].on_value);
                    }
                    if (!attribute5.contains(SET_ON) && attribute5.contains(PARMS_PROVIDED)) {
                        basicAttribute.add(segments[i2].obj_class_name);
                    }
                }
                if (basicAttribute2.size() > 0) {
                    basicAttributes2.put(basicAttribute2);
                }
                if (this.noexpired_specified && this.expired_specified) {
                    throw new SecAdminException("EXPIRED value and NOEXPIRED value conflict on BASE_PHRASE and BASE_PASSWORD attributes.");
                }
                if (this.user_has_phrase && !this.user_has_pwd) {
                    throw new SecAdminException("User must have a password in order to have a passphrase.");
                }
            } catch (NamingException e2) {
                if (!user_exists(this.user_dn, this.name, true)) {
                    throw new SecAdminException("Error in createUser.", e2);
                }
            }
        }
        basicAttributes2.put(basicAttribute);
        MyLogger.log("debug", thisclass, new StringBuffer().append("Attributes about to send to LDAP/SDBM are: ").append(basicAttributes2).toString(), null);
        this.ctx.createSubcontext(this.user_dn, basicAttributes2);
        if (modificationItemArr != null) {
            try {
                this.ctx.modifyAttributes(this.user_dn, modificationItemArr);
            } catch (NamingException e3) {
                try {
                    MyLogger.log("debug", thisclass, new StringBuffer().append("Deleting user ").append(this.name).append(" because of exception : ").append(e3.getMessage()).toString(), null);
                    this.ctx.destroySubcontext(this.user_dn);
                } catch (Exception e4) {
                    MyLogger.log("debug", thisclass, new StringBuffer().append("second error being ignored:  ").append(e3).toString(), null);
                }
                throw new SecAdminException("Error in createUser", e3);
            }
        }
        if (attribute != null) {
            int i3 = attribute2 != null ? 2 : 1;
            ModificationItem[] modificationItemArr2 = new ModificationItem[i3];
            modificationItemArr2[0] = new ModificationItem(1, RACF_Utilities.convert_attribute(revoke_ra, attribute));
            if (i3 == 2) {
                modificationItemArr2[1] = new ModificationItem(1, RACF_Utilities.convert_attribute(resume_ra, attribute2));
            }
            this.ctx.modifyAttributes(this.user_dn, modificationItemArr2);
        }
    }

    public String getName() {
        return this.name;
    }

    public BasicAttributes getAttributes() throws SecAdminException {
        String str;
        BasicAttributes attributes;
        BasicAttribute basicAttribute;
        MyLogger.log("debug", thisclass, new StringBuffer().append("getAttributes for user ").append(this.name).toString(), null);
        try {
            MyLogger.log("debug", thisclass, new StringBuffer().append("user_dn is: ").append(this.user_dn).toString(), null);
            BasicAttributes basicAttributes = (BasicAttributes) this.ctx.getAttributes(this.user_dn);
            BasicAttributes translate = translate(basicAttributes);
            BasicAttribute basicAttribute2 = basicAttributes.get("racfhavepasswordenvelope");
            if (basicAttribute2 != null && (str = (String) basicAttribute2.get()) != null && str.equalsIgnoreCase("YES") && (attributes = this.ctx.getAttributes(this.user_dn, new String[]{"racfpasswordenvelope"})) != null && (basicAttribute = attributes.get("racfpasswordenvelope")) != null) {
                translate.put(new BasicAttribute("BASE_PASSWORD_ENV", basicAttribute.get()));
            }
            return translate;
        } catch (Exception e) {
            throw new SecAdminException(new StringBuffer().append("Error getting user attributes for userid ").append(this.name).append(".").toString(), e);
        }
    }

    public Enumeration getGroups() {
        Attribute attribute;
        MemberEnum memberEnum = new MemberEnum(new RACF_Group[0]);
        try {
            BasicAttributes attributes = this.ctx.getAttributes(this.user_dn, new String[]{"racfConnectGroupName"});
            if (attributes == null || (attribute = attributes.get("racfConnectGroupName")) == null) {
                return memberEnum;
            }
            int size = attribute.size();
            RACF_Group[] rACF_GroupArr = new RACF_Group[size];
            for (int i = 0; i < size; i++) {
                rACF_GroupArr[i] = new RACF_Group(this.ctx, this.suffix, RACF_Utilities.deLDAP((String) attribute.get(i)));
            }
            return new MemberEnum(rACF_GroupArr);
        } catch (Exception e) {
            MyLogger.log("debug", thisclass, new StringBuffer().append("Error trying to get groups for ").append(this.name).append(":").append(e.getMessage()).toString(), null);
            return memberEnum;
        }
    }

    String suffix_it(String str) {
        return str.toUpperCase().indexOf(this.suffix.toUpperCase()) > -1 ? str : new StringBuffer().append(" racfid=").append(str).append(",profiletype=user,").append(this.suffix).toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public RACF_User clone(String str) throws SecAdminException {
        RACF_User rACF_User = null;
        BasicAttributes attributes = getAttributes();
        Object[] objArr = new Object[1];
        if (attributes != null) {
            try {
                objArr[0] = attributes;
                MyLogger.log("verbose", thisclass, "attributes returned for original user are: ", objArr);
                NamingEnumeration all = attributes.getAll();
                while (all.hasMore()) {
                    String id = ((Attribute) all.next()).getID();
                    RACFattribute rACFattribute = (RACFattribute) sa2object.get(id);
                    if (rACFattribute == null) {
                        throw new SecAdminException(new StringBuffer().append("Unexpected internal error.  attribute: ").append(id).append(" was not found in lookup list.").toString());
                    }
                    if (!rACFattribute.modifiable || id.equals("BASE_PASSWORD") || id.equals("PROXY_BINDPW") || id.equals("LNOTES_SNAME") || id.equals("KERB_KERBNAME") || id.equals("OMVS_UID") || id.equals("BASE_UAUDIT") || id.equals("NDS_UNAME")) {
                        MyLogger.log("verbose", thisclass, new StringBuffer().append("Removing attribute ").append(id).toString(), null);
                        attributes.remove(id);
                    }
                }
                rACF_User = new RACF_User(this.ctx, this.suffix, str, attributes);
            } catch (NamingException e) {
                throw new SecAdminException(new StringBuffer().append("Error in clone(").append(str).append(",").append(this.name).append(")").toString(), e);
            }
        }
        return rACF_User;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void modify(ModificationItem[] modificationItemArr) throws SecAdminException {
        Attribute attribute;
        ModificationItem modificationItem;
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        BasicAttributes basicAttributes = new BasicAttributes();
        this.expired_specified = false;
        this.noexpired_specified = false;
        MyLogger.log("debug", thisclass, new StringBuffer().append("modify method in RACF_User entered.  Modifications input: ").append(modificationItemArr).toString(), null);
        for (int i = 0; i < segments.length; i++) {
            basicAttributes.put(new BasicAttribute(segments[i].on_value));
        }
        try {
            String suffix_it = suffix_it(this.name);
            BasicAttributes attributes = this.ctx.getAttributes(suffix_it);
            this.user_has_pwd = true;
            this.user_has_phrase = false;
            BasicAttribute basicAttribute = attributes.get("racfAttributes");
            if (basicAttribute != null) {
                for (int i2 = 0; i2 < basicAttribute.size(); i2++) {
                    String str = (String) basicAttribute.get(i2);
                    for (String str2 : str.indexOf(32) > -1 ? str.split(" ") : new String[]{str}) {
                        if (str2.equalsIgnoreCase("PASSPHRASE")) {
                            this.user_has_phrase = true;
                        } else if (str2.equalsIgnoreCase("PROTECTED")) {
                            this.user_has_pwd = false;
                        }
                    }
                }
            }
            for (int i3 = 0; i3 < modificationItemArr.length; i3++) {
                if (modificationItemArr[i3] == null) {
                    throw new SecAdminException(new StringBuffer().append("Element ").append(i3).append(" in ModificationItem array is null.").toString());
                }
                int modificationOp = modificationItemArr[i3].getModificationOp();
                BasicAttribute attribute2 = modificationItemArr[i3].getAttribute();
                MyLogger.log("debug", thisclass, new StringBuffer().append("Attribute for modification: ").append(attribute2).toString(), null);
                String upperCase = attribute2.getID().toUpperCase(Locale.US);
                RACFattribute rACFattribute = (RACFattribute) sa2object.get(upperCase);
                if (rACFattribute == null) {
                    throw new SecAdminException(new StringBuffer().append("Unrecognized attribute: ").append(attribute2.getID()).append(".").toString());
                }
                if (!rACFattribute.modifiable) {
                    throw new SecAdminException(new StringBuffer().append("Attribute: ").append(attribute2.getID()).append(" is not modifiable.").toString());
                }
                if (modificationOp == 3) {
                    RACF_Utilities.check_null(rACFattribute, attribute2, true);
                } else {
                    RACF_Utilities.check_null(rACFattribute, attribute2, false);
                }
                switch (modificationOp) {
                    case 1:
                        MyLogger.log("debug", thisclass, "Add Request", null);
                        if (rACFattribute.segment) {
                            RACF_Utilities.check_seg(basicAttributes, rACFattribute, attribute2);
                        } else {
                            RACF_Utilities.update_seg_status(basicAttributes, upperCase);
                        }
                        if (RACF_Utilities.attr_exists(rACFattribute, attributes)) {
                            if (!rACFattribute.multiple_allowed) {
                                throw new SecAdminException(new StringBuffer().append("Cannot add single-value attribute ").append(attribute2.getID()).append(".  Attribute already exists for user ").append(this.name).append(".").toString());
                            }
                            if (rACFattribute.racf_name.equals("OMVS_UID")) {
                                throw new SecAdminException(new StringBuffer().append("A UID already exists for this user.  You cannot add another UID to user ").append(this.name).append(".").toString());
                            }
                            if (rACFattribute.racf_name.equals("KERB_ENCRYPT")) {
                                throw new SecAdminException("KERB_ENCRYPT cannot have any additional values.  To modify replace this attribute.");
                            }
                            if (rACFattribute.mva_replace) {
                                Attribute attribute3 = attributes.get(rACFattribute.sdbm_name);
                                BasicAttribute basicAttribute2 = (BasicAttribute) attribute2.clone();
                                for (int i4 = 0; i4 < attribute3.size(); i4++) {
                                    basicAttribute2.add((String) attribute3.get(i4));
                                }
                                attribute2 = basicAttribute2;
                            }
                        }
                        if (rACFattribute.racf_name.equals("OMVS_UID")) {
                            parse_uid(null, attribute2, arrayList, rACFattribute.none_value);
                            break;
                        } else {
                            special_case_checking(rACFattribute, attribute2);
                            ModificationItem modificationItem2 = new ModificationItem(1, RACF_Utilities.convert_attribute(rACFattribute, attribute2));
                            if (!upperCase.equalsIgnoreCase("BASE_RESUME") && !upperCase.equalsIgnoreCase("BASE_MODEL") && !upperCase.equalsIgnoreCase("BASE_OWNER")) {
                                arrayList.add(modificationItem2);
                                break;
                            } else {
                                arrayList2.add(modificationItem2);
                                break;
                            }
                        }
                    case 2:
                        MyLogger.log("debug", thisclass, "REPLACE Request", null);
                        if (rACFattribute.segment) {
                            RACF_Utilities.check_seg(basicAttributes, rACFattribute, attribute2);
                            break;
                        } else {
                            RACF_Utilities.update_seg_status(basicAttributes, upperCase);
                            if (rACFattribute.racf_name.equals("BASE_PASSWORD")) {
                                ModificationItem[] parse_password = parse_password(null, attribute2, null, arrayList);
                                if (!$assertionsDisabled && parse_password != null) {
                                    throw new AssertionError("parse_password returned non-null value to modify code.  Return value of parse_password should be non-null only for create path.");
                                }
                                break;
                            } else if (rACFattribute.racf_name.equals("OMVS_UID")) {
                                parse_uid(null, attribute2, arrayList, rACFattribute.none_value);
                                break;
                            } else {
                                special_case_checking(rACFattribute, attribute2);
                                BasicAttribute convert_attribute = RACF_Utilities.convert_attribute(rACFattribute, attribute2);
                                if (!rACFattribute.mva_add || !RACF_Utilities.attr_exists(rACFattribute, attributes)) {
                                    ModificationItem modificationItem3 = new ModificationItem(2, convert_attribute);
                                    if (!upperCase.equalsIgnoreCase("BASE_RESUME") && !upperCase.equalsIgnoreCase("BASE_MODEL") && !upperCase.equalsIgnoreCase("BASE_OWNER")) {
                                        arrayList.add(modificationItem3);
                                        break;
                                    } else {
                                        arrayList2.add(modificationItem3);
                                        break;
                                    }
                                } else {
                                    BasicAttribute basicAttribute3 = new BasicAttribute(rACFattribute.sdbm_name);
                                    if (rACFattribute.racf_name.equals("BASE_CATEGORY")) {
                                        basicAttribute3.add("*");
                                    }
                                    if (rACFattribute.racf_name.equals("BASE_CLAUTH")) {
                                        basicAttribute3 = attributes.get(rACFattribute.sdbm_name);
                                    }
                                    arrayList.add(new ModificationItem(3, basicAttribute3));
                                    arrayList2.add(new ModificationItem(1, convert_attribute));
                                    break;
                                }
                            }
                        }
                        break;
                    case 3:
                        MyLogger.log("debug", thisclass, "REMOVE Request", null);
                        RACF_Utilities.check_seg_delete(basicAttributes, upperCase, rACFattribute);
                        if (rACFattribute.racf_name.equalsIgnoreCase("BASE_PASSWORD")) {
                            this.user_has_pwd = false;
                        }
                        if (rACFattribute.racf_name.equalsIgnoreCase("BASE_PHRASE")) {
                            this.user_has_phrase = false;
                        }
                        if (rACFattribute.on_off) {
                            arrayList.add(new ModificationItem(2, new BasicAttribute(rACFattribute.sdbm_name, rACFattribute.off_name)));
                            break;
                        } else if (attribute2.size() > 0) {
                            if (rACFattribute.mv_single_delete_allowed) {
                                BasicAttribute convert_attribute2 = RACF_Utilities.convert_attribute(rACFattribute, attribute2);
                                ModificationItem modificationItem4 = new ModificationItem(3, convert_attribute2);
                                MyLogger.log("verbose", thisclass, new StringBuffer().append("deleting the attribute,  ").append(convert_attribute2).toString(), null);
                                arrayList.add(modificationItem4);
                                break;
                            } else {
                                MyLogger.log("debug", thisclass, "deleting a single attribute via PRUNE", null);
                                if (!RACF_Utilities.attr_exists(rACFattribute, attributes)) {
                                    throw new SecAdminException(new StringBuffer().append("Delete for attribute ").append(upperCase).append(" not allowed.  Attribute doesn't exist for user.").toString());
                                }
                                Attribute attribute4 = attributes.get(rACFattribute.sdbm_name);
                                if (rACFattribute.racf_name.equals("KERB_ENCRYPT")) {
                                    BasicAttribute basicAttribute4 = new BasicAttribute(upperCase);
                                    parmize(attribute4, basicAttribute4, rACFattribute, true);
                                    for (int i5 = 0; i5 < attribute2.size(); i5++) {
                                        String trim = ((String) attribute2.get(i5)).toUpperCase().trim();
                                        if (basicAttribute4.contains(trim)) {
                                            basicAttribute4.remove(trim);
                                            if (trim.indexOf("NO") == 0) {
                                                basicAttribute4.add(trim.substring(2));
                                            } else {
                                                basicAttribute4.add(new StringBuffer().append("NO").append(trim).toString());
                                            }
                                        }
                                    }
                                    arrayList.add(new ModificationItem(2, RACF_Utilities.convert_attribute(rACFattribute, basicAttribute4)));
                                    break;
                                } else if (!rACFattribute.racf_name.equals("BASE_REVOKE") && !rACFattribute.racf_name.equals("BASE_RESUME")) {
                                    BasicAttribute prune = prune(rACFattribute, attribute4, attribute2);
                                    BasicAttribute basicAttribute5 = new BasicAttribute(rACFattribute.sdbm_name);
                                    if (rACFattribute.mva_add) {
                                        arrayList.add(new ModificationItem(3, basicAttribute5));
                                        if (prune.size() > 0) {
                                            MyLogger.log("verbose", thisclass, new StringBuffer().append("deleting a single attribute, new_at.size() is  ").append(prune.size()).toString(), null);
                                            MyLogger.log("verbose", thisclass, new StringBuffer().append("deleting a single attribute, new_at.get() is  ").append(prune.get()).toString(), null);
                                            MyLogger.log("verbose", thisclass, new StringBuffer().append("ADD_attribute requested for attribute ").append(prune).toString(), null);
                                            arrayList2.add(new ModificationItem(1, prune));
                                        }
                                    } else {
                                        if (prune.size() > 0) {
                                            modificationItem = new ModificationItem(2, prune);
                                        } else if (rACFattribute.deletable) {
                                            modificationItem = new ModificationItem(3, prune);
                                        } else {
                                            if (rACFattribute.default_value == null) {
                                                throw new SecAdminException(new StringBuffer().append("Attribute: ").append(attribute2.getID()).append(" cannot be deleted.").toString());
                                            }
                                            modificationItem = new ModificationItem(2, new BasicAttribute(rACFattribute.sdbm_name, rACFattribute.default_value));
                                        }
                                        arrayList.add(modificationItem);
                                    }
                                    break;
                                } else if (RACF_Utilities.same_time((String) attribute2.get(0), (String) attribute4.get(0))) {
                                    arrayList.add(new ModificationItem(3, new BasicAttribute(rACFattribute.sdbm_name)));
                                    break;
                                } else {
                                    break;
                                }
                            }
                        } else if (!rACFattribute.deletable) {
                            if (rACFattribute.default_value == null) {
                                throw new SecAdminException(new StringBuffer().append("Attribute: ").append(attribute2.getID()).append(" cannot be deleted.").toString());
                            }
                            new ModificationItem(2, new BasicAttribute(rACFattribute.sdbm_name, rACFattribute.default_value));
                            break;
                        } else {
                            BasicAttribute basicAttribute6 = new BasicAttribute(rACFattribute.sdbm_name);
                            if (!rACFattribute.racf_name.equals("BASE_CLAUTH")) {
                                if (rACFattribute.racf_name.equals("BASE_CATEGORY")) {
                                    basicAttribute6.add("*");
                                }
                                arrayList.add(new ModificationItem(3, basicAttribute6));
                            } else if (RACF_Utilities.attr_exists(rACFattribute, attributes) && (attribute = attributes.get(rACFattribute.sdbm_name)) != null) {
                                arrayList.add(new ModificationItem(3, attribute));
                            }
                            break;
                        }
                        break;
                    default:
                        MyLogger.log("debug", thisclass, new StringBuffer().append("Unrecognized modification operand ").append(modificationOp).toString(), null);
                        throw new SecAdminException(new StringBuffer().append("Unrecognized modification operand ").append(modificationOp).append(".").toString());
                }
            }
            for (int i6 = 0; i6 < segments.length; i6++) {
                Attribute attribute5 = basicAttributes.get(segments[i6].on_value);
                if (attribute5.contains(SET_OFF) && attribute5.contains(PARMS_PROVIDED)) {
                    String str3 = "";
                    NamingEnumeration all = attribute5.getAll();
                    while (all.hasMore()) {
                        String str4 = (String) all.next();
                        if (!str4.equals(SET_OFF) && !str4.equals(PARMS_PROVIDED)) {
                            str3 = str4;
                        }
                    }
                    throw new SecAdminException(new StringBuffer().append("Conflicting attributes provided. ").append(segments[i6].on_value).append(" removed, but ").append(str3).append(" attribute provided.  User ").append(this.name).append(" not modified.").toString());
                }
                if (attribute5.contains(SET_ON) && !attribute5.contains(PARMS_PROVIDED)) {
                    arrayList.add(new ModificationItem(1, new BasicAttribute("racfAttributes", segments[i6].on_value)));
                } else if (attribute5.contains(SET_OFF)) {
                    arrayList.add(new ModificationItem(1, new BasicAttribute("racfAttributes", segments[i6].off_value)));
                }
            }
            if (this.noexpired_specified && this.expired_specified) {
                throw new SecAdminException("EXPIRED value and NOEXPIRED value conflict on BASE_PHRASE and BASE_PASSWORD attributes.");
            }
            if (this.user_has_phrase && !this.user_has_pwd) {
                throw new SecAdminException("User must have a password in order to have a passphrase.");
            }
            if (arrayList.size() > 0) {
                ModificationItem[] array = RACF_Utilities.getArray(arrayList);
                this.ctx.modifyAttributes(suffix_it, array);
                MyLogger.log("debug", thisclass, new StringBuffer().append("modify attributes sent:  ").append(array).toString(), null);
            }
            if (arrayList2.size() > 0) {
                send_second_mods(arrayList2, attributes, arrayList.size());
            }
        } catch (NamingException e) {
            MyLogger.log("debug", thisclass, new StringBuffer().append("Exception caught: ").append(e.getMessage()).toString(), null);
            throw new SecAdminException("Unexpected exception in modify.", e);
        }
    }

    private BasicAttribute prune(RACFattribute rACFattribute, Attribute attribute, BasicAttribute basicAttribute) throws SecAdminException, NamingException {
        String id = attribute.getID();
        BasicAttribute basicAttribute2 = new BasicAttribute(id);
        Attribute attribute2 = attribute;
        BasicAttribute basicAttribute3 = (BasicAttribute) basicAttribute.clone();
        MyLogger.log("verbose", thisclass, new StringBuffer().append("prune input: ").append(attribute).toString(), null);
        if (rACFattribute.split_value != null) {
            attribute2 = new BasicAttribute(id);
            parmize(attribute, attribute2, rACFattribute);
        }
        if (rACFattribute.racf_name.equals("OPERPARM_ROUTCODE")) {
            Attribute basicAttribute4 = new BasicAttribute(id);
            for (int i = 0; i < attribute2.size(); i++) {
                String str = (String) attribute2.get(i);
                if (str.indexOf(58) > 0) {
                    String[] split = str.split(":");
                    if (split.length != 2) {
                        throw new SecAdminException("OPERPARM_ROUTCODE value must be n or n1:n2 where n, n1 and n2 are integers (1 - 128) and n2 is greater than n1.");
                    }
                    if (!is_number(split[0], 1, 128)) {
                        throw new SecAdminException("OPERPARM_ROUTCODE value must be n or n1:n2 where n, n1 and n2 are integers (1 - 128) and n2 is greater than n1.");
                    }
                    int parseInt = Integer.parseInt(split[0]);
                    if (!is_number(split[1], 1, 128)) {
                        throw new SecAdminException("OPERPARM_ROUTCODE value must be n or n1:n2 where n, n1 and n2 are integers (1 - 128) and n2 is greater than n1.");
                    }
                    int parseInt2 = Integer.parseInt(split[1]);
                    if (parseInt2 <= parseInt) {
                        throw new SecAdminException(new StringBuffer().append("OPERPARM_ROUTCODE value ").append(str).append(" is invalid.  ").append(parseInt2).append(" is greater than ").append(parseInt).append(".").toString());
                    }
                    for (int i2 = parseInt; i2 <= parseInt2; i2++) {
                        basicAttribute4.add(new StringBuffer().append("").append(i2).toString());
                    }
                } else {
                    basicAttribute4.add(str);
                }
            }
            attribute2 = basicAttribute4;
            BasicAttribute basicAttribute5 = new BasicAttribute(id);
            for (int i3 = 0; i3 < basicAttribute3.size(); i3++) {
                String str2 = (String) basicAttribute3.get(i3);
                if (str2.indexOf(58) > 0) {
                    String[] split2 = str2.split(":");
                    if (split2.length != 2) {
                        throw new SecAdminException("OPERPARM_ROUTCODE value must be n or n1:n2 where n, n1 and n2 are integers (1 - 128) and n2 is greater than n1.");
                    }
                    if (!is_number(split2[0], 1, 128)) {
                        throw new SecAdminException("OPERPARM_ROUTCODE value must be n or n1:n2 where n, n1 and n2 are integers (1 - 128) and n2 is greater than n1.");
                    }
                    int parseInt3 = Integer.parseInt(split2[0]);
                    if (!is_number(split2[1], 1, 128)) {
                        throw new SecAdminException("OPERPARM_ROUTCODE value must be n or n1:n2 where n, n1 and n2 are integers (1 - 128) and n2 is greater than n1.");
                    }
                    int parseInt4 = Integer.parseInt(split2[1]);
                    if (parseInt4 <= parseInt3) {
                        throw new SecAdminException(new StringBuffer().append("OPERPARM_ROUTCODE value ").append(str2).append(" is invalid.  ").append(parseInt4).append(" is greater than ").append(parseInt3).append(".").toString());
                    }
                    for (int i4 = parseInt3; i4 <= parseInt4; i4++) {
                        basicAttribute5.add(new StringBuffer().append("").append(i4).toString());
                    }
                } else {
                    basicAttribute5.add(str2);
                }
            }
            basicAttribute3 = basicAttribute5;
        }
        for (int i5 = 0; i5 < attribute2.size(); i5++) {
            String trim = RACF_Utilities.deLDAP((String) attribute2.get(i5)).trim();
            boolean z = true;
            for (int i6 = 0; z && i6 < basicAttribute3.size(); i6++) {
                String str3 = (String) basicAttribute3.get(i6);
                if (trim.equalsIgnoreCase(str3.trim())) {
                    z = false;
                }
                if (RACF_Utilities.strip_lead_zeros(trim).equals(str3.trim())) {
                    z = false;
                }
            }
            if (z) {
                basicAttribute2.add(trim);
            }
        }
        MyLogger.log("verbose", thisclass, new StringBuffer().append("prune output: ").append(basicAttribute2).toString(), null);
        return basicAttribute2;
    }

    private String format_base_time(String str) {
        String replace = format_time(str).replace('-', ':');
        if (replace.indexOf(":") < 0 && replace.length() == 8) {
            replace = new StringBuffer().append(replace.substring(0, 4)).append(":").append(replace.substring(4)).toString();
        }
        return replace;
    }

    private String format_time(String str) {
        String str2;
        String str3 = "";
        MyLogger.log("verbose", thisclass, new StringBuffer().append("format_time input:").append(str).toString(), null);
        int indexOf = str.indexOf("(HH:MM)");
        if (indexOf >= 0) {
            str2 = str.substring(0, indexOf);
            if (str.length() > indexOf + "(HH:MM)".length()) {
                str2 = new StringBuffer().append(str2).append(str.substring(indexOf + "(HH:MM)".length() + 1)).toString();
            }
        } else {
            str2 = str;
        }
        for (int i = 0; i < str2.length(); i++) {
            if (str2.charAt(i) != ' ' && str2.charAt(i) != ':') {
                str3 = new StringBuffer().append(str3).append(str2.charAt(i)).toString();
            }
        }
        MyLogger.log("verbose", thisclass, new StringBuffer().append("format_time output:").append(str3).toString(), null);
        return str3;
    }

    private void parmize(Attribute attribute, Attribute attribute2, RACFattribute rACFattribute) throws NamingException {
        parmize(attribute, attribute2, rACFattribute, false);
    }

    private void parmize(Attribute attribute, Attribute attribute2, RACFattribute rACFattribute, boolean z) throws NamingException {
        String id = attribute2.getID();
        MyLogger.log("verbose", thisclass, new StringBuffer().append("parmize called with old attribute").append(attribute).toString(), null);
        for (int i = 0; i < attribute.size(); i++) {
            String[] split = ((String) attribute.get(i)).split(rACFattribute.split_value);
            for (int i2 = 0; i2 < split.length; i2++) {
                if (!rACFattribute.racf_name.equals("BASE_DAYS")) {
                    if (z) {
                        attribute2.add(RACF_Utilities.strip_lead_zeros(split[i2].toUpperCase()));
                    } else {
                        attribute2.add(RACF_Utilities.strip_lead_zeros(split[i2]));
                    }
                    MyLogger.log("verbose", thisclass, new StringBuffer().append("new_attribute name ").append(id).append(" adding value ").append(split[i2]).toString(), null);
                } else if (split[i2].charAt(split[i2].length() - 1) == '.') {
                    attribute2.add(split[i2].substring(0, split[i2].length() - 1));
                } else {
                    attribute2.add(split[i2]);
                }
            }
        }
    }

    private void special_case_checking(RACFattribute rACFattribute, Attribute attribute) throws SecAdminException, NamingException {
        if (rACFattribute.racf_name.equals("CICS_OPPRTY")) {
            if (attribute.size() > 1) {
                throw new SecAdminException("CICS_OPPRTY is single-value attribute.");
            }
            if (attribute.size() == 1 && !is_number((String) attribute.get(), 0, 255)) {
                throw new SecAdminException("CICS_OPPRTY must be a number between 0 and 255.");
            }
        }
        if (rACFattribute.racf_name.equals("OPERPARM_MSCOPE")) {
            MyLogger.log("verbose", thisclass, "special_case_checking for OPERPARM_MSCOPE", null);
            BasicAttribute basicAttribute = new BasicAttribute("OPERPARM_MSCOPE");
            parmize(attribute, basicAttribute, rACFattribute, true);
            if (basicAttribute.size() > 1 && basicAttribute.contains("*ALL")) {
                throw new SecAdminException("OPERPARM_MSCOPE cannot have '*ALL' and other values.");
            }
        }
        if (rACFattribute.racf_name.equals("OPERPARM_LEVEL")) {
            MyLogger.log("verbose", thisclass, "special_case_checking for OPERPARM_LEVEL", null);
            boolean z = false;
            boolean z2 = false;
            String str = null;
            BasicAttribute basicAttribute2 = new BasicAttribute("OPERPARM_LEVEL");
            parmize(attribute, basicAttribute2, rACFattribute);
            for (int i = 0; i < basicAttribute2.size(); i++) {
                String upperCase = ((String) basicAttribute2.get(i)).toUpperCase();
                MyLogger.log("verbose", thisclass, new StringBuffer().append("special_case_checking for OPERPARM_LEVEL, looking at value ").append(upperCase).toString(), null);
                if (msg_type.contains(upperCase)) {
                    MyLogger.log("verbose", thisclass, "special_case_checking for OPERPARM_LEVEL, have_msgtype is true", null);
                    z = true;
                    str = upperCase;
                } else if (upperCase.equals("ALL")) {
                    z2 = true;
                    MyLogger.log("verbose", thisclass, "special_case_checking for OPERPARM_LEVEL, have_all is true", null);
                }
            }
            if (z && z2) {
                throw new SecAdminException(new StringBuffer().append("OPERPARM_LEVEL cannot have both 'ALL' and ").append(str).append(" as values.").toString());
            }
        }
        if (rACFattribute.racf_name.equals("CICS_RSLKEY") || rACFattribute.racf_name.equals("CICS_TSLKEY")) {
            MyLogger.log("verbose", thisclass, new StringBuffer().append("special_case_checking for").append(rACFattribute.racf_name).toString(), null);
            boolean z3 = false;
            boolean z4 = false;
            boolean z5 = false;
            String str2 = null;
            BasicAttribute basicAttribute3 = new BasicAttribute(rACFattribute.racf_name);
            parmize(attribute, basicAttribute3, rACFattribute);
            for (int i2 = 0; i2 < basicAttribute3.size(); i2++) {
                String str3 = (String) basicAttribute3.get(i2);
                MyLogger.log("verbose", thisclass, new StringBuffer().append("special_case_checking for ").append(rACFattribute.racf_name).append(", looking at value ").append(str3).toString(), null);
                if (!is_number(str3, 0, 99)) {
                    if (!rACFattribute.racf_name.equals("CICS_TSLKEY")) {
                        throw new SecAdminException(new StringBuffer().append("Invalid value: ").append(str3).append(".  CICS_RSLKEY value must be 0, 1 - 24, or 99.").toString());
                    }
                    throw new SecAdminException(new StringBuffer().append("Invalid value: ").append(str3).append(".  CICS_TSLKEY value must be 0, 1 - 64, or 99.").toString());
                }
                int parseInt = Integer.parseInt(str3);
                if (parseInt >= 1 && ((parseInt <= 64 && rACFattribute.racf_name.equals("CICS_TSLKEY")) || (parseInt <= 24 && rACFattribute.racf_name.equals("CICS_RSLKEY")))) {
                    z3 = true;
                    str2 = str3;
                } else if (parseInt == 0) {
                    z4 = true;
                } else {
                    if (parseInt != 99) {
                        if (!rACFattribute.racf_name.equals("CICS_TSLKEY")) {
                            throw new SecAdminException(new StringBuffer().append("Invalid numeric value: ").append(str3).append(".  CICS_RSLKEY value must be 0, 1 - 24, or 99.").toString());
                        }
                        throw new SecAdminException(new StringBuffer().append("Invalid numeric value: ").append(str3).append(".  CICS_TSLKEY value must be 0, 1 - 64, or 99.").toString());
                    }
                    z5 = true;
                }
            }
            if (z4 && z5) {
                throw new SecAdminException(new StringBuffer().append(rACFattribute.racf_name).append(" cannot have both '0' and '99' as values.").toString());
            }
            if (z3 && (z4 || z5)) {
                throw new SecAdminException(new StringBuffer().append(rACFattribute.racf_name).append(" cannot have ").append(str2).append(" and either 0 or 99 as values.").toString());
            }
        }
        if (rACFattribute.racf_name.equals("OPERPARM_AUTH")) {
            MyLogger.log("verbose", thisclass, "special_case_checking for OPERPARM_AUTH", null);
            boolean z6 = false;
            boolean z7 = false;
            boolean z8 = false;
            boolean z9 = false;
            BasicAttribute basicAttribute4 = new BasicAttribute("OPERPARM_AUTH");
            parmize(attribute, basicAttribute4, rACFattribute);
            for (int i3 = 0; i3 < basicAttribute4.size(); i3++) {
                String upperCase2 = ((String) basicAttribute4.get(i3)).toUpperCase();
                if (upperCase2.equalsIgnoreCase("ALL")) {
                    z7 = true;
                } else if (upperCase2.equalsIgnoreCase("MASTER")) {
                    z6 = true;
                } else if (upperCase2.equalsIgnoreCase("INFO")) {
                    z8 = true;
                } else {
                    z9 = true;
                }
            }
            if (z7 && (z6 || z8 || z9)) {
                throw new SecAdminException("OPERPARM_AUTH cannot have 'ALL' and any other values.");
            }
            if (z6 && (z8 || z7 || z9)) {
                throw new SecAdminException("OPERPARM_AUTH cannot have 'MASTER' and any other values.");
            }
            if (z8 && (z6 || z7 || z9)) {
                throw new SecAdminException("OPERPARM_AUTH cannot have 'INFO' and any other values.");
            }
        }
        if (rACFattribute.racf_name.equals("OPERPARM_ROUTCODE")) {
            MyLogger.log("verbose", thisclass, "special_case_checking for OPERPARM_ROUTCODE", null);
            boolean z10 = false;
            boolean z11 = false;
            boolean z12 = false;
            BasicAttribute basicAttribute5 = new BasicAttribute("OPERPARM_ROUTCODE");
            parmize(attribute, basicAttribute5, rACFattribute);
            for (int i4 = 0; i4 < basicAttribute5.size(); i4++) {
                String upperCase3 = ((String) basicAttribute5.get(i4)).toUpperCase();
                if (upperCase3.equalsIgnoreCase("ALL")) {
                    z10 = true;
                } else if (upperCase3.equalsIgnoreCase("NONE")) {
                    z11 = true;
                } else {
                    z12 = true;
                }
            }
            if (z10 && (z11 || z12)) {
                throw new SecAdminException("OPERPARM_ROUTCODE cannot have 'ALL' and any other values.");
            }
            if (z11) {
                if (z10 || z12) {
                    throw new SecAdminException("OPERPARM_ROUTCODE cannot have 'NONE' and any other values.");
                }
            }
        }
    }

    boolean is_number(String str, int i, int i2) {
        try {
            int parseInt = Integer.parseInt(str);
            return parseInt >= i && parseInt <= i2;
        } catch (Exception e) {
            return false;
        }
    }

    boolean parse_uid(BasicAttributes basicAttributes, Attribute attribute, ArrayList arrayList, String str) throws NamingException, SecAdminException {
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        String str2 = "";
        boolean z4 = false;
        if (arrayList == null) {
            if (!$assertionsDisabled && basicAttributes == null) {
                throw new AssertionError("parse_uid should have first parameter (attrs) non-null if modify_mods IS null");
            }
            z4 = true;
        } else if (!$assertionsDisabled && basicAttributes != null) {
            throw new AssertionError("parse_uid should not have non-null attrs (indicates create path) and modify_mods (indicates modify path) ");
        }
        if (attribute.size() > 2) {
            throw new SecAdminException("OMVS_UID attribute should never have more than 2 values: UID value and SHARED.");
        }
        for (int i = 0; i < attribute.size(); i++) {
            String trim = ((String) attribute.get(i)).trim();
            if (trim.equalsIgnoreCase("SHARED")) {
                z2 = true;
            } else if (trim.equalsIgnoreCase("AUTOUID")) {
                z = true;
            } else {
                str2 = new String(trim);
                z3 = true;
            }
        }
        if (z2 && !z3) {
            throw new SecAdminException("OMVS_UID must have actual uid value, in addition to SHARED.");
        }
        if (z && (z2 || z3)) {
            throw new SecAdminException("AUTOUID cannot be used with any other values.");
        }
        if (z3) {
            BasicAttribute basicAttribute = new BasicAttribute("racfOmvsUid", str2);
            if (z4) {
                basicAttributes.put(basicAttribute);
            } else {
                arrayList.add(new ModificationItem(2, basicAttribute));
            }
        }
        if (z) {
            BasicAttribute basicAttribute2 = new BasicAttribute("racfOmvsUidKeyword", "AUTOUID");
            if (z4) {
                basicAttributes.put(basicAttribute2);
            } else {
                arrayList.add(new ModificationItem(2, basicAttribute2));
            }
        }
        if (!z2) {
            return true;
        }
        BasicAttribute basicAttribute3 = new BasicAttribute("racfOmvsUidKeyword", "SHARED");
        if (z4) {
            basicAttributes.put(basicAttribute3);
            return true;
        }
        arrayList.add(new ModificationItem(2, basicAttribute3));
        return true;
    }

    private ModificationItem[] parse_password(BasicAttributes basicAttributes, Attribute attribute, Attribute attribute2, ArrayList arrayList) throws NamingException, SecAdminException {
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        String str = "";
        ModificationItem[] modificationItemArr = null;
        boolean z4 = false;
        if (arrayList == null) {
            if (!$assertionsDisabled && basicAttributes == null) {
                throw new AssertionError("parse_password should have first parameter (attrs) non-null if modify_mods IS null");
            }
            z4 = true;
        } else if (!$assertionsDisabled && basicAttributes != null) {
            throw new AssertionError("parse_password should not have non-null attrs (indicates create path) and modify_mods (indicates modify path) ");
        }
        if (attribute.size() > 2) {
            throw new SecAdminException("base_password attribute should never have more than 2 values: password and NOEXPIRE.");
        }
        for (int i = 0; i < attribute.size(); i++) {
            String str2 = (String) attribute.get(i);
            if (str2.equalsIgnoreCase("EXPIRED")) {
                this.expired_specified = true;
            } else if (str2.equalsIgnoreCase("NOEXPIRED")) {
                z3 = true;
                this.noexpired_specified = true;
            } else if (str2.equalsIgnoreCase(no_password)) {
                z2 = true;
            } else {
                if (z) {
                    throw new SecAdminException("Two password values provided on BASE_PASSWORD attribute.");
                }
                str = new String(str2);
                z = true;
            }
        }
        if (z3 && (z2 || !z)) {
            throw new SecAdminException("NOEXPIRED is only valid if password is provided.");
        }
        if (z2 && z) {
            throw new SecAdminException("When Base_Password attribute has value of NOPASSWORD, no additional values are allowed.");
        }
        if (z) {
            BasicAttribute basicAttribute = new BasicAttribute("racfpassword", str);
            if (z4) {
                basicAttributes.put(basicAttribute);
            } else {
                arrayList.add(new ModificationItem(2, basicAttribute));
            }
        }
        if (z2) {
            this.user_has_pwd = false;
            if (z4) {
                attribute2.add("NOPASSWORD");
            } else {
                arrayList.add(new ModificationItem(1, new BasicAttribute("racfattributes", "NOPASSWORD")));
            }
        }
        if (z3 & (!str.equalsIgnoreCase(password_exists))) {
            if (z4) {
                modificationItemArr = new ModificationItem[]{new ModificationItem(1, new BasicAttribute("racfpassword", str)), new ModificationItem(1, new BasicAttribute("racfattributes", "noexpired"))};
            } else {
                arrayList.add(new ModificationItem(1, new BasicAttribute("racfattributes", "noexpired")));
            }
        }
        return modificationItemArr;
    }

    private ModificationItem[] parse_phrase(BasicAttributes basicAttributes, Attribute attribute, ArrayList arrayList) throws NamingException, SecAdminException {
        boolean z = false;
        String str = "";
        boolean z2 = false;
        ModificationItem[] modificationItemArr = null;
        boolean z3 = false;
        if (arrayList == null) {
            if (!$assertionsDisabled && basicAttributes == null) {
                throw new AssertionError("parse_phrase should have first parameter (attrs) non-null if modify_mods IS null");
            }
            z3 = true;
        } else if (!$assertionsDisabled && basicAttributes != null) {
            throw new AssertionError("parse_phrase should not have non-null attrs (indicates create path) and modify_mods (indicates modify path) ");
        }
        if (attribute.size() > 2) {
            throw new SecAdminException("BASE_PHRASE attribute should never have more than 2 values: phrase and NOEXPIRE.");
        }
        for (int i = 0; i < attribute.size(); i++) {
            String str2 = (String) attribute.get(i);
            if (str2.equalsIgnoreCase("EXPIRED")) {
                this.expired_specified = true;
            } else if (str2.equalsIgnoreCase("NOEXPIRED")) {
                z = true;
                this.noexpired_specified = true;
            } else {
                if (z2) {
                    throw new SecAdminException("Two phrase values provided on BASE_PHRASE attribute.");
                }
                str = new String(str2);
                z2 = true;
            }
        }
        if (z && !z2) {
            throw new SecAdminException("NOEXPIRED is only valid if phrase is provided.");
        }
        if (z2) {
            BasicAttribute basicAttribute = new BasicAttribute("racfpassphrase", str);
            this.user_has_phrase = true;
            if (z3) {
                basicAttributes.put(basicAttribute);
            } else {
                arrayList.add(new ModificationItem(2, basicAttribute));
            }
        }
        if (z) {
            if (z3) {
                modificationItemArr = new ModificationItem[]{new ModificationItem(1, new BasicAttribute("racfpassphrase", str)), new ModificationItem(1, new BasicAttribute("racfattributes", "noexpired"))};
            } else {
                arrayList.add(new ModificationItem(1, new BasicAttribute("racfattributes", "noexpired")));
            }
        }
        return modificationItemArr;
    }

    private void send_second_mods(ArrayList arrayList, Attributes attributes, int i) throws SecAdminException {
        ModificationItem[] modificationItemArr = new ModificationItem[1];
        ModificationItem[] modificationItemArr2 = new ModificationItem[1];
        int i2 = 0;
        int i3 = 0;
        NamingException namingException = null;
        for (Object obj : arrayList.toArray()) {
            boolean z = false;
            String str = "";
            modificationItemArr[0] = (ModificationItem) obj;
            MyLogger.log("debug", thisclass, new StringBuffer().append("ModificationItem to send to LDAP ").append(modificationItemArr[0]).toString(), null);
            String lowerCase = modificationItemArr[0].getAttribute().getID().toLowerCase();
            if (!lowerCase.equalsIgnoreCase("racfdatasetmodel") && !lowerCase.equalsIgnoreCase("racfresumedate") && !lowerCase.equalsIgnoreCase("racfowner")) {
                i2++;
                z = true;
            } else if (lowerCase.equals("racfdatasetmodel")) {
                str = "ICH21018I";
            }
            try {
                this.ctx.modifyAttributes(this.user_dn, modificationItemArr);
                i3++;
            } catch (NamingException e) {
                if (str.length() > 0 && RACF_Utilities.check_allowed(str, e)) {
                    i3++;
                }
                namingException = e;
                if (z) {
                    try {
                        modificationItemArr2[0] = new ModificationItem(2, attributes.get(lowerCase));
                        MyLogger.log("debug", thisclass, new StringBuffer().append("Restoring original attribute ModificationItem to send to LDAP ").append(modificationItemArr2[0]).toString(), null);
                        this.ctx.modifyAttributes(this.user_dn, modificationItemArr2);
                    } catch (NamingException e2) {
                        throw new SecAdminException(new StringBuffer().append("Unexpected error trying to restore attribute ").append(lowerCase).append(".").toString(), e2);
                    }
                } else {
                    continue;
                }
            }
        }
        if (namingException != null) {
            if (i3 <= 0 && i <= i2) {
                throw new SecAdminException("Unexpected error from modify processing.", namingException);
            }
            MyLogger.log("debug", thisclass, new StringBuffer().append("Ignored error").append(namingException.getMessage()).append("num_success was ").append(i3).append("num_firstmods was ").append(i).append("two_part_mods was ").append(i2).toString(), null);
        }
    }

    private String format_kerbname(String str) {
        int indexOf = str.indexOf("@");
        return indexOf >= 0 ? str.substring(0, indexOf) : str;
    }

    private boolean user_exists(String str, String str2, boolean z) throws SecAdminException {
        try {
            this.ctx.getAttributes(str, new String[]{"dn"});
            return true;
        } catch (NamingException e) {
            String message = e.getMessage();
            if (message.toUpperCase().indexOf("UNABLE TO LOCATE") > -1 || message.toUpperCase().indexOf("NOT A VALID RACF DN") > -1 || z) {
                return false;
            }
            throw new SecAdminException(new StringBuffer().append("Error trying to locate user: ").append(str2).append(".").toString(), e);
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$ibm$eserver$zos$racf$userregistry$RACF_User == null) {
            cls = class$("com.ibm.eserver.zos.racf.userregistry.RACF_User");
            class$com$ibm$eserver$zos$racf$userregistry$RACF_User = cls;
        } else {
            cls = class$com$ibm$eserver$zos$racf$userregistry$RACF_User;
        }
        $assertionsDisabled = !cls.desiredAssertionStatus();
        sa2object = null;
        thisclass = "RACF_User";
        passphrase_exists = "Passphrase Exists";
        password_exists = "Password Exists";
        no_password = "NOPASSWORD";
        PARMS_PROVIDED = "parms_provided";
        SET_OFF = "set_off";
        SET_ON = "set_on";
        msg_type = new BasicAttribute("msg_type");
        msg_all = new BasicAttribute("msg_all");
        SDBM2racf = null;
        revoke_ra = null;
        resume_ra = null;
        segments = new Segment[]{new Segment("racfUserOmvsSegment", "OMVS", "NOOMVS"), new Segment("racfUserOvmSegment", "OVM", "NOOVM"), new Segment("racfProxySegment", "PROXY", "NOPROXY"), new Segment("racfCicsSegment", "CICS", "NOCICS"), new Segment("racfDCESegment", "DCE", "NODCE"), new Segment("racfOperparmSegment", "OPERPARM", "NOOPERPARM"), new Segment("SAFDfpSegment", "DFP", "NODFP"), new Segment("racfEIMSegment", "EIM", "NOEIM"), new Segment("racfKerberosInfo", "KERB", "NOKERB"), new Segment("racfLanguageSegment", "LANGUAGE", "NOLANGUAGE"), new Segment("racfLNotesSegment", "LNOTES", "NOLNOTES"), new Segment("racfNDSSegment", "NDS", "NONDS"), new Segment("racfNetviewSegment", "NETVIEW", "NONETVIEW"), new Segment("SAFTsoSegment", "TSO", "NOTSO"), new Segment("racfWorkAttrSegment", "WORKATTR", "NOWORKATTR")};
        sa2object = new TreeMap();
        sa2object.put("BASE_OWNER", new RACFattribute("BASE_OWNER", "racfOwner", "RACF userid or groupname of owner of this userid.", true, false, false, false));
        sa2object.put("BASE_DATA", new RACFattribute("BASE_DATA", "racfInstallationData", "Up to 255 characters of installation-defined data.", true, false, false, "NO-INSTALLATION-DATA"));
        sa2object.put("BASE_MODEL", new RACFattribute("BASE_MODEL", "racfDatasetModel", "Name of discrete data set profile used as model when new data set profiles are created that have this userid as the high-level qualifier.", true, false, false, "NO-MODEL-NAME"));
        sa2object.put("BASE_USERID", new RACFattribute("BASE_USERID", "racfid", "Userid", false, false, false));
        sa2object.put("BASE_CREATED", new RACFattribute("BASE_CREATED", "racfAuthorizationDate", "The date this user was defined to RACF.", false, false, false));
        sa2object.put("BASE_PASS-INTERVAL", new RACFattribute("BASE_PASS-INTERVAL", "racfPasswordInterval", "The password change interval (in number of days).", false, false, false));
        sa2object.put("BASE_PASSDATE", new RACFattribute("BASE_PASSDATE", "racfPasswordChangeDate", "The date the user's password was last updated.", false, false, false, "00.000"));
        sa2object.put("BASE_ADSP", new RACFattribute("BASE_ADSP", "racfAttributes", "All permanent tape and DASD data sets created by user are automatically RACF-protected by discrete profiles.", true, true, false, "ADSP", "NOADSP"));
        sa2object.put("DFP", new RACFattribute("DFP", "racfAttributes", "User has DFP segment.", true, true, false, "DFP", "NODFP", true));
        sa2object.put("DCE", new RACFattribute("DCE", "racfAttributes", "User has DCE segment.", true, true, false, "DCE", "NODCE", true));
        sa2object.put("NDS", new RACFattribute("NDS", "racfAttributes", "User has NDS segment.", true, true, false, "NDS", "NONDS", true));
        sa2object.put("TSO", new RACFattribute("TSO", "racfAttributes", "User has TSO segment.", true, true, false, "TSO", "NOTSO", true));
        sa2object.put("CICS", new RACFattribute("CICS", "racfAttributes", "User has CICS segment.", true, true, false, "CICS", "NOCICS", true));
        sa2object.put("EIM", new RACFattribute("EIM", "racfAttributes", "User has EIM segment.", true, true, false, "EIM", "NOEIM", true));
        sa2object.put("LANGUAGE", new RACFattribute("LANGUAGE", "racfAttributes", "User has LANGUAGE segment.", true, true, false, "LANGUAGE", "NOLANGUAGE", true));
        sa2object.put("WORKATTR", new RACFattribute("WORKATTR", "racfAttributes", "User has WORKATTR segment.", true, true, false, "WORKATTR", "NOWORKATTR", true));
        sa2object.put("OPERPARM", new RACFattribute("OPERPARM", "racfAttributes", "User has OPERPARM segment.", true, true, false, "OPERPARM", "NOOPERPARM", true));
        sa2object.put("NETVIEW", new RACFattribute("NETVIEW", "racfAttributes", "User has NETVIEW segment.", true, true, false, "NETVIEW", "NONETVIEW", true));
        sa2object.put("OVM", new RACFattribute("OVM", "racfAttributes", "User has OVM segment.", true, true, false, "OVM", "NOOVM", true));
        sa2object.put("OMVS", new RACFattribute("OMVS", "racfAttributes", "User has OMVS segment.", true, true, false, "OMVS", "NOOMVS", true));
        sa2object.put("LNOTES", new RACFattribute("LNOTES", "racfAttributes", "User has LNOTES segment.", true, true, false, "LNOTES", "NOLNOTES", true));
        sa2object.put("KERB", new RACFattribute("KERB", "racfAttributes", "User has KERB segment.", true, true, false, "KERB", "NOKERB", true));
        sa2object.put("PROXY", new RACFattribute("PROXY", "racfAttributes", "User has PROXY segment.", true, true, false, "PROXY", "NOPROXY", true));
        sa2object.put("BASE_SPECIAL", new RACFattribute("BASE_SPECIAL", "racfAttributes", "Indicates user is allowed to issue all RACF commands with all operands except operands that require AUDITOR attribute.", true, true, false, "SPECIAL", "NOSPECIAL"));
        sa2object.put("BASE_RESTRICTED", new RACFattribute("BASE_RESTRICTED", "racfAttributes", "Indicates global access checking is bypassed when resource access checking is performed for this user, and neither ID(*) on the access list nor the UACC will allow access.", true, true, false, "RESTRICTED", "NORESTRICTED"));
        sa2object.put("BASE_OPERATIONS", new RACFattribute("BASE_OPERATIONS", "racfAttributes", "User has OPERATIONS segment.", true, true, false, "OPERATIONS", "NOOPERATIONS"));
        sa2object.put("BASE_GRPACC", new RACFattribute("BASE_GRPACC", "racfAttributes", "Indicates that any group data sets protected by DATASET profiles defined by this user are automatically accessible to other users in the group.", true, true, false, "GRPACC", "NOGRPACC"));
        sa2object.put("BASE_AUDITOR", new RACFattribute("BASE_AUDITOR", "racfAttributes", "Indicates user has full responsibility for auditing the use of system resources, and is able to control the logging of detected accesses to any RACF-protected resources during RACF authorization checking and accesses to the RACF database.", true, true, false, "AUDITOR", "NOAUDITOR"));
        sa2object.put("BASE_UAUDIT", new RACFattribute("BASE_UAUDIT", "racfAttributes", "Indicates RACF is to log all RACROUTE REQUEST=AUTH and RACROUTE REQUEST=FASTAUTH services eligible for logging, and all RACROUTE REQUEST=DEFINE services issued for the user, and all RACF commands (except SEARCH, LISTDSD, LISTGRP, LISTUSER, and RLIST) issued by user.", true, true, false, "UAUDIT", "NOUAUDIT"));
        sa2object.put("BASE_PASSWORD", new RACFattribute("BASE_PASSWORD", "racfPassword", "When setting, value is new password.  When getting, simply indicates if user has password or is restricted userid (no password).", true, false, false));
        sa2object.put("BASE_PHRASE_CHANGE_DATE", new RACFattribute("BASE_PHRASE_CHANGE_DATE", "racfPassPhraseChangeDate", "Date user's pass phrase was last changed.", false, false, false, "N/A"));
        sa2object.put("BASE_PHRASE", new RACFattribute("BASE_PHRASE", "racfPassPhrase", "The user's pass phrase. A text string of 14-100 characters.", true, false, false));
        sa2object.put("BASE_PASSWORD_ENV", new RACFattribute("BASE_PASSWORD_ENV", "racfPasswordEnvelope", "User's password, encrypted in PKCS#7 envelope.  Only returned if password enveloping has been set up and userid that authenticated in RACF_SecAdmin constructor has digital certificate on IRR.PWENV.KEYRING keyring.", false, false, false));
        sa2object.put("BASE_NAME", new RACFattribute("BASE_NAME", "racfProgrammerName", "User's name - a name associated with userid - maximum of 20 characters.", true, false, false, "UNKNOWN"));
        sa2object.put("BASE_DFLTGRP", new RACFattribute("BASE_DFLTGRP", "racfDefaultGroup", "Name of RACF group which is the default group for user.", true, false, false));
        sa2object.put("BASE_LAST-ACCESS", new RACFattribute("BASE_LAST-ACCESS", "racfLastAccess", "The date and time the user last entered the system.", false, false, false, "UNKNOWN"));
        sa2object.put("BASE_SECLEVEL", new RACFattribute("BASE_SECLEVEL", "racfSecurityLevel", "User's security level, where seclevel-name is an installation-defined name that must be a member of the SECLEVEL profile in the SECDATA class.", true, false, false, "NONE SPECIFIED"));
        sa2object.put("BASE_CATEGORY", new RACFattribute("BASE_CATEGORY", "racfSecurityCategoryList", "Name(s) of installation-defined security categories, which must be defined as members of the CATEGORY profile in the SECDATA class.", true, false, true, true, false, true, "NONE SPECIFIED"));
        sa2object.put("BASE_REVOKED", new RACFattribute("BASE_REVOKED", "racfAttributes", "User's access to the system is currently revoked.", false, true, false, "REVOKED", "RESUME"));
        sa2object.put("BASE_REVOKE", new RACFattribute("BASE_REVOKE", "racfRevokeDate", "Date when RACF will stop allowing the user access to the system.  Date in format mm/dd/yy.", true, false, false, "NONE"));
        sa2object.put("BASE_RESUME", new RACFattribute("BASE_RESUME", "racfResumeDate", "Date when RACF will resume allowing the user access to the system.  Date in format mm/dd/yy.", true, false, false, "NONE"));
        sa2object.put("BASE_DAYS", new RACFattribute("BASE_DAYS", "racfLogonDays", "Days of week user is allowed access system from a terminal - Allowed values: ANYDAY, WEEKDAYS, SUNDAY, MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY, SATURDAY.", " ", true, false, true, false, true, false, false, "ANYDAY"));
        sa2object.put("BASE_TIME", new RACFattribute("BASE_TIME", "racfLogonTime", "Time of day user is allowed access system from a terminal.  Format is start-time:end-time and each time's format is hhmm, where hh is the hour (00-23) and mm is the minutes (00-59). But 0000 is not a valid time value.  If start-time is greater than end-time, interval spans midnight.", true, false, false, false, "ANYTIME"));
        sa2object.put("BASE_CLAUTH", new RACFattribute("BASE_CLAUTH", "racfClassName", "Classes in which user is allowed to define profiles to RACF for protection. Classes can be USER, and any resource classes defined in the class descriptor table.", true, false, true, true, false, true, "NONE"));
        sa2object.put("BASE_SECLABEL", new RACFattribute("BASE_SECLABEL", "racfSecurityLabel", "Installation-defined security label which is user's default security label.", true, false, false, "NONE SPECIFIED"));
        sa2object.put("TSO_ACCTNUM", new RACFattribute("TSO_ACCTNUM", "SAFAccountNumber", "User's default TSO account number when logging on through the TSO/E logon panel (1-39 characters).", true, false, false));
        sa2object.put("TSO_COMMAND", new RACFattribute("TSO_COMMAND", "SAFDefaultCommand", "Command to be run during TSO/E logon (1 - 80 characters).", true, false, false));
        sa2object.put("TSO_DEST", new RACFattribute("TSO_DEST", "SAFDestination", "Default destination to which the user can route dynamically allocated SYSOUT data sets. The specified value must be 1-7 alphanumeric characters, beginning with an alphabetic or national character.", true, false, false));
        sa2object.put("TSO_HOLDCLASS", new RACFattribute("TSO_HOLDCLASS", "SAFHoldClass", "User's default hold class. The specified value must be 1 alphanumeric character, excluding national characters.", true, false, false));
        sa2object.put("TSO_JOBCLASS", new RACFattribute("TSO_JOBCLASS", "SAFJobClass", "Specifies the user's default job class. The specified value must be 1 alphanumeric character, excluding national characters.", true, false, false));
        sa2object.put("TSO_MSGCLASS", new RACFattribute("TSO_MSGCLASS", "SAFMessageClass", "User's default message class. The specified value must be 1 alphanumeric character, excluding national characters.", true, false, false));
        sa2object.put("TSO_PROC", new RACFattribute("TSO_PROC", "SAFDefaultLoginProc", "Name of the user's default logon procedure when logging on through the TSO/E logon panel. The name must be 1-8 alphanumeric characters and begin with an alphabetic character.", true, false, false));
        sa2object.put("TSO_SIZE", new RACFattribute("TSO_SIZE", "SAFLogonSize", "Region size - number of 1024-byte units of virtual storage available in user's private address space at logon when user does not request a region size at logon. Integer between 0 and 65535 (inclusive) if database is shared with any MVS systems, or 0 through 2096128 if not shared. ", true, false, false));
        sa2object.put("TSO_MAXSIZE", new RACFattribute("TSO_MAXSIZE", "SAFMaximumRegionSize", "Maximum region size user can request at logon. Number of 1024-byte units of virtual storage that TSO can create for the user's private address space. Integer between 0 and 65535 (inclusive) if database is shared with any MVS systems, or 0 through 2096128 if not shared. ", true, false, false));
        sa2object.put("TSO_SYSOUTCLASS", new RACFattribute("TSO_SYSOUTCLASS", "SAFDefaultSysoutClass", "User's default SYSOUT class. The specified value must be 1 alphanumeric character, excluding national characters.", true, false, false));
        sa2object.put("TSO_USERDATA", new RACFattribute("TSO_USERDATA", "SAFUserData", "Optional installation data, 4 characters where valid characters are 0 through 9 and A through F.", true, false, false, "0000"));
        sa2object.put("TSO_UNIT", new RACFattribute("TSO_UNIT", "SAFDefaultUnit", "Default name of a device or group of devices that a procedure uses for allocations. The specified value must be 1-8 alphanumeric characters.", true, false, false));
        sa2object.put("TSO_SECLABEL", new RACFattribute("TSO_SECLABEL", "SAFTsoSecurityLabel", "User's security label if the user specifies one on the TSO logon panel.", true, false, false));
        sa2object.put("OMVS_UID", new RACFattribute("OMVS_UID", "racfOmvsUid", "The UID, numeric value between 0 and 2147483647.  'AUTOUID' value can be used when BPX.NEXT.USER profile is defined in the FACILITY class. SHARED value can be used when the SHARED.IDS profile in the UNIXPRIV class is defined.  See z/OS Security Server RACF Security Administrator's Guide for details.", true, false, true, "NONE"));
        sa2object.put("OMVS_HOME", new RACFattribute("OMVS_HOME", "racfOmvsHome", "User's z/OS UNIX initial directory pathname, 1-1023 characters.", true, false, false));
        sa2object.put("OMVS_PROGRAM", new RACFattribute("OMVS_PROGRAM", "racfOmvsInitialProgram", "Specifies the PROGRAM pathname (z/OS UNIX shell program). The first program started when TSO/E command OMVS is entered or when a batch job is started using the BPXBATCH program, 1-1023 characters.", true, false, false));
        sa2object.put("OMVS_CPUTIMEMAX", new RACFattribute("OMVS_CPUTIMEMAX", "racfOmvsMaximumCPUTime", "The RLIMIT_CPU hard limit (maximum) resource value that user's z/OS UNIX processes receive when they are dubbed a process. Numeric value between 7 and 2147483647, indicates the cpu-time in seconds that a process is allowed to use. ", true, false, false, "NONE"));
        sa2object.put("OMVS_ASSIZEMAX", new RACFattribute("OMVS_ASSIZEMAX", "racfOmvsMaximumAddressSpaceSize", "The RLIMIT_AS hard limit resource value (maximum address space region size) that processes receive when dubbed a process. Integer value between 10485760 and 2147483647.", true, false, false, "NONE"));
        sa2object.put("OMVS_FILEPROCMAX", new RACFattribute("OMVS_FILEPROCMAX", "racfOmvsMaximumFilesPerProcess", "Maximum number of files this user is allowed to have concurrently active or open. Numeric value between 3 and 524287.", true, false, false, "NONE"));
        sa2object.put("OMVS_PROCUSERMAX", new RACFattribute("OMVS_PROCUSERMAX", "racfOmvsMaximumProcessesPerUID", "Maximum number of processes user is allowed to have active at the same time, regardless of how the process became a z/OS UNIX process.  Numeric value between 3 and 32767.", true, false, false, "NONE"));
        sa2object.put("OMVS_THREADSMAX", new RACFattribute("OMVS_THREADSMAX", "racfOmvsMaximumThreadsPerProcess", "Maximum number of pthread_create threads, including those running, queued, and exited but not detached, that the user can have concurrently active. Numeric value between 0 and 100000.", true, false, false, "NONE"));
        sa2object.put("OMVS_MMAPAREAMAX", new RACFattribute("OMVS_MMAPAREAMAX", "racfOmvsMaximumMemoryMapArea", "Maximum amount of data space storage, in pages, that can be allocated by the user for memory mappings of HFS files. Numeric value between 1 and 16,777,216.", true, false, false, "NONE"));
        sa2object.put("OMVS_MEMLIMIT", new RACFattribute("OMVS_MEMLIMIT", "racfOmvsMemoryLimit", "Specifies the maximum number of bytes of nonshared memory that can be allocated by the user. The nonshared-memory-size you define to RACF is a numeric value between 0 and 16777215, followed by the letter M, G, or T. The M, G, or T letter indicates the multiplier to be used. (M=Megabyte, G Gigabyte, T=Terabyte, P=Petabyte). Maximum value is 16383P.", true, false, false));
        sa2object.put("OMVS_SHMEMMAX", new RACFattribute("OMVS_SHMEMMAX", "racfOmvsSharedMemoryMaximum", "The maximum number of bytes of shared memory that can be allocated by user. The shared-memory-size you define to RACF is a numeric value between 1 and 16,777,215, followed by the letter M, G, T, or P. The M, G, T, or P letter indicates the multiplier to be used. (M=Megabyte, G Gigabyte, T=Terabyte, P=Petabyte).  Maximum value is 16383P.", true, false, false));
        sa2object.put("DFP_DATAAPPL", new RACFattribute("DFP_DATAAPPL", "SAFDfpDataApplication", "An 8-character DFP data application identifier.", true, false, false));
        sa2object.put("DFP_DATACLAS", new RACFattribute("DFP_DATACLAS", "SAFDfpDataClass", "The default data class. 1-8 characters.", true, false, false));
        sa2object.put("DFP_MGMTCLAS", new RACFattribute("DFP_MGMTCLAS", "SAFDfpManagementClass", "The default management class. 1-8 characters.", true, false, false));
        sa2object.put("DFP_STORCLAS", new RACFattribute("DFP_STORCLAS", "SAFDfpStorageClass", "The default storage class. 1-8 characters.", true, false, false));
        sa2object.put("LANGUAGE_PRIMARY", new RACFattribute("LANGUAGE_PRIMARY", "racfPrimaryLanguage", "User's primary language.  Specified as either an installation-defined name of a currently active language (maximum of 24 characters) or one of the language codes (three characters in length) for a language installed on your system.", true, false, false, "NOT SPECIFIED"));
        sa2object.put("LANGUAGE_SECONDARY", new RACFattribute("LANGUAGE_SECONDARY", "racfSecondaryLanguage", "User's secondary language.  Specified as either an installation-defined name of a currently active language (maximum of 24 characters) or one of the language codes (three characters in length) for a language installed on your system.", true, false, false, "NOT SPECIFIED"));
        sa2object.put("CICS_OPIDENT", new RACFattribute("CICS_OPIDENT", "racfOperatorIdentification", "A 1-3 character identification of the operator for use by BMS.", true, false, false, ""));
        sa2object.put("CICS_OPCLASS", new RACFattribute("CICS_OPCLASS", "racfOperatorClass", "Numbers 1-24, representing classes assigned to this operator to which BMS (basic mapping support) messages are to be routed.", true, false, true, false, true, false));
        sa2object.put("CICS_OPPRTY", new RACFattribute("CICS_OPPRTY", "racfOperatorPriority", "Number from 0-255 that represents the priority of the operator.", true, false, false));
        sa2object.put("CICS_XRFSOFF", new RACFattribute("CICS_XRFSOFF", "racfOperatorReSignon", "Indicates whether the user is signed off by CICS when an XRF takeover occur.  Valid values 'FORCE', 'NOFORCE'.", true, false, false));
        sa2object.put("CICS_TIMEOUT", new RACFattribute("CICS_TIMEOUT", "racfTerminalTimeout", "Time, in hours and minutes, that the operator is allowed to be idle before being signed off. The value for TIMEOUT can be entered in the form m, mm, hmm, or hhmm, where the value for m or mm is 00-59, or 00-60 if h or hh is not specified or is specified as 0 or 00.", true, false, false, "00:00 (HH:MM)"));
        sa2object.put("CICS_RSLKEY", new RACFattribute("CICS_RSLKEY", "racfRslKey", "Specifies the resource security level (RSL) keys assigned to the user. Numbers from 1 - 24 or 0 (meaning no RSL keys are assigned to the user) or 99 (meaning 1 through 24 are assigned to the user).", " ", true, false, true, false, true, false));
        sa2object.put("CICS_TSLKEY", new RACFattribute("CICS_TSLKEY", "racfTslKey", "Specifies the transaction security level (TSL) keys assigned to the user. Numbers from 1 - 64 or 0 (meaning no TSL keys are assigned to the user) or 99 (meaning 1 through 64 are assigned to the user).", " ", true, false, true, false, true, false));
        sa2object.put("OPERPARM_STORAGE", new RACFattribute("OPERPARM_STORAGE", "racfStorageKeyword", "Amount of storage in the TSO/E user's address space that can be used for message queuing to this console. Valid values are 1 - 2000.", true, false, false, "00000"));
        sa2object.put("OPERPARM_AUTH", new RACFattribute("OPERPARM_AUTH", "racfAuthKeyword", "Authority this console has to issue operator commands.  Valid values, 'MASTER', 'ALL', 'INFO' (these three cannot be combined with other values) and 'CONS', 'IO' and 'SYS'. See AlTER USER in z/OS Security Server RACF Command Language Reference for more detailed description.", " ", true, false, true, true, true, false));
        sa2object.put("OPERPARM_MFORM", new RACFattribute("OPERPARM_MFORM", "racfMformKeyword", "Specifies the format in which messages are displayed at the console. Can be a combination of J, M, S, T, and X.", " ", true, false, true, true, false, false));
        sa2object.put("OPERPARM_LEVEL", new RACFattribute("OPERPARM_LEVEL", "racfLevelKeyword", "Specifies the messages that this console is to receive. Can be a list of R, I, CE, E, IN, NB or ALL. If you specify ALL, you cannot specify R, I, CE, E, or IN. ", " ", true, false, true, true, true, false));
        sa2object.put("OPERPARM_MONITOR", new RACFattribute("OPERPARM_MONITOR", "racfMonitorKeyword", "Specifies which information should be displayed when jobs, TSO sessions, or data set status are being monitored.  Allowed values, 'JOBNAMES' OR 'JOBNAMEST' (mutually exclusive), 'SESS' or 'SESST' (mutually exclusive) or 'STATUS'.  See ALTUSER in z/OS Security Server RACF Command Language Reference for a more detailed description.", " ", true, false, true, true, true, false));
        sa2object.put("OPERPARM_ROUTCODE", new RACFattribute("OPERPARM_ROUTCODE", "racfRoutcodeKeyword", "Routing codes of messages this console is to receive.  Valid values are 'ALL' or One or more routing codes or sequences of routing codes. The routing codes can be list of n and n1:n2, where n, n1, and n2 are integers 1-128, and n2 is greater than n1.", ",", true, false, true, false, true, false));
        sa2object.put("OPERPARM_LOGCMDRESP", new RACFattribute("OPERPARM_LOGCMDRESP", "racfLogCommandResponseKeyword", "Indicates if command responses are to be logged.  Value of 'SYSTEM' specifies that command responses are logged in the hardcopy log.  Value of 'NO' specifies that command responses are not logged.", true, false, false));
        sa2object.put("OPERPARM_HC", new RACFattribute("OPERPARM_HC", "racfhckeyword", "Indicates this console is to receive hardcopy messages", true, true, false, "YES", "NO", false));
        sa2object.put("OPERPARM_UNKNIDS", new RACFattribute("OPERPARM_UNKNIDS", "racfunknidskeyword", "Indicates this console is to receive messages directed to console ID 0 (the internal console).", true, true, false, "YES", "NO", false));
        sa2object.put("OPERPARM_INTIDS", new RACFattribute("OPERPARM_INTIDS", "racfintidskeyword", "Indicates this console is to receive messages directed to console ID 0 (the internal console).", true, true, false, "YES", "NO", false));
        sa2object.put("OPERPARM_HC", new RACFattribute("OPERPARM_HC", "racfhcKeyword", "Indicates this console is to receive hardcopy messages.", true, true, false, "YES", "NO", false));
        sa2object.put("OPERPARM_MIGID", new RACFattribute("OPERPARM_MIGID", "racfMGIDKeyword", "Specifies that a 1-byte migration ID is to be assigned to this console. The migration ID allows command processors that use a 1-byte console ID to direct command responses to this console. ", true, true, false, "YES", "NO", false));
        sa2object.put("OPERPARM_DOM", new RACFattribute("OPERPARM_DOM", "racfDOMKeyword", "Indicates whether this console receives delete operator message (DOM) requests.  Allowed values 'NORMAL','ALL','NONE'.", true, false, false));
        sa2object.put("OPERPARM_KEY", new RACFattribute("OPERPARM_KEY", "racfKEYKeyword", "A 1-8 byte character name that can be used to display information for all consoles with the specified key by using the MVS command DISPLAY CONSOLES,KEY. Valid characters are A-Z, 0-9, # (X'7B'), $ (X'5B'), or @ (X'7C').", true, false, false));
        sa2object.put("OPERPARM_CMDSYS", new RACFattribute("OPERPARM_CMDSYS", "racfCMDSYSKeyword", "Indicates the system to which commands issued from this console are to be sent. 1-8 characters, with valid characters being A-Z, 0-9, @ (X'7C'), # (X'7B'), and $ (X'5B'). If * is specified, commands are processed on the local system where the console is attached.", true, false, false));
        sa2object.put("OPERPARM_UD", new RACFattribute("OPERPARM_UD", "racfUDKeyword", "Indicates that this console is to receive undelivered messages.", true, true, false, "YES", "NO", false));
        sa2object.put("OPERPARM_MIGID", new RACFattribute("OPERPARM_MIGID", "racfMGIDKeyword", "Indicates a 1-byte migration ID is assigned to this console.", true, true, false, "YES", "NO", false));
        sa2object.put("OPERPARM_MSCOPE", new RACFattribute("OPERPARM_MSCOPE", "racfMscopeSystems", "Specifies the systems from which this console can receive messages that are not directed to a specific console.  Each system-name can be any combination of A-Z, 0-9, #, $, or @.  A name of '*' indicates the system on which the console is currently active.", " ", true, false, true, false, true, false));
        sa2object.put("OPERPARM_ALTGRP", new RACFattribute("OPERPARM_ALTGRP", "racfAltGroupKeyword", "The console group used in recovery. 1-8 characters, with valid characters being 0-9, A-Z, #, $, or @.", true, false, false));
        sa2object.put("OPERPARM_AUTO", new RACFattribute("OPERPARM_AUTO", "racfAutoKeyword", "Indicates the extended console can receive messages that have been automated by the Message Processing Facility (MPF) in the sysplex.", true, true, false, "YES", "NO", false));
        sa2object.put("WORKATTR_WANAME", new RACFattribute("WORKATTR_WANAME", "racfWorkAttrUserName", "Name of the user that SYSOUT information is to be delivered to.  1 to 60 characters.", true, false, false));
        sa2object.put("WORKATTR_WABLDG", new RACFattribute("WORKATTR_WABLDG", "racfBuilding", "Building that SYSOUT information is to be delivered to.  1 to 60 characters.", true, false, false));
        sa2object.put("WORKATTR_WADEPT", new RACFattribute("WORKATTR_WADEPT", "racfDepartment", "Department that SYSOUT information is to be delivered to.  1 to 60 characters.", true, false, false));
        sa2object.put("WORKATTR_WAROOM", new RACFattribute("WORKATTR_WAROOM", "racfRoom", "Room that SYSOUT information is to be delivered to.  1 to 60 characters.", true, false, false));
        sa2object.put("WORKATTR_WAADDR1", new RACFattribute("WORKATTR_WAADDR1", "racfAddressLine1", "Address Line 1 that SYSOUT information is to be delivered to.  1 to 60 characters.", true, false, false));
        sa2object.put("WORKATTR_WAADDR2", new RACFattribute("WORKATTR_WAADDR2", "racfAddressLine2", "Address Line 2 that SYSOUT information is to be delivered to.  1 to 60 characters.", true, false, false));
        sa2object.put("WORKATTR_WAADDR3", new RACFattribute("WORKATTR_WAADDR3", "racfAddressLine3", "Address Line 3 that SYSOUT information is to be delivered to.  1 to 60 characters.", true, false, false));
        sa2object.put("WORKATTR_WAADDR4", new RACFattribute("WORKATTR_WAADDR4", "racfAddressLine4", "Address Line 4 that SYSOUT information is to be delivered to.  1 to 60 characters.", true, false, false));
        sa2object.put("WORKATTR_WAACCNT", new RACFattribute("WORKATTR_WAACCNT", "racfWorkAttrAccountNumber", "An account number for APPC/MVS processing.  1 to 255 characters.", true, false, false));
        sa2object.put("NETVIEW_IC", new RACFattribute("NETVIEW_IC", "racfNetviewInitialCommand", "The command or command list (up to 255 characters) to be processed by NetView for this operator when this operator logs on to NetView.", true, false, false));
        sa2object.put("NETVIEW_CONSNAME", new RACFattribute("NETVIEW_CONSNAME", "racfdefaultConsoleName", "Specifies the default master console station (MCS) console name used for this operator.  1 - 8 character name.", true, false, false));
        sa2object.put("NETVIEW_CTL", new RACFattribute("NETVIEW_CTL", "racfCTLKeyword", "Indicates whether a security check is performed for this NetView operator when they try to use a span or try to do a cross-domain logon.  Allowed values 'GENERAL','GLOBAL' or 'SPECIFIC'.", true, false, false));
        sa2object.put("NETVIEW_MSGRECVR", new RACFattribute("NETVIEW_MSGRECVR", "racfMSGRCVRKeyword", "Indicates this operator is to receive unsolicited messages that are not routed to a specific NetView operator.", true, true, false, "YES", "NO"));
        sa2object.put("NETVIEW_OPCLASS", new RACFattribute("NETVIEW_OPCLASS", "racfNetviewOperatorClass", "NetView scope classes for which the operator has authority.  Each class is a number from 1 to 2040.", " ", true, false, true, true, true, false));
        sa2object.put("NETVIEW_DOMAINS", new RACFattribute("NETVIEW_DOMAINS", "racfDomains", "Specifies the identifiers of NetView programs in another NetView domain where this operator can start a cross-domain session.  Each identifier is 1-5 characters, with valid characters being 0-9, A-Z, #, $, or @.", " ", true, false, true, false, true, false));
        sa2object.put("NETVIEW_NGMFADMN", new RACFattribute("NETVIEW_NGMFADMN", "racfNGMFADMKeyword", "Indicates a NetView operator has administrator authority to the NetView Graphic Monitor Facility (NGMF).", true, true, false, "YES", "NO"));
        sa2object.put("DCE_UUID", new RACFattribute("DCE_UUID", "racfDCEUUID", "The DCE universal unique identifier (UUID) of the DCE principal defined in DCENAME. The UUID is a 36-character string that consists of numeric and hexadecimal characters. This string must have the delimiter character (-) in positions 9, 14, 19, and 24. The general format for the UUID string is xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx, in which x represents a valid numeric or hexadecimal character.", true, false, false, "NONE"));
        sa2object.put("DCE_DCENAME", new RACFattribute("DCE_DCENAME", "racfDCEPrincipal", "The DCE principal name defined for this RACF user in the DCE registry. 1 - 1023 characters.", true, false, false));
        sa2object.put("DCE_HOMECELL", new RACFattribute("DCE_HOMECELL", "racfDCEHomeCell", "The DCE cell name defined for this RACF user. 1 - 1023 characters.  RACF checks that the HOMECELL name entered has a prefix of either /.../ or /.:/", true, false, false));
        sa2object.put("DCE_HOMEUUID", new RACFattribute("DCE_HOMEUUID", "racfDCEHomeCellUUID", "The DCE universal unique identifier (UUID) for the cell that this user is defined to. The UUID is a 36-character string that consists of numeric and hexadecimal characters. This string must have the delimiter character (-) in positions 9, 14, 19, and 24. The general format for the UUID string is xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx, in which x represents a valid numeric or hexadecimal character.", true, false, false, "NONE"));
        sa2object.put("DCE_AUTOLOGIN", new RACFattribute("DCE_AUTOLOGIN", "racfDCEAutoLogin", "Indicates z/OS UNIX DCE is to log this user into z/OS UNIX DCE automatically.", true, true, false, "YES", "NO"));
        sa2object.put("OVM_UID", new RACFattribute("OVM_UID", "racfOvmUid", "OpenExtensions VM user identifier, UID.  Numeric value between 0 and 2147483647.", true, false, true, "NONE"));
        sa2object.put("OVM_HOME", new RACFattribute("OVM_HOME", "racfOvmHome", "The initial directory pathname. 1 - 1023 characters.", true, false, false));
        sa2object.put("OVM_PROGRAM", new RACFattribute("OVM_PROGRAM", "racfOvmInitialProgram", "Specifies the PROGRAM pathname. 1 - 1023 characters.  First program started when the OPENVM SHELL command is entered.", true, false, false));
        sa2object.put("OVM_FSROOT", new RACFattribute("OVM_FSROOT", "racfOvmFileSystemRoot", "The pathname for the file system root. 1 - 1023 characters.", true, false, false));
        sa2object.put("LNOTES_SNAME", new RACFattribute("LNOTES_SNAME", "racfLNotesShortName", "Lotus Notes for z/OS short-name of the user.  1-64 characters, consisting of alphanumeric characters or '&amp;', '-', '.', '_', and a blank.", true, false, false, "NONE"));
        sa2object.put("NDS_UNAME", new RACFattribute("NDS_UNAME", "racfNDSUserName", "Novell Directory Services for OS/390 user-name of the user.  1-246 characters excluding the following characters:  '*', '+', '|', '=', ',', '\"', '`', '/', ':', ';', '¢', '[', ']'", true, false, false, "NONE"));
        sa2object.put("KERB_KERBNAME", new RACFattribute("KERB_KERBNAME", "krbPrincipalName", "User's local kerberos-principal-name, may contain any characters except '@'.  Must not be qualified with a realm name.  However, RACF verifies that the local principal name, when fully qualified with the name of the local realm: '/.../local_realm_name/principal_name' does not exceed 240 characters.", true, false, false));
        sa2object.put("KERB_MAXTKTLFE", new RACFattribute("KERB_MAXTKTLFE", "maxTicketAge", "The max-ticket-life in seconds, and is represented by a numeric value between 1 and 2147483647.", true, false, false));
        sa2object.put("KERB_KEYVERSION", new RACFattribute("KERB_KEYVERSION", "racfCurKeyVersion", "Current Network Authentication Service key version.", false, false, false));
        sa2object.put("KERB_ENCRYPT", new RACFattribute("KERB_ENCRYPT", "racfEncryptType", "ENCRYPT values are used to specify which keys are allowed for use based on the encryption algorithm used to generate them.  Default values will be provided for any values not specified.  Examples: 'DES','DES3' and 'DESD'.", " ", true, false, true, false, true, false));
        sa2object.put("PROXY_BINDDN", new RACFattribute("PROXY_BINDDN", "racfLDAPBindDN", "The distinguished name (DN) which the z/OS LDAP Server will use when acting as a proxy on behalf of a requester.  1 - 1023 characters.", true, false, false));
        sa2object.put("PROXY_BINDPW", new RACFattribute("PROXY_BINDPW", "racfLDAPBindPW", "Password which the z/OS LDAP Server will use when acting as a proxy on behalf of a requester. 1 - 128 characters.", true, false, false));
        sa2object.put("PROXY_LDAPHOST", new RACFattribute("PROXY_LDAPHOST", "racfLDAPHost", "The URL of the LDAP server which the z/OS LDAP Server will contact when acting as a proxy on behalf of a requester.  The URL should be in a format such as ldap://123.45.6:389  10-1023 characters. A valid URL must start with either ldap:// or ldaps:// and is not case-sensitive.", true, false, false));
        sa2object.put("EIM_LDAPPROF", new RACFattribute("EIM_LDAPPROF", "racfLDAPProf", "Name of a profile in the LDAPBIND class. The profile in the LDAPBIND class contains the name of an EIM domain and the bind information required to establish a connection with the EIM domain.  1-246 characters.", true, false, false));
        SDBM2racf = new TreeMap();
        for (RACFattribute rACFattribute : sa2object.values()) {
            if (rACFattribute.sdbm_name.equalsIgnoreCase("racfattributes")) {
                SDBM2racf.put(rACFattribute.on_name, rACFattribute.racf_name);
            }
            SDBM2racf.put(rACFattribute.sdbm_name.toLowerCase(), rACFattribute.racf_name);
        }
        msg_type.add("IN");
        msg_type.add("CE");
        msg_type.add("R");
        msg_type.add("I");
        msg_type.add("E");
        revoke_ra = (RACFattribute) sa2object.get("BASE_REVOKE");
        resume_ra = (RACFattribute) sa2object.get("BASE_RESUME");
    }
}
