package com.ibm.ws.webcontainer.session.impl;

import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.security.WSSecurityHelper;
import com.ibm.websphere.servlet.session.UnauthorizedSessionRequestException;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.core.SecurityContext;
import com.ibm.ws.session.AbstractSessionData;
import com.ibm.ws.session.MemoryStoreHelper;
import com.ibm.ws.session.SessionApplicationParameters;
import com.ibm.ws.session.SessionContext;
import com.ibm.ws.session.SessionCrossoverStackTrace;
import com.ibm.ws.session.SessionData;
import com.ibm.ws.session.SessionManagerConfig;
import com.ibm.ws.session.SessionStoreService;
import com.ibm.ws.session.utils.LoggingUtil;
import com.ibm.ws.webcontainer.osgi.collaborator.CollaboratorHelperImpl;
import com.ibm.ws.webcontainer.session.IHttpSessionContext;
import com.ibm.ws.webcontainer.srt.ISRTServletRequest;
import com.ibm.wsspi.http.channel.values.HttpHeaderKeys;
import com.ibm.wsspi.session.IGenericSessionManager;
import com.ibm.wsspi.session.ISession;
import com.ibm.wsspi.session.ISessionAffinityManager;
import com.ibm.wsspi.session.IStore;
import com.ibm.wsspi.session.SessionAffinityContext;
import com.ibm.wsspi.webcontainer.WebContainerConstants;
import com.ibm.wsspi.webcontainer.servlet.IExtendedRequest;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.text.MessageFormat;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.LinkedList;
import java.util.ResourceBundle;
import java.util.logging.Level;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:com/ibm/ws/webcontainer/session/impl/HttpSessionContextImpl.class */
public class HttpSessionContextImpl extends SessionContext implements IHttpSessionContext {
    private static final String methodClassName = "HttpSessionContextImpl";

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/ibm/ws/webcontainer/session/impl/HttpSessionContextImpl$SecurityCheckObject.class */
    public static class SecurityCheckObject {
        private AbstractSessionData sd = null;
        private boolean doSecurityCheckAgain = false;

        SecurityCheckObject() {
        }

        AbstractSessionData getSessionObject() {
            return this.sd;
        }

        boolean isDoSecurityCheckAgain() {
            return this.doSecurityCheckAgain;
        }

        void setSessionObject(AbstractSessionData abstractSessionData) {
            this.sd = abstractSessionData;
        }

        void setDoSecurityCheckAgain(boolean z) {
            this.doSecurityCheckAgain = z;
        }
    }

    public HttpSessionContextImpl(SessionManagerConfig sessionManagerConfig, SessionApplicationParameters sessionApplicationParameters, SessionStoreService sessionStoreService) {
        super(sessionManagerConfig, sessionApplicationParameters, sessionStoreService);
    }

    public HttpSessionContextImpl(SessionManagerConfig sessionManagerConfig, SessionApplicationParameters sessionApplicationParameters, SessionStoreService sessionStoreService, boolean z) {
        super(sessionManagerConfig, sessionApplicationParameters, sessionStoreService, z);
    }

    public void lockSession(HttpServletRequest httpServletRequest, HttpSession httpSession) {
        int size;
        String str = (String) httpServletRequest.getAttribute(WebContainerConstants.DISPATCH_NESTED_ATTR);
        if (str == null || str.equalsIgnoreCase("false")) {
            try {
                long serializedSessionAccessMaxWaitTime = this._smc.getSerializedSessionAccessMaxWaitTime() * 1000;
                long j = serializedSessionAccessMaxWaitTime * 1000000;
                if (httpSession != null) {
                    Object obj = new Object();
                    LinkedList lockList = ((AbstractSessionData) httpSession).getLockList();
                    synchronized (lockList) {
                        ((AbstractSessionData) httpSession).setSessionLock(Thread.currentThread(), obj);
                        lockList.addLast(obj);
                        size = lockList.size();
                    }
                    if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                        LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[18], "size = " + size + " thread = " + Thread.currentThread().getId() + " lock = " + obj.hashCode());
                    }
                    if (size > 1) {
                        long nanoTime = System.nanoTime();
                        if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                            LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[18], "waiting...");
                        }
                        synchronized (obj) {
                            obj.wait(serializedSessionAccessMaxWaitTime);
                        }
                        if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                            LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[18], "Done waiting.");
                        }
                        long nanoTime2 = System.nanoTime();
                        synchronized (lockList) {
                            if (nanoTime2 - j >= nanoTime) {
                                if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                                    LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[18], "notified after wait timed out");
                                }
                                if (!this._smc.getAccessSessionOnTimeout()) {
                                    lockList.remove(obj);
                                    LoggingUtil.SESSION_LOGGER_CORE.logp(Level.SEVERE, methodClassName, methodNames[18], "WsSessionContext.timeOut");
                                    throw new RuntimeException("Session Lock time outException");
                                }
                            }
                        }
                    }
                }
                if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                    LoggingUtil.SESSION_LOGGER_CORE.exiting(methodClassName, methodNames[18], httpSession);
                }
            } catch (InterruptedException e) {
                FFDCFilter.processException(e, "com.ibm.ws.webcontainer.session.impl.HttpSessionContextImpl.lockSession", "133", this);
                LoggingUtil.SESSION_LOGGER_CORE.logp(Level.SEVERE, methodClassName, methodNames[18], "CommonMessage.exception", (Throwable) e);
            }
        }
    }

    public void unlockSession(HttpSession httpSession) {
        if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.entering(methodClassName, methodNames[19]);
        }
        AbstractSessionData abstractSessionData = (AbstractSessionData) httpSession;
        Object sessionLock = abstractSessionData.getSessionLock(Thread.currentThread());
        if (sessionLock != null) {
            LinkedList lockList = abstractSessionData.getLockList();
            synchronized (lockList) {
                try {
                    lockList.remove(sessionLock);
                    if (lockList.size() > 0) {
                        Object first = lockList.getFirst();
                        if (first != null) {
                            if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                                LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[19], "notify after postInvoke");
                            }
                            synchronized (first) {
                                first.notify();
                            }
                        }
                    } else {
                        abstractSessionData.clearSessionLocks();
                    }
                } catch (Exception e) {
                    if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                        LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[19], "failed to unlock session", (Throwable) e);
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.exiting(methodClassName, methodNames[19]);
        }
    }

    @Override // com.ibm.ws.webcontainer.session.IHttpSessionContext
    public HttpSession sessionPreInvoke(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.entering(methodClassName, methodNames[3]);
        }
        if (this._smc.getIntegrateSecurity() && (httpServletRequest instanceof IExtendedRequest)) {
            ((IExtendedRequest) httpServletRequest).setRunningCollaborators(true);
        }
        HttpSession httpSession = null;
        try {
            httpSession = getIHttpSession(httpServletRequest, httpServletResponse, false, this._smc.getOnlyCheckInCacheDuringPreInvoke());
            if (this._smc.getIntegrateSecurity() && (httpServletRequest instanceof IExtendedRequest)) {
                ((IExtendedRequest) httpServletRequest).setRunningCollaborators(false);
            }
            if (this._smc.getAllowSerializedSessionAccess()) {
                lockSession(httpServletRequest, httpSession);
            }
        } catch (IllegalStateException e) {
            if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[3], "IllegalStateException occurred getting the session during preinvoke possibly due to a timing window.  Continuing with the request", (Throwable) e);
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.exiting(methodClassName, methodNames[3]);
        }
        return httpSession;
    }

    @Override // com.ibm.ws.webcontainer.session.IHttpSessionContext
    public boolean isValid(HttpSession httpSession, HttpServletRequest httpServletRequest, boolean z) {
        boolean isAnyTracingEnabled = TraceComponent.isAnyTracingEnabled();
        if (isAnyTracingEnabled && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.entering(methodClassName, methodNames[7]);
        }
        ISession iSession = ((AbstractSessionData) httpSession).getISession();
        boolean isValid = iSession.isValid();
        if (isValid) {
            if (this._smc.getIntegrateSecurity()) {
                try {
                    checkSecurity((AbstractSessionData) httpSession, httpServletRequest);
                } catch (UnauthorizedSessionRequestException e) {
                    if (this._smc.getInvalidateOnUnauthorizedSessionRequestException()) {
                        isValid = false;
                    } else {
                        if (z || this._smc.getThrowSecurityExceptionOnGetSessionFalse()) {
                            throw e;
                        }
                        isValid = false;
                    }
                }
            }
            if (isValid && this._smc.isDebugSessionCrossover() && crossoverCheck(httpServletRequest, httpSession)) {
                isValid = false;
                LoggingUtil.logParamsAndException(LoggingUtil.SESSION_LOGGER_CORE, Level.SEVERE, methodClassName, methodNames[7], "SessionContext.CrossoverOnRetrieve", new Object[]{getAppName(), httpSession.getId(), getCurrentSessionId()}, new SessionCrossoverStackTrace());
            }
        }
        if (!isValid) {
            ((IExtendedRequest) httpServletRequest).setSessionId(null);
            getSessionAffinityContext(httpServletRequest).setResponseSessionID((String) null);
            boolean z2 = iSession.getRefCount() > 0;
            if (isAnyTracingEnabled && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[7], "Still in the service method " + z2);
            }
            if (!z2 && this._smc.getModifyActiveCountOnInvalidatedSession()) {
                this._coreHttpSessionManager.getIStore().getStoreCallback().sessionReleased(iSession);
            }
        }
        if (isAnyTracingEnabled && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.exiting(methodClassName, methodNames[7], "" + isValid);
        }
        return isValid;
    }

    public boolean crossoverCheck(HttpServletRequest httpServletRequest, HttpSession httpSession) {
        String currentSessionId;
        boolean z = false;
        if (httpServletRequest != null) {
            z = ((IExtendedRequest) httpServletRequest).getRunningCollaborators();
            if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, "crossoverCheck", "" + z);
            }
        }
        return (z || httpSession.isNew() || (currentSessionId = getCurrentSessionId()) == null || currentSessionId.equals(httpSession.getId())) ? false : true;
    }

    protected SessionAffinityContext getSessionAffinityContext(HttpServletRequest httpServletRequest) {
        Hashtable hashtable = (Hashtable) ((IExtendedRequest) httpServletRequest).getSessionAffinityContext();
        if (hashtable == null) {
            hashtable = new Hashtable();
            ((IExtendedRequest) httpServletRequest).setSessionAffinityContext(hashtable);
            if (this._smc.isDebugSessionCrossover()) {
                currentThreadSacHashtable.set(hashtable);
            }
        }
        String sessionAffinityContextKey = this._smc.getSessionAffinityContextKey();
        SessionAffinityContext sessionAffinityContext = (SessionAffinityContext) hashtable.get(sessionAffinityContextKey);
        if (sessionAffinityContext == null) {
            sessionAffinityContext = this._sam.analyzeRequest(httpServletRequest);
            hashtable.put(sessionAffinityContextKey, sessionAffinityContext);
            if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[14], "Created sac and stored on request for key " + sessionAffinityContextKey);
            }
        } else if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[14], "Found sac on request for key " + sessionAffinityContextKey);
        }
        return sessionAffinityContext;
    }

    @Override // com.ibm.ws.webcontainer.session.IHttpSessionContext
    public String getRequestedSessionId(HttpServletRequest httpServletRequest) {
        SessionAffinityContext sessionAffinityContext = getSessionAffinityContext(httpServletRequest);
        if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.entering(methodClassName, methodNames[1], Boolean.valueOf(sessionAffinityContext.isFirstSessionIdValid()));
        }
        String requestedSessionID = sessionAffinityContext.getRequestedSessionID();
        boolean isRequestedSessionIDValid = this._coreHttpSessionManager.isRequestedSessionIDValid(requestedSessionID, 0);
        if ((requestedSessionID != null && !isRequestedSessionIDValid && !sessionAffinityContext.isAllSessionIdsSetViaSet()) || (!sessionAffinityContext.isAllSessionIdsSetViaSet() && !sessionAffinityContext.isFirstSessionIdValid())) {
            sessionAffinityContext.setAllSessionIds(this._sam.getAllCookieValues(httpServletRequest));
        }
        if (sessionAffinityContext.getNumSessionIds() > 1) {
            if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[1], "multiple incoming ids");
            }
            while (!isRequestedSessionIDValid && this._sam.setNextId(sessionAffinityContext)) {
                requestedSessionID = sessionAffinityContext.getRequestedSessionID();
                isRequestedSessionIDValid = this._coreHttpSessionManager.isRequestedSessionIDValid(requestedSessionID, 0);
            }
            if (!isRequestedSessionIDValid) {
                if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                    LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[1], "none valid - return first");
                }
                requestedSessionID = sessionAffinityContext.getFirstRequestedSessionID();
            }
        } else if (!isRequestedSessionIDValid && !sessionAffinityContext.isFirstSessionIdValid()) {
            if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[1], "return the only one id sent from client");
            }
            requestedSessionID = sessionAffinityContext.getFirstRequestedSessionID();
        }
        if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.exiting(methodClassName, methodNames[1], requestedSessionID);
        }
        return requestedSessionID;
    }

    @Override // com.ibm.ws.webcontainer.session.IHttpSessionContext
    public boolean isRequestedSessionIdValid(HttpServletRequest httpServletRequest, HttpSession httpSession) {
        String requestedSessionID = getSessionAffinityContext(httpServletRequest).getRequestedSessionID();
        if (requestedSessionID == null || httpSession == null) {
            return false;
        }
        return !(httpSession.isNew() && this._smc.checkSessionNewOnIsValidRequest()) && requestedSessionID.equals(httpSession.getId());
    }

    @Override // com.ibm.ws.webcontainer.session.IHttpSessionContext
    public boolean isRequestedSessionIdFromCookie(HttpServletRequest httpServletRequest) {
        return getSessionAffinityContext(httpServletRequest).isRequestedSessionIDFromCookie();
    }

    protected HttpSession getIHttpSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z, boolean z2) {
        boolean isAnyTracingEnabled = TraceComponent.isAnyTracingEnabled();
        if (isAnyTracingEnabled && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.entering(methodClassName, methodNames[2], "createIfAbsent = " + z);
        }
        HttpSession httpSession = null;
        SessionAffinityContext sessionAffinityContext = getSessionAffinityContext(httpServletRequest);
        if (!sessionAffinityContext.isFirstSessionIdValid() && !sessionAffinityContext.isAllSessionIdsSetViaSet()) {
            sessionAffinityContext.setAllSessionIds(this._sam.getAllCookieValues(httpServletRequest));
            this._sam.setNextId(sessionAffinityContext);
        }
        String inUseSessionID = this._sam.getInUseSessionID(httpServletRequest, sessionAffinityContext);
        if (inUseSessionID != null && Boolean.valueOf(ISRTServletRequest.getHeader(httpServletRequest, HttpHeaderKeys.HDR_$WSFO)).booleanValue()) {
            this._coreHttpSessionManager.getIStore().removeFromMemory(inUseSessionID);
        }
        if (inUseSessionID != null && (!z2 || this._coreHttpSessionManager.getIStore().getFromMemory(inUseSessionID) != null)) {
            httpSession = (HttpSession) this._coreHttpSessionManager.getSession(httpServletRequest, httpServletResponse, sessionAffinityContext, false);
        }
        if (httpSession != null) {
            String inUseSessionID2 = this._sam.getInUseSessionID(httpServletRequest, sessionAffinityContext);
            if (httpSession.getMaxInactiveInterval() == 0) {
                httpSession.invalidate();
                httpSession = null;
            } else if (!inUseSessionID2.equals(httpSession.getId())) {
                LoggingUtil.logParamsAndException(LoggingUtil.SESSION_LOGGER_CORE, Level.SEVERE, methodClassName, methodNames[2], "SessionContext.CrossoverOnRetrieve", new Object[]{getAppName(), httpSession.getId(), inUseSessionID2}, new SessionCrossoverStackTrace());
                httpSession = null;
            } else if (this._smc.isDebugSessionCrossover() && crossoverCheck(httpServletRequest, httpSession)) {
                LoggingUtil.logParamsAndException(LoggingUtil.SESSION_LOGGER_CORE, Level.SEVERE, methodClassName, methodNames[2], "SessionContext.CrossoverOnRetrieve", new Object[]{this._sap.getAppName(), httpSession.getId(), getCurrentSessionId()}, new SessionCrossoverStackTrace());
                httpSession = null;
            }
        }
        if (httpSession == null && z) {
            httpSession = (HttpSession) this._coreHttpSessionManager.createSession(httpServletRequest, httpServletResponse, sessionAffinityContext, shouldReuseId(httpServletRequest, sessionAffinityContext) && checkSessionIdIsRightLength(this._sam.getInUseSessionID(httpServletRequest, sessionAffinityContext)));
        }
        AbstractSessionData abstractSessionData = (AbstractSessionData) httpSession;
        if (abstractSessionData != null) {
            if (this._smc.getIntegrateSecurity()) {
                SecurityCheckObject doSecurityCheck = doSecurityCheck(abstractSessionData, httpServletRequest, z);
                if (doSecurityCheck.isDoSecurityCheckAgain()) {
                    doSecurityCheck = doSecurityCheck((AbstractSessionData) ((HttpSession) this._coreHttpSessionManager.createSession(httpServletRequest, httpServletResponse, sessionAffinityContext, shouldReuseId(httpServletRequest, sessionAffinityContext) && checkSessionIdIsRightLength(this._sam.getInUseSessionID(httpServletRequest, sessionAffinityContext)))), httpServletRequest, z);
                }
                abstractSessionData = doSecurityCheck.getSessionObject();
            }
            if (this.isSIPApplication) {
                abstractSessionData.setSIPCookieInfo(httpServletRequest);
                abstractSessionData.setPathInfo(httpServletRequest.getPathInfo());
                if (!httpServletResponse.isCommitted()) {
                    setSIPCookieIfApplicable(httpServletRequest, httpServletResponse, (SessionData) abstractSessionData);
                }
            }
        }
        if (this._sap.getAllowDispatchRemoteInclude()) {
            this._sam.setSessionId(httpServletRequest, sessionAffinityContext);
        }
        if (isAnyTracingEnabled && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.exiting(methodClassName, methodNames[2]);
        }
        return abstractSessionData;
    }

    private SecurityCheckObject doSecurityCheck(AbstractSessionData abstractSessionData, HttpServletRequest httpServletRequest, boolean z) {
        SecurityCheckObject securityCheckObject = new SecurityCheckObject();
        if (abstractSessionData.isNew()) {
            String remoteUser = (CollaboratorHelperImpl.getCurrentSecurityCollaborator(abstractSessionData.getServletContext()) == null || !WSSecurityHelper.isServerSecurityEnabled()) ? httpServletRequest.getRemoteUser() : getUser();
            if (remoteUser != null) {
                abstractSessionData.setUser(remoteUser);
            }
        } else {
            try {
                checkSecurity(abstractSessionData, httpServletRequest);
            } catch (UnauthorizedSessionRequestException e) {
                if (this._smc.getInvalidateOnUnauthorizedSessionRequestException()) {
                    if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                        LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, "doSecurityCheck", "UnauthorizedSessionRequestException thrown - invalidating session");
                    }
                    abstractSessionData.invalidate();
                    abstractSessionData = null;
                    securityCheckObject.setDoSecurityCheckAgain(z);
                } else {
                    if (z || this._smc.getThrowSecurityExceptionOnGetSessionFalse()) {
                        if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                            LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, "doSecurityCheck", "throwing an UnauthorizedSessionRequestException");
                        }
                        throw e;
                    }
                    if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                        LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, "doSecurityCheck", "getSession(false) can not access the session due to an UnauthorizedSessionRequestException");
                    }
                    abstractSessionData = null;
                }
            }
        }
        securityCheckObject.setSessionObject(abstractSessionData);
        return securityCheckObject;
    }

    private String getUser() {
        return (String) AccessController.doPrivileged(new PrivilegedAction<String>() { // from class: com.ibm.ws.webcontainer.session.impl.HttpSessionContextImpl.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public String run() {
                return SecurityContext.getUser();
            }
        });
    }

    @Override // com.ibm.ws.webcontainer.session.IHttpSessionContext
    public HttpSession getIHttpSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z) {
        return getIHttpSession(httpServletRequest, httpServletResponse, z, false);
    }

    @Override // com.ibm.ws.webcontainer.session.IHttpSessionContext
    public String getSessionUserName(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        HttpSession httpSession = null;
        SessionAffinityContext sessionAffinityContext = getSessionAffinityContext(httpServletRequest);
        if (!sessionAffinityContext.isFirstSessionIdValid() && !sessionAffinityContext.isAllSessionIdsSetViaSet()) {
            sessionAffinityContext.setAllSessionIds(this._sam.getAllCookieValues(httpServletRequest));
            this._sam.setNextId(sessionAffinityContext);
        }
        if (this._sam.getInUseSessionID(httpServletRequest, sessionAffinityContext) != null) {
            httpSession = (HttpSession) this._coreHttpSessionManager.getSession(httpServletRequest, httpServletResponse, sessionAffinityContext, false);
        }
        if (httpSession != null) {
            return ((AbstractSessionData) httpSession).getUserName();
        }
        return null;
    }

    @Override // com.ibm.ws.webcontainer.session.IHttpSessionContext
    public boolean isRequestedSessionIdFromUrl(HttpServletRequest httpServletRequest) {
        return getSessionAffinityContext(httpServletRequest).isRequestedSessionIDFromURL();
    }

    protected void checkSecurity(AbstractSessionData abstractSessionData, HttpServletRequest httpServletRequest) {
        String remoteUser;
        if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.entering(methodClassName, methodNames[15]);
        }
        String userName = abstractSessionData.getUserName();
        if (CollaboratorHelperImpl.getCurrentSecurityCollaborator(abstractSessionData.getServletContext()) == null || !WSSecurityHelper.isServerSecurityEnabled()) {
            if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[15], "calling getRemoteUser");
            }
            remoteUser = httpServletRequest.getRemoteUser();
        } else {
            if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                LoggingUtil.SESSION_LOGGER_CORE.logp(Level.FINE, methodClassName, methodNames[15], "calling getUser");
            }
            remoteUser = getUser();
        }
        if (remoteUser == null) {
            remoteUser = "anonymous";
        }
        if (remoteUser != null && userName != null && ((!this._smc.getSecurityUserIgnoreCase() || !remoteUser.equalsIgnoreCase(userName)) && !remoteUser.equals(userName))) {
            if (userName.equals("anonymous")) {
                abstractSessionData.setUser(remoteUser);
            } else if (!((IExtendedRequest) httpServletRequest).getRunningCollaborators()) {
                Object[] objArr = {remoteUser, userName};
                if (!this._smc.getInvalidateOnUnauthorizedSessionRequestException()) {
                    LoggingUtil.SESSION_LOGGER_CORE.logp(Level.SEVERE, methodClassName, methodNames[15], "SessionContext.unauthAccessError", objArr);
                }
                if (this._smc.isDebugSessionCrossover()) {
                    new Throwable("Throw exception to find out who sent the unauthorized request !!!").printStackTrace(System.out);
                }
                ResourceBundle resourceBundle = LoggingUtil.SESSION_LOGGER_CORE.getResourceBundle();
                UnauthorizedSessionRequestException unauthorizedSessionRequestException = resourceBundle != null ? new UnauthorizedSessionRequestException(MessageFormat.format(resourceBundle.getString("SessionContext.unauthAccessError"), objArr)) : new UnauthorizedSessionRequestException();
                if (!this._smc.getThrowSecurityExceptionOnGetSessionFalse() && !this._smc.getInvalidateOnUnauthorizedSessionRequestException()) {
                    abstractSessionData.getISession().decrementRefCount();
                }
                throw unauthorizedSessionRequestException;
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.exiting(methodClassName, methodNames[15]);
        }
    }

    protected boolean shouldReuseId(HttpServletRequest httpServletRequest, SessionAffinityContext sessionAffinityContext) {
        boolean z = sessionAffinityContext.isResponseIdSet() || sessionAffinityContext.isRequestedSessionIDFromSSL();
        if (!z && this._smc.getEnableUrlRewriting()) {
            if (!(this._smc.getEnableCookies() && ISRTServletRequest.getHeader(httpServletRequest, HttpHeaderKeys.HDR_COOKIE) != null)) {
                Hashtable hashtable = (Hashtable) ((IExtendedRequest) httpServletRequest).getSessionAffinityContext();
                if (hashtable.size() > 1) {
                    Enumeration elements = hashtable.elements();
                    while (true) {
                        if (!elements.hasMoreElements()) {
                            break;
                        }
                        String responseSessionID = ((SessionAffinityContext) elements.nextElement()).getResponseSessionID();
                        if (responseSessionID != null) {
                            sessionAffinityContext.setResponseSessionID(responseSessionID);
                            z = true;
                            break;
                        }
                    }
                }
            }
        }
        return z || SessionManagerConfig.isIdReuse();
    }

    public String encodeURLForSipConvergedApps(HttpSession httpSession, String str) {
        return encodeURL(httpSession, null, str);
    }

    @Override // com.ibm.ws.webcontainer.session.IHttpSessionContext
    public String encodeURL(HttpSession httpSession, HttpServletRequest httpServletRequest, String str) {
        int indexOf;
        int indexOf2;
        if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            String str2 = str;
            if (SessionManagerConfig.isHideSessionValues() && str2 != null && (indexOf2 = str2.indexOf("?")) != -1) {
                str2 = str2.substring(0, indexOf2);
            }
            if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                LoggingUtil.SESSION_LOGGER_CORE.entering(methodClassName, methodNames[8], str2);
            }
        }
        if (httpSession == null) {
            if (!TraceComponent.isAnyTracingEnabled() || !LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                return null;
            }
            LoggingUtil.SESSION_LOGGER_CORE.exiting(methodClassName, methodNames[8], null);
            return null;
        }
        if (httpServletRequest == null) {
            str = this._sam.encodeURL(httpSession, str);
        } else {
            SessionAffinityContext sessionAffinityContext = getSessionAffinityContext(httpServletRequest);
            if (shouldEncodeURL(str, httpServletRequest)) {
                if (this._smc.isDebugSessionCrossover() && crossoverCheck(httpServletRequest, httpSession)) {
                    LoggingUtil.logParamsAndException(LoggingUtil.SESSION_LOGGER_CORE, Level.SEVERE, methodClassName, methodNames[8], "SessionContext.CrossoverOnReturn", new Object[]{getAppName(), httpSession.getId(), getCurrentSessionId()}, new SessionCrossoverStackTrace());
                } else {
                    str = this._sam.encodeURL(httpServletRequest, str, sessionAffinityContext);
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            String str3 = str;
            if (SessionManagerConfig.isHideSessionValues() && str3 != null && (indexOf = str3.indexOf("?")) != -1) {
                str3 = str3.substring(0, indexOf);
            }
            if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                LoggingUtil.SESSION_LOGGER_CORE.exiting(methodClassName, methodNames[8], "new url is " + str3);
            }
        }
        return str;
    }

    public ISessionAffinityManager createSessionAffinityManager(SessionManagerConfig sessionManagerConfig, SessionContext sessionContext, IStore iStore) {
        return new SessionAffinityManagerImpl(sessionManagerConfig, sessionContext, iStore);
    }

    public Object createSessionObject(ISession iSession, ServletContext servletContext) {
        return new HttpSessionImpl(iSession, this, servletContext);
    }

    public IGenericSessionManager createCoreSessionManager() {
        return super.createCoreSessionManager();
    }

    protected MemoryStoreHelper createStoreHelper(ServletContext servletContext) {
        return new MemoryStoreHelperImpl(servletContext);
    }

    @Override // com.ibm.ws.webcontainer.session.IHttpSessionContext
    public SessionManagerConfig getWASSessionConfig() {
        return ((SessionContext) this)._smc;
    }

    protected boolean checkSessionIdIsRightLength(String str) {
        boolean z = true;
        boolean forceSessionIdLengthCheck = this._smc.getForceSessionIdLengthCheck();
        if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.entering(methodClassName, methodNames[17], str);
        }
        if (str == null || !forceSessionIdLengthCheck) {
            if (!TraceComponent.isAnyTracingEnabled() || !LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
                return true;
            }
            LoggingUtil.SESSION_LOGGER_CORE.exiting(methodClassName, methodNames[17], "no check");
            return true;
        }
        if (str.length() != SessionManagerConfig.getSessionIDLength()) {
            LoggingUtil.SESSION_LOGGER_CORE.logp(Level.WARNING, methodClassName, methodNames[17], "CommonMessage.miscData", " Incoming id " + str + " (" + str.length() + ") failed length check against " + SessionManagerConfig.getSessionIDLength());
            z = false;
        }
        if (TraceComponent.isAnyTracingEnabled() && LoggingUtil.SESSION_LOGGER_CORE.isLoggable(Level.FINE)) {
            LoggingUtil.SESSION_LOGGER_CORE.exiting(methodClassName, methodNames[17], Boolean.valueOf(z));
        }
        return z;
    }
}
