package com.ibm.ISecurityLocalObjectTokenBaseImpl;

import com.ibm.ISecurityL13SupportImpl.SecurityLogger;
import com.ibm.ISecurityLocalObjectBaseL13Impl.VaultImpl;
import com.ibm.ISecurityLocalObjectTokenBaseImpl.CredentialsPackage.CredentialsNotSet;
import com.ibm.ISecurityUtilityImpl.AuthenticationResult;
import com.ibm.ISecurityUtilityImpl.AuthenticationTarget;
import com.ibm.ISecurityUtilityImpl.CommonSecurityServer;
import com.ibm.ISecurityUtilityImpl.CredentialsHelper;
import com.ibm.ISecurityUtilityImpl.RealmSecurityName;
import com.ibm.ISecurityUtilityImpl.SecurityConfiguration;
import com.ibm.ISecurityUtilityImpl.StringBytesConversion;
import com.ibm.websphere.security.cred.WSCredential;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.auth.BasicAuthData;
import org.omg.Security.Attribute;
import org.omg.Security.AuthenticationStatus;
import org.omg.Security.DuplicateAttributeType;
import org.omg.Security.InvalidAttributeType;
import org.omg.Security.InvalidAuthnMethod;
import org.omg.Security.OpaqueHolder;
import org.omg.SecurityLevel2.CredentialsHolder;
import org.omg.SecurityLevel2.InvalidCredential;
import org.omg.SecurityLevel2.LoginFailed;

/* loaded from: input_file:lib/sas.jar:com/ibm/ISecurityLocalObjectTokenBaseImpl/PrincipalAuthenticatorImpl.class */
public class PrincipalAuthenticatorImpl extends com.ibm.ISecurityLocalObjectBaseL13Impl.PrincipalAuthenticatorImpl {
    protected PrincipalAuthenticatorImpl() {
    }

    public PrincipalAuthenticatorImpl(VaultImpl vaultImpl, int i) {
        super(vaultImpl);
        this._authenticationTarget = i;
        this._authenticationTargetString = (String) AuthenticationTarget.strings.get(new Integer(i));
        synchronized (com.ibm.ISecurityLocalObjectBaseL13Impl.PrincipalAuthenticatorImpl._securityEnabled) {
            if (!com.ibm.ISecurityLocalObjectBaseL13Impl.PrincipalAuthenticatorImpl._atSecurityEnabled && isSecurityEnabled()) {
                com.ibm.ISecurityLocalObjectBaseL13Impl.PrincipalAuthenticatorImpl._atSecurityEnabled = true;
                enableSecurity(this._authenticationTarget);
            }
        }
    }

    @Override // com.ibm.ISecurityLocalObjectBaseL13Impl.PrincipalAuthenticatorImpl, com.ibm.IExtendedSecurityPrivImpl.PrincipalAuthenticatorImpl, com.ibm.IExtendedSecurityPriv._PrincipalAuthenticatorImplBase, org.omg.SecurityLevel2.PrincipalAuthenticatorOperations
    public AuthenticationStatus authenticate(int i, String str, byte[] bArr, Attribute[] attributeArr, CredentialsHolder credentialsHolder, OpaqueHolder opaqueHolder, OpaqueHolder opaqueHolder2) throws LoginFailed, InvalidAuthnMethod, InvalidAttributeType, DuplicateAttributeType {
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticate", new StringBuffer().append("Beginning to authenticate principal: ").append(str).append(".").toString());
        }
        byte[] bArr2 = {100};
        Object[] objArr = null;
        credentialsHolder.value = null;
        opaqueHolder.value = null;
        opaqueHolder2.value = bArr2;
        String str2 = null;
        String hostName = getHostName();
        String realmSecurityName = RealmSecurityName.getRealmSecurityName(str);
        String securityName = RealmSecurityName.getSecurityName(str);
        String realm = RealmSecurityName.getRealm(str);
        if (realm.length() == 0) {
            realm = RealmSecurityName.getRealm(VaultImpl.getSecurityConfiguration().getprincipalName());
            if (realm.length() == 0) {
                realm = hostName;
            }
            realmSecurityName = RealmSecurityName.getRealmSecurityName(realm, securityName);
        }
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticate", new StringBuffer().append("Realm == \"").append(realm).append("\", realmSecurityName == \"").append(realmSecurityName).append("\".").toString());
        }
        if (!com.ibm.ISecurityLocalObjectBaseL13Impl.PrincipalAuthenticatorImpl._securityEnabled[0]) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticate", "Security is disabled ... dummy generic creds will be created.");
            }
            credentialsHolder.value = createDummyCreds(realmSecurityName, null);
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticate", "Exiting authenticate with Success.");
            }
            return AuthenticationStatus.SecAuthSuccess;
        }
        com.ibm.ISecurityLocalObjectBaseL13Impl.CredentialsImpl serverCred = getServerCred(this._authenticationTarget);
        if (serverCred == null) {
            if (createServerCred(this._authenticationTarget)) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticate", "Establishing the server generic creds ... dummy generic creds will be created.");
                }
                setServerCred(this._authenticationTarget, true, createDummyCreds(realmSecurityName, bArr));
                serverCred = getServerCred(this._authenticationTarget);
            } else {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticate", "Establishing the server generic BasicAuth creds ... dummy generic creds will be created.");
                }
                serverCred = getServerCred(4);
            }
        }
        if ((i & 131072) == 131072) {
            if (bArr == null || bArr.length == 0) {
                SecurityLogger.logError("security.JSAS0191E", new Object[]{"PrincipalAuthenticatorImpl.authenticate"});
                bArr2[0] = 6;
                opaqueHolder2.value = bArr2;
                return AuthenticationStatus.SecAuthFailure;
            }
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticate", new StringBuffer().append("Authenticating BasicAuth token with generic, realm/security_name == ").append(realm.length() == 0 ? "NULL" : realm).append("/").append(securityName.length() == 0 ? "NULL" : securityName).append(", auth token == ").append(SecurityConfiguration.mask(StringBytesConversion.getConvertedString(bArr))).toString());
            }
        } else {
            if (securityName.length() == 0) {
                SecurityLogger.logError("security.JSAS0190E", new Object[]{"PrincipalAuthenticatorImpl.authenticate"});
                bArr2[0] = 1;
                opaqueHolder2.value = bArr2;
                return AuthenticationStatus.SecAuthFailure;
            }
            str2 = (bArr == null || bArr.length == 0) ? "" : StringBytesConversion.getConvertedString(bArr);
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticate", new StringBuffer().append("Authenticating principal with generic, realm/security_name == ").append(realm.length() == 0 ? "NULL" : realm).append("/").append(securityName).append(", password == ").append(str2.length() == 0 ? "NULL" : SecurityConfiguration.mask(str2)).toString());
            }
        }
        com.ibm.ISecurityLocalObjectBaseL13Impl.CredentialsImpl doPrivileged = doPrivileged(serverCred);
        BasicAuthData basicAuthData = new BasicAuthData(securityName, str2);
        CommonSecurityServer commonSecurityServer = this._vault.getCommonSecurityServer(this._authenticationTarget);
        AuthenticationResult authenticate = (i & 131072) == 131072 ? commonSecurityServer.authenticate(bArr) : commonSecurityServer.authenticate(realm, basicAuthData, true);
        WSCredential wSCredential = authenticate.get_auth_cred();
        bArr2[0] = (byte) authenticate.get_auth_fail_reason();
        opaqueHolder2.value = bArr2;
        opaqueHolder.value = StringBytesConversion.getConvertedBytes(authenticate.get_auth_fail_message());
        endPrivileged(doPrivileged);
        if (opaqueHolder2.value[0] != 100) {
            return AuthenticationStatus.SecAuthFailure;
        }
        CredentialsImpl credentialsImpl = (CredentialsImpl) CredentialsHelper.mapWSToCorba(wSCredential);
        if ((i & 65536) == 65536) {
            try {
                this._vault.add_default_credentials(credentialsImpl);
            } catch (InvalidCredential e) {
                FFDCFilter.processException((Throwable) e, "com.ibm.ISecurityLocalObjectTokenBaseImpl.PrincipalAuthenticatorImpl.authenticate", "444", (Object) this);
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticate", "Error adding credentials to default credentials list.");
                }
                if (SecurityLogger.traceEnabled) {
                    SecurityLogger.traceException("PrincipalAuthenticatorImpl.authenticate", (Exception) e, 0, 0);
                }
                bArr2[0] = 7;
                opaqueHolder2.value = bArr2;
                return AuthenticationStatus.SecAuthFailure;
            }
        }
        try {
            this._vault.addEstablishedCredentials(credentialsImpl);
            if (realmSecurityName.length() > 0) {
                credentialsImpl.setUniqueID(realmSecurityName);
            } else if (0 != 0 && objArr.length > 0) {
                credentialsImpl.setUniqueID(StringBytesConversion.getConvertedString(null));
            }
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticate", "Exiting authenticate with Success.");
            }
            credentialsHolder.value = credentialsImpl;
            if (getServerCred(this._authenticationTarget) == null && createServerCred(this._authenticationTarget)) {
                setServerCred(this._authenticationTarget, false, credentialsImpl);
            }
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticate", new StringBuffer().append("Created a token base credential of mechanism type: ").append(credentialsImpl.getAuthType()).append(". Credential is fowardable = ").append(credentialsImpl.isForwardable()).toString());
            }
            return AuthenticationStatus.SecAuthSuccess;
        } catch (InvalidCredential e2) {
            FFDCFilter.processException((Throwable) e2, "com.ibm.ISecurityLocalObjectTokenBaseImpl.PrincipalAuthenticatorImpl.authenticate", "468", (Object) this);
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticate", "Error adding credentials to established credentials list.");
            }
            if (SecurityLogger.traceEnabled) {
                SecurityLogger.traceException("PrincipalAuthenticatorImpl.authenticate", (Exception) e2, 0, 0);
            }
            bArr2[0] = 7;
            opaqueHolder2.value = bArr2;
            return AuthenticationStatus.SecAuthFailure;
        }
    }

    @Override // com.ibm.ISecurityLocalObjectBaseL13Impl.PrincipalAuthenticatorImpl
    protected com.ibm.ISecurityLocalObjectBaseL13Impl.CredentialsImpl createDummyCreds(String str, byte[] bArr) {
        String authTargetToOid = this._vault.getAuthenticationTarget().authTargetToOid(this._authenticationTarget);
        CredentialsImpl credentialsImpl = this._authenticationTarget == 2 ? new CredentialsImpl(this._vault, authTargetToOid, false) : new CredentialsImpl(this._vault, authTargetToOid, true);
        createDummyCreds(str, bArr, credentialsImpl);
        return credentialsImpl;
    }

    @Override // com.ibm.ISecurityLocalObjectBaseL13Impl.PrincipalAuthenticatorImpl
    protected com.ibm.ISecurityLocalObjectBaseL13Impl.CredentialsImpl createUnauthenticatedCred() {
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.createUnauthenticatedCred", "Creating unauthenticated token base credentials.");
        }
        CredentialsImpl credentialsImpl = new CredentialsImpl(this._vault, this._vault.getAuthenticationTarget().authTargetToOid(this._authenticationTarget), false);
        createUnauthenticatedCred(credentialsImpl);
        return credentialsImpl;
    }

    @Override // com.ibm.ISecurityLocalObjectBaseL13Impl.PrincipalAuthenticatorImpl, com.ibm.IExtendedSecurityPrivImpl.PrincipalAuthenticatorImpl, com.ibm.IExtendedSecurityPriv._PrincipalAuthenticatorImplBase, com.ibm.IExtendedSecurityPriv.PrincipalAuthenticatorOperations
    public AuthenticationStatus validate(int i, String str, byte[] bArr, Attribute[] attributeArr, CredentialsHolder credentialsHolder, OpaqueHolder opaqueHolder, OpaqueHolder opaqueHolder2) throws LoginFailed, InvalidAuthnMethod, InvalidAttributeType, DuplicateAttributeType {
        com.ibm.ISecurityLocalObjectBaseL13Impl.CredentialsImpl doPrivileged;
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.validate", new StringBuffer().append("Beginning to validate credential token for principal: ").append(str).append(".").toString());
        }
        byte[] bArr2 = {100};
        credentialsHolder.value = null;
        opaqueHolder.value = null;
        opaqueHolder2.value = bArr2;
        String hostName = getHostName();
        String realm = RealmSecurityName.getRealm(str);
        String realmSecurityName = RealmSecurityName.getRealmSecurityName(str);
        String securityName = RealmSecurityName.getSecurityName(str);
        if (realm.length() == 0) {
            realm = RealmSecurityName.getRealm(VaultImpl.getSecurityConfiguration().getprincipalName());
            if (realm.length() == 0) {
                realm = hostName;
            }
            realmSecurityName = RealmSecurityName.getRealmSecurityName(realm, securityName);
        }
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.validate", new StringBuffer().append("Realm == \"").append(realm).append("\", realmSecurityName == \"").append(realmSecurityName).append("\".").toString());
        }
        if (!com.ibm.ISecurityLocalObjectBaseL13Impl.PrincipalAuthenticatorImpl._securityEnabled[0]) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.validate", "Security is disabled ... dummy generic creds will be created.");
            }
            credentialsHolder.value = createDummyCreds(realmSecurityName, null);
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.validate", "Exiting validate with Success.");
            }
            return AuthenticationStatus.SecAuthSuccess;
        }
        com.ibm.ISecurityLocalObjectBaseL13Impl.CredentialsImpl serverCred = getServerCred(this._authenticationTarget);
        if (serverCred == null) {
            if (createServerCred(this._authenticationTarget)) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.validate", "Establishing the server generic creds ... dummy generic creds will be created.");
                }
                setServerCred(this._authenticationTarget, false, createDummyCreds(realmSecurityName, bArr));
                serverCred = getServerCred(this._authenticationTarget);
            } else {
                serverCred = getServerCred(4);
            }
        }
        if ((i & 131072) == 131072) {
            SecurityLogger.logError("security.JSAS0185E", new Object[]{"PrincipalAuthenticatorImpl.validate"});
            bArr2[0] = 11;
            opaqueHolder2.value = bArr2;
            return AuthenticationStatus.SecAuthFailure;
        }
        if (bArr == null || bArr.length == 0) {
            SecurityLogger.logError("security.JSAS0461E", new Object[]{"PrincipalAuthenticatorImpl.validate"});
            bArr2[0] = 6;
            opaqueHolder2.value = bArr2;
            return AuthenticationStatus.SecAuthFailure;
        }
        if (SecurityLogger.debugTraceEnabled) {
            String str2 = realm.length() == 0 ? "NULL" : realm;
            SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.validate", new StringBuffer().append((i & 262144) == 262144 ? "Authenticating with generic credential token" : "Validating credential token with generic").append(", realm/security_name == ").append(str2).append("/").append(securityName.length() == 0 ? "NULL" : securityName).append(", cred token == ").append(SecurityConfiguration.mask(StringBytesConversion.getConvertedString(bArr))).toString());
        }
        if ((i & 262144) == 262144) {
            CredentialsImpl credentialsImpl = new CredentialsImpl(this._vault);
            try {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.validate", "Validation with the privilege associated with the supplied credential token.");
                }
                credentialsImpl.set_credential_token(realmSecurityName, bArr, 0L);
                doPrivileged = doPrivileged(credentialsImpl);
            } catch (CredentialsNotSet e) {
                FFDCFilter.processException((Throwable) e, "com.ibm.ISecurityLocalObjectTokenBaseImpl.PrincipalAuthenticatorImpl.validate", "760", (Object) this);
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.validate", "Error setting credential token in CredentialImpl.");
                }
                if (SecurityLogger.traceEnabled) {
                    SecurityLogger.traceException("PrincipalAuthenticatorImpl.validate", (Exception) e, 0, 0);
                }
                bArr2[0] = 7;
                opaqueHolder2.value = bArr2;
                return AuthenticationStatus.SecAuthFailure;
            }
        } else {
            doPrivileged = doPrivileged(serverCred);
        }
        AuthenticationResult authenticate = this._vault.getCommonSecurityServer(this._authenticationTarget).authenticate(realm, bArr);
        WSCredential wSCredential = authenticate.get_auth_cred();
        bArr2[0] = (byte) authenticate.get_auth_fail_reason();
        opaqueHolder2.value = bArr2;
        opaqueHolder.value = StringBytesConversion.getConvertedBytes(authenticate.get_auth_fail_message());
        endPrivileged(doPrivileged);
        if (opaqueHolder2.value[0] != 100) {
            return AuthenticationStatus.SecAuthFailure;
        }
        CredentialsImpl credentialsImpl2 = (CredentialsImpl) CredentialsHelper.mapWSToCorba(wSCredential);
        if ((i & 65536) == 65536) {
            try {
                this._vault.add_default_credentials(credentialsImpl2);
            } catch (InvalidCredential e2) {
                FFDCFilter.processException((Throwable) e2, "com.ibm.ISecurityLocalObjectTokenBaseImpl.PrincipalAuthenticatorImpl.validate", "897", (Object) this);
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.validate", "Error adding credentials to default credentials list.");
                }
                if (SecurityLogger.traceEnabled) {
                    SecurityLogger.traceException("PrincipalAuthenticatorImpl.validate", (Exception) e2, 0, 0);
                }
                bArr2[0] = 7;
                opaqueHolder2.value = bArr2;
                return AuthenticationStatus.SecAuthFailure;
            }
        }
        try {
            this._vault.addEstablishedCredentials(credentialsImpl2);
            if (realmSecurityName.length() > 0) {
                credentialsImpl2.setUniqueID(realmSecurityName);
            } else if (bArr != null && bArr.length > 0) {
                credentialsImpl2.setUniqueID(StringBytesConversion.getConvertedString(bArr));
            }
            credentialsHolder.value = credentialsImpl2;
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.validate", new StringBuffer().append("Created a token base credential of mechanism type: ").append(credentialsImpl2.getAuthType()).append(". Credential is fowardable = ").append(credentialsImpl2.isForwardable()).toString());
            }
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.validate", "Exiting validate with Success.");
            }
            return AuthenticationStatus.SecAuthSuccess;
        } catch (InvalidCredential e3) {
            FFDCFilter.processException((Throwable) e3, "com.ibm.ISecurityLocalObjectTokenBaseImpl.PrincipalAuthenticatorImpl.validate", "921", (Object) this);
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.validate", "Error adding credentials to established credentials list.");
            }
            if (SecurityLogger.traceEnabled) {
                SecurityLogger.traceException("PrincipalAuthenticatorImpl.validate", (Exception) e3, 0, 0);
            }
            bArr2[0] = 7;
            opaqueHolder2.value = bArr2;
            return AuthenticationStatus.SecAuthFailure;
        }
    }

    @Override // com.ibm.ISecurityLocalObjectBaseL13Impl.PrincipalAuthenticatorImpl
    public AuthenticationStatus simple_authenticate(String str, String str2) throws LoginFailed, InvalidAuthnMethod, InvalidAttributeType, DuplicateAttributeType {
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.simple_authenticate", new StringBuffer().append("Beginning to simple authenticate principal: ").append(str).append(".").append("Returning true for now").toString());
        }
        OpaqueHolder opaqueHolder = new OpaqueHolder();
        BasicAuthData basicAuthData = new BasicAuthData(str, str2);
        byte[] bArr = {100};
        opaqueHolder.value = bArr;
        AuthenticationResult authenticate = this._vault.getCommonSecurityServer(this._authenticationTarget).authenticate("myRealm", basicAuthData, true);
        authenticate.get_auth_cred();
        bArr[0] = (byte) authenticate.get_auth_fail_reason();
        opaqueHolder.value = bArr;
        if (opaqueHolder.value[0] != 100) {
            return AuthenticationStatus.SecAuthFailure;
        }
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.simple_authenticate", new StringBuffer().append("Principal authenticated with TokenBase, SecurityName == ").append(str).toString());
        }
        return AuthenticationStatus.SecAuthSuccess;
    }

    @Override // com.ibm.ISecurityLocalObjectBaseL13Impl.PrincipalAuthenticatorImpl
    public AuthenticationStatus authenticateUser(int i, String str, byte[] bArr, Attribute[] attributeArr, CredentialsHolder credentialsHolder, OpaqueHolder opaqueHolder, OpaqueHolder opaqueHolder2, String str2) throws LoginFailed, InvalidAuthnMethod, InvalidAttributeType, DuplicateAttributeType {
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticateUser", new StringBuffer().append("Beginning to authenticate principal: ").append(str).append(".").toString());
        }
        VaultImpl.getSecurityConfiguration().getrequestCredsExpiration();
        byte[] bArr2 = {100};
        Object[] objArr = null;
        credentialsHolder.value = null;
        opaqueHolder.value = null;
        opaqueHolder2.value = bArr2;
        String hostName = getHostName();
        String realmSecurityName = RealmSecurityName.getRealmSecurityName(str);
        String securityName = RealmSecurityName.getSecurityName(str);
        String realm = RealmSecurityName.getRealm(str);
        if (realm.length() == 0) {
            realm = RealmSecurityName.getRealm(VaultImpl.getSecurityConfiguration().getprincipalName());
            if (realm.length() == 0) {
                realm = hostName;
            }
            realmSecurityName = RealmSecurityName.getRealmSecurityName(realm, securityName);
        }
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticateUser", new StringBuffer().append("Realm == \"").append(realm).append("\", realmSecurityName == \"").append(realmSecurityName).append("\".").toString());
        }
        if (!com.ibm.ISecurityLocalObjectBaseL13Impl.PrincipalAuthenticatorImpl._securityEnabled[0]) {
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticateUser", "Security is disabled ... dummy creds will be created.");
            }
            credentialsHolder.value = createDummyCreds(realmSecurityName, null);
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticateUser", "Exiting authenticate with Success.");
            }
            return AuthenticationStatus.SecAuthSuccess;
        }
        com.ibm.ISecurityLocalObjectBaseL13Impl.CredentialsImpl serverCred = getServerCred(this._authenticationTarget);
        if (serverCred == null) {
            if (createServerCred(this._authenticationTarget)) {
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticateUser", "Establishing the server TokenBase creds ... dummy TokenBase creds will be created.");
                }
                setServerCred(this._authenticationTarget, true, createDummyCreds(realmSecurityName, null));
                serverCred = getServerCred(this._authenticationTarget);
            } else {
                serverCred = getServerCred(4);
            }
        }
        if ((i & 131072) == 131072) {
            SecurityLogger.logError("security.JSAS0186E", new Object[]{"PrincipalAuthenticatorImpl.authenticateUser"});
            bArr2[0] = 10;
            opaqueHolder2.value = bArr2;
            return AuthenticationStatus.SecAuthFailure;
        }
        if (securityName.length() == 0) {
            SecurityLogger.logError("security.JSAS0190E", new Object[]{"PrincipalAuthenticatorImpl.authenticateUser"});
            bArr2[0] = 1;
            opaqueHolder2.value = bArr2;
            return AuthenticationStatus.SecAuthFailure;
        }
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticateUser", new StringBuffer().append("Authenticating principal with TokenBase, realm/security_name == ").append(realm.length() == 0 ? "NULL" : realm).append("/").append(securityName).toString());
        }
        com.ibm.ISecurityLocalObjectBaseL13Impl.CredentialsImpl doPrivileged = doPrivileged(serverCred);
        AuthenticationResult authenticate = this._vault.getCommonSecurityServer(this._authenticationTarget).authenticate(securityName);
        WSCredential wSCredential = authenticate.get_auth_cred();
        bArr2[0] = (byte) authenticate.get_auth_fail_reason();
        opaqueHolder2.value = bArr2;
        opaqueHolder.value = StringBytesConversion.getConvertedBytes(authenticate.get_auth_fail_message());
        endPrivileged(doPrivileged);
        if (opaqueHolder2.value[0] != 100) {
            return AuthenticationStatus.SecAuthFailure;
        }
        CredentialsImpl credentialsImpl = (CredentialsImpl) CredentialsHelper.mapWSToCorba(wSCredential);
        if ((i & 65536) == 65536) {
            try {
                this._vault.add_default_credentials(credentialsImpl);
            } catch (InvalidCredential e) {
                FFDCFilter.processException((Throwable) e, "com.ibm.ISecurityLocalObjectTokenBaseImpl.PrincipalAuthenticatorImpl.authenticateUser", "1302", (Object) this);
                if (SecurityLogger.debugTraceEnabled) {
                    SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticateUser", "Error adding credentials to default credentials list.");
                }
                if (SecurityLogger.traceEnabled) {
                    SecurityLogger.traceException("PrincipalAuthenticatorImpl.authenticateUser", (Exception) e, 0, 0);
                }
                bArr2[0] = 7;
                opaqueHolder2.value = bArr2;
                return AuthenticationStatus.SecAuthFailure;
            }
        }
        try {
            this._vault.addEstablishedCredentials(credentialsImpl);
            if (realmSecurityName.length() > 0) {
                credentialsImpl.setUniqueID(realmSecurityName);
            } else if (0 != 0 && objArr.length > 0) {
                credentialsImpl.setUniqueID(StringBytesConversion.getConvertedString(null));
            }
            credentialsHolder.value = credentialsImpl;
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticateUser", new StringBuffer().append("Created a token base credential of mechanism type: ").append(credentialsImpl.getAuthType()).append(". Credential is fowardable = ").append(credentialsImpl.isForwardable()).toString());
            }
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticateUser", "Exiting authenticateUser with Success.");
            }
            return AuthenticationStatus.SecAuthSuccess;
        } catch (InvalidCredential e2) {
            FFDCFilter.processException((Throwable) e2, "com.ibm.ISecurityLocalObjectTokenBaseImpl.PrincipalAuthenticatorImpl.authenticateUser", "1326", (Object) this);
            if (SecurityLogger.debugTraceEnabled) {
                SecurityLogger.debugMessage("PrincipalAuthenticatorImpl.authenticateUser", "Error adding credentials to established credentials list.");
            }
            if (SecurityLogger.traceEnabled) {
                SecurityLogger.traceException("PrincipalAuthenticatorImpl.authenticateUser", (Exception) e2, 0, 0);
            }
            bArr2[0] = 7;
            opaqueHolder2.value = bArr2;
            return AuthenticationStatus.SecAuthFailure;
        }
    }
}
