package com.ibm.ws.security.core;

import com.ibm.ISecurityUtilityImpl.SecConstants;
import com.ibm.ISecurityUtilityImpl.WSSecurityContextFactory;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.AdminServiceFactory;
import com.ibm.websphere.management.MBeanFactory;
import com.ibm.websphere.management.application.AppConstants;
import com.ibm.websphere.models.config.ipc.ssl.CryptoHardwareToken;
import com.ibm.websphere.models.config.ipc.ssl.SecureSocketLayer;
import com.ibm.websphere.models.config.properties.Property;
import com.ibm.websphere.models.config.security.AuthorizationConfig;
import com.ibm.websphere.models.config.security.SSLConfig;
import com.ibm.websphere.models.config.security.Security;
import com.ibm.websphere.models.config.serverindex.ServerIndex;
import com.ibm.websphere.security.auth.WSSecurityContext;
import com.ibm.websphere.security.cred.WSCredential;
import com.ibm.ws.bootstrap.ExtClassLoader;
import com.ibm.ws.exception.ConfigurationError;
import com.ibm.ws.exception.ConfigurationWarning;
import com.ibm.ws.exception.RuntimeError;
import com.ibm.ws.exception.RuntimeWarning;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.management.collaborator.DefaultRuntimeCollaborator;
import com.ibm.ws.management.service.ConfigChangeListener;
import com.ibm.ws.runtime.component.ComponentImpl;
import com.ibm.ws.runtime.service.ConfigRoot;
import com.ibm.ws.runtime.service.EndPointMgr;
import com.ibm.ws.runtime.service.Repository;
import com.ibm.ws.runtime.service.Server;
import com.ibm.ws.runtime.service.VariableMap;
import com.ibm.ws.security.audit.AuditServiceImpl;
import com.ibm.ws.security.auth.Cache;
import com.ibm.ws.security.auth.distContextManagerImpl;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.ws.security.orbssl.SSLDefaults;
import com.ibm.ws.security.policy.DynamicPolicy;
import com.ibm.ws.security.policy.DynamicPolicyFactory;
import com.ibm.ws.security.policy.NullDynamicPolicy;
import com.ibm.ws.security.policy.WSDynamicPolicy;
import com.ibm.ws.security.role.RoleBasedAppException;
import com.ibm.ws.security.role.RoleBasedConfigurator;
import com.ibm.ws.security.role.RoleBasedConfiguratorFactory;
import com.ibm.ws.security.server.SecurityServer;
import com.ibm.ws.security.server.SecurityServerFactory;
import com.ibm.ws.security.service.SecurityService;
import com.ibm.ws.security.service.SecurityServiceEvent;
import com.ibm.ws.security.service.SecurityServiceListener;
import com.ibm.ws.security.util.Constants;
import com.ibm.ws.security.util.JaccUtil;
import com.ibm.ws.security.web.TrustAssociationManager;
import com.ibm.ws.sm.validation.CompositeValidator;
import com.ibm.ws.ssl.JSSEProviderFactory;
import com.ibm.wsspi.security.audit.AuditService;
import com.ibm.wsspi.security.authorization.InitializeJACCProvider;
import java.io.File;
import java.security.Policy;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Properties;
import java.util.TreeSet;
import javax.security.auth.Subject;
import javax.security.auth.login.Configuration;
import org.eclipse.emf.ecore.resource.Resource;

/* loaded from: input_file:lib/securityimpl.jar:com/ibm/ws/security/core/distSecurityComponentImpl.class */
public class distSecurityComponentImpl extends ComponentImpl implements SecurityService, ConfigChangeListener {
    private static final TraceComponent tc;
    private static final String LOGIN_CONFIG_CLASS = "com.ibm.ws.security.auth.login.Configuration";
    private static RoleBasedConfigurator configurator;
    private static AuditService _auditService;
    SecurityComponentImpl Proxy;
    private static final String START_EVENT = "start";
    private static final String STOP_EVENT = "stop";
    static Class class$com$ibm$ws$security$core$distSecurityComponentImpl;
    static Class class$com$ibm$ws$management$service$Admin;
    static Class class$com$ibm$ws$security$service$SecurityService;
    static Class class$com$ibm$ws$runtime$service$Repository;
    static Class class$java$lang$String;
    static Class class$com$ibm$ws$runtime$service$ORB;
    static Class class$com$ibm$ws$runtime$service$Server;
    static Class class$com$ibm$ws$runtime$service$EndPointMgr;
    static Class class$com$ibm$ws$runtime$service$VariableMap;
    private Repository repository = null;
    private EndPointMgr endPointMgr = null;
    private boolean globalSecurityEnabled = true;
    private boolean serverSecurityEnabled = true;
    private String processType = null;
    private SecurityServer secServer = null;
    private ArrayList listeners = new ArrayList(32);
    private InitializeJACCProvider initializeJACCProvider = null;
    private Properties secProps = null;
    private boolean expandedVariables = false;
    private HashMap sslRepertoire = new HashMap();

    /* JADX INFO: Access modifiers changed from: package-private */
    public distSecurityComponentImpl(SecurityComponentImpl securityComponentImpl) {
        this.Proxy = null;
        this.Proxy = securityComponentImpl;
    }

    @Override // com.ibm.ws.runtime.component.ComponentImpl, com.ibm.ws.runtime.component.Component
    public void initialize(Object obj) throws ConfigurationWarning, ConfigurationError {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initialize", obj);
        }
        try {
            Security initializeWCCMConfig = initializeWCCMConfig();
            initializeAudit();
            initializeJava2Sec(initializeWCCMConfig);
            initializeDefaultSSLSettings(initializeWCCMConfig);
            initializeJAAS(initializeWCCMConfig);
            initializeSecurityConfig(initializeWCCMConfig);
            initializeSSOTAI();
            Tr.info(tc, "security.init.startcomplete");
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "initialize");
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.core.distSecurityComponentImpl.initialize", "216", this);
            Tr.audit(tc, "security.init.svcstartfail");
            if (e instanceof ConfigurationError) {
                throw ((ConfigurationError) e);
            }
            if (!(e instanceof ConfigurationWarning)) {
                throw new ConfigurationError(e);
            }
            throw ((ConfigurationWarning) e);
        }
    }

    @Override // com.ibm.ws.runtime.component.ComponentImpl, com.ibm.ws.runtime.component.Component
    public void destroy() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "destroy");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "destroy");
        }
    }

    @Override // com.ibm.ws.runtime.component.ComponentImpl, com.ibm.ws.runtime.component.Component
    public void start() throws RuntimeError, RuntimeWarning {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "start");
        }
        try {
            if (this.globalSecurityEnabled) {
                registerListenerWithAdminService();
            }
            if (this.processType.equals("NodeAgent")) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Security server is being started");
                }
                initialize();
                fireStartedEvent();
                Tr.info(tc, "security.init.svcstartcomplete");
                Tr.info(tc, "security.init.secstatus", new Object[]{new Boolean(this.serverSecurityEnabled)});
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "start");
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.core.SecurityComponentImpl.start", "271", this);
            Tr.error(tc, "security.init.error", new Object[]{e});
            Tr.audit(tc, "security.init.svcstartfail");
            throw new RuntimeError(e);
        }
    }

    @Override // com.ibm.ws.security.service.SecurityService
    public void startSecurity() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "startSecurity");
        }
        initialize();
        fireStartedEvent();
        Tr.info(tc, "security.init.svcstartcomplete");
        Tr.info(tc, "security.init.secstatus", new Object[]{new Boolean(this.serverSecurityEnabled)});
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "startSecurity");
        }
    }

    public void initialize() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initialize");
        }
        try {
            SecurityContext.setIsServerProcess();
            ConfigRoot configRoot = this.repository.getConfigRoot();
            if (this.globalSecurityEnabled) {
                try {
                    this.secServer = SecurityServerFactory.create();
                    initializeCache();
                    initializeServerSubject();
                    if (((String) SecurityConfig.getConfig().getValue(SecurityConfig.UNEXPANDED_SERVER_ID)) != null) {
                        getCellHostNames(configRoot);
                    }
                    SecurityContext.enable(_auditService);
                    SecurityContext.initialize();
                } catch (Exception e) {
                    FFDCFilter.processException(e, "com.ibm.ws.security.core.SecurityComponentImpl.initialize", "348", this);
                    Tr.error(tc, "security.init.secidautherror", new Object[]{e});
                    throw e;
                }
            }
            configurator = RoleBasedConfiguratorFactory.getConfigurator(this.globalSecurityEnabled);
            if (this.globalSecurityEnabled) {
                configureRoleBasedAuthz(configRoot, Constants.ADMIN_APP);
                configureRoleBasedAuthz(configRoot, "naming-authz");
                SecurityCollaborator.initialize();
            }
            initializeSecurityMBeans();
        } catch (Exception e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.core.SecurityComponentImpl.initialize", "372", this);
            if (this.globalSecurityEnabled) {
                Tr.error(tc, "security.init.error", new Object[]{e2});
                throw e2;
            }
            Tr.warning(tc, "security.init.error", new Object[]{e2});
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "initialize");
        }
    }

    /*  JADX ERROR: NullPointerException in pass: RegionMakerVisitor
        java.lang.NullPointerException
        */
    private void registerListenerWithAdminService() {
        /*
            r5 = this;
            com.ibm.ejs.ras.TraceComponent r0 = com.ibm.ws.security.core.distSecurityComponentImpl.tc
            boolean r0 = r0.isEntryEnabled()
            if (r0 == 0) goto L11
            com.ibm.ejs.ras.TraceComponent r0 = com.ibm.ws.security.core.distSecurityComponentImpl.tc
            java.lang.String r1 = "registerListenerWithAdminService"
            com.ibm.ejs.ras.Tr.entry(r0, r1)
        L11:
            r0 = 0
            r6 = r0
            r0 = r5
            com.ibm.ws.security.core.SecurityComponentImpl r0 = r0.Proxy     // Catch: java.lang.Exception -> L44 java.lang.Throwable -> L66
            java.lang.Class r1 = com.ibm.ws.security.core.distSecurityComponentImpl.class$com$ibm$ws$management$service$Admin     // Catch: java.lang.Exception -> L44 java.lang.Throwable -> L66
            if (r1 != 0) goto L29
            java.lang.String r1 = "com.ibm.ws.management.service.Admin"
            java.lang.Class r1 = class$(r1)     // Catch: java.lang.Exception -> L44 java.lang.Throwable -> L66
            r2 = r1
            com.ibm.ws.security.core.distSecurityComponentImpl.class$com$ibm$ws$management$service$Admin = r2     // Catch: java.lang.Exception -> L44 java.lang.Throwable -> L66
            goto L2c
        L29:
            java.lang.Class r1 = com.ibm.ws.security.core.distSecurityComponentImpl.class$com$ibm$ws$management$service$Admin     // Catch: java.lang.Exception -> L44 java.lang.Throwable -> L66
        L2c:
            java.lang.Object r0 = r0.GetService(r1)     // Catch: java.lang.Exception -> L44 java.lang.Throwable -> L66
            com.ibm.ws.management.service.Admin r0 = (com.ibm.ws.management.service.Admin) r0     // Catch: java.lang.Exception -> L44 java.lang.Throwable -> L66
            r6 = r0
            r0 = r6
            if (r0 == 0) goto L3e
            r0 = r6
            r1 = r5
            r0.addConfigChangeListener(r1)     // Catch: java.lang.Exception -> L44 java.lang.Throwable -> L66
        L3e:
            r0 = jsr -> L6c
        L41:
            goto L7c
        L44:
            r7 = move-exception
            r0 = r7
            java.lang.String r1 = "com.ibm.ws.security.core.ServerSecurityComponentImpl.registerListenerWithAdminService"
            java.lang.String r2 = "406"
            r3 = r5
            com.ibm.ws.ffdc.FFDCFilter.processException(r0, r1, r2, r3)     // Catch: java.lang.Throwable -> L66
            com.ibm.ejs.ras.TraceComponent r0 = com.ibm.ws.security.core.distSecurityComponentImpl.tc     // Catch: java.lang.Throwable -> L66
            boolean r0 = r0.isDebugEnabled()     // Catch: java.lang.Throwable -> L66
            if (r0 == 0) goto L60
            com.ibm.ejs.ras.TraceComponent r0 = com.ibm.ws.security.core.distSecurityComponentImpl.tc     // Catch: java.lang.Throwable -> L66
            java.lang.String r1 = "attempt to register ConfigChangeListener failed"
            r2 = r7
            com.ibm.ejs.ras.Tr.debug(r0, r1, r2)     // Catch: java.lang.Throwable -> L66
        L60:
            r0 = jsr -> L6c
        L63:
            goto L7c
        L66:
            r8 = move-exception
            r0 = jsr -> L6c
        L6a:
            r1 = r8
            throw r1
        L6c:
            r9 = r0
            r0 = r6
            if (r0 == 0) goto L7a
            r0 = r5
            com.ibm.ws.security.core.SecurityComponentImpl r0 = r0.Proxy
            r1 = r6
            r0.ReleaseService(r1)
        L7a:
            ret r9
        L7c:
            com.ibm.ejs.ras.TraceComponent r1 = com.ibm.ws.security.core.distSecurityComponentImpl.tc
            boolean r1 = r1.isEntryEnabled()
            if (r1 == 0) goto L8d
            com.ibm.ejs.ras.TraceComponent r1 = com.ibm.ws.security.core.distSecurityComponentImpl.tc
            java.lang.String r2 = "registerListenerWithAdminService"
            com.ibm.ejs.ras.Tr.exit(r1, r2)
        L8d:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.security.core.distSecurityComponentImpl.registerListenerWithAdminService():void");
    }

    @Override // com.ibm.ws.runtime.component.ComponentImpl, com.ibm.ws.runtime.component.Component
    public void stop() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, STOP_EVENT);
        }
        if (this.initializeJACCProvider != null) {
            this.initializeJACCProvider.cleanup();
        }
        fireStoppedEvent();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, STOP_EVENT);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:101:0x0310, code lost:
    
        throw r19;
     */
    /* JADX WARN: Code restructure failed: missing block: B:95:0x0317, code lost:
    
        if (r7.repository == null) goto L84;
     */
    /* JADX WARN: Code restructure failed: missing block: B:96:0x031a, code lost:
    
        r7.Proxy.ReleaseService(r7.repository);
     */
    /* JADX WARN: Code restructure failed: missing block: B:98:0x032b, code lost:
    
        if (com.ibm.ws.security.core.distSecurityComponentImpl.tc.isDebugEnabled() == false) goto L87;
     */
    /* JADX WARN: Code restructure failed: missing block: B:99:0x032e, code lost:
    
        com.ibm.ejs.ras.Tr.debug(com.ibm.ws.security.core.distSecurityComponentImpl.tc, new java.lang.StringBuffer().append("Security config: ").append(com.ibm.ws.security.core.SecurityConfig.getConfig()).toString());
     */
    /* JADX WARN: Finally extract failed */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private com.ibm.websphere.models.config.security.Security initializeWCCMConfig() throws java.lang.Exception {
        /*
            Method dump skipped, instructions count: 862
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.security.core.distSecurityComponentImpl.initializeWCCMConfig():com.ibm.websphere.models.config.security.Security");
    }

    private void initializeAudit() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initializeAudit");
        }
        try {
            AuditServiceImpl.initAuditService(this.secProps);
            _auditService = AuditServiceImpl.getAuditService();
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "initializeAudit");
            }
        } catch (Exception e) {
            Tr.error(tc, "security.init.error", new Object[]{e});
            throw new ConfigurationError("Failed to initialize AuditService", e);
        }
    }

    private void initializeSSOTAI() throws Exception {
        Boolean bool;
        Class<?> cls;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initializeSSOTAI");
        }
        if (this.globalSecurityEnabled) {
            TrustAssociationManager.create();
            SecurityConfig config = SecurityConfig.getConfig();
            String str = (String) config.getValue("security.activeAuthMechanism");
            if ((str.equalsIgnoreCase("LTPA") || str.equalsIgnoreCase(SecurityConfig.AUTH_MECHANISM_ICSF)) && ((bool = (Boolean) config.getValue("security.ltpa.sso.enabled")) == null || !bool.booleanValue())) {
                Tr.warning(tc, "security.init.ltpawithoutsso");
            }
            String str2 = (String) config.getValue("security.enablePluggableAuthentication");
            if (str2.equalsIgnoreCase("true") || str2.equalsIgnoreCase("yes")) {
                try {
                    TrustAssociationManager.create();
                    String str3 = (String) config.getValue("security.callbackHandlerFactoryClass");
                    Class<?> cls2 = Class.forName(str3);
                    Class<?>[] clsArr = new Class[1];
                    if (class$java$lang$String == null) {
                        cls = class$("java.lang.String");
                        class$java$lang$String = cls;
                    } else {
                        cls = class$java$lang$String;
                    }
                    clsArr[0] = cls;
                } catch (Exception e) {
                    Tr.error(tc, "security.init.error", new Object[]{e});
                    throw new ConfigurationError("Failed to initialize WSCallbackHandlerFactory", e);
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "initializeSSOTAI");
        }
    }

    /*  JADX ERROR: NullPointerException in pass: RegionMakerVisitor
        java.lang.NullPointerException
        */
    /* JADX WARN: Finally extract failed */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r5v1 */
    /* JADX WARN: Type inference failed for: r5v3 */
    /* JADX WARN: Type inference failed for: r5v4 */
    private void initializeSecurityConfig(com.ibm.websphere.models.config.security.Security r6) throws java.lang.Exception {
        /*
            Method dump skipped, instructions count: 1005
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.security.core.distSecurityComponentImpl.initializeSecurityConfig(com.ibm.websphere.models.config.security.Security):void");
    }

    private void initializeJAAS(Security security) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initializeJAAS");
        }
        try {
            Configuration.setConfiguration(new com.ibm.ws.security.auth.login.Configuration());
            com.ibm.ws.security.auth.login.Configuration configuration = com.ibm.ws.security.auth.login.Configuration.getConfiguration();
            String name = configuration.getClass().getName();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("The Login Configuration class is: ").append(name).toString());
            }
            if (configuration instanceof com.ibm.ws.security.auth.login.Configuration) {
                try {
                    com.ibm.ws.security.auth.login.Configuration configuration2 = configuration;
                    HashMap convertToConfiguration = JaasWCCMHelper.convertToConfiguration(security.getSystemLoginConfig(), true);
                    convertToConfiguration.putAll(JaasWCCMHelper.convertToConfiguration(security.getApplicationLoginConfig(), false));
                    configuration2.updateWCCMConfig(convertToConfiguration);
                    Tr.info(tc, "security.init.wccmjaas.init");
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, new StringBuffer().append("The dynamic JAAS login configuration is:\n\t").append(configuration2.toString()).toString());
                    }
                } catch (Exception e) {
                    FFDCFilter.processException(e, "com.ibm.ws.security.core.SecurityComponentImpl.initialize", "838", this);
                    Tr.error(tc, "security.init.wccmjaas.error", new Object[]{e});
                    throw e;
                }
            } else {
                if (this.globalSecurityEnabled) {
                    Tr.error(tc, "security.init.wccmjaas.wrongclasserror", new Object[]{name, LOGIN_CONFIG_CLASS});
                    throw new RuntimeException("JAAS Login provider class com.ibm.ws.security.auth.login.Configuration is not configured as login provider class");
                }
                Tr.warning(tc, "security.init.wccmjaas.wrongclasswarning", new Object[]{name, LOGIN_CONFIG_CLASS});
            }
            if (tc.isEntryEnabled()) {
                Tr.entry(tc, "initializeJAAS");
            }
        } catch (Exception e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.core.SecurityComponentImpl.initialize", "803", this);
            Tr.error(tc, "security.init.wccmjaas.setcfgerror", new Object[]{LOGIN_CONFIG_CLASS, e2});
            throw new ConfigurationError("Unable to set com.ibm.ws.security.auth.login.Configuration as the JAAS Login Configuration class.", e2);
        }
    }

    void initializeDefaultSSLSettings(Security security) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initializeDefaultSSLSettings");
        }
        String property = this.secProps.getProperty("com.ibm.security.useFIPS");
        initializeFips(security, property);
        for (int i = 0; i < security.getRepertoire().size(); i++) {
            SSLConfig sSLConfig = (SSLConfig) security.getRepertoire().get(i);
            if (sSLConfig != null) {
                Properties sSLConfigProperties = getSSLConfigProperties(sSLConfig, property);
                String str = (String) sSLConfigProperties.get("com.ibm.ssl.contextProvider");
                if (str != null && str.length() > 0) {
                    JSSEProviderFactory.getInstance(str);
                }
                this.sslRepertoire.put(sSLConfig.getAlias(), sSLConfigProperties);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "initializeDefaultSSLSettings");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Properties getSSLConfigProperties(SSLConfig sSLConfig, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSSLConfigProperties", new Object[]{sSLConfig, str});
        }
        SecureSocketLayer setting = sSLConfig.getSetting();
        Properties properties = new Properties();
        String str2 = null;
        if (null != sSLConfig.getType()) {
            str2 = sSLConfig.getType().getName();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("Adding SSL type: ").append(str2).toString());
            }
            properties.put("com.ibm.ssl.sslType", str2);
        }
        if (setting.getKeyFileName() != null) {
            setting.setKeyFileName(this.Proxy.ExpandVariable(setting.getKeyFileName()));
        }
        if (setting.getTrustFileName() != null) {
            setting.setTrustFileName(this.Proxy.ExpandVariable(setting.getTrustFileName()));
        }
        properties.put("com.ibm.ssl.keyManager", JSSEProviderFactory.getKeyManagerFactoryAlgorithm());
        properties.put("com.ibm.ssl.trustManager", JSSEProviderFactory.getTrustManagerFactoryAlgorithm());
        if (setting.getKeyFileName() != null) {
            properties.put("com.ibm.ssl.keyStore", setting.getKeyFileName());
        } else if (!setting.isEnableCryptoHardwareSupport()) {
            throw new IllegalArgumentException("KeyFileName not set in the SSL configuration");
        }
        if (setting.getTrustFileName() != null) {
            properties.put("com.ibm.ssl.trustStore", setting.getTrustFileName());
        } else if (str2 != null && str2.equals("JSSE") && !setting.isEnableCryptoHardwareSupport()) {
            throw new IllegalArgumentException("TrustFileName not set in the SSL configuration");
        }
        if (setting.getTrustFilePassword() != null) {
            properties.put("com.ibm.ssl.trustStorePassword", setting.getTrustFilePassword());
        } else if (str2 != null && str2.equals("JSSE") && !setting.isEnableCryptoHardwareSupport()) {
            throw new IllegalArgumentException("TrustFilePassword not set in the SSL configuration");
        }
        if (setting.getKeyFilePassword() != null) {
            properties.put("com.ibm.ssl.keyStorePassword", setting.getKeyFilePassword());
        } else if (str2 != null && str2.equals("JSSE") && !setting.isEnableCryptoHardwareSupport()) {
            throw new IllegalArgumentException("KeyFilePassword not set in the SSL configuration");
        }
        if (setting.getKeyFileFormat() != null) {
            properties.put("com.ibm.ssl.keyStoreType", SASConfig.getKeyStoreType(setting.getKeyFileFormat()));
        } else if (str2 != null && str2.equals("JSSE") && !setting.isEnableCryptoHardwareSupport()) {
            throw new IllegalArgumentException("KeyFileFormat not set in the SSL configuration");
        }
        if (setting.getTrustFileFormat() != null) {
            properties.put("com.ibm.ssl.trustStoreType", SASConfig.getKeyStoreType(setting.getTrustFileFormat()));
        } else if (str2 != null && str2.equals("JSSE") && !setting.isEnableCryptoHardwareSupport()) {
            throw new IllegalArgumentException("TrustFileFormat not set in the SSL configuration");
        }
        properties.put("com.ibm.ssl.clientAuthentication", Boolean.toString(setting.isClientAuthentication()));
        properties.put("com.ibm.ssl.securityLevel", SASConfig.getSecurityLevel(setting.getSecurityLevel()));
        for (int i = 0; i < setting.getProperties().size(); i++) {
            Property property = (Property) setting.getProperties().get(i);
            if (property != null) {
                properties.put(property.getName(), property.getValue());
            }
        }
        if (str != null && str.equalsIgnoreCase("true")) {
            properties.put("com.ibm.ssl.protocol", "TLS");
        }
        if (setting.isEnableCryptoHardwareSupport()) {
            CryptoHardwareToken cryptoHardware = setting.getCryptoHardware();
            properties.put("com.ibm.ssl.tokenType", cryptoHardware.getTokenType());
            properties.put("com.ibm.ssl.tokenLibraryFile", cryptoHardware.getLibraryFile());
            properties.put("com.ibm.ssl.tokenPassword", cryptoHardware.getPassword());
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSSLConfigProperties");
        }
        return properties;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void initializeFips(Security security, String str) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initializeFips");
        }
        if (str == null || !str.equalsIgnoreCase("true")) {
            java.security.Security.setProperty("DEFAULT_JCE_PROVIDER", (String) SecurityConfig.getConfig().getValue("IBMJCE"));
            java.security.Security.setProperty("USEFIPS_ENABLED", "false");
            java.security.Security.setProperty(CommonConstants.FIPS_ENABLED, "false");
        } else {
            java.security.Security.setProperty("USEFIPS_ENABLED", "true");
            SecurityConfig.getConfig().setValue("IBMJCE", "IBMJCEFIPS");
            java.security.Security.setProperty("DEFAULT_JCE_PROVIDER", "IBMJCEFIPS");
            java.security.Security.setProperty(CommonConstants.FIPS_ENABLED, "true");
            Tr.info(tc, "security.fips.enabled");
            checkProviderList();
            JSSEProviderFactory.initializeFips();
        }
        java.security.Security.setProperty(CommonConstants.FIPS_JSSEPROVIDERS, SSLDefaults.DEFAULT_CONTEXT_PROVIDER);
        java.security.Security.setProperty(CommonConstants.FIPS_JCEPROVIDERS, "IBMJCEFIPS");
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "initializeFips");
        }
    }

    private void initializeJaccProxy(DynamicPolicy dynamicPolicy, Security security) throws Exception {
        DynamicPolicyFactory.setInstance(dynamicPolicy);
        String property = System.getProperty(CommonConstants.JACC_POLICY_PROVIDER);
        boolean z = false;
        AuthorizationConfig authorizationConfig = null;
        if (security != null) {
            try {
                authorizationConfig = security.getAuthConfig();
                if (authorizationConfig != null) {
                    z = authorizationConfig.isUseJACCProvider();
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.core.SecurityComponentImpl.initializeJaccProxy", "1054", this);
                Tr.error(tc, "security.jacc.config.error", new Object[]{e});
                throw new ConfigurationError("Failed to get useJACCProvider information", e);
            }
        }
        if (property == null && !z) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Using default authorization");
                return;
            }
            return;
        }
        expandVariables();
        if (authorizationConfig != null) {
            SecurityConfig.setAuthorizationValues(authorizationConfig);
        }
        if (property == null && authorizationConfig != null) {
            property = SecurityConfig.getPolicyClassName();
            if (property != null) {
                System.setProperty(CommonConstants.JACC_POLICY_PROVIDER, property);
            }
        }
        if (property == null) {
            throw new ConfigurationError("The JACC provider's policy class name is null");
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, new StringBuffer().append("The JACC provider's policy implementation class name is: ").append(property).toString());
        }
        SecurityConfig.setJACCEnabled();
        if (SecurityConfig.supportsDynamicModuleUpdates()) {
            JaccUtil.setAppDynamicUpdates();
        }
        if (property.equals(CommonConstants.DEFAULT_JACC_POLICY_PROVIDER)) {
            SecurityConfig.setDefaultJaccProvider();
        }
        String initializeJACCProviderClassName = SecurityConfig.getInitializeJACCProviderClassName();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "jaccInit Class Name: ", initializeJACCProviderClassName);
        }
        if (initializeJACCProviderClassName != null && initializeJACCProviderClassName.length() != 0) {
            try {
                this.initializeJACCProvider = (InitializeJACCProvider) Class.forName(initializeJACCProviderClassName, true, Thread.currentThread().getContextClassLoader()).newInstance();
                try {
                    int initialize = this.initializeJACCProvider.initialize(SecurityConfig.getJACCProviderCustomProperties());
                    if (initialize != 0) {
                        throw new ConfigurationError(Constants.nls.getFormattedMessage("security.jacc.initialize.error", new Object[]{initializeJACCProviderClassName, new Integer(initialize)}, new StringBuffer().append("The initialize method of ").append(initializeJACCProviderClassName).append(" did not return success code 0.  The error code returned was: ").append(initialize).toString()));
                    }
                } catch (Exception e2) {
                    Tr.error(tc, "security.jacc.initialize.error", new Object[]{initializeJACCProviderClassName, e2});
                    FFDCFilter.processException(e2, "com.ibm.ws.security.core.SecurityComponentImpl.initializeJaccProvider", "1145", this);
                    throw new ConfigurationError(e2.getMessage(), e2);
                }
            } catch (ClassNotFoundException e3) {
                Tr.error(tc, "security.jacc.initialize.error", new Object[]{initializeJACCProviderClassName, e3});
                FFDCFilter.processException(e3, "com.ibm.ws.security.core.SecurityComponentImpl.initializeJaccProvider", "1119", this);
                throw new ConfigurationError(e3.getMessage(), e3);
            } catch (IllegalAccessException e4) {
                Tr.error(tc, "security.jacc.initialize.error", new Object[]{initializeJACCProviderClassName, e4});
                FFDCFilter.processException(e4, "com.ibm.ws.security.core.SecurityComponentImpl.initializeJaccProvider", "1126", this);
                throw new ConfigurationError(e4.getMessage(), e4);
            } catch (InstantiationException e5) {
                Tr.error(tc, "security.jacc.initialize.error", new Object[]{initializeJACCProviderClassName, e5});
                FFDCFilter.processException(e5, "com.ibm.ws.security.core.SecurityComponentImpl.initializeJaccProvider", "1133", this);
                throw new ConfigurationError(e5.getMessage(), e5);
            }
        }
        try {
            Policy.setPolicy((Policy) Class.forName(property, true, Thread.currentThread().getContextClassLoader()).newInstance());
            Policy.getPolicy().refresh();
            Tr.audit(tc, "security.jacc.initialized", new Object[]{property, SecurityConfig.getPolicyConfigurationFactoryClassName(), SecurityConfig.getRoleConfigurationFactoryClassName(), initializeJACCProviderClassName});
            SecurityConfig.setNullProtectionDomain();
            SecurityConfig.setNullCodeSource();
        } catch (Throwable th) {
            Tr.error(tc, "security.jacc.init.error", new Object[]{property, th});
            FFDCFilter.processException(th, "com.ibm.ws.security.core.SecurityComponentImpl.initializeJaccProvider", "1169", this);
            throw new ConfigurationError(th.getMessage(), th);
        }
    }

    private void initializeJava2Sec(Security security) throws SecurityConfigException, ConfigurationError {
        Class cls;
        if (security != null) {
            try {
                try {
                    if (new Boolean(security.isEnforceJava2Security()).booleanValue()) {
                        WSDynamicPolicy wSDynamicPolicy = new WSDynamicPolicy(Policy.getPolicy(), this.repository);
                        Policy.setPolicy(wSDynamicPolicy);
                        initializeJaccProxy(wSDynamicPolicy, security);
                        String str = (String) this.secProps.get(CommonConstants.DEBUGMSG_JAVA2SECURITY);
                        SecurityComponentImpl securityComponentImpl = this.Proxy;
                        if (class$com$ibm$ws$runtime$service$Server == null) {
                            cls = class$("com.ibm.ws.runtime.service.Server");
                            class$com$ibm$ws$runtime$service$Server = cls;
                        } else {
                            cls = class$com$ibm$ws$runtime$service$Server;
                        }
                        Server server = (Server) securityComponentImpl.GetService(cls);
                        ExtClassLoader extClassLoader = (ExtClassLoader) server.getRuntimeClassLoader();
                        this.Proxy.ReleaseService(server);
                        System.setSecurityManager(new SecurityManager(str, extClassLoader, wSDynamicPolicy.getRuntimeFilteredPermission(), new Boolean(security.isEnableJava2SecRuntimeFiltering()).booleanValue()));
                        Tr.info(tc, "security.jsecman.installed");
                        Boolean bool = Boolean.TRUE;
                        wSDynamicPolicy.initApplicationTemplate(new Boolean(security.isIssuePermissionWarning()));
                    } else {
                        NullDynamicPolicy nullDynamicPolicy = new NullDynamicPolicy(Policy.getPolicy());
                        Policy.setPolicy(nullDynamicPolicy);
                        initializeJaccProxy(nullDynamicPolicy, security);
                        System.setSecurityManager(null);
                        Tr.info(tc, "security.manager.disabled");
                    }
                } catch (Exception e) {
                    FFDCFilter.processException(e, "com.ibm.ws.security.core.SecurityComponentImpl.initializeJava2Sec", "1248", this);
                    Tr.error(tc, "security.j2sec.init.error", new Object[]{e});
                    throw new ConfigurationError("Error during Java 2 Security and Dynamic Policy initialization", e);
                }
            } catch (Exception e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.security.core.SecurityComponentImpl.initializeJava2Sec", "1200", this);
                Tr.error(tc, "security.j2sec.init.error", new Object[]{e2});
                throw new ConfigurationError("Failed to get EnforceJava2Security.", e2);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void configureRoleBasedAuthz(ConfigRoot configRoot, String str) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "configureRoleBasedAuthz", new Object[]{configRoot, str});
        }
        String stringBuffer = new StringBuffer().append(str).append(".xml").toString();
        try {
            getConfigurator().loadApplication(str, configRoot.getResource(0, stringBuffer));
            if (str.equals(Constants.ADMIN_APP)) {
                try {
                    getConfigurator().loadSecurityPolicy(str, Constants.SECURITY_SERVER_XML, "domain");
                } catch (Exception e) {
                    Tr.error(tc, "security.load.secConfig", new Object[]{e});
                    throw e;
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "configureRoleBasedAuthz");
            }
        } catch (Exception e2) {
            Tr.error(tc, "security.loadresource.error", new Object[]{stringBuffer, e2});
            throw e2;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void initializeSecurityMBeans() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initializeSecurityMBeans");
        }
        try {
            SecurityAdmin securityAdmin = new SecurityAdmin();
            MBeanFactory mBeanFactory = AdminServiceFactory.getMBeanFactory();
            mBeanFactory.activateMBean("SecurityAdmin", new DefaultRuntimeCollaborator(securityAdmin, "SecurityAdmin"), mBeanFactory.getConfigId("SecurityAdmin"), "com/ibm/ws/management/descriptor/xml/SecurityAdmin.xml");
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "initializeSecurityMBeans");
            }
        } catch (Exception e) {
            Tr.error(tc, "security.init.mbeanerror", new Object[]{"SecurityAdmin", e});
            throw e;
        }
    }

    @Override // com.ibm.ws.security.service.SecurityService
    public void addListener(SecurityServiceListener securityServiceListener) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addListener", securityServiceListener);
        }
        synchronized (this.listeners) {
            if (!this.listeners.contains(securityServiceListener)) {
                this.listeners.add(securityServiceListener);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "addListener");
        }
    }

    @Override // com.ibm.ws.security.service.SecurityService
    public void removeListener(SecurityServiceListener securityServiceListener) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "removeListener", securityServiceListener);
        }
        synchronized (this.listeners) {
            this.listeners.remove(securityServiceListener);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "removeListener");
        }
    }

    /*  JADX ERROR: NullPointerException in pass: RegionMakerVisitor
        java.lang.NullPointerException
        */
    @Override // com.ibm.ws.management.service.ConfigChangeListener
    public void configChanged(com.ibm.websphere.management.repository.ConfigRepositoryEvent r6) {
        /*
            Method dump skipped, instructions count: 804
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.security.core.distSecurityComponentImpl.configChanged(com.ibm.websphere.management.repository.ConfigRepositoryEvent):void");
    }

    private void getCellHostNames(ConfigRoot configRoot) throws Exception {
        String expandHost;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getCellHostNames");
        }
        TreeSet treeSet = new TreeSet();
        try {
            WSCredential serverCredential = ContextManagerFactory.getInstance().getServerCredential();
            if (serverCredential != null) {
                String lowerCase = serverCredential.getAccessId().toLowerCase();
                String str = (String) SecurityConfig.getConfig().getValue("process.hostName");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append("Server accessID: ").append(lowerCase).append(", hostname: ").append(str).toString());
                }
                if (str != null) {
                    int length = str.length();
                    int indexOf = lowerCase.indexOf(str);
                    if (indexOf != -1) {
                        StringBuffer stringBuffer = new StringBuffer(lowerCase);
                        stringBuffer.replace(indexOf, indexOf + length, "${HOST}");
                        String stringBuffer2 = stringBuffer.toString();
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, new StringBuffer().append("Unexpanded accessID is: ").append(stringBuffer2).toString());
                        }
                        SecurityConfig.getConfig().setValue(SecurityConfig.UNEXPANDED_SERVER_ID, stringBuffer2);
                    }
                }
            }
            String[] list = configRoot.list(3, null);
            String value = configRoot.getValue(3);
            for (int i = 0; i < list.length; i++) {
                configRoot.setValue(3, list[i]);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append("Node name: ").append(list[i]).toString());
                }
                Resource resource = configRoot.getResource(3, "serverindex.xml");
                resource.getContents();
                String lowerCase2 = ((ServerIndex) resource.getContents().get(0)).getHostName().toLowerCase();
                String str2 = (String) SecurityConfig.getConfig().getValue(SecurityConfig.UNEXPANDED_SERVER_ID);
                if (str2 != null && (expandHost = SecurityConfig.expandHost(str2, lowerCase2)) != null && treeSet.add(expandHost)) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, new StringBuffer().append("Server ID ").append(expandHost).append(" was added to the multi-serverID list.").toString());
                    } else if (tc.isDebugEnabled()) {
                        Tr.debug(tc, new StringBuffer().append("Server ID ").append(expandHost).append(" was already in the multi-serverID list.").toString());
                    }
                }
            }
            configRoot.setValue(3, value);
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.core.distSecurityComponentImpl.getCellHostNames", "1547", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception occurred getting Cell hostnames.", new Object[]{e});
            }
        }
        SecurityConfig.getConfig().setValue(SecurityConfig.MULTI_SERVER_ID_LIST, treeSet);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getCellHostNames");
        }
    }

    private void fireStartedEvent() {
        fireEvent("start");
    }

    private void fireStoppedEvent() {
        fireEvent(STOP_EVENT);
    }

    private void fireEvent(String str) {
        List list;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, new StringBuffer().append("fireEvent,  event is :").append(str).toString());
        }
        synchronized (this.listeners) {
            list = (List) this.listeners.clone();
        }
        if (list != null) {
            int size = list.size();
            SecurityServiceEvent securityServiceEvent = str.equals("start") ? new SecurityServiceEvent(1) : new SecurityServiceEvent(2);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("list size = ").append(size).toString(), new StringBuffer().append("event = ").append(str).toString());
            }
            for (int i = 0; i < size; i++) {
                if (tc.isDebugEnabled()) {
                    StringBuffer stringBuffer = new StringBuffer("Invoking stateChanged(), Listener.hashCode() = ");
                    stringBuffer.append(list.get(i).hashCode());
                    stringBuffer.append("Listener.toString()");
                    stringBuffer.append(list.get(i).toString());
                    Tr.debug(tc, stringBuffer.toString());
                }
                try {
                    ((SecurityServiceListener) list.get(i)).stateChanged(securityServiceEvent);
                } catch (Exception e) {
                    Tr.error(tc, "security.init.error", new Object[]{e});
                    FFDCFilter.processException(e, "com.ibm.ws.security.core.SecurityComponentImpl.fireEvent", "1595", this);
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, new StringBuffer().append("fireEvent, : event is ").append(str).toString());
        }
    }

    @Override // com.ibm.ws.security.service.SecurityService
    public RoleBasedConfigurator getConfigurator() throws RoleBasedAppException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getConfigurator");
        }
        if (configurator == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "RoleBasedConfigurator not initialized");
            }
            throw new RoleBasedAppException("RoleBasedConfigurator not initialized");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getConfigurator");
        }
        return configurator;
    }

    @Override // com.ibm.ws.security.service.SecurityService
    public Properties getSecureSocketLayer(String str) throws IllegalArgumentException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSecureSocketLayer", str);
        }
        if (str == null || str.equals("")) {
            throw new IllegalArgumentException("Alias is null or empty string.");
        }
        Properties properties = (Properties) this.sslRepertoire.get(str);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSecureSocketLayer");
        }
        return properties;
    }

    @Override // com.ibm.ws.security.service.SecurityService
    public boolean isSecurityEnabled() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isSecurityEnabled");
        }
        try {
            return this.globalSecurityEnabled;
        } catch (Throwable th) {
            FFDCFilter.processException(th, "com.ibm.ws.security.core.SecurityComponentImpl.isSecurityEnabled", "1646", this);
            if (!tc.isDebugEnabled()) {
                return true;
            }
            Tr.debug(tc, "Exception caught", th);
            return true;
        }
    }

    public boolean isServerSecurityEnabled() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isServerSecurityEnabled");
        }
        try {
            return this.serverSecurityEnabled;
        } catch (Throwable th) {
            FFDCFilter.processException(th, "com.ibm.ws.security.core.SecurityComponentImpl.isServerSecurityEnabled", "1666", this);
            if (!tc.isDebugEnabled()) {
                return true;
            }
            Tr.debug(tc, "Exception caught", th);
            return true;
        }
    }

    @Override // com.ibm.ws.security.service.SecurityService
    public String getRealm() {
        return (String) SecurityConfig.getConfig().getValue("security.activeUserRegistry.realm");
    }

    @Override // com.ibm.ws.security.service.SecurityService
    public WSSecurityContext getWSSecurityContext() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getWSSecurityContext");
        }
        WSSecurityContext wSSecurityContext = null;
        if (this.globalSecurityEnabled) {
            try {
                wSSecurityContext = WSSecurityContextFactory.getInstance().createContext((String) SecurityConfig.getConfig().getValue("security.activeAuthMechanism.OID"));
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.core.SecurityComponentImpl.getWSSecurityContext", "1711", this);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Exception getting WSSecurityContext", e);
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getWSSecurityContext", wSSecurityContext);
        }
        return wSSecurityContext;
    }

    private void expandVariables() {
        Class cls;
        String property;
        String property2;
        String stringBuffer;
        String stringBuffer2;
        String stringBuffer3;
        String stringBuffer4;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "expandVariables");
        }
        SecurityComponentImpl securityComponentImpl = this.Proxy;
        if (class$com$ibm$ws$runtime$service$VariableMap == null) {
            cls = class$("com.ibm.ws.runtime.service.VariableMap");
            class$com$ibm$ws$runtime$service$VariableMap = cls;
        } else {
            cls = class$com$ibm$ws$runtime$service$VariableMap;
        }
        VariableMap variableMap = (VariableMap) securityComponentImpl.GetService(cls);
        try {
            property = variableMap.expand(SecConstants.WAS_INSTALL_ROOT);
        } catch (Exception e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Cannot expand ${WAS_INSTALL_ROOT}");
            }
            property = System.getProperty("was.install.root");
        }
        try {
            property2 = variableMap.expand(SecConstants.USER_INSTALL_ROOT);
        } catch (Exception e2) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Cannot expand ${USER_INSTALL_ROOT}");
            }
            property2 = System.getProperty(CompositeValidator.USER_INSTALL_ROOT_PROPERTY, System.getProperty("was.install.root"));
        }
        try {
            stringBuffer = variableMap.expand(SecConstants.WAS_TEMP_DIR);
        } catch (Exception e3) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Cannot expand ${WAS_TEMP_DIR}");
            }
            stringBuffer = new StringBuffer().append(property).append(File.separator).append("tmp").toString();
        }
        try {
            stringBuffer2 = variableMap.expand(SecConstants.WAS_PROPS_DIR);
        } catch (Exception e4) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Cannot expand ${WAS_PROPS_DIR}");
            }
            stringBuffer2 = new StringBuffer().append(property).append(File.separator).append("properties").toString();
        }
        try {
            stringBuffer3 = variableMap.expand(SecConstants.APP_INSTALL_ROOT);
        } catch (Exception e5) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Cannot expand ${APP_INSTALL_ROOT}");
            }
            stringBuffer3 = new StringBuffer().append(property).append(File.separator).append(AppConstants.APPDEPL_LOCAL_CONFIG_INSTALL_DIR_DEFAULT).toString();
        }
        try {
            stringBuffer4 = variableMap.expand(SecConstants.WAS_ETC_DIR);
        } catch (Exception e6) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Cannot expand ${WAS_ETC_DIR}");
            }
            stringBuffer4 = new StringBuffer().append(property).append(File.separator).append("etc").toString();
        }
        SecurityConfig.getConfig().setValue(SecConstants.WAS_INSTALL_ROOT, property);
        SecurityConfig.getConfig().setValue(SecConstants.USER_INSTALL_ROOT, property2);
        SecurityConfig.getConfig().setValue(SecConstants.WAS_TEMP_DIR, stringBuffer);
        SecurityConfig.getConfig().setValue(SecConstants.WAS_PROPS_DIR, stringBuffer2);
        SecurityConfig.getConfig().setValue(SecConstants.WAS_ETC_DIR, stringBuffer4);
        SecurityConfig.getConfig().setValue(SecConstants.APP_INSTALL_ROOT, stringBuffer3);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, new StringBuffer().append("${WAS_INSTALL_ROOT}  = ").append(property).toString());
            Tr.debug(tc, new StringBuffer().append("${USER_INSTALL_ROOT} = ").append(property2).toString());
            Tr.debug(tc, new StringBuffer().append("${WAS_TEMP_DIR}      = ").append(stringBuffer).toString());
            Tr.debug(tc, new StringBuffer().append("${WAS_PROPS_DIR}     = ").append(stringBuffer2).toString());
            Tr.debug(tc, new StringBuffer().append("${WAS_ETC_DIR}       = ").append(stringBuffer4).toString());
            Tr.debug(tc, new StringBuffer().append("${APP_INSTALL_ROOT}  = ").append(stringBuffer3).toString());
        }
        this.expandedVariables = true;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "expandVariables");
        }
    }

    private void insertVariables(Properties properties) {
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "inserting variables into orbProps");
        }
        if (!this.expandedVariables) {
            expandVariables();
        }
        if (properties != null) {
            properties.put(SecConstants.WAS_INSTALL_ROOT, SecurityConfig.getConfig().getValue(SecConstants.WAS_INSTALL_ROOT));
            properties.put(SecConstants.USER_INSTALL_ROOT, SecurityConfig.getConfig().getValue(SecConstants.USER_INSTALL_ROOT));
            properties.put(SecConstants.WAS_TEMP_DIR, SecurityConfig.getConfig().getValue(SecConstants.WAS_TEMP_DIR));
            properties.put(SecConstants.WAS_PROPS_DIR, SecurityConfig.getConfig().getValue(SecConstants.WAS_PROPS_DIR));
            properties.put(SecConstants.WAS_ETC_DIR, SecurityConfig.getConfig().getValue(SecConstants.WAS_ETC_DIR));
            properties.put(SecConstants.APP_INSTALL_ROOT, SecurityConfig.getConfig().getValue(SecConstants.APP_INSTALL_ROOT));
        }
    }

    private void initializeCache() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initializeCache");
        }
        Long l = (Long) SecurityConfig.getConfig().getValue("security.CacheTimeout");
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "security cache timeout", l);
        }
        Cache.setDefaultTimeout(l.longValue() * 1000);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "initializeCache");
        }
    }

    Subject initializeServerSubject() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initializeServerSubject");
        }
        Subject serverSubjectInternal = ((distContextManagerImpl) ContextManagerFactory.getInstance()).getServerSubjectInternal();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "initializeServerSubject", serverSubjectInternal);
        }
        return serverSubjectInternal;
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:36:0x0148
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    private void checkProviderList() {
        /*
            Method dump skipped, instructions count: 390
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.security.core.distSecurityComponentImpl.checkProviderList():void");
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$ibm$ws$security$core$distSecurityComponentImpl == null) {
            cls = class$("com.ibm.ws.security.core.distSecurityComponentImpl");
            class$com$ibm$ws$security$core$distSecurityComponentImpl = cls;
        } else {
            cls = class$com$ibm$ws$security$core$distSecurityComponentImpl;
        }
        tc = Tr.register(cls, "Security", "com.ibm.ejs.resources.security");
        configurator = null;
        _auditService = null;
    }
}
