package com.ibm.ws.security.registry.zOS;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.security.CertificateMapFailedException;
import com.ibm.websphere.security.CertificateMapNotSupportedException;
import com.ibm.websphere.security.CustomRegistryException;
import com.ibm.websphere.security.EntryNotFoundException;
import com.ibm.websphere.security.NotImplementedException;
import com.ibm.websphere.security.PasswordCheckFailedException;
import com.ibm.websphere.security.Result;
import com.ibm.websphere.security.UserRegistry;
import com.ibm.websphere.security.cred.WSCredential;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.auth.PlatformCredential;
import com.ibm.ws.security.auth.WSCredentialImpl;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.ws.security.registry.RegistryUtil;
import com.ibm.ws.security.util.AccessController;
import com.ibm.ws.security.util.RegExp;
import com.ibm.ws.security.zOS.PlatformCredentialManager;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;

/* loaded from: input_file:com.ibm.ws.admin.client_6.1.0.jar:com/ibm/ws/security/registry/zOS/SAFRegistryImpl.class */
public final class SAFRegistryImpl implements UserRegistry {
    private static final TraceComponent tc;
    private static final String TOKEN_DELIMETER = "::";
    private String realm = null;
    private boolean ignoreCase = true;
    private boolean disableGroupLoad = false;
    private boolean disablePrincipalCasePreservation = false;
    private boolean forceCredCreationForValidation = false;
    private boolean useSimpleAuthentication = false;
    private boolean mixedCasePasswordsEnabled = false;
    private PlatformCredentialManager pcManager = PlatformCredentialManager.instance();
    static Class class$com$ibm$ws$security$registry$zOS$SAFRegistryImpl;

    public SAFRegistryImpl() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "<init>");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "<init>", this);
        }
    }

    @Override // com.ibm.websphere.security.UserRegistry
    public void initialize(Properties properties) throws CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initialize");
        }
        this.mixedCasePasswordsEnabled = ntv_isMixedCasePWEnabled();
        this.realm = ntv_getRealm();
        if (this.ignoreCase) {
            this.realm.toUpperCase();
        }
        this.ignoreCase = true;
        if (properties != null) {
            this.disableGroupLoad = "true".equalsIgnoreCase(properties.getProperty(CommonConstants.SAF_DISABLE_GROUP_LOAD));
            this.useSimpleAuthentication = Boolean.valueOf(properties.getProperty("com.ibm.websphere.security.SimpleAuthentication")).booleanValue();
            this.disablePrincipalCasePreservation = "true".equalsIgnoreCase(properties.getProperty("disable.principal.case.preservation"));
            this.forceCredCreationForValidation = "true".equalsIgnoreCase(properties.getProperty("force.credential.creation.for.validation"));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "initialize", this);
        }
    }

    @Override // com.ibm.websphere.security.UserRegistry
    public String checkPassword(String str, String str2) throws PasswordCheckFailedException, CustomRegistryException {
        String stringBuffer;
        if (tc.isEntryEnabled()) {
            TraceComponent traceComponent = tc;
            Object[] objArr = new Object[2];
            objArr[0] = str;
            objArr[1] = str2 == null ? null : "****";
            Tr.entry(traceComponent, "checkPassword", objArr);
        }
        String normalizeUserId = normalizeUserId(str);
        String normalizePassword = normalizePassword(str2);
        try {
            if (!this.useSimpleAuthentication) {
                String keyFromCredential = this.pcManager.getKeyFromCredential(this.pcManager.createPasswordCredential(normalizeUserId, normalizePassword));
                stringBuffer = this.disablePrincipalCasePreservation ? new StringBuffer().append(keyFromCredential).append(TOKEN_DELIMETER).append(normalizeUserId).toString() : new StringBuffer().append(keyFromCredential).append(TOKEN_DELIMETER).append(str).toString();
            } else if (this.disablePrincipalCasePreservation) {
                stringBuffer = ntv_checkPassword(normalizeUserId, normalizePassword);
            } else {
                stringBuffer = ntv_checkPassword(normalizeUserId, normalizePassword) != null ? str : null;
            }
            if (stringBuffer == null) {
                throw new PasswordCheckFailedException(new StringBuffer().append("Authentication failed for user: ").append(str).toString());
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "checkPassword", stringBuffer);
            }
            return stringBuffer;
        } catch (PasswordCheckFailedException e) {
            Tr.error(tc, "security.authn.failed.foruser", new Object[]{str});
            throw e;
        } catch (Throwable th) {
            FFDCFilter.processException(th, "com.ibm.ws.security.registry.zOS.SAFRegistryImpl.checkPassword", "304", this);
            Tr.error(tc, "security.authn.error", new Object[]{str, th});
            throw new CustomRegistryException(th);
        }
    }

    @Override // com.ibm.websphere.security.UserRegistry
    public String mapCertificate(X509Certificate[] x509CertificateArr) throws CertificateMapNotSupportedException, CertificateMapFailedException, CustomRegistryException {
        String stringBuffer;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "mapCertificate", x509CertificateArr);
        }
        try {
            if (this.useSimpleAuthentication) {
                byte[] encoded = x509CertificateArr[0].getEncoded();
                stringBuffer = ntv_mapCertificate(encoded, encoded.length);
            } else {
                PlatformCredential createCertificateCredential = this.pcManager.createCertificateCredential(x509CertificateArr);
                stringBuffer = new StringBuffer().append(this.pcManager.getKeyFromCredential(createCertificateCredential)).append(TOKEN_DELIMETER).append(createCertificateCredential.getUserId()).toString();
            }
            if (stringBuffer == null) {
                throw new CertificateMapFailedException("Certificate could not be mapped to a valid SAF user ID");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "mapCertificate", stringBuffer);
            }
            return stringBuffer;
        } catch (CertificateMapFailedException e) {
            Tr.error(tc, "security.registry.mapcertificate.failed");
            throw e;
        } catch (Throwable th) {
            FFDCFilter.processException(th, "com.ibm.ws.security.registry.zOS.SAFRegistryImpl.mapCertificate", "364", this);
            Tr.error(tc, "security.registry.mapcertificate.failed");
            throw new CustomRegistryException(th);
        }
    }

    @Override // com.ibm.websphere.security.UserRegistry
    public String getRealm() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getRealm");
        }
        String ntv_getRealm = this.realm == null ? ntv_getRealm() : this.realm;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getRealm", ntv_getRealm);
        }
        return ntv_getRealm;
    }

    @Override // com.ibm.websphere.security.UserRegistry
    public Result getUsers(String str, int i) throws CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getUsers", new Object[]{str, new Integer(i)});
        }
        Result result = new Result();
        List users = getUsers(str);
        if (i > 0 && users.size() > i) {
            users = new ArrayList(users.subList(0, i - 1));
            result.setHasMore();
        }
        result.setList(users);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getUsers", result);
        }
        return result;
    }

    @Override // com.ibm.websphere.security.UserRegistry
    public String getUserDisplayName(String str) throws EntryNotFoundException, CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getUserDisplayName", str);
        }
        try {
            if (!isValidUser(str)) {
                throw new EntryNotFoundException("Display name not found in registry");
            }
            if (this.disablePrincipalCasePreservation) {
                str = normalizeUserId(str);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getUserDisplayName", str);
            }
            return str;
        } catch (EntryNotFoundException e) {
            Tr.error(tc, "security.registry.userdisplayname.notfound", new Object[]{str});
            throw e;
        } catch (Throwable th) {
            FFDCFilter.processException(th, "com.ibm.ws.security.registry.zOS.SAFRegistryImpl.getUserDisplayName", "499", this);
            Tr.error(tc, "security.registry.userdisplayname.error", new Object[]{str, th});
            throw new EntryNotFoundException(th);
        }
    }

    @Override // com.ibm.websphere.security.UserRegistry
    public String getUniqueUserId(String str) throws EntryNotFoundException, CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getUniqueUserId", str);
        }
        try {
            if (!isValidUser(str)) {
                throw new EntryNotFoundException(new StringBuffer().append("User ").append(str).append(" not found").toString());
            }
            if (this.disablePrincipalCasePreservation) {
                str = normalizeUserId(str);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getUniqueUserId", str);
            }
            return str;
        } catch (EntryNotFoundException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.registry.zOS.SAFRegistryImpl.getUniqueUserId", "545", this);
            Tr.error(tc, "security.registry.uniqueusrid.notfound", new Object[]{str});
            throw e;
        } catch (Throwable th) {
            FFDCFilter.processException(th, "com.ibm.ws.security.registry.zOS.SAFRegistryImpl.getUniqueUserId", "551", this);
            Tr.error(tc, "security.registry.uniqueusrid.error", new Object[]{str, th});
            throw new EntryNotFoundException(th);
        }
    }

    @Override // com.ibm.websphere.security.UserRegistry
    public String getUserSecurityName(String str) throws EntryNotFoundException, CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getUserSecurityName", str);
        }
        if (!isValidUser(str)) {
            Tr.error(tc, "security.registry.usersecurityname.notfound", new Object[]{str});
            throw new EntryNotFoundException(new StringBuffer().append("User ").append(str).append(" not found").toString());
        }
        if (this.disablePrincipalCasePreservation) {
            str = normalizeUserId(str);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getUserSecurityName", str);
        }
        return str;
    }

    @Override // com.ibm.websphere.security.UserRegistry
    public boolean isValidUser(String str) throws CustomRegistryException {
        boolean ntv_isValidUser;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isValidUser", str);
        }
        try {
            String normalizeUserId = normalizeUserId(str);
            if (this.forceCredCreationForValidation) {
                ntv_isValidUser = this.pcManager.getKeyFromCredential(this.pcManager.createCredential(normalizeUserId)) != null;
            } else {
                ntv_isValidUser = ntv_isValidUser(normalizeUserId);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "isValidUser", new Boolean(ntv_isValidUser));
            }
            return ntv_isValidUser;
        } catch (SAFRegistryException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.registry.zOS.SAFRegistryImpl.isValidUser", "627", this);
            Tr.error(tc, "security.registry.isvaliduser.error", new Object[]{str, e});
            throw new CustomRegistryException(e);
        }
    }

    @Override // com.ibm.websphere.security.UserRegistry
    public Result getGroups(String str, int i) throws CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getGroups", new Object[]{str, new Integer(i)});
        }
        Result result = new Result();
        List groups = getGroups(str);
        if (i > 0 && groups.size() > i) {
            groups = new ArrayList(groups.subList(0, i - 1));
            result.setHasMore();
        }
        result.setList(groups);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getGroups", result);
        }
        return result;
    }

    @Override // com.ibm.websphere.security.UserRegistry
    public String getGroupDisplayName(String str) throws EntryNotFoundException, CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getGroupDisplayName", str);
        }
        try {
            if (!isValidGroup(str)) {
                throw new EntryNotFoundException("Group entry not found");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getGroupDisplayName", str);
            }
            return str;
        } catch (EntryNotFoundException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.registry.zOS.SAFRegistryImpl.getGroupDisplayName", "715", this);
            Tr.error(tc, "security.registry.groupdisplayname.notfound", new Object[]{str});
            throw e;
        } catch (Throwable th) {
            FFDCFilter.processException(th, "com.ibm.ws.security.registry.zOS.SAFRegistryImpl.getGroupDisplayName", "721", this);
            Tr.error(tc, "security.registry.groupdisplayname.error", new Object[]{str, th});
            throw new CustomRegistryException(th);
        }
    }

    @Override // com.ibm.websphere.security.UserRegistry
    public String getUniqueGroupId(String str) throws EntryNotFoundException, CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getUniqueGroupId", str);
        }
        try {
            if (!isValidGroup(str)) {
                throw new EntryNotFoundException("Group entry not found");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getUniqueGroupId", str);
            }
            return str;
        } catch (EntryNotFoundException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.registry.zOS.SAFRegistryImpl.getUniqueGroupId", "760", this);
            Tr.error(tc, "security.registry.uniquegrpid.notfound", new Object[]{str});
            throw e;
        } catch (Throwable th) {
            FFDCFilter.processException(th, "com.ibm.ws.security.registry.zOS.SAFRegistryImpl.getUniqueGroupId", "766", this);
            Tr.error(tc, "security.registry.uniquegrpid.error", new Object[]{str, th});
            throw new CustomRegistryException(th);
        }
    }

    @Override // com.ibm.websphere.security.UserRegistry
    public List getUniqueGroupIds(String str) throws EntryNotFoundException, CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getUniqueGroupIds", str);
        }
        List groupsForUser = getGroupsForUser(str);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getUniqueGroupIds", groupsForUser);
        }
        return groupsForUser;
    }

    @Override // com.ibm.websphere.security.UserRegistry
    public String getGroupSecurityName(String str) throws EntryNotFoundException, CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getGroupSecurityName", str);
        }
        if (!isValidGroup(str)) {
            Tr.error(tc, "security.registry.groupsecurityname.notfound", new Object[]{str});
            throw new EntryNotFoundException(new StringBuffer().append("Group ").append(str).append(" not found").toString());
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getGroupSecurityName", str);
        }
        return str;
    }

    @Override // com.ibm.websphere.security.UserRegistry
    public boolean isValidGroup(String str) throws CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isValidGroup", str);
        }
        try {
            str = normalizeGroupName(str);
            boolean ntv_isValidGroup = ntv_isValidGroup(str);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "isValidGroup", new Boolean(ntv_isValidGroup));
            }
            return ntv_isValidGroup;
        } catch (SAFRegistryException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.registry.zOS.SAFRegistryImpl.isValidGroup", "860", this);
            Tr.error(tc, "security.registry.isvalidgroup.error", new Object[]{str, e});
            throw new CustomRegistryException(e);
        }
    }

    @Override // com.ibm.websphere.security.UserRegistry
    public List getGroupsForUser(String str) throws CustomRegistryException, EntryNotFoundException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getGroupsForUser", str);
        }
        try {
            List ntv_getGroupsForUser = ntv_getGroupsForUser(normalizeUserId(str), new ArrayList());
            List arrayList = ntv_getGroupsForUser == null ? new ArrayList() : ntv_getGroupsForUser;
            if (arrayList.size() == 0 && !isValidUser(str)) {
                throw new EntryNotFoundException(new StringBuffer().append("User ").append(str).append(" not found").toString());
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getGroupsForUser", arrayList);
            }
            return arrayList;
        } catch (EntryNotFoundException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.registry.zOS.SAFRegistryImpl.getGroupsForUser", "908", this);
            Tr.error(tc, "security.registry.getgrpsforuser.notfound", new Object[]{str});
            throw e;
        } catch (SAFRegistryException e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.registry.zOS.SAFRegistryImpl.getGroupsForUser", "914", this);
            Tr.error(tc, "security.registry.getgrpsforuser.notfound", new Object[]{str});
            throw new EntryNotFoundException(new StringBuffer().append("User ").append(str).append(" not found").toString());
        } catch (Throwable th) {
            FFDCFilter.processException(th, "com.ibm.ws.security.registry.zOS.SAFRegistryImpl.getGroupsForUser", "921", this);
            Tr.error(tc, "security.registry.getgrpsforuser.error", new Object[]{str, th});
            throw new CustomRegistryException(th);
        }
    }

    @Override // com.ibm.websphere.security.UserRegistry
    public Result getUsersForGroup(String str, int i) throws EntryNotFoundException, CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getUsersForGroup", new Object[]{str, new Integer(i)});
        }
        Result result = new Result();
        try {
            List ntv_getUsersForGroup = ntv_getUsersForGroup(normalizeGroupName(str), new ArrayList());
            List arrayList = ntv_getUsersForGroup == null ? new ArrayList() : ntv_getUsersForGroup;
            if (arrayList.size() == 0 && !isValidGroup(str)) {
                throw new EntryNotFoundException(new StringBuffer().append("Group ").append(str).append(" not found").toString());
            }
            if (i > 0 && arrayList.size() > i) {
                arrayList = new ArrayList(arrayList.subList(0, i - 1));
                result.setHasMore();
            }
            result.setList(arrayList);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getUsersForGroup", result);
            }
            return result;
        } catch (EntryNotFoundException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.registry.zOS.SAFRegistryImpl.getGroupsForUser", "992", this);
            Tr.error(tc, "security.registry.uniquegrpid.notfound", new Object[]{str});
            throw e;
        } catch (SAFRegistryException e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.registry.zOS.SAFRegistryImpl.getGroupsForUser", "998", this);
            Tr.error(tc, "security.registry.getusrsforgrp.error", new Object[]{str, e2});
            throw new EntryNotFoundException(new StringBuffer().append("Group ").append(str).append(" not found").toString());
        } catch (Throwable th) {
            FFDCFilter.processException(th, "com.ibm.ws.security.registry.zOS.SAFRegistryImpl.getGroupsForUser", "1005", this);
            Tr.error(tc, "security.registry.getusrsforgrp.error", new Object[]{str, th});
            throw new CustomRegistryException(th);
        }
    }

    @Override // com.ibm.websphere.security.UserRegistry
    public WSCredential createCredential(String str) throws CustomRegistryException, NotImplementedException, EntryNotFoundException {
        List uniqueGroupIds;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createCredential", str);
        }
        String[] split = str.split(TOKEN_DELIMETER, 2);
        String str2 = split.length > 1 ? split[0] : null;
        String str3 = str2 == null ? str : split[1];
        String normalizeUserId = this.disablePrincipalCasePreservation ? normalizeUserId(str3) : str3;
        try {
            String realm = getRealm();
            ArrayList arrayList = new ArrayList();
            if (!this.disableGroupLoad && (uniqueGroupIds = getUniqueGroupIds(normalizeUserId)) != null) {
                for (String str4 : (String[]) uniqueGroupIds.toArray(new String[uniqueGroupIds.size()])) {
                    arrayList.add(RegistryUtil.appendRealm("group", str4, realm));
                }
            }
            WSCredential wSCredential = (WSCredential) AccessController.doPrivileged(new PrivilegedExceptionAction(this, realm, normalizeUserId, arrayList.size() > 0 ? (String) arrayList.get(0) : RegistryUtil.nullString, RegistryUtil.appendRealm("user", normalizeUserId, realm), arrayList) { // from class: com.ibm.ws.security.registry.zOS.SAFRegistryImpl.1
                private final String val$realm;
                private final String val$securityName;
                private final String val$primaryGroupId;
                private final String val$accessId;
                private final ArrayList val$groupList;
                private final SAFRegistryImpl this$0;

                {
                    this.this$0 = this;
                    this.val$realm = realm;
                    this.val$securityName = normalizeUserId;
                    this.val$primaryGroupId = r7;
                    this.val$accessId = r8;
                    this.val$groupList = arrayList;
                }

                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    return new WSCredentialImpl(this.val$realm, this.val$securityName, this.val$securityName, this.val$primaryGroupId, this.val$accessId, null, this.val$groupList);
                }
            });
            PlatformCredential platformCredential = null;
            if (str2 != null) {
                try {
                    platformCredential = this.pcManager.getCredentialFromKey(str2);
                } catch (PrivilegedActionException e) {
                    FFDCFilter.processException(e.getException(), "com.ibm.ws.security.SAFRegistryImpl", "1112", this);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Exception setting PlatformCredential", e.getException());
                    }
                    throw new CustomRegistryException(e.getException().getMessage());
                } catch (Exception e2) {
                    FFDCFilter.processException(e2, "com.ibm.ws.security.SAFRegistryImpl", "1118", this);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Exception setting PlatformCredential", e2);
                    }
                    throw new CustomRegistryException(e2.getMessage());
                }
            }
            if (platformCredential == null && !this.useSimpleAuthentication) {
                platformCredential = this.pcManager.createCredential(normalizeUserId);
            }
            if (platformCredential != null) {
                AccessController.doPrivileged(new PrivilegedExceptionAction(this, wSCredential, platformCredential) { // from class: com.ibm.ws.security.registry.zOS.SAFRegistryImpl.2
                    private final WSCredential val$wsCred;
                    private final PlatformCredential val$platformCred;
                    private final SAFRegistryImpl this$0;

                    {
                        this.this$0 = this;
                        this.val$wsCred = wSCredential;
                        this.val$platformCred = platformCredential;
                    }

                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws Exception {
                        this.val$wsCred.set("com.ibm.ws.security.zos.PlatformCredential", this.val$platformCred);
                        return null;
                    }
                });
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "createCredential", wSCredential);
            }
            return wSCredential;
        } catch (EntryNotFoundException e3) {
            throw e3;
        } catch (PrivilegedActionException e4) {
            Exception exception = e4.getException();
            FFDCFilter.processException(exception, "com.ibm.ws.security.registry.UserRegistryImpl.createCredential", "1070", this);
            throw new CustomRegistryException(exception.getMessage(), exception);
        } catch (Exception e5) {
            FFDCFilter.processException(e5, "com.ibm.ws.security.registry.UserRegistryImpl.createCredential", "1079", this);
            Tr.error(tc, "security.registry.createcredential.error", new Object[]{normalizeUserId, e5});
            throw new CustomRegistryException(e5.getMessage(), e5);
        }
    }

    List getGroups() throws CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getGroups");
        }
        List groups = getGroups("*");
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getGroups", groups);
        }
        return groups;
    }

    List getGroups(String str) throws CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getGroups", str);
        }
        try {
            List ntv_getGroups = ntv_getGroups(new ArrayList());
            List filterList = filterList(ntv_getGroups == null ? new ArrayList() : ntv_getGroups, str);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getGroups", filterList);
            }
            return filterList;
        } catch (Throwable th) {
            FFDCFilter.processException(th, "com.ibm.ws.security.registry.zOS.SAFRegistryImpl.getGroups", "1163", this);
            Tr.error(tc, "security.registry.getgroups.error", new Object[]{"*", th});
            throw new CustomRegistryException(th);
        }
    }

    private List getUsers(String str) throws CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getUsers", str);
        }
        try {
            List ntv_getUsers = ntv_getUsers(new ArrayList());
            List filterList = filterList(ntv_getUsers == null ? new ArrayList() : ntv_getUsers, str);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getUsers", filterList);
            }
            return filterList;
        } catch (SAFRegistryException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.registry.zOS.SAFRegistryImpl.getUsers", "1190", this);
            Tr.error(tc, "security.registry.getusers.error", new Object[]{str, e});
            throw new CustomRegistryException(e);
        }
    }

    private List filterList(List list, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "filterArray", new Object[]{list, str});
        }
        RegExp regExp = new RegExp(str.toUpperCase());
        Iterator it = list.iterator();
        ArrayList arrayList = new ArrayList();
        while (it.hasNext()) {
            String str2 = (String) it.next();
            if (regExp.match(str2)) {
                arrayList.add(str2);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "filterArray", arrayList);
        }
        return arrayList;
    }

    private String normalizeUserId(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "normailzeUserId", str);
        }
        String trim = this.ignoreCase ? str.toUpperCase().trim() : str.trim();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "normalizeUserId", trim);
        }
        return trim;
    }

    private String normalizePassword(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "normalizePassword");
        }
        if (!this.mixedCasePasswordsEnabled) {
            str = str.toUpperCase().trim();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "normalizePassword");
        }
        return str;
    }

    private String normalizeGroupName(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "normalizeGroupName", str);
        }
        String trim = this.ignoreCase ? str.toUpperCase().trim() : str.trim();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "nomralizeGroupName", trim);
        }
        return trim;
    }

    public String toString() {
        return new StringBuffer().append(super.toString()).append("[realm=").append(this.realm).append(";ignoreCase=").append(this.ignoreCase).append(";disableGroupLoad=").append(this.disableGroupLoad).append(";useSimpleAuthentication=").append(this.useSimpleAuthentication).append(";mixedCasePasswordsEnabled=").append(this.mixedCasePasswordsEnabled).append("]").toString();
    }

    private static native synchronized List ntv_getUsers(List list) throws SAFRegistryException;

    private static native synchronized List ntv_getGroups(List list) throws SAFRegistryException;

    private static native List ntv_getGroupsForUser(String str, List list) throws SAFRegistryException;

    private static native List ntv_getUsersForGroup(String str, List list) throws SAFRegistryException;

    private static native boolean ntv_isValidGroup(String str) throws SAFRegistryException;

    private static native boolean ntv_isValidUser(String str) throws SAFRegistryException;

    private static native String ntv_checkPassword(String str, String str2) throws SAFRegistryException;

    private static native String ntv_mapCertificate(byte[] bArr, int i) throws SAFRegistryException;

    private static native boolean ntv_isMixedCasePWEnabled();

    private static native String ntv_getRealm();

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$ibm$ws$security$registry$zOS$SAFRegistryImpl == null) {
            cls = class$("com.ibm.ws.security.registry.zOS.SAFRegistryImpl");
            class$com$ibm$ws$security$registry$zOS$SAFRegistryImpl = cls;
        } else {
            cls = class$com$ibm$ws$security$registry$zOS$SAFRegistryImpl;
        }
        tc = Tr.register(cls, "Security", "com.ibm.ejs.resources.security");
    }
}
