package com.ibm.ws.security.core;

import com.ibm.ejs.models.base.bindings.applicationbnd.ApplicationBinding;
import com.ibm.ejs.models.base.bindings.applicationbnd.AuthorizationTable;
import com.ibm.ejs.models.base.bindings.applicationbnd.RoleAssignment;
import com.ibm.ejs.models.base.bindings.applicationbnd.RunAsMap;
import com.ibm.ejs.models.base.bindings.webappbnd.WebAppBinding;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.etools.commonarchive.EARFile;
import com.ibm.etools.commonarchive.EJBModuleRef;
import com.ibm.etools.commonarchive.WebModuleRef;
import com.ibm.websphere.management.AdminServiceFactory;
import com.ibm.websphere.management.wlm.ClusterAdminConstants;
import com.ibm.websphere.models.config.adminservice.AdminService;
import com.ibm.websphere.models.config.adminservice.JMXConnector;
import com.ibm.websphere.models.config.adminservice.RMIConnector;
import com.ibm.websphere.models.config.adminservice.SOAPConnector;
import com.ibm.websphere.models.config.appdeployment.ModuleDeployment;
import com.ibm.websphere.models.config.ipc.EndPoint;
import com.ibm.websphere.models.config.process.Server;
import com.ibm.websphere.models.config.properties.Property;
import com.ibm.websphere.models.config.security.Security;
import com.ibm.websphere.models.config.serverindex.NamedEndPoint;
import com.ibm.websphere.models.config.serverindex.ServerEntry;
import com.ibm.websphere.models.config.serverindex.ServerIndex;
import com.ibm.websphere.models.config.serverindex.ServerTypeConstants;
import com.ibm.ws.exception.ConfigurationError;
import com.ibm.ws.exception.ConfigurationWarning;
import com.ibm.ws.exception.RuntimeError;
import com.ibm.ws.exception.RuntimeWarning;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.http.Alias;
import com.ibm.ws.http.VirtualHost;
import com.ibm.ws.management.util.SecurityHelper;
import com.ibm.ws.naming.util.C;
import com.ibm.ws.runtime.component.ComponentImpl;
import com.ibm.ws.runtime.deploy.DeployedApplication;
import com.ibm.ws.runtime.deploy.DeployedModule;
import com.ibm.ws.runtime.deploy.DeployedObject;
import com.ibm.ws.runtime.deploy.DeployedObjectEvent;
import com.ibm.ws.runtime.deploy.DeployedObjectListener;
import com.ibm.ws.runtime.metadata.MetaDataSlot;
import com.ibm.ws.runtime.service.ApplicationMgr;
import com.ibm.ws.runtime.service.ConfigRoot;
import com.ibm.ws.runtime.service.EndPointMgr;
import com.ibm.ws.runtime.service.MetaDataService;
import com.ibm.ws.runtime.service.Repository;
import com.ibm.ws.runtime.service.VirtualHostMgr;
import com.ibm.ws.security.auth.DistributedMapFactory;
import com.ibm.ws.security.authorize.AppInstallNotify;
import com.ibm.ws.security.delegation.DelegationFactory;
import com.ibm.ws.security.ejb.BeanPermissionRoleMapTable;
import com.ibm.ws.security.ejb.RunAsMapTable;
import com.ibm.ws.security.server.SecurityServer;
import com.ibm.ws.security.service.SecurityService;
import com.ibm.ws.security.web.SecurityMetaDataListener;
import com.ibm.ws.security.web.TrustAssociationManager;
import com.ibm.ws.security.web.WebAppCache;
import com.ibm.ws.util.PlatformHelper;
import com.ibm.ws.util.PlatformHelperFactory;
import com.ibm.wsspi.runtime.component.WsComponent;
import com.ibm.wsspi.security.token.WSSecurityPropagationHelper;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Properties;
import java.util.StringTokenizer;
import org.eclipse.emf.common.util.EList;
import org.eclipse.emf.ecore.resource.Resource;
import org.eclipse.jst.j2ee.application.WebModule;
import org.eclipse.jst.j2ee.commonarchivecore.internal.ModuleRef;
import org.eclipse.wst.common.internal.emf.utilities.EtoolsCopyUtility;

/* loaded from: input_file:com.ibm.ws.admin.client_6.1.0.jar:com/ibm/ws/security/core/ServerSecurityComponentImpl.class */
public final class ServerSecurityComponentImpl extends ComponentImpl implements DeployedObjectListener {
    private static final TraceComponent tc;
    private static final String DENYALL_ROLE_NAME = "DenyAllRole";
    private static boolean svrSecurityEnabled;
    private SecurityServer secServer = null;
    Hashtable webModulesMap;
    private MetaDataSlot mmdSlot;
    private MetaDataSlot cmdSlot;
    private static AppInstallNotify appInstallNotify;
    static Class class$com$ibm$ws$runtime$service$Repository;
    static Class class$com$ibm$ws$runtime$service$VirtualHostMgr;
    static Class class$com$ibm$ws$runtime$service$EndPointMgr;
    static Class class$com$ibm$ws$runtime$service$ApplicationMgr;
    static Class class$com$ibm$ws$security$service$SecurityService;
    static Class class$com$ibm$websphere$models$config$adminservice$AdminService;
    static Class class$com$ibm$ws$runtime$service$MetaDataService;
    static Class class$com$ibm$ws$runtime$metadata$ModuleMetaData;
    static Class class$com$ibm$ws$runtime$metadata$ComponentMetaData;
    static Class class$com$ibm$ws$security$core$ServerSecurityComponentImpl;

    @Override // com.ibm.ws.runtime.component.ComponentImpl, com.ibm.wsspi.runtime.component.WsComponentImpl, com.ibm.wsspi.runtime.component.WsComponent
    public void initialize(Object obj) throws ConfigurationWarning, ConfigurationError {
        Class cls;
        Class cls2;
        Class cls3;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initialize", obj);
        }
        if (isNodeAgent()) {
            Tr.exit(tc, "initialize");
            return;
        }
        svrSecurityEnabled = ((Boolean) SecurityConfig.getConfig().getValue("security.enabled")).booleanValue();
        if (tc.isDebugEnabled()) {
            if (svrSecurityEnabled) {
                Tr.debug(tc, "serverSecurityEnabled");
            } else {
                Tr.debug(tc, "serverSecurityDisabled");
            }
        }
        Repository repository = null;
        try {
            try {
                this.webModulesMap = new Hashtable();
                if (svrSecurityEnabled) {
                    if (class$com$ibm$ws$runtime$service$Repository == null) {
                        cls = class$("com.ibm.ws.runtime.service.Repository");
                        class$com$ibm$ws$runtime$service$Repository = cls;
                    } else {
                        cls = class$com$ibm$ws$runtime$service$Repository;
                    }
                    repository = (Repository) getService(cls);
                    try {
                        Server server = (Server) new EtoolsCopyUtility().copy((Server) repository.getConfigRoot().getResource(4, "server.xml").getContents().get(0));
                        SecurityConfig.getConfig().setValue("process.jmxConnectorProps", getServerAdminProps(repository.getConfigRoot(), server));
                        if (class$com$ibm$ws$runtime$service$VirtualHostMgr == null) {
                            cls2 = class$("com.ibm.ws.runtime.service.VirtualHostMgr");
                            class$com$ibm$ws$runtime$service$VirtualHostMgr = cls2;
                        } else {
                            cls2 = class$com$ibm$ws$runtime$service$VirtualHostMgr;
                        }
                        VirtualHostMgr virtualHostMgr = (VirtualHostMgr) getService(cls2);
                        HashMap hashMap = new HashMap();
                        for (VirtualHost virtualHost : virtualHostMgr.getVirtualHosts()) {
                            String name = virtualHost.getName();
                            Alias[] aliases = virtualHost.getAliases();
                            ArrayList arrayList = new ArrayList();
                            for (Alias alias : aliases) {
                                String port = alias.getPort();
                                arrayList.add(port);
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, new StringBuffer().append("Adding port ").append(port).append(" to list for vHost ").append(name).toString());
                                }
                            }
                            hashMap.put(name, arrayList.clone());
                        }
                        SecurityConfig.getConfig().setValue("host.virtualhosts", hashMap);
                        if (virtualHostMgr != null) {
                            releaseService(virtualHostMgr);
                        }
                        if (class$com$ibm$ws$runtime$service$EndPointMgr == null) {
                            cls3 = class$("com.ibm.ws.runtime.service.EndPointMgr");
                            class$com$ibm$ws$runtime$service$EndPointMgr = cls3;
                        } else {
                            cls3 = class$com$ibm$ws$runtime$service$EndPointMgr;
                        }
                        EndPointMgr endPointMgr = (EndPointMgr) getService(cls3);
                        SecurityConfig.updateHTTPTransports(server, endPointMgr);
                        if (endPointMgr != null) {
                            releaseService(endPointMgr);
                        }
                    } catch (Exception e) {
                        FFDCFilter.processException(e, "com.ibm.ws.security.core.ServerSecurityComponentImpl.initialize", "176", this);
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Failed to load resource from process :  ", "server.xml");
                        }
                        if (repository != null) {
                            releaseService(repository);
                            return;
                        }
                        return;
                    }
                }
                if (repository != null) {
                    releaseService(repository);
                }
            } catch (Exception e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.security.core.ServerSecurityComponentImpl.initialize", "226", this);
                Tr.warning(tc, "security.servcomp.init");
                if (0 != 0) {
                    releaseService(null);
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "initialize");
            }
        } catch (Throwable th) {
            if (0 != 0) {
                releaseService(null);
            }
            throw th;
        }
    }

    @Override // com.ibm.ws.runtime.component.ComponentImpl, com.ibm.wsspi.runtime.component.WsComponentImpl, com.ibm.wsspi.runtime.component.WsComponent
    public void destroy() {
    }

    @Override // com.ibm.ws.runtime.component.ComponentImpl, com.ibm.wsspi.runtime.component.WsComponentImpl, com.ibm.wsspi.runtime.component.WsComponent
    public void start() throws RuntimeError, RuntimeWarning {
        Class cls;
        Class cls2;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, ClusterAdminConstants.START);
        }
        if (isNodeAgent()) {
            Tr.exit(tc, ClusterAdminConstants.START);
            return;
        }
        try {
            if (svrSecurityEnabled) {
                registerListenerWithMetaDataService();
            }
            if (class$com$ibm$ws$runtime$service$ApplicationMgr == null) {
                cls = class$("com.ibm.ws.runtime.service.ApplicationMgr");
                class$com$ibm$ws$runtime$service$ApplicationMgr = cls;
            } else {
                cls = class$com$ibm$ws$runtime$service$ApplicationMgr;
            }
            ApplicationMgr applicationMgr = (ApplicationMgr) getService(cls);
            PlatformHelper platformHelper = PlatformHelperFactory.getPlatformHelper();
            if (!platformHelper.isZOS() || !platformHelper.isControlJvm()) {
                try {
                    applicationMgr.addDeployedObjectListener(this);
                    if (applicationMgr != null) {
                        releaseService(applicationMgr);
                    }
                } catch (Throwable th) {
                    if (applicationMgr != null) {
                        releaseService(applicationMgr);
                    }
                    throw th;
                }
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Starting Security Server");
            }
            if (class$com$ibm$ws$security$service$SecurityService == null) {
                cls2 = class$("com.ibm.ws.security.service.SecurityService");
                class$com$ibm$ws$security$service$SecurityService = cls2;
            } else {
                cls2 = class$com$ibm$ws$security$service$SecurityService;
            }
            SecurityService securityService = (SecurityService) getService(cls2);
            try {
                securityService.startSecurity();
                if (securityService != null) {
                    releaseService(securityService);
                }
                if (svrSecurityEnabled) {
                    if (((Boolean) SecurityConfig.getConfig().getValue("security.ltpa.sso.enabled")).booleanValue() && WSSecurityPropagationHelper.getInstance().isWebInboundPropagationEnabled()) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Initializing DistributedMap for security attribute propagation.");
                        }
                        Properties properties = new Properties();
                        properties.put("com.ibm.ws.cache.CacheConfig.cacheSize", "100");
                        properties.put("com.ibm.ws.cache.CacheConfig.enableDiskOffload", "false");
                        properties.put("com.ibm.ws.cache.CacheConfig.diskOffloadLocation", "");
                        DistributedMapFactory.getMap("WSSecureMap", properties);
                    }
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Initializing DistributedMap for Kerberos.");
                    }
                    Properties properties2 = new Properties();
                    properties2.put("com.ibm.ws.cache.CacheConfig.cacheSize", "100");
                    properties2.put("com.ibm.ws.cache.CacheConfig.enableDiskOffload", "false");
                    properties2.put("com.ibm.ws.cache.CacheConfig.diskOffloadLocation", "");
                    DistributedMapFactory.getMap("WSSecureMapNotShared", properties2);
                    if (SecurityConfig.isDefaultJaccProvider()) {
                        appInstallNotify = AppInstallNotify.getInstance();
                    }
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, ClusterAdminConstants.START);
                }
            } catch (Throwable th2) {
                if (securityService != null) {
                    releaseService(securityService);
                }
                throw th2;
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.core.ServerSecurityComponentImpl.start", "323", this);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "start failed", new Object[]{e});
            }
            throw new RuntimeError(e.getMessage(), e);
        }
    }

    @Override // com.ibm.ws.runtime.component.ComponentImpl, com.ibm.wsspi.runtime.component.WsComponentImpl, com.ibm.wsspi.runtime.component.WsComponent
    public void stop() {
        TrustAssociationManager trustAssociationManager = TrustAssociationManager.getInstance();
        if (trustAssociationManager != null) {
            trustAssociationManager.cleanTAInterceptors();
        }
    }

    @Override // com.ibm.ws.runtime.deploy.DeployedObjectListener
    public void stateChanged(DeployedObjectEvent deployedObjectEvent) throws RuntimeError, RuntimeWarning {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "stateChanged");
        }
        DeployedObject deployedObject = (DeployedObject) deployedObjectEvent.getSource();
        if (deployedObject.getModuleFile().isEARFile()) {
            if (deployedObjectEvent.getNewValue() == WsComponent.STARTING) {
                if (svrSecurityEnabled) {
                    install(deployedObject);
                }
                refreshAuthDataEntries();
            } else if (deployedObjectEvent.getNewValue() == WsComponent.STOPPED && svrSecurityEnabled) {
                uninstall(deployedObject);
            }
        } else if (deployedObject.getModuleFile().isWARFile()) {
            if (deployedObjectEvent.getNewValue() == WsComponent.STARTING) {
                if (svrSecurityEnabled) {
                    installWeb((DeployedModule) deployedObject);
                }
            } else if (deployedObjectEvent.getNewValue() == WsComponent.STOPPED && svrSecurityEnabled) {
                uninstallWeb((DeployedModule) deployedObject);
            }
        } else if (deployedObject.getModuleFile().isEJBJarFile()) {
            if (deployedObjectEvent.getNewValue() == WsComponent.STARTING) {
                if (svrSecurityEnabled) {
                    installEJB((DeployedModule) deployedObject);
                    DelegationFactory.clearDelegationCache();
                }
            } else if (deployedObjectEvent.getNewValue() == WsComponent.STOPPED && svrSecurityEnabled) {
                uninstallEJB((DeployedModule) deployedObject);
                DelegationFactory.clearDelegationCache();
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "stateChanged");
        }
    }

    private void installWeb(DeployedModule deployedModule) throws RuntimeWarning {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "installWeb", deployedModule.getName());
        }
        ModuleDeployment moduleDeployment = deployedModule.getModuleDeployment();
        String contextRoot = ((WebModule) ((EARFile) deployedModule.getDeployedApplication().getModuleFile()).getModule(moduleDeployment.getUri(), moduleDeployment.getAltDD())).getContextRoot();
        String virtualHostName = ((WebAppBinding) deployedModule.getBinding()).getVirtualHostName();
        WebModuleRef webModuleRef = (WebModuleRef) deployedModule.getModuleRef();
        String name = deployedModule.getDeployedApplication().getName();
        if (svrSecurityEnabled && SecurityConfig.isDefaultJaccProvider() && !WSAccessManager.checkIfAdminApp(name)) {
            try {
                appInstallNotify.addWebPermissions(webModuleRef, name, WSAccessManager.getContextID(name), false, null);
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.core.ServerSecurityComponentImpl.installWeb", "413", this);
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "installWeb failed", new Object[]{e});
                }
                throw new RuntimeWarning(e);
            }
        }
        this.webModulesMap.put(deployedModule, new StringBuffer().append(virtualHostName).append(":").append(contextRoot).toString());
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "installWeb");
        }
    }

    private void uninstallWeb(DeployedModule deployedModule) throws RuntimeWarning {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "uninstallWeb", deployedModule.getName());
        }
        try {
            String str = (String) this.webModulesMap.get(deployedModule);
            String name = deployedModule.getDeployedApplication().getName();
            deployedModule.getName();
            WebModuleRef webModuleRef = (WebModuleRef) deployedModule.getModuleRef();
            if (str != null) {
                WebAppCache.removeWebApp(name, str);
                this.webModulesMap.remove(deployedModule);
            }
            if (svrSecurityEnabled && SecurityConfig.isDefaultJaccProvider() && !WSAccessManager.checkIfAdminApp(name)) {
                appInstallNotify.deleteModule((ModuleRef) webModuleRef, name, WSAccessManager.getContextID(name), false);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "uninstallWeb");
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.core.ServerSecurityComponentImpl.uninstallWeb", "455", this);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "uninstallWeb failed", new Object[]{e});
            }
            throw new RuntimeWarning(e);
        }
    }

    private void installEJB(DeployedModule deployedModule) throws RuntimeWarning {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "installEJB", deployedModule.getName());
        }
        String name = deployedModule.getDeployedApplication().getName();
        String name2 = deployedModule.getName();
        EJBModuleRef eJBModuleRef = (EJBModuleRef) deployedModule.getModuleRef();
        if (svrSecurityEnabled && SecurityConfig.isDefaultJaccProvider() && !WSAccessManager.checkIfAdminApp(name)) {
            try {
                appInstallNotify.addEJBPermissions(eJBModuleRef, name, WSAccessManager.getContextID(name), false, null);
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.core.ServerSecurityComponentImpl.installEJB", "479", this);
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "installEJB failed", new Object[]{e});
                }
                throw new RuntimeWarning(e);
            }
        }
        BeanPermissionRoleMapTable.addBeanPermissionRoleMap(new StringBuffer().append(name).append(":").append(name2).toString());
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "installEJB");
        }
    }

    private void uninstallEJB(DeployedModule deployedModule) throws RuntimeWarning {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "uninstallEJB", deployedModule.getName());
        }
        try {
            String name = deployedModule.getDeployedApplication().getName();
            String name2 = deployedModule.getName();
            EJBModuleRef eJBModuleRef = (EJBModuleRef) deployedModule.getModuleRef();
            BeanPermissionRoleMapTable.removeBeanPermissionRoleMap(new StringBuffer().append(name).append(":").append(name2).toString());
            if (svrSecurityEnabled && SecurityConfig.isDefaultJaccProvider() && !WSAccessManager.checkIfAdminApp(name)) {
                appInstallNotify.deleteModule((ModuleRef) eJBModuleRef, name, WSAccessManager.getContextID(name), false);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "uninstallEJB");
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.core.ServerSecurityComponentImpl.uninstallEJB", "508", this);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "uninstallEJB failed", new Object[]{e});
            }
            throw new RuntimeWarning(e);
        }
    }

    private void install(DeployedObject deployedObject) throws RuntimeWarning {
        String appContextIDForSecurity;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "install", deployedObject);
        }
        try {
            ApplicationBinding applicationBinding = (ApplicationBinding) deployedObject.getBinding();
            String name = deployedObject.getName();
            if (SecurityConfig.nativeAuthz) {
                AuthorizationTable authorizationTable = applicationBinding.getAuthorizationTable();
                if (authorizationTable != null) {
                    removeSubjectsFromDenyAllRole(name, authorizationTable);
                    WSAccessManager.addAuthorizationTable(name, authorizationTable);
                    if (tc.isEventEnabled()) {
                        Tr.event(tc, new StringBuffer().append("Authorization Table processed for Application ").append(name).toString());
                    }
                } else {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, new StringBuffer().append("Authorization Table Not defined for Application ").append(name).toString());
                    }
                    if (tc.isEventEnabled()) {
                        Tr.event(tc, new StringBuffer().append("Application ").append(name).append(" installed without Authorization Table").toString());
                    }
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Authorization Table in the binding file is not processed as native authorization is not used.");
            }
            RunAsMap runAsMap = applicationBinding.getRunAsMap();
            if (runAsMap != null) {
                RunAsMapTable.addRunAsMap(name, runAsMap);
                if (runAsMap.getRunAsBindings().size() == 0) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, new StringBuffer().append("RunAsMap Not defined properly for Application ").append(name).toString());
                    }
                } else if (tc.isEventEnabled()) {
                    Tr.event(tc, new StringBuffer().append("RunAsMap processed for Application ").append(name).toString());
                }
            }
            if (SecurityConfig.isJACCEnabled() && (appContextIDForSecurity = ((DeployedApplication) deployedObject).getApplicationDeployment().getAppContextIDForSecurity()) != null) {
                WSAccessManager.storeContextID(name, appContextIDForSecurity);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "install");
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.core.ServerSecurityComponentImpl.install", "583", this);
            Tr.error(tc, "security.servcomp.init");
            Tr.debug(tc, "Exception occurred in application install.", new Object[]{e});
            throw new RuntimeWarning(e.getMessage());
        }
    }

    private void uninstall(DeployedObject deployedObject) throws RuntimeWarning {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "uninstall", deployedObject);
        }
        try {
            String name = deployedObject.getName();
            if (SecurityConfig.nativeAuthz) {
                WSAccessManager.removeAuthorizationTable(name);
            }
            RunAsMapTable.removeRunAsMap(name);
            if (SecurityConfig.isJACCEnabled()) {
                WSAccessManager.removeContextID(name);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "uninstall");
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.core.ServerSecurityComponentImpl.uninstall", "620", this);
            throw new RuntimeWarning(e);
        }
    }

    protected void removeSubjectsFromDenyAllRole(String str, AuthorizationTable authorizationTable) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "removeUsersFromDenyAllRole", str);
        }
        boolean z = false;
        EList authorizations = authorizationTable.getAuthorizations();
        for (int i = 0; i < authorizations.size(); i++) {
            RoleAssignment roleAssignment = (RoleAssignment) authorizations.get(i);
            String roleName = roleAssignment.getRole().getRoleName();
            if (roleName != null && roleName.equals(DENYALL_ROLE_NAME)) {
                EList users = roleAssignment.getUsers();
                if (users != null && users.size() > 0) {
                    roleAssignment.getUsers().clear();
                    z = true;
                }
                EList groups = roleAssignment.getGroups();
                if (groups != null && groups.size() > 0) {
                    roleAssignment.getGroups().clear();
                    z = true;
                }
                EList specialSubjects = roleAssignment.getSpecialSubjects();
                if (specialSubjects != null && specialSubjects.size() > 0) {
                    roleAssignment.getSpecialSubjects().clear();
                    z = true;
                }
                if (z) {
                    Tr.warning(tc, "security.servcomp.remove.DenyAllRole", (Object) new Object[]{str});
                }
            } else if (roleName == null) {
                Tr.debug(tc, "auth.getRole().getRoleName() returns null, there might be a problem in the descriptors.");
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "removeUsersFromDenyAllRole");
        }
    }

    private void refreshAuthDataEntries() {
        Class cls;
        Security security;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "refreshAuthDataEntries");
        }
        if (class$com$ibm$ws$runtime$service$Repository == null) {
            cls = class$("com.ibm.ws.runtime.service.Repository");
            class$com$ibm$ws$runtime$service$Repository = cls;
        } else {
            cls = class$com$ibm$ws$runtime$service$Repository;
        }
        Repository repository = (Repository) getService(cls);
        try {
            try {
                try {
                    security = (Security) repository.getConfigRoot().getResource(0, "security.xml").getContents().get(0);
                } catch (Exception e) {
                    FFDCFilter.processException(e, "com.ibm.ws.security.core.ServerSecurityComponentImpl.refreshAuthDataEntries", "698", this);
                    Tr.error(tc, "security.loadresource.error", new Object[]{"security.xml", e});
                    throw e;
                }
            } catch (Exception e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.security.core.ServerSecurityComponentImpl.refreshAuthDataEntries", "709", this);
                Tr.error(tc, "security.servcomp.init");
                if (repository != null) {
                    releaseService(repository);
                }
            }
            if (security == null) {
                throw new SecurityConfigException("Cannot get the Security object. Security.xml may not exist");
            }
            SecurityConfig.getConfig().refreshAuthDataEntries(security);
            if (repository != null) {
                releaseService(repository);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "refreshAuthDataEntries");
            }
        } catch (Throwable th) {
            if (repository != null) {
                releaseService(repository);
            }
            throw th;
        }
    }

    /* JADX WARN: Finally extract failed */
    private Properties getServerAdminProps(ConfigRoot configRoot, Server server) throws Exception {
        Class cls;
        Class cls2;
        Properties secureSocketLayer;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getServerAdminProps");
        }
        String str = null;
        String str2 = null;
        Properties properties = new Properties();
        String str3 = null;
        try {
            properties.setProperty(SecurityHelper.isInternal, "true");
            EList services = server.getServices();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("Number of custom services: ").append(services.size()).toString());
            }
            AdminService adminService = null;
            if (class$com$ibm$websphere$models$config$adminservice$AdminService == null) {
                cls = class$("com.ibm.websphere.models.config.adminservice.AdminService");
                class$com$ibm$websphere$models$config$adminservice$AdminService = cls;
            } else {
                cls = class$com$ibm$websphere$models$config$adminservice$AdminService;
            }
            Class cls3 = cls;
            Iterator it = services.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                Object next = it.next();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append("Custom service: ").append(next).toString());
                }
                if (cls3.isInstance(next)) {
                    adminService = (AdminService) next;
                    break;
                }
            }
            if (adminService != null) {
                JMXConnector preferredConnector = adminService.getPreferredConnector();
                if ((preferredConnector instanceof SOAPConnector) || !(preferredConnector instanceof RMIConnector)) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Preferred connector type is SOAP.");
                    }
                    properties.setProperty("type", "SOAP");
                    str3 = "SOAP";
                    for (Property property : preferredConnector.getProperties()) {
                        if (property.getName().equals("sslConfig")) {
                            String value = property.getValue();
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, new StringBuffer().append("SSLConfig alias to use: ").append(value).toString());
                            }
                            if (value != null) {
                                try {
                                    try {
                                        if (class$com$ibm$ws$security$service$SecurityService == null) {
                                            cls2 = class$("com.ibm.ws.security.service.SecurityService");
                                            class$com$ibm$ws$security$service$SecurityService = cls2;
                                        } else {
                                            cls2 = class$com$ibm$ws$security$service$SecurityService;
                                        }
                                        SecurityService securityService = (SecurityService) getService(cls2);
                                        if (securityService != null && (secureSocketLayer = securityService.getSecureSocketLayer(value)) != null) {
                                            Enumeration<?> propertyNames = secureSocketLayer.propertyNames();
                                            while (propertyNames.hasMoreElements()) {
                                                String str4 = (String) propertyNames.nextElement();
                                                String property2 = secureSocketLayer.getProperty(str4);
                                                if (str4 != null && property2 != null) {
                                                    properties.setProperty(str4, property2);
                                                }
                                            }
                                        }
                                        if (securityService != null) {
                                            releaseService(securityService);
                                        }
                                    } catch (Throwable th) {
                                        if (0 != 0) {
                                            releaseService(null);
                                        }
                                        throw th;
                                    }
                                } catch (Exception e) {
                                    FFDCFilter.processException(e, "com.ibm.ws.security.core.ServerSecurityComponentImpl.getServerAdminProps", "808", this);
                                    if (tc.isDebugEnabled()) {
                                        Tr.debug(tc, "Exception occurred getting SSLProps.", new Object[]{e});
                                    }
                                    if (0 != 0) {
                                        releaseService(null);
                                    }
                                }
                            }
                        } else {
                            properties.setProperty(property.getName(), property.getValue());
                        }
                    }
                } else if (preferredConnector instanceof RMIConnector) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Preferred connector type is RMI.");
                    }
                    properties.setProperty("type", "RMI");
                    str3 = "RMI";
                    for (Property property3 : preferredConnector.getProperties()) {
                        properties.setProperty(property3.getName(), property3.getValue());
                    }
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Admin service is null.");
            }
            StringTokenizer stringTokenizer = new StringTokenizer((String) SecurityConfig.getConfig().getValue("process.serverName"), ":");
            if (stringTokenizer.countTokens() == 3) {
                String nextToken = stringTokenizer.nextToken();
                str2 = stringTokenizer.nextToken();
                str = stringTokenizer.nextToken();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append("cell:node:server = ").append(nextToken).append(":").append(str2).append(":").append(str).toString());
                }
            }
            String[] list = configRoot.list(3, null);
            String value2 = configRoot.getValue(3);
            for (int i = 0; i < list.length; i++) {
                if (list[i].equals(str2)) {
                    configRoot.setValue(3, list[i]);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, new StringBuffer().append("Node name: ").append(list[i]).toString());
                    }
                    Resource resource = configRoot.getResource(3, "serverindex.xml");
                    resource.getContents();
                    EList serverEntries = ((ServerIndex) resource.getContents().get(0)).getServerEntries();
                    int i2 = 0;
                    while (true) {
                        if (i2 >= serverEntries.size()) {
                            break;
                        }
                        ServerEntry serverEntry = (ServerEntry) serverEntries.get(i2);
                        if (serverEntry != null && serverEntry.getServerType().equals(ServerTypeConstants.APPLICATION_SERVER) && serverEntry.getServerName().equals(str)) {
                            EndPoint endPoint = null;
                            EndPoint endPoint2 = null;
                            EList specialEndpoints = serverEntry.getSpecialEndpoints();
                            for (int i3 = 0; i3 < specialEndpoints.size(); i3++) {
                                NamedEndPoint namedEndPoint = (NamedEndPoint) specialEndpoints.get(i3);
                                if (namedEndPoint.getEndPointName().equals("SOAP_CONNECTOR_ADDRESS")) {
                                    endPoint = namedEndPoint.getEndPoint();
                                }
                                if (namedEndPoint.getEndPointName().equals("BOOTSTRAP_ADDRESS")) {
                                    endPoint2 = namedEndPoint.getEndPoint();
                                    if (endPoint2 != null) {
                                        String num = new Integer(endPoint2.getPort()).toString();
                                        String host = endPoint2.getHost();
                                        properties.setProperty("java.naming.provider.url", new StringBuffer().append("corbaloc:iiop:").append(host).append(":").append(num).append("/").append(C.INIT_REF_ADMIN_NAME_SERVICE).toString());
                                        if (tc.isDebugEnabled()) {
                                            Tr.debug(tc, new StringBuffer().append("PROVIDER_URL: corbaloc:iiop:").append(host).append(":").append(num).toString());
                                        }
                                    }
                                }
                            }
                            if (endPoint != null && str3.equals("SOAP")) {
                                properties.setProperty("port", new Integer(endPoint.getPort()).toString());
                                properties.setProperty("host", endPoint.getHost());
                            } else if (endPoint2 != null && str3.equals("RMI")) {
                                properties.setProperty("port", new Integer(endPoint2.getPort()).toString());
                                properties.setProperty("host", endPoint2.getHost());
                            }
                        } else {
                            i2++;
                        }
                    }
                }
            }
            configRoot.setValue(3, value2);
        } catch (Exception e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.core.ServerSecurityComponentImpl.getServerAdminProps", "932", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception occurred getting SSLProps.", new Object[]{e2});
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getServerAdminProps");
        }
        return properties;
    }

    private boolean registerListenerWithMetaDataService() {
        Class cls;
        Class cls2;
        Class cls3;
        boolean z = true;
        try {
            if (class$com$ibm$ws$runtime$service$MetaDataService == null) {
                cls = class$("com.ibm.ws.runtime.service.MetaDataService");
                class$com$ibm$ws$runtime$service$MetaDataService = cls;
            } else {
                cls = class$com$ibm$ws$runtime$service$MetaDataService;
            }
            MetaDataService metaDataService = (MetaDataService) getService(cls);
            if (metaDataService != null) {
                if (class$com$ibm$ws$runtime$metadata$ModuleMetaData == null) {
                    cls2 = class$("com.ibm.ws.runtime.metadata.ModuleMetaData");
                    class$com$ibm$ws$runtime$metadata$ModuleMetaData = cls2;
                } else {
                    cls2 = class$com$ibm$ws$runtime$metadata$ModuleMetaData;
                }
                this.mmdSlot = metaDataService.reserveSlot(cls2);
                if (class$com$ibm$ws$runtime$metadata$ComponentMetaData == null) {
                    cls3 = class$("com.ibm.ws.runtime.metadata.ComponentMetaData");
                    class$com$ibm$ws$runtime$metadata$ComponentMetaData = cls3;
                } else {
                    cls3 = class$com$ibm$ws$runtime$metadata$ComponentMetaData;
                }
                this.cmdSlot = metaDataService.reserveSlot(cls3);
                SecurityMetaDataListener securityMetaDataListener = new SecurityMetaDataListener();
                metaDataService.addMetaDataListener(securityMetaDataListener);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, new StringBuffer().append("registered MetaDataListener: ").append(securityMetaDataListener).toString());
                }
            } else {
                z = false;
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "attempt to register MetaDataListener failed: metaDataService is null.");
                }
            }
        } catch (Exception e) {
            z = false;
            FFDCFilter.processException(e, "com.ibm.ws.security.core.ServerSecurityComponentImpl.registerListenerWithMetaDataService", "967", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("attempt to register MetaDataListener failed.").append(e.getMessage()).toString());
            }
        }
        return z;
    }

    private boolean isNodeAgent() {
        return AdminServiceFactory.getAdminService().getProcessType().equals("NodeAgent");
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$ibm$ws$security$core$ServerSecurityComponentImpl == null) {
            cls = class$("com.ibm.ws.security.core.ServerSecurityComponentImpl");
            class$com$ibm$ws$security$core$ServerSecurityComponentImpl = cls;
        } else {
            cls = class$com$ibm$ws$security$core$ServerSecurityComponentImpl;
        }
        tc = Tr.register(cls, (String) null, "com.ibm.ejs.resources.security");
        svrSecurityEnabled = true;
        appInstallNotify = null;
    }
}
