package com.ibm.ws.security.auth;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.security.CustomRegistryException;
import com.ibm.websphere.security.UserRegistry;
import com.ibm.websphere.security.WSSecurityException;
import com.ibm.websphere.security.cred.WSCredential;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.common.auth.WSPrincipalImpl;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.security.util.AccessController;
import com.ibm.ws.security.util.Constants;
import java.security.GeneralSecurityException;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Set;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.rmi.PortableRemoteObject;
import javax.security.auth.AuthPermission;
import javax.security.auth.Subject;

/* loaded from: input_file:efixes/PQ95485/components/prereq.wsadie.plugins/update.jar:/eclipse/plugins/com.ibm.websphere.v51_5.1.0.4/lib/sas.jar:com/ibm/ws/security/auth/WSLoginHelperImpl.class */
public class WSLoginHelperImpl {
    private static final AuthPermission GET_SUBJECT_PERMISSION = new AuthPermission("getSubject");
    private static final PrivilegedExceptionAction getSubjectAction = new PrivilegedExceptionAction() { // from class: com.ibm.ws.security.auth.WSLoginHelperImpl.1
        @Override // java.security.PrivilegedExceptionAction
        public Object run() throws WSSecurityException, GeneralSecurityException {
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.entry(WSLoginHelperImpl.tc, "getSubjectAction.run()");
            }
            Subject subject = null;
            WSCredential invocationCredential = ContextManagerFactory.getInstance().getInvocationCredential();
            if (invocationCredential != null) {
                subject = new Subject();
                subject.getPrincipals().add(new WSPrincipalImpl(invocationCredential.getRealmSecurityName()));
                subject.getPublicCredentials().add(invocationCredential);
            } else if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                Tr.debug(WSLoginHelperImpl.tc, "Invocation Credential is null, null Subject is returned");
            }
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.exit(WSLoginHelperImpl.tc, "getSubjectAction.run()");
            }
            return subject;
        }
    };
    private static final PrivilegedExceptionAction getSerializableSubjectAction = new PrivilegedExceptionAction() { // from class: com.ibm.ws.security.auth.WSLoginHelperImpl.2
        @Override // java.security.PrivilegedExceptionAction
        public Object run() throws WSSecurityException, GeneralSecurityException {
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.entry(WSLoginHelperImpl.tc, "getSerializableSubjectAction.run()");
            }
            Subject subject = null;
            WSCredential invocationCredential = ContextManagerFactory.getInstance().getInvocationCredential();
            if (invocationCredential != null) {
                subject = new Subject();
                subject.getPrincipals().add(new WSPrincipalImpl(invocationCredential.getRealmSecurityName()));
            } else if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                Tr.debug(WSLoginHelperImpl.tc, "Invocation Credential is null, null Subject is returned");
            }
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.exit(WSLoginHelperImpl.tc, "getSerializableSubjectAction.run()");
            }
            return subject;
        }
    };
    private static final PrivilegedExceptionAction getUnauthSubjectAction = new PrivilegedExceptionAction() { // from class: com.ibm.ws.security.auth.WSLoginHelperImpl.3
        @Override // java.security.PrivilegedExceptionAction
        public Object run() throws GeneralSecurityException {
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.entry(WSLoginHelperImpl.tc, "getUnauthSubjectAction.run()");
            }
            Subject subject = null;
            WSCredential unauthenticatedCredential = ContextManagerFactory.getInstance().getUnauthenticatedCredential();
            if (unauthenticatedCredential != null) {
                subject = new Subject();
                subject.getPrincipals().add(new WSPrincipalImpl(unauthenticatedCredential.getRealmSecurityName()));
                subject.getPublicCredentials().add(unauthenticatedCredential);
            } else if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                Tr.debug(WSLoginHelperImpl.tc, "No unauthenticated credential, null Subject is returned");
            }
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.exit(WSLoginHelperImpl.tc, "getUnauthSubjectAction.run()");
            }
            return subject;
        }
    };
    private static final PrivilegedExceptionAction getSerializableUnauthSubjectAction = new PrivilegedExceptionAction() { // from class: com.ibm.ws.security.auth.WSLoginHelperImpl.4
        @Override // java.security.PrivilegedExceptionAction
        public Object run() throws GeneralSecurityException {
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.entry(WSLoginHelperImpl.tc, "getSerializableUnauthSubjectAction.run()");
            }
            Subject subject = null;
            WSCredential unauthenticatedCredential = ContextManagerFactory.getInstance().getUnauthenticatedCredential();
            if (unauthenticatedCredential != null) {
                subject = new Subject();
                subject.getPrincipals().add(new WSPrincipalImpl(unauthenticatedCredential.getRealmSecurityName()));
            } else if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                Tr.debug(WSLoginHelperImpl.tc, "No unauthenticated credential, null Subject is returned");
            }
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.exit(WSLoginHelperImpl.tc, "getSerializableUnauthSubjectAction.run()");
            }
            return subject;
        }
    };
    private static final TraceComponent tc;
    static Class class$com$ibm$websphere$security$UserRegistry;
    static Class class$com$ibm$ws$security$auth$WSLoginHelperImpl;

    public static WSCredential authenticate(String str, String str2, String str3) throws WSSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, new StringBuffer().append("authenticate(username = \"").append(str).append("\", realmname = \"").append(str2).append("\", password = \"XXXXXXXX\")").toString());
        }
        disableAuthRetryForThread();
        WSCredential wSCredential = null;
        try {
            if (ContextManagerFactory.getInstance().isCellSecurityEnabled()) {
                wSCredential = ContextManagerFactory.getInstance().authenticate(str2, str, str3);
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Security is disabled, no authentication is performed, null credential will be returned");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "authenticate(username, realmname, password)");
            }
            return wSCredential;
        } finally {
            enableAuthRetryForThread();
        }
    }

    public static WSCredential validate(byte[] bArr) throws WSSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validate(credToken)");
        }
        disableAuthRetryForThread();
        WSCredential wSCredential = null;
        try {
            if (ContextManagerFactory.getInstance().isCellSecurityEnabled()) {
                wSCredential = ContextManagerFactory.getInstance().authenticate(getDefaultRealmName(), bArr);
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Security is disabled, no validation is performed, null credential will be returned");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "validate(credToken)");
            }
            return wSCredential;
        } finally {
            enableAuthRetryForThread();
        }
    }

    public static Subject getSubject() throws WSSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSubject()");
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(GET_SUBJECT_PERMISSION);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Java 2 Security Permission Check passed");
            }
        }
        Subject subject = null;
        if (ContextManagerFactory.getInstance().isCellSecurityEnabled()) {
            try {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Getting the subject from credential on the Current Thread of Execution");
                }
                subject = (Subject) AccessController.doPrivileged(getSubjectAction);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Got the subject from credential on the Current Thread of Execution");
                }
            } catch (PrivilegedActionException e) {
                Exception exception = e.getException();
                FFDCFilter.processException(exception, "com.ibm.ws.security.auth.WSLoginHelperImpl.getSubject", "245");
                if (exception instanceof WSSecurityException) {
                    throw ((WSSecurityException) exception);
                }
                throw new WSSecurityException(exception.getMessage(), exception);
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Security is disabled, null subject will be returned");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSubject()");
        }
        return subject;
    }

    public static Subject getSerializableSubject() throws WSSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSerializableSubject()");
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(GET_SUBJECT_PERMISSION);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Java 2 Security Permission Check passed");
            }
        }
        Subject subject = null;
        if (ContextManagerFactory.getInstance().isCellSecurityEnabled()) {
            try {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Getting the serializable subject from credential on the current thread of execution");
                }
                subject = (Subject) AccessController.doPrivileged(getSerializableSubjectAction);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Got the serializable subject from credential on the current thread of execution");
                }
            } catch (PrivilegedActionException e) {
                Exception exception = e.getException();
                FFDCFilter.processException(exception, "com.ibm.ws.security.auth.WSLoginHelperImpl.getSerializableSubject", "245");
                if (exception instanceof WSSecurityException) {
                    throw ((WSSecurityException) exception);
                }
                throw new WSSecurityException(exception.getMessage(), exception);
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Security is disabled, null subject will be returned");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSerializableSubject()");
        }
        return subject;
    }

    public static Subject getUnauthenticatedSubject() throws WSSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getUnauthenticatedSubjecy()");
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(GET_SUBJECT_PERMISSION);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Java 2 Security Permission Check passed");
            }
        }
        Subject subject = null;
        if (ContextManagerFactory.getInstance().isCellSecurityEnabled()) {
            try {
                subject = (Subject) AccessController.doPrivileged(getUnauthSubjectAction);
            } catch (PrivilegedActionException e) {
                Exception exception = e.getException();
                FFDCFilter.processException(exception, "com.ibm.ws.security.auth.WSLoginHelperImpl.getUnauthenticatedSubject", "431");
                if (exception instanceof WSSecurityException) {
                    throw ((WSSecurityException) exception);
                }
                throw new WSSecurityException(exception.getMessage(), exception);
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Security is disabled, null subject will be returned");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getUnauthenticatedSubjecy()");
        }
        return subject;
    }

    public static Subject getSerializableUnauthSubject() throws WSSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSerializableUnauthSubject()");
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(GET_SUBJECT_PERMISSION);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Java 2 Security Permission Check passed");
            }
        }
        Subject subject = null;
        if (ContextManagerFactory.getInstance().isCellSecurityEnabled()) {
            try {
                subject = (Subject) AccessController.doPrivileged(getSerializableUnauthSubjectAction);
            } catch (PrivilegedActionException e) {
                Exception exception = e.getException();
                FFDCFilter.processException(exception, "com.ibm.ws.security.auth.WSLoginHelperImpl.getUnauthenticatedSubject", "485");
                if (exception instanceof WSSecurityException) {
                    throw ((WSSecurityException) exception);
                }
                throw new WSSecurityException(exception.getMessage(), exception);
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Security is disabled, null subject will be returned");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSerializableUnauthSubject()");
        }
        return subject;
    }

    public static Subject restoreSerializedSubject(Subject subject, WSCredential wSCredential) throws SerialDeserialSubjectException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "restoreSerializedSubject()");
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(GET_SUBJECT_PERMISSION);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Java 2 Security Permission Check passed");
            }
        }
        Subject subject2 = null;
        if (subject == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Passed in Subject or Credential is null");
            }
            throw new SerialDeserialSubjectException();
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Passed in Subject is good");
        }
        Subject subject3 = null;
        Subject createSubjectFromWSCredential = SubjectHelper.createSubjectFromWSCredential(wSCredential);
        try {
            try {
                if (ContextManagerFactory.getInstance().isCellSecurityEnabled()) {
                    try {
                        subject3 = ContextManagerFactory.getInstance().pushInvocationSubject(createSubjectFromWSCredential);
                        subject2 = (Subject) AccessController.doPrivileged(new PrivilegedExceptionAction(subject) { // from class: com.ibm.ws.security.auth.WSLoginHelperImpl.5
                            private final Subject val$in_s;

                            {
                                this.val$in_s = subject;
                            }

                            /* JADX WARN: Multi-variable type inference failed */
                            /* JADX WARN: Type inference failed for: r0v110, types: [com.ibm.websphere.security.cred.WSCredential] */
                            @Override // java.security.PrivilegedExceptionAction
                            public Object run() throws SerialDeserialSubjectException {
                                Class cls;
                                WSCredentialImpl wSCredentialImpl;
                                Set principals = this.val$in_s.getPrincipals();
                                if (principals == null || principals.isEmpty()) {
                                    if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                                        Tr.debug(WSLoginHelperImpl.tc, "No Principals found from the serialized subject");
                                    }
                                    throw new SerialDeserialSubjectException();
                                }
                                try {
                                    Object lookup = new InitialContext().lookup(Constants.USER_REGISTRY);
                                    if (WSLoginHelperImpl.class$com$ibm$websphere$security$UserRegistry == null) {
                                        cls = WSLoginHelperImpl.class$("com.ibm.websphere.security.UserRegistry");
                                        WSLoginHelperImpl.class$com$ibm$websphere$security$UserRegistry = cls;
                                    } else {
                                        cls = WSLoginHelperImpl.class$com$ibm$websphere$security$UserRegistry;
                                    }
                                    UserRegistry userRegistry = (UserRegistry) PortableRemoteObject.narrow(lookup, cls);
                                    if (userRegistry == null) {
                                        if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                                            Tr.debug(WSLoginHelperImpl.tc, "No User Registry is available, null Subject is returned");
                                        }
                                        throw new SerialDeserialSubjectException();
                                    }
                                    Subject subject4 = new Subject();
                                    for (Object obj : principals.toArray()) {
                                        WSPrincipalImpl wSPrincipalImpl = (WSPrincipalImpl) obj;
                                        if (wSPrincipalImpl.getUserName().compareTo(ContextManagerFactory.getInstance().getUnauthenticatedString()) == 0) {
                                            wSCredentialImpl = ContextManagerFactory.getInstance().getUnauthenticatedCredential();
                                            if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                                                Tr.debug(WSLoginHelperImpl.tc, "Restoring unauthenticated credential");
                                            }
                                        } else {
                                            if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                                                Tr.debug(WSLoginHelperImpl.tc, new StringBuffer().append("Restoring subject for: ").append(wSPrincipalImpl.getUserName()).toString());
                                            }
                                            WSCredential createCredential = userRegistry.createCredential(wSPrincipalImpl.getUserName());
                                            if (createCredential == null) {
                                                if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                                                    Tr.debug(WSLoginHelperImpl.tc, "Failed to restore the identity credential");
                                                }
                                                throw new SerialDeserialSubjectException();
                                            }
                                            String property = ContextManagerFactory.getInstance().getProperty("com.ibm.CSI.WSSecurityContextActiveForwardable", "true");
                                            boolean z = property != null && (property.equalsIgnoreCase("true") || property.equalsIgnoreCase("yes"));
                                            String property2 = ContextManagerFactory.getInstance().getProperty("com.ibm.CSI.WSSecurityContextActiveOID", "NONE");
                                            if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                                                Tr.debug(WSLoginHelperImpl.tc, new StringBuffer().append("OID: ").append(property2).append(", Forwardable: ").append(property).toString());
                                            }
                                            byte[] credentialToken = createCredential.getCredentialToken();
                                            long expiration = createCredential.getExpiration();
                                            if (property2.equals("NONE")) {
                                                if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                                                    Tr.debug(WSLoginHelperImpl.tc, "Configured authetication mechanism is unknown. Failed to restore Subject.");
                                                }
                                                throw new SerialDeserialSubjectException("Configured authetication mechanism is unknown. Failed to restore Subject.");
                                            }
                                            wSCredentialImpl = new WSCredentialImpl(createCredential, property2, credentialToken, z, expiration);
                                            if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                                                Tr.debug(WSLoginHelperImpl.tc, "Restored identity credential");
                                            }
                                        }
                                        subject4.getPrincipals().add(wSPrincipalImpl);
                                        subject4.getPublicCredentials().add(wSCredentialImpl);
                                    }
                                    if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                                        Tr.debug(WSLoginHelperImpl.tc, "Restoring Subject is completed");
                                    }
                                    return subject4;
                                } catch (NamingException e) {
                                    FFDCFilter.processException(e, "com.ibm.ws.security.auth.WSLoginHelperImpl.restoreSerializedSubject", "576");
                                    if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                                        Tr.debug(WSLoginHelperImpl.tc, "Failed to get initial Naming Context. Failed to resolve for UserRegistry");
                                    }
                                    Tr.error(WSLoginHelperImpl.tc, "security.jaas.get.initCtx", new Object[]{e});
                                    SerialDeserialSubjectException serialDeserialSubjectException = new SerialDeserialSubjectException();
                                    serialDeserialSubjectException.addException(e);
                                    throw serialDeserialSubjectException;
                                } catch (CustomRegistryException e2) {
                                    FFDCFilter.processException(e2, "com.ibm.ws.security.auth.WSLoginHelperImpl.restoreSerializedSubject", "585");
                                    if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                                        Tr.debug(WSLoginHelperImpl.tc, "CustomRegistryException is caught. Failed to create credential");
                                    }
                                    Tr.error(WSLoginHelperImpl.tc, "security.jaas.create.credential", new Object[]{e2});
                                    SerialDeserialSubjectException serialDeserialSubjectException2 = new SerialDeserialSubjectException();
                                    serialDeserialSubjectException2.addException(e2);
                                    throw serialDeserialSubjectException2;
                                } catch (SerialDeserialSubjectException e3) {
                                    throw e3;
                                } catch (Exception e4) {
                                    FFDCFilter.processException(e4, "com.ibm.ws.security.auth.WSLoginHelperImpl.restoreSerializedSubject", "594");
                                    if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                                        Tr.debug(WSLoginHelperImpl.tc, new StringBuffer().append("An exception is caught: ").append(e4.toString()).toString());
                                    }
                                    Tr.error(WSLoginHelperImpl.tc, "security.jaas.restore.exception", new Object[]{e4});
                                    SerialDeserialSubjectException serialDeserialSubjectException3 = new SerialDeserialSubjectException();
                                    serialDeserialSubjectException3.addException(e4);
                                    throw serialDeserialSubjectException3;
                                }
                            }
                        });
                    } catch (WSSecurityException e) {
                        SerialDeserialSubjectException serialDeserialSubjectException = new SerialDeserialSubjectException(e.getMessage());
                        serialDeserialSubjectException.addException(e);
                        throw serialDeserialSubjectException;
                    }
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Security is disabled, null subject will be returned");
                }
                try {
                    ContextManagerFactory.getInstance().popInvocationSubject(subject3);
                    if (tc.isEntryEnabled()) {
                        Tr.exit(tc, "restoreSerializedSubject()");
                    }
                    return subject2;
                } catch (WSSecurityException e2) {
                    FFDCFilter.processException(e2, "com.ibm.ws.security.auth.WSLoginHelperImpl.restoreSerializedSubject", "631");
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "InvalidCredentialType exception is caught while serialized Subject is being restored");
                    }
                    Tr.error(tc, "security.jaas.invalidType2.cred.exception", new Object[]{e2});
                    SerialDeserialSubjectException serialDeserialSubjectException2 = new SerialDeserialSubjectException(e2.getMessage());
                    serialDeserialSubjectException2.addException(e2);
                    throw serialDeserialSubjectException2;
                }
            } catch (PrivilegedActionException e3) {
                SerialDeserialSubjectException serialDeserialSubjectException3 = (SerialDeserialSubjectException) e3.getException();
                FFDCFilter.processException(serialDeserialSubjectException3, "com.ibm.ws.security.auth.WSLoginHelperImpl.restoreSerializedSubject", "606");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "PrivilegedActionException is caught while serialized Subject is being restored");
                }
                Tr.error(tc, "security.jaas.priv.exception", new Object[]{serialDeserialSubjectException3});
                throw serialDeserialSubjectException3;
            }
        } catch (Throwable th) {
            try {
                ContextManagerFactory.getInstance().popInvocationSubject(null);
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "restoreSerializedSubject()");
                }
                throw th;
            } catch (WSSecurityException e4) {
                FFDCFilter.processException(e4, "com.ibm.ws.security.auth.WSLoginHelperImpl.restoreSerializedSubject", "631");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "InvalidCredentialType exception is caught while serialized Subject is being restored");
                }
                Tr.error(tc, "security.jaas.invalidType2.cred.exception", new Object[]{e4});
                SerialDeserialSubjectException serialDeserialSubjectException4 = new SerialDeserialSubjectException(e4.getMessage());
                serialDeserialSubjectException4.addException(e4);
                throw serialDeserialSubjectException4;
            }
        }
    }

    public static WSCredential refresh(String str, String str2, String str3) throws WSSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, new StringBuffer().append("refresh(username = \"").append(str).append("\", realmname = \"").append(str2).append("\", password = \"XXXXXXXX\")").toString());
        }
        disableAuthRetryForThread();
        WSCredential wSCredential = null;
        try {
            if (ContextManagerFactory.getInstance().isCellSecurityEnabled()) {
                wSCredential = ContextManagerFactory.getInstance().authenticate(str2, str, str3);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "returned from login");
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Security is disabled, credential is not refreshed, null credential will be returned");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "refresh(username, realmname, password)");
            }
            return wSCredential;
        } finally {
            enableAuthRetryForThread();
        }
    }

    public static String getDefaultRealmName() {
        return ContextManagerFactory.getInstance().getDefaultRealm();
    }

    private WSLoginHelperImpl() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "WSLoginHelperImpl()");
        }
        Tr.error(tc, "security.jaas.NoWSLoginHelperImpl");
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "WSLoginHelperImpl()");
        }
    }

    private static void disableAuthRetryForThread() {
        ContextManagerFactory.getInstance().put("wssecurity.disableauthretry", new Boolean(true));
    }

    private static void enableAuthRetryForThread() {
        ContextManagerFactory.getInstance().put("wssecurity.disableauthretry", new Boolean(false));
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$ibm$ws$security$auth$WSLoginHelperImpl == null) {
            cls = class$("com.ibm.ws.security.auth.WSLoginHelperImpl");
            class$com$ibm$ws$security$auth$WSLoginHelperImpl = cls;
        } else {
            cls = class$com$ibm$ws$security$auth$WSLoginHelperImpl;
        }
        tc = Tr.register(cls, (String) null, "com.ibm.ejs.resources.security");
    }
}
