package com.ibm.commerce.browseradapter;

import com.ibm.as400.access.PrintObject;
import com.ibm.commerce.adapter.GenericSessionData;
import com.ibm.commerce.adapter.SessionContext;
import com.ibm.commerce.adapter.SessionData;
import com.ibm.commerce.base.objects.ServerJDBCHelperAccessBean;
import com.ibm.commerce.collaboration.livehelp.commands.ECLivehelpConstants;
import com.ibm.commerce.command.CommandContextImpl;
import com.ibm.commerce.command.CommandFactory;
import com.ibm.commerce.config.client.CMDefinitions;
import com.ibm.commerce.datatype.TypedProperty;
import com.ibm.commerce.exception.ECException;
import com.ibm.commerce.exception.ECSystemException;
import com.ibm.commerce.member.helpers.ECMemberConstants;
import com.ibm.commerce.member.helpers.MemberRegistrationAttributesHelper;
import com.ibm.commerce.member.helpers.MemberRegistrationHelper;
import com.ibm.commerce.member.helpers.UserManageBean;
import com.ibm.commerce.order.utils.OrderConstants;
import com.ibm.commerce.ras.ECMessage;
import com.ibm.commerce.ras.ECMessageHelper;
import com.ibm.commerce.ras.ECTrace;
import com.ibm.commerce.security.commands.MigrateUserEntriesCmd;
import com.ibm.commerce.server.ECConstants;
import com.ibm.commerce.server.SessionHelper;
import com.ibm.commerce.server.WcsApp;
import com.ibm.commerce.user.objects.AddressAccessBean;
import com.ibm.commerce.user.objects.AddressBookAccessBean;
import com.ibm.commerce.user.objects.CertificateX509AccessBean;
import com.ibm.commerce.user.objects.DemographicsAccessBean;
import com.ibm.commerce.user.objects.UserAccessBean;
import com.ibm.commerce.user.objects.UserProfileAccessBean;
import com.ibm.commerce.user.objects.UserRegistryAccessBean;
import com.ibm.commerce.util.SecurityHelper;
import com.ibm.commerce.util.X500Name;
import com.ibm.commerce.utils.TimestampHelper;
import com.ibm.ws.security.util.Base64Coder;
import java.rmi.RemoteException;
import java.security.cert.X509Certificate;
import javax.ejb.CreateException;
import javax.ejb.FinderException;
import javax.naming.NamingException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* JADX WARN: Classes with same name are omitted:
  input_file:was/wc55EXPRESS_fp4_os400.jar:ptfs/wc55EXPRESS_fp4_os400/components/commerce.server/update.jar:/Enablement-BaseComponentsLogic.jarcom/ibm/commerce/browseradapter/HttpSessionContext.class
  input_file:wc/wc55EXPRESS_fp4_os400.jar:ptfs/wc55EXPRESS_fp4_os400/components/commerce.cm.client/update.jar:/lib/Enablement-BaseComponentsLogic.jarcom/ibm/commerce/browseradapter/HttpSessionContext.class
  input_file:wc/wc55EXPRESS_fp4_os400.jar:ptfs/wc55EXPRESS_fp4_os400/components/commerce.cm/update.jar:/lib/Enablement-BaseComponentsLogic.jarcom/ibm/commerce/browseradapter/HttpSessionContext.class
 */
/* loaded from: input_file:wc/wc55EXPRESS_fp4_os400.jar:ptfs/wc55EXPRESS_fp4_os400/components/commerce.server/update.jar:/wc.ear/Enablement-BaseComponentsLogic.jarcom/ibm/commerce/browseradapter/HttpSessionContext.class */
public class HttpSessionContext implements SessionContext {
    public static final String COPYRIGHT = "(c) Copyright International Business Machines Corporation 2000,2001,2003";
    public static final Long GENERIC_USER_ID = new Long(ECMemberConstants.EC_DB_GUEST_USER_ID);
    private static int inSessionType;
    private static boolean ibURLRewrite;
    private static boolean ibSingleSignOn;
    private static boolean ibLoginTimeoutEnabled;
    private static boolean ibPasswordInvalidationEnabled;
    private static boolean ibSSLAuthOff;
    private Long ilInitialUserId = null;
    private Long ilCurrentUserId = null;
    private HttpServletRequest iRequest = null;
    private HttpServletResponse iResponse = null;
    private TypedProperty iTypedProperty = null;
    private WCSessionContainer iSessionContainer = null;
    private WCSession iSessionInitial = null;
    private WCAuthenticationCookie iAuthCookieInitial = null;
    private WCUserSession iUserSessionInitial = null;
    private GenericSessionData iSessionDataInitial = null;
    private GenericSessionData iSessionDataCurrent = null;
    private boolean bNewUserId = false;
    private boolean bSessionDataChanged = false;
    private boolean ibSecure = false;
    private int initial_password_expiry_flag = 0;

    static {
        inSessionType = 0;
        ibURLRewrite = false;
        ibSingleSignOn = false;
        ibLoginTimeoutEnabled = false;
        ibPasswordInvalidationEnabled = false;
        ibSSLAuthOff = false;
        if (CMDefinitions.SESSION_WAS.equalsIgnoreCase(WcsApp.configProperties.getValue("SessionManagement/cookie/persistence"))) {
            inSessionType = 1;
        }
        ibURLRewrite = "true".equalsIgnoreCase(WcsApp.configProperties.getValue("SessionManagement/url-rewriting/enabled"));
        ibSingleSignOn = "1".equalsIgnoreCase(WcsApp.configProperties.getValue("MemberSubSystem/Directory/SingleSignOn"));
        ibSSLAuthOff = "false".equalsIgnoreCase(WcsApp.configProperties.getValue("SessionManagement/cookie/sslauth"));
        String value = WcsApp.configProperties.getValue("LoginTimeout/enabled");
        ibLoginTimeoutEnabled = value != null && value.equals("true");
        String value2 = WcsApp.configProperties.getValue("PasswordInvalidation/enabled");
        String value3 = WcsApp.configProperties.getValue(ECMemberConstants.EC_AUTHENTICATION_MODE);
        ibPasswordInvalidationEnabled = value2 != null && value2.equalsIgnoreCase("true") && (value3 == null || !value3.equalsIgnoreCase("LDAP"));
    }

    public HttpSessionContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, TypedProperty typedProperty) throws ECSystemException {
        initializeInstanceVariables(httpServletRequest, httpServletResponse, typedProperty);
    }

    public void commit() throws ECSystemException {
        String logonTime;
        ECTrace.entry(0L, getClass().getName(), OrderConstants.EC_COMMIT);
        Long userId = this.iSessionDataCurrent.getUserId();
        if (!this.bNewUserId) {
            this.bNewUserId = !userId.equals(this.ilInitialUserId);
        }
        boolean z = false;
        if (this.bNewUserId) {
            try {
                UserAccessBean userAccessBean = new UserAccessBean();
                userAccessBean.setInitKey_MemberId(userId.toString());
                z = "G".equalsIgnoreCase(userAccessBean.getRegisterType());
            } catch (Exception e) {
            }
            if (!z) {
                SessionHelper.shiftSessionTimestamp(userId);
            }
        }
        int i = 0;
        if (this.bNewUserId) {
            i = getHierarchyChange();
        }
        WCUserSession wCUserSession = this.iUserSessionInitial;
        String str = null;
        String str2 = null;
        if (ibLoginTimeoutEnabled && this.bNewUserId && wCUserSession != null && i < 0 && (logonTime = wCUserSession.getLogonTime()) != null && logonTime.equals(ECLivehelpConstants.EC_CC_ROLE_SITE_ADMIN)) {
            str = wCUserSession.getExpiredUserId();
            str2 = wCUserSession.getPreExpiryURL();
            ECTrace.trace(0L, getClass().getName(), OrderConstants.EC_COMMIT, new StringBuffer("YYY User session expired, storing session info: ").append(str).append(":").append(str2).toString());
        }
        if (this.iSessionDataCurrent.isChanged() || this.bNewUserId) {
            wCUserSession = this.iSessionContainer.update(this.iSessionDataCurrent, this.bNewUserId);
        }
        if (ibPasswordInvalidationEnabled && (this.ibSecure || ibSSLAuthOff)) {
            if (!this.bNewUserId || z) {
                if (this.initial_password_expiry_flag != 0) {
                    Integer num = null;
                    try {
                        UserRegistryAccessBean userRegistryAccessBean = new UserRegistryAccessBean();
                        userRegistryAccessBean.setInitKey_UserId(userId.toString());
                        num = userRegistryAccessBean.getPasswordExpiredInEJBType();
                    } catch (Exception e2) {
                    }
                    if (num != null && num.intValue() == 0) {
                        wCUserSession.setPasswordInvalidatedFlag(new String("0"));
                    }
                }
            } else if (i >= 0) {
                try {
                    UserRegistryAccessBean userRegistryAccessBean2 = new UserRegistryAccessBean();
                    userRegistryAccessBean2.setInitKey_UserId(userId.toString());
                    Integer num2 = null;
                    try {
                        num2 = userRegistryAccessBean2.getPasswordExpiredInEJBType();
                    } catch (Exception e3) {
                    }
                    if (num2 != null) {
                        wCUserSession.setPasswordInvalidatedFlag(num2.toString());
                    }
                } catch (Exception e4) {
                }
            } else {
                wCUserSession.setPasswordInvalidatedFlag(new String("0"));
            }
        }
        if (ibLoginTimeoutEnabled) {
            if (this.bNewUserId && !z && wCUserSession != null) {
                if (i > 0) {
                    wCUserSession.setLogonTime(String.valueOf(TimestampHelper.systemCurrentTimestamp().getTime()));
                    wCUserSession.setExpiredUserId((String) null);
                    wCUserSession.setPreExpiryURL((String) null);
                } else {
                    String logonTime2 = wCUserSession.getLogonTime();
                    if (logonTime2 != null && !logonTime2.equals(ECLivehelpConstants.EC_CC_ROLE_SITE_ADMIN)) {
                        wCUserSession.setLogonTime(ECLivehelpConstants.EC_CC_ROLE_SITE_ADMIN);
                    }
                }
            }
            if (this.bNewUserId && wCUserSession != null && i < 0) {
                if (str != null) {
                    wCUserSession.setExpiredUserId(str);
                    wCUserSession.setLogonTime(ECLivehelpConstants.EC_CC_ROLE_SITE_ADMIN);
                }
                if (str2 != null) {
                    wCUserSession.setPreExpiryURL(str2);
                }
            }
            if ((this.bNewUserId && this.ilInitialUserId != null) || (!this.bNewUserId && !this.ilInitialUserId.equals(GENERIC_USER_ID))) {
                long j = 0;
                if (WcsApp.defaultTimeout != null) {
                    j = 0 + WcsApp.defaultTimeout.longValue();
                }
                wCUserSession.setExpiryTime(String.valueOf(j + TimestampHelper.systemCurrentTimestamp().getTime()));
            }
        }
        this.iSessionContainer.commitUserSessionChanges();
        ECTrace.trace(0L, getClass().getName(), OrderConstants.EC_COMMIT, new StringBuffer("YYY Session is exited under the UserId ").append(userId).toString());
        ECTrace.exit(0L, getClass().getName(), OrderConstants.EC_COMMIT);
    }

    public Object getExtendedSessionData(String str) {
        return null;
    }

    public SessionData getSessionData() {
        ECTrace.entry(0L, getClass().getName(), "getSessionData");
        ECTrace.exit(0L, getClass().getName(), "getSessionData");
        return this.iSessionDataInitial;
    }

    public String getUniqueSessionTag() {
        return this.iRequest.getSession().getId();
    }

    /* JADX WARN: Code restructure failed: missing block: B:44:0x00c3, code lost:
    
        if (r0.trim().length() == 0) goto L34;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.lang.Long getValidUserId() throws com.ibm.commerce.exception.ECSystemException {
        /*
            Method dump skipped, instructions count: 545
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.commerce.browseradapter.HttpSessionContext.getValidUserId():java.lang.Long");
    }

    protected void initializeInstanceVariables(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, TypedProperty typedProperty) throws ECSystemException {
        String cookieValue;
        this.iRequest = httpServletRequest;
        this.iResponse = httpServletResponse;
        this.iTypedProperty = typedProperty;
        this.ibSecure = WCAuthenticationCookie.isSecureConnection(httpServletRequest.getScheme(), httpServletRequest.getServerPort());
        this.iSessionContainer = (WCSessionContainer) httpServletRequest.getAttribute("SessionContainer");
        if (this.iSessionContainer == null) {
            this.iSessionContainer = new WCSessionContainer(this.iRequest, this.iResponse, inSessionType, WcsApp.configProperties.getMerchantKey());
            this.iSessionContainer.populateContainer();
        } else {
            this.iSessionContainer.setResponseBuffer(this.iResponse);
            ECTrace.trace(0L, getClass().getName(), "init", "DKTEST Retrieved SessionContainer information from the DynaCache");
        }
        Integer num = null;
        ActiveStoreData activeStoreData = this.iSessionContainer.getActiveStoreData();
        if (activeStoreData != null) {
            num = activeStoreData.getActiveStoreId();
        }
        if (num == null) {
            num = ECConstants.EC_NO_STOREID;
        }
        this.iSessionContainer.setInitialStoreId(num);
        this.iSessionInitial = this.iSessionContainer.getInitialSession();
        Integer initialStoreId = this.iSessionContainer.getInitialStoreId();
        if (this.iSessionInitial != null) {
            this.iAuthCookieInitial = this.iSessionInitial.getAuthenticationCookie();
            this.iUserSessionInitial = this.iSessionInitial.getUserSession();
        }
        if (this.iUserSessionInitial != null) {
            this.iSessionDataInitial = this.iUserSessionInitial.getSessionData(initialStoreId);
            try {
                this.initial_password_expiry_flag = Integer.parseInt(this.iUserSessionInitial.getPasswordInvalidatedFlag());
            } catch (Exception e) {
                this.initial_password_expiry_flag = 0;
            }
        } else {
            this.iSessionDataInitial = new GenericSessionData();
        }
        if (WcsApp.referrerEnabled && ((cookieValue = SessionHelper.getCookieValue(httpServletRequest, "REFERRER")) == null || cookieValue.length() <= 0)) {
            Cookie cookie = new Cookie("REFERRER", httpServletRequest.getHeader("referer"));
            cookie.setMaxAge(1209600);
            cookie.setPath("/");
            httpServletResponse.addCookie(cookie);
        }
        ECTrace.trace(0L, getClass().getName(), "init", new StringBuffer("DKTEST value is ").append((String) httpServletRequest.getAttribute("DKTEST")).toString());
    }

    public void rollback() throws ECSystemException {
        ECTrace.entry(0L, getClass().getName(), "rollback");
        Long l = this.ilInitialUserId == null ? GENERIC_USER_ID : this.ilInitialUserId;
        if ((this.bNewUserId || this.bSessionDataChanged) && this.iSessionInitial != null) {
            this.iSessionContainer.update(this.iSessionDataInitial, this.bNewUserId);
            this.iSessionContainer.commitUserSessionChanges();
        }
        ECTrace.exit(0L, getClass().getName(), "rollback");
    }

    public void setExtendedSessionData(String str, Object obj) throws ECException {
    }

    public void setSessionData(SessionData sessionData) throws ECSystemException {
        this.iSessionDataCurrent = (GenericSessionData) sessionData;
    }

    public void setUniqueSessionTag(String str) throws ECException {
    }

    public Long handleSingleSignOn(Long l, HttpServletRequest httpServletRequest) throws ECSystemException {
        ECTrace.entry(0L, getClass().getName(), "handleSingleSignOn");
        String cookieValue = SessionHelper.getCookieValue(this.iRequest, "LtpaToken");
        if (cookieValue == null) {
            ECTrace.trace(0L, getClass().getName(), "handleSingleSignOn", "No LTPA token was found");
            ECTrace.exit(0L, getClass().getName(), "handleSingleSignOn");
            return null;
        }
        UserAccessBean userAccessBean = null;
        if (l != null) {
            try {
                userAccessBean = new UserAccessBean();
                userAccessBean.setInitKey_MemberId(l.toString());
                if (!"G".equalsIgnoreCase(userAccessBean.getRegisterType())) {
                    ECTrace.trace(0L, getClass().getName(), "handleSingleSignOn", "User is already registered");
                    ECTrace.exit(0L, getClass().getName(), "handleSingleSignOn");
                    return null;
                }
            } catch (NamingException e) {
                ECSystemException eCSystemException = new ECSystemException(ECMessage._ERR_GENERIC, getClass().getName(), "handleSingleSignOn", ECMessageHelper.generateMsgParms(e.toString()), e);
                ECTrace.exit(0L, getClass().getName(), "handleSingleSignOn");
                throw eCSystemException;
            } catch (RemoteException e2) {
                ECSystemException eCSystemException2 = new ECSystemException(ECMessage._ERR_REMOTE_EXCEPTION, getClass().getName(), "handleSingleSignOn", ECMessageHelper.generateMsgParms(e2.toString()), e2);
                ECTrace.exit(0L, getClass().getName(), "handleSingleSignOn");
                throw eCSystemException2;
            } catch (CreateException e3) {
                ECSystemException eCSystemException3 = new ECSystemException(ECMessage._ERR_CREATE_EXCEPTION, getClass().getName(), "handleSingleSignOn", ECMessageHelper.generateMsgParms(e3.toString()), e3);
                ECTrace.exit(0L, getClass().getName(), "handleSingleSignOn");
                throw eCSystemException3;
            } catch (FinderException e4) {
                ECSystemException eCSystemException4 = new ECSystemException(ECMessage._ERR_FINDER_EXCEPTION, getClass().getName(), "handleSingleSignOn", ECMessageHelper.generateMsgParms(e4.toString()), e4);
                ECTrace.exit(0L, getClass().getName(), "handleSingleSignOn");
                throw eCSystemException4;
            }
        }
        try {
            ECTrace.trace(0L, getClass().getName(), "handleSingleSignOn", new StringBuffer("The LtpaToken value is ").append(cookieValue).toString());
            byte[] base64Decode = Base64Coder.base64Decode(cookieValue.getBytes("UTF8"));
            ECTrace.trace(0L, getClass().getName(), "handleSingleSignOn", new StringBuffer("Cookie value is ").append(new String(base64Decode)).toString());
            String login = SecurityHelper.login(base64Decode);
            if (login == null) {
                ECTrace.trace(0L, getClass().getName(), "handleSingleSignOn", "Unable to decode LTPA token");
                return null;
            }
            ECTrace.trace(0L, getClass().getName(), "handleSingleSignOn", new StringBuffer("The UserIdentity in the LtpaToken is ").append(login).toString());
            int indexOf = login.indexOf("/") + 1;
            if (indexOf < 0) {
                ECTrace.trace(0L, getClass().getName(), "handleSingleSignOn", "Unable to retrieve Distinguished Name from LTPA token");
                return null;
            }
            String substring = login.substring(indexOf);
            ECTrace.trace(0L, getClass().getName(), "handleSingleSignOn", new StringBuffer("The distinguished name in the UserIdentity is ").append(substring).toString());
            try {
                Long l2 = new Long(new UserManageBean().findByDN(substring).getKey());
                ECTrace.trace(0L, getClass().getName(), "handleSingleSignOn", "LDAP Synchronization Successful.");
                UserAccessBean userAccessBean2 = new UserAccessBean();
                userAccessBean2.setInitKey_MemberId(l2.toString());
                ECTrace.trace(0L, getClass().getName(), "handleSingleSignOn", "User signing on from SSO; re-assigning default roles.");
                MemberRegistrationHelper.setRolesForMemberInOrg(l2, MemberRegistrationAttributesHelper.getResolvedRolesForNewUser(l2, ECConstants.EC_NO_STOREID.toString(), "SSO"));
                if (l != null && !ECMemberConstants.EC_DB_GUEST_USER_ID.equalsIgnoreCase(l.toString())) {
                    try {
                        MigrateUserEntriesCmd createCommand = CommandFactory.createCommand("com.ibm.commerce.security.commands.MigrateUserEntriesCmd", new Integer(0));
                        createCommand.setOldUser(userAccessBean);
                        createCommand.setNewUser(userAccessBean2);
                        createCommand.setCommandContext(new CommandContextImpl());
                        createCommand.execute();
                    } catch (ECException e5) {
                        ECTrace.trace(0L, getClass().getName(), "handleSingleSignOn", "Guest user migration failed.");
                        ECSystemException eCSystemException5 = new ECSystemException(ECMessage._ERR_CREATE_EXCEPTION, getClass().getName(), "handleSingleSignOn", ECMessageHelper.generateMsgParms(e5.toString()), e5);
                        ECTrace.exit(0L, getClass().getName(), "handleSingleSignOn");
                        throw eCSystemException5;
                    }
                }
                ECTrace.exit(0L, getClass().getName(), "handleSingleSignOn");
                return l2;
            } catch (Exception e6) {
                ECTrace.exit(0L, getClass().getName(), "handleSingleSignOn", new StringBuffer("LDAP Synchronziation failed: ").append(e6.toString()).toString());
                return null;
            } catch (NamingException e7) {
                ECSystemException eCSystemException6 = new ECSystemException(ECMessage._ERR_GENERIC, getClass().getName(), "handleSingleSignOn", ECMessageHelper.generateMsgParms(e7.toString()), e7);
                ECTrace.exit(0L, getClass().getName(), "handleSingleSignOn");
                throw eCSystemException6;
            } catch (RemoteException e8) {
                ECSystemException eCSystemException7 = new ECSystemException(ECMessage._ERR_REMOTE_EXCEPTION, getClass().getName(), "handleSingleSignOn", ECMessageHelper.generateMsgParms(e8.toString()), e8);
                ECTrace.exit(0L, getClass().getName(), "handleSingleSignOn");
                throw eCSystemException7;
            } catch (CreateException e9) {
                ECSystemException eCSystemException8 = new ECSystemException(ECMessage._ERR_CREATE_EXCEPTION, getClass().getName(), "handleSingleSignOn", ECMessageHelper.generateMsgParms(e9.toString()), e9);
                ECTrace.exit(0L, getClass().getName(), "handleSingleSignOn");
                throw eCSystemException8;
            } catch (FinderException e10) {
                ECSystemException eCSystemException9 = new ECSystemException(ECMessage._ERR_FINDER_EXCEPTION, getClass().getName(), "handleSingleSignOn", ECMessageHelper.generateMsgParms(e10.toString()), e10);
                ECTrace.exit(0L, getClass().getName(), "handleSingleSignOn");
                throw eCSystemException9;
            }
        } catch (Exception e11) {
            ECTrace.exit(0L, getClass().getName(), "handleSingleSignOn", new StringBuffer("Unknown exception was caught: ").append(e11.toString()).toString());
            e11.printStackTrace();
            return null;
        }
    }

    public Long handleX509User(Long l, HttpServletRequest httpServletRequest) throws ECSystemException {
        boolean z;
        ECTrace.entry(0L, getClass().getName(), "handleX509User");
        UserAccessBean userAccessBean = null;
        if (l != null) {
            try {
                userAccessBean = new UserAccessBean();
                userAccessBean.setInitKey_MemberId(l.toString());
                if (!"G".equalsIgnoreCase(userAccessBean.getRegisterType())) {
                    ECTrace.trace(0L, getClass().getName(), "handleX509User", "User is already registered");
                    ECTrace.exit(0L, getClass().getName(), "handleX509User");
                    return null;
                }
            } catch (RemoteException e) {
                ECSystemException eCSystemException = new ECSystemException(ECMessage._ERR_REMOTE_EXCEPTION, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e.toString()), e);
                ECTrace.exit(0L, getClass().getName(), "handleX509User");
                throw eCSystemException;
            } catch (NamingException e2) {
                ECSystemException eCSystemException2 = new ECSystemException(ECMessage._ERR_GENERIC, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e2.toString()), e2);
                ECTrace.exit(0L, getClass().getName(), "handleX509User");
                throw eCSystemException2;
            } catch (CreateException e3) {
                ECSystemException eCSystemException3 = new ECSystemException(ECMessage._ERR_CREATE_EXCEPTION, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e3.toString()), e3);
                ECTrace.exit(0L, getClass().getName(), "handleX509User");
                throw eCSystemException3;
            } catch (FinderException e4) {
                ECSystemException eCSystemException4 = new ECSystemException(ECMessage._ERR_FINDER_EXCEPTION, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e4.toString()), e4);
                ECTrace.exit(0L, getClass().getName(), "handleX509User");
                throw eCSystemException4;
            }
        }
        X509Certificate[] x509CertificateArr = (X509Certificate[]) httpServletRequest.getAttribute("javax.net.ssl.peer_certificates");
        if (x509CertificateArr == null || x509CertificateArr[0] == null) {
            ECTrace.trace(0L, getClass().getName(), "handleX509User", "There is a problem obtaining the certificate from HttpServlet Request.");
            return null;
        }
        X509Certificate x509Certificate = x509CertificateArr[0];
        X500Name x500Name = new X500Name(x509Certificate.getIssuerDN().getName());
        X500Name x500Name2 = new X500Name(x509Certificate.getSubjectDN().getName());
        String bigInteger = x509Certificate.getSerialNumber().toString(16);
        String organization = x500Name.getOrganization();
        String organization2 = x500Name2.getOrganization();
        String commonName = x500Name2.getCommonName();
        x500Name2.getEmail();
        if (organization2 == null || organization2.length() == 0) {
            organization2 = "unknown";
        }
        validateX509Attribute(bigInteger, PrintObject.ATTR_TIME_END, false);
        validateX509Attribute(organization, 200, false);
        validateX509Attribute(organization2, PrintObject.ATTR_TIME_END, false);
        validateX509Attribute(commonName, PrintObject.ATTR_TIME_END, false);
        CertificateX509AccessBean certificateX509AccessBean = null;
        try {
            certificateX509AccessBean = new CertificateX509AccessBean().findBySerialNumberAndIssuer(bigInteger, organization, organization2, commonName, "unknown");
            z = false;
        } catch (Exception e5) {
            z = true;
        }
        if (!z) {
            try {
                if (!certificateX509AccessBean.getStatus().equalsIgnoreCase("V")) {
                    ECSystemException eCSystemException5 = new ECSystemException(ECMessage._ERR_INVALID_X509CERT, getClass().getName(), "handleX509User", "X509ErrorView");
                    ECTrace.trace(0L, getClass().getName(), "handleX509User", "Invalid Certificate supplied.");
                    throw eCSystemException5;
                }
                UserAccessBean userAccessBean2 = new UserAccessBean();
                userAccessBean2.setInitKey_MemberId(certificateX509AccessBean.getUserId());
                Long l2 = new Long(certificateX509AccessBean.getUserId());
                if (l != null && !ECMemberConstants.EC_DB_GUEST_USER_ID.equalsIgnoreCase(l.toString())) {
                    try {
                        MigrateUserEntriesCmd createCommand = CommandFactory.createCommand("com.ibm.commerce.security.commands.MigrateUserEntriesCmd", new Integer(0));
                        createCommand.setOldUser(userAccessBean);
                        createCommand.setNewUser(userAccessBean2);
                        createCommand.setCommandContext(new CommandContextImpl());
                        createCommand.execute();
                    } catch (ECException e6) {
                        ECTrace.trace(0L, getClass().getName(), "handleX509User", "Guest user migration failed.");
                        ECSystemException eCSystemException6 = new ECSystemException(ECMessage._ERR_CREATE_EXCEPTION, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e6.toString()), e6);
                        ECTrace.exit(0L, getClass().getName(), "handleX509User");
                        throw eCSystemException6;
                    }
                }
                String value = WcsApp.configProperties.getValue(ECMemberConstants.EC_AUTHENTICATION_MODE);
                if (value != null && value.equalsIgnoreCase("LDAP")) {
                    try {
                        new UserManageBean().findByDN(new StringBuffer().append("cn=").append(commonName).append(",o=").append(organization2).toString());
                        ECTrace.trace(0L, getClass().getName(), "handleX509User", "LDAP Synchronization Successful.");
                    } catch (CreateException e7) {
                        ECSystemException eCSystemException7 = new ECSystemException(ECMessage._ERR_CREATE_EXCEPTION, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e7.toString()), e7);
                        ECTrace.exit(0L, getClass().getName(), "handleX509User");
                        throw eCSystemException7;
                    } catch (FinderException e8) {
                        ECSystemException eCSystemException8 = new ECSystemException(ECMessage._ERR_FINDER_EXCEPTION, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e8.toString()), e8);
                        ECTrace.exit(0L, getClass().getName(), "handleX509User");
                        throw eCSystemException8;
                    } catch (Exception e9) {
                        ECTrace.exit(0L, getClass().getName(), "handleX509User", new StringBuffer("LDAP Synchronziation failed: ").append(e9.toString()).toString());
                        return null;
                    } catch (RemoteException e10) {
                        ECSystemException eCSystemException9 = new ECSystemException(ECMessage._ERR_REMOTE_EXCEPTION, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e10.toString()), e10);
                        ECTrace.exit(0L, getClass().getName(), "handleX509User");
                        throw eCSystemException9;
                    } catch (NamingException e11) {
                        ECSystemException eCSystemException10 = new ECSystemException(ECMessage._ERR_GENERIC, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e11.toString()), e11);
                        ECTrace.exit(0L, getClass().getName(), "handleX509User");
                        throw eCSystemException10;
                    }
                }
                ECTrace.exit(0L, getClass().getName(), "handleX509User");
                return l2;
            } catch (CreateException e12) {
                ECSystemException eCSystemException11 = new ECSystemException(ECMessage._ERR_CREATE_EXCEPTION, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e12.toString()), e12);
                ECTrace.exit(0L, getClass().getName(), "handleX509User");
                throw eCSystemException11;
            } catch (FinderException e13) {
                ECSystemException eCSystemException12 = new ECSystemException(ECMessage._ERR_FINDER_EXCEPTION, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e13.toString()), e13);
                ECTrace.exit(0L, getClass().getName(), "handleX509User");
                throw eCSystemException12;
            } catch (RemoteException e14) {
                ECSystemException eCSystemException13 = new ECSystemException(ECMessage._ERR_REMOTE_EXCEPTION, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e14.toString()), e14);
                ECTrace.exit(0L, getClass().getName(), "handleX509User");
                throw eCSystemException13;
            } catch (NamingException e15) {
                ECSystemException eCSystemException14 = new ECSystemException(ECMessage._ERR_GENERIC, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e15.toString()), e15);
                ECTrace.exit(0L, getClass().getName(), "handleX509User");
                throw eCSystemException14;
            }
        }
        try {
            UserAccessBean userAccessBean3 = new UserAccessBean("G");
            userAccessBean3.setRegisterType("R");
            userAccessBean3.setProfileType("C");
            userAccessBean3.commitCopyHelper();
            Long l3 = new Long(userAccessBean3.getUserId());
            UserRegistryAccessBean userRegistryAccessBean = new UserRegistryAccessBean(l3, "WCS_GUEST");
            userRegistryAccessBean.setStatus(new Integer(1));
            userRegistryAccessBean.commitCopyHelper();
            new AddressBookAccessBean(l3);
            AddressAccessBean addressAccessBean = new AddressAccessBean(l3, l3.toString());
            addressAccessBean.setPrimary("1");
            addressAccessBean.setAddressType("R");
            addressAccessBean.setStatus("P");
            addressAccessBean.setSelfAddress(new Integer(1));
            String firstName = x500Name2.getFirstName();
            String lastName = x500Name2.getLastName();
            String middleName = x500Name2.getMiddleName();
            String city = x500Name2.getCity();
            String state = x500Name2.getState();
            String country = x500Name2.getCountry();
            String organization3 = x500Name2.getOrganization();
            if (validateX509Attribute(firstName, 128, true)) {
                addressAccessBean.setFirstName(firstName);
            }
            if (validateX509Attribute(lastName, 128, true)) {
                addressAccessBean.setLastName(lastName);
            }
            if (validateX509Attribute(middleName, 128, true)) {
                addressAccessBean.setMiddleName(middleName);
            }
            if (validateX509Attribute(city, 128, true)) {
                addressAccessBean.setCity(city);
            }
            if (validateX509Attribute(state, 128, true)) {
                addressAccessBean.setState(state);
            }
            if (validateX509Attribute(country, 128, true)) {
                addressAccessBean.setCountry(country);
            }
            if (validateX509Attribute(organization3, 128, true)) {
                addressAccessBean.setOrganizationName(organization3);
            }
            addressAccessBean.commitCopyHelper();
            new UserProfileAccessBean(l3).commitCopyHelper();
            new DemographicsAccessBean(l3).commitCopyHelper();
            String stringBuffer = new StringBuffer().append("cn=").append(commonName).append(",o=").append(organization2).toString();
            userAccessBean3.setDistinguishedName(stringBuffer);
            userAccessBean3.commitCopyHelper();
            CertificateX509AccessBean certificateX509AccessBean2 = new CertificateX509AccessBean(l3, bigInteger, organization, organization2, commonName, "V");
            certificateX509AccessBean2.setRequisitionerIdentifier("unknown");
            certificateX509AccessBean2.commitCopyHelper();
            if (l != null && !ECMemberConstants.EC_DB_GUEST_USER_ID.equalsIgnoreCase(l.toString())) {
                try {
                    MigrateUserEntriesCmd createCommand2 = CommandFactory.createCommand("com.ibm.commerce.security.commands.MigrateUserEntriesCmd", new Integer(0));
                    createCommand2.setOldUser(userAccessBean);
                    createCommand2.setNewUser(userAccessBean3);
                    createCommand2.setCommandContext(new CommandContextImpl());
                    createCommand2.execute();
                } catch (ECException e16) {
                    ECTrace.trace(0L, getClass().getName(), "handleX509User", "Guest user migration failed.");
                    ECSystemException eCSystemException15 = new ECSystemException(ECMessage._ERR_CREATE_EXCEPTION, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e16.toString()), e16);
                    ECTrace.exit(0L, getClass().getName(), "handleX509User");
                    throw eCSystemException15;
                }
            }
            String value2 = WcsApp.configProperties.getValue(ECMemberConstants.EC_AUTHENTICATION_MODE);
            if (value2 != null && value2.equalsIgnoreCase("LDAP")) {
                try {
                    if (stringBuffer.length() > 254) {
                        stringBuffer = stringBuffer.substring(0, PrintObject.ATTR_TIME_END);
                    }
                    userRegistryAccessBean.setLogonId(stringBuffer);
                    userRegistryAccessBean.commitCopyHelper();
                    new ServerJDBCHelperAccessBean().flush();
                    new UserManageBean().findByDN(stringBuffer);
                    ECTrace.trace(0L, getClass().getName(), "handleX509User", "LDAP Synchronization Successful.");
                } catch (CreateException e17) {
                    ECSystemException eCSystemException16 = new ECSystemException(ECMessage._ERR_CREATE_EXCEPTION, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e17.toString()), e17);
                    ECTrace.exit(0L, getClass().getName(), "handleX509User");
                    throw eCSystemException16;
                } catch (FinderException e18) {
                    ECSystemException eCSystemException17 = new ECSystemException(ECMessage._ERR_FINDER_EXCEPTION, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e18.toString()), e18);
                    ECTrace.exit(0L, getClass().getName(), "handleX509User");
                    throw eCSystemException17;
                } catch (Exception e19) {
                    ECTrace.exit(0L, getClass().getName(), "handleX509User", new StringBuffer("LDAP Synchronziation failed: ").append(e19.toString()).toString());
                    return null;
                } catch (NamingException e20) {
                    ECSystemException eCSystemException18 = new ECSystemException(ECMessage._ERR_GENERIC, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e20.toString()), e20);
                    ECTrace.exit(0L, getClass().getName(), "handleX509User");
                    throw eCSystemException18;
                } catch (RemoteException e21) {
                    ECSystemException eCSystemException19 = new ECSystemException(ECMessage._ERR_REMOTE_EXCEPTION, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e21.toString()), e21);
                    ECTrace.exit(0L, getClass().getName(), "handleX509User");
                    throw eCSystemException19;
                }
            }
            return l3;
        } catch (RemoteException e22) {
            ECSystemException eCSystemException20 = new ECSystemException(ECMessage._ERR_REMOTE_EXCEPTION, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e22.toString()), e22);
            ECTrace.exit(0L, getClass().getName(), "handleX509User");
            throw eCSystemException20;
        } catch (NamingException e23) {
            ECSystemException eCSystemException21 = new ECSystemException(ECMessage._ERR_GENERIC, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e23.toString()), e23);
            ECTrace.exit(0L, getClass().getName(), "handleX509User");
            throw eCSystemException21;
        } catch (CreateException e24) {
            ECSystemException eCSystemException22 = new ECSystemException(ECMessage._ERR_CREATE_EXCEPTION, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e24.toString()), e24);
            ECTrace.exit(0L, getClass().getName(), "handleX509User");
            throw eCSystemException22;
        } catch (FinderException e25) {
            ECSystemException eCSystemException23 = new ECSystemException(ECMessage._ERR_FINDER_EXCEPTION, getClass().getName(), "handleX509User", ECMessageHelper.generateMsgParms(e25.toString()), e25);
            ECTrace.exit(0L, getClass().getName(), "handleX509User");
            throw eCSystemException23;
        }
    }

    public boolean validateX509Attribute(String str, int i, boolean z) throws ECSystemException {
        ECTrace.entry(0L, getClass().getName(), "validateX509Attribute");
        boolean z2 = false;
        if (str != null) {
            if ((str.trim().length() == 0 && !z) || str.trim().length() > i) {
                ECSystemException eCSystemException = new ECSystemException(ECMessage._ERR_INVALID_X509CERT, getClass().getName(), "validateX509Attribute", "X509ErrorView");
                ECTrace.trace(0L, getClass().getName(), "validateX509Attribute", "Invalid Certificate Format.");
                throw eCSystemException;
            }
            z2 = true;
        } else if (!z) {
            ECSystemException eCSystemException2 = new ECSystemException(ECMessage._ERR_INVALID_X509CERT, getClass().getName(), "validateX509Attribute", "X509ErrorView");
            ECTrace.trace(0L, getClass().getName(), "validateX509Attribute", "Invalid Certificate Format.");
            throw eCSystemException2;
        }
        ECTrace.exit(0L, getClass().getName(), "validateX509Attribute");
        return z2;
    }

    public WCUserSession getUserSession() {
        return this.iUserSessionInitial;
    }

    protected int getHierarchyChange() {
        String str;
        String str2;
        Long l = this.ilInitialUserId;
        Long userId = this.iSessionDataCurrent.getUserId();
        int i = 0;
        try {
            UserAccessBean userAccessBean = new UserAccessBean();
            userAccessBean.setInitKey_MemberId(l.toString());
            str2 = userAccessBean.getRegisterType();
            UserAccessBean userAccessBean2 = new UserAccessBean();
            userAccessBean2.setInitKey_MemberId(userId.toString());
            str = userAccessBean2.getRegisterType();
        } catch (Exception e) {
            str = null;
            str2 = null;
        }
        if (str2 != null && str != null) {
            i = (!str2.equals(str) || l.longValue() * userId.longValue() <= 0) ? str2.equals(str) ? userId.longValue() < 0 ? -1 : 1 : !str.equals("G") ? 1 : -1 : 0;
        }
        return i;
    }
}
