package com.sun.enterprise.security;

import com.sun.enterprise.deployment.Application;
import com.sun.enterprise.deployment.EjbBundleDescriptor;
import com.sun.enterprise.deployment.WebBundleDescriptor;
import com.sun.enterprise.security.util.IASSecurityException;
import com.sun.enterprise.security.web.integration.WebSecurityManager;
import com.sun.enterprise.security.web.integration.WebSecurityManagerFactory;
import com.sun.logging.LogDomains;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.jacc.PolicyContextException;
import org.glassfish.api.deployment.DeploymentContext;
import org.glassfish.api.deployment.MetaData;
import org.glassfish.api.deployment.OpsParams;
import org.glassfish.api.event.EventListener;
import org.glassfish.api.event.EventTypes;
import org.glassfish.api.event.Events;
import org.glassfish.api.invocation.RegisteredComponentInvocationHandler;
import org.glassfish.deployment.common.DeploymentException;
import org.glassfish.deployment.common.DummyApplication;
import org.glassfish.deployment.common.SimpleDeployer;
import org.glassfish.internal.api.ServerContext;
import org.glassfish.internal.data.ApplicationInfo;
import org.glassfish.internal.data.ModuleInfo;
import org.glassfish.internal.deployment.Deployment;
import org.jvnet.hk2.annotations.Inject;
import org.jvnet.hk2.annotations.Service;
import org.jvnet.hk2.component.Habitat;
import org.jvnet.hk2.component.PostConstruct;

@Service(name = "Security")
/* loaded from: input_file:com/sun/enterprise/security/SecurityDeployer.class */
public class SecurityDeployer extends SimpleDeployer<SecurityContainer, DummyApplication> implements PostConstruct {

    @Inject
    private ServerContext serverContext;

    @Inject
    private Habitat habitat;

    @Inject
    private WebSecurityManagerFactory wsmf;
    private EventListener listener = null;
    private static final Logger _logger = LogDomains.getLogger(SecurityDeployer.class, LogDomains.SECURITY_LOGGER);
    private static WebSecurityDeployerProbeProvider websecurityProbeProvider = new WebSecurityDeployerProbeProvider();
    private static EjbSecurityPolicyProbeProvider ejbProbeProvider = new EjbSecurityPolicyProbeProvider();

    /* loaded from: input_file:com/sun/enterprise/security/SecurityDeployer$AppDeployEventListener.class */
    private class AppDeployEventListener implements EventListener {
        private AppDeployEventListener() {
        }

        @Override // org.glassfish.api.event.EventListener
        public void event(EventListener.Event event) {
            RegisteredComponentInvocationHandler registeredComponentInvocationHandler;
            if (Deployment.MODULE_LOADED.equals(event.type())) {
                ModuleInfo moduleInfo = (ModuleInfo) event.hook();
                if (moduleInfo instanceof ApplicationInfo) {
                    return;
                }
                SecurityDeployer.this.loadPolicy((WebBundleDescriptor) moduleInfo.getMetaData(WebBundleDescriptor.class), false);
                return;
            }
            if (!Deployment.APPLICATION_LOADED.equals(event.type())) {
                if (WebBundleDescriptor.AFTER_SERVLET_CONTEXT_INITIALIZED_EVENT.equals(event.type())) {
                    SecurityDeployer.this.commitPolicy((WebBundleDescriptor) event.hook());
                    return;
                }
                return;
            }
            Application application = (Application) ((ApplicationInfo) event.hook()).getMetaData(Application.class);
            if (application == null) {
                return;
            }
            Set<WebBundleDescriptor> webBundleDescriptors = application.getWebBundleDescriptors();
            SecurityDeployer.this.linkPolicies(application, webBundleDescriptors);
            SecurityDeployer.this.commitEjbs(application);
            if (webBundleDescriptors == null || webBundleDescriptors.isEmpty() || (registeredComponentInvocationHandler = (RegisteredComponentInvocationHandler) SecurityDeployer.this.habitat.getComponent(RegisteredComponentInvocationHandler.class, "webSecurityCIH")) == null) {
                return;
            }
            registeredComponentInvocationHandler.register();
        }
    }

    @Override // org.glassfish.deployment.common.SimpleDeployer
    protected void generateArtifacts(DeploymentContext deploymentContext) throws DeploymentException {
        OpsParams commandParameters = deploymentContext.getCommandParameters(OpsParams.class);
        if (commandParameters.origin != OpsParams.Origin.deploy) {
            return;
        }
        String name = commandParameters.name();
        try {
            Set<WebBundleDescriptor> webBundleDescriptors = ((Application) deploymentContext.getModuleMetaData(Application.class)).getWebBundleDescriptors();
            if (webBundleDescriptors == null) {
                return;
            }
            Iterator<WebBundleDescriptor> it = webBundleDescriptors.iterator();
            while (it.hasNext()) {
                loadPolicy(it.next(), false);
            }
        } catch (Exception e) {
            throw new DeploymentException("Error in generating security policy for " + name, e);
        }
    }

    @Override // org.glassfish.deployment.common.SimpleDeployer
    protected void cleanArtifacts(DeploymentContext deploymentContext) throws DeploymentException {
        removePolicy(deploymentContext);
        SecurityUtil.removeRoleMapper(deploymentContext);
    }

    @Override // org.glassfish.deployment.common.SimpleDeployer, org.glassfish.api.deployment.Deployer
    public DummyApplication load(SecurityContainer securityContainer, DeploymentContext deploymentContext) {
        return new DummyApplication();
    }

    @Override // org.glassfish.deployment.common.SimpleDeployer, org.glassfish.api.deployment.Deployer
    public void unload(DummyApplication dummyApplication, DeploymentContext deploymentContext) {
        cleanSecurityContext(deploymentContext.getCommandParameters(OpsParams.class).name());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void loadPolicy(WebBundleDescriptor webBundleDescriptor, boolean z) throws DeploymentException {
        if (webBundleDescriptor != null) {
            if (z) {
                try {
                    WebSecurityManager manager = this.wsmf.getManager(SecurityUtil.getContextID(webBundleDescriptor), null, true);
                    if (manager != null) {
                        manager.release();
                    }
                } catch (Exception e) {
                    throw new DeploymentException("Error in generating security policy for " + webBundleDescriptor.getModuleDescriptor().getModuleName(), e);
                }
            }
            this.wsmf.createManager(webBundleDescriptor, true, this.serverContext);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void commitPolicy(WebBundleDescriptor webBundleDescriptor) throws DeploymentException {
        if (webBundleDescriptor != null) {
            try {
                if (webBundleDescriptor.isPolicyModified()) {
                    loadPolicy(webBundleDescriptor, true);
                }
                String contextID = SecurityUtil.getContextID(webBundleDescriptor);
                websecurityProbeProvider.policyCreationStartedEvent(contextID);
                SecurityUtil.generatePolicyFile(contextID);
                websecurityProbeProvider.policyCreationEndedEvent(contextID);
                websecurityProbeProvider.policyCreationEvent(contextID);
            } catch (Exception e) {
                throw new DeploymentException("Error in generating security policy for " + webBundleDescriptor.getModuleDescriptor().getModuleName(), e);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void commitEjbs(Application application) throws DeploymentException {
        try {
            Iterator<EjbBundleDescriptor> it = application.getEjbBundleDescriptors().iterator();
            while (it.hasNext()) {
                String contextID = SecurityUtil.getContextID(it.next());
                ejbProbeProvider.policyCreationStartedEvent(contextID);
                SecurityUtil.generatePolicyFile(contextID);
                ejbProbeProvider.policyCreationEndedEvent(contextID);
                ejbProbeProvider.policyCreationEvent(contextID);
            }
        } catch (Exception e) {
            throw new DeploymentException("Error in committing security policy for ejbs of " + application.getRegistrationName(), e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void linkPolicies(Application application, Collection<WebBundleDescriptor> collection) throws DeploymentException {
        try {
            String str = null;
            boolean z = false;
            Iterator<WebBundleDescriptor> it = collection.iterator();
            while (it.hasNext()) {
                String contextID = SecurityUtil.getContextID(it.next());
                z = SecurityUtil.linkPolicyFile(contextID, str, z);
                str = contextID;
            }
            Iterator<EjbBundleDescriptor> it2 = application.getEjbBundleDescriptors().iterator();
            while (it2.hasNext()) {
                String contextID2 = SecurityUtil.getContextID(it2.next());
                z = SecurityUtil.linkPolicyFile(contextID2, str, z);
                str = contextID2;
            }
        } catch (IASSecurityException e) {
            throw new DeploymentException("Error in linking security policy for " + application.getRegistrationName(), e);
        }
    }

    private void removePolicy(DeploymentContext deploymentContext) throws DeploymentException {
        OpsParams commandParameters = deploymentContext.getCommandParameters(OpsParams.class);
        if (commandParameters.origin == OpsParams.Origin.undeploy || commandParameters.origin == OpsParams.Origin.deploy) {
            String name = commandParameters.name();
            try {
                String[] contextsForApp = this.wsmf.getContextsForApp(name, false);
                if (contextsForApp != null) {
                    for (int i = 0; i < contextsForApp.length; i++) {
                        if (contextsForApp[i] != null) {
                            websecurityProbeProvider.policyDestructionStartedEvent(contextsForApp[i]);
                            SecurityUtil.removePolicy(contextsForApp[i]);
                            websecurityProbeProvider.policyDestructionEndedEvent(contextsForApp[i]);
                            websecurityProbeProvider.policyDestructionEvent(contextsForApp[i]);
                        }
                    }
                }
                cleanSecurityContext(name);
            } catch (IASSecurityException e) {
                String str = "Error in removing security policy for " + name;
                _logger.log(Level.WARNING, str, (Throwable) e);
                throw new DeploymentException(str, e);
            }
        }
    }

    @Override // org.glassfish.deployment.common.SimpleDeployer, org.glassfish.api.deployment.Deployer
    public MetaData getMetaData() {
        return new MetaData(false, null, new Class[]{Application.class});
    }

    private boolean cleanSecurityContext(String str) {
        boolean z = false;
        ArrayList<WebSecurityManager> managersForApp = this.wsmf.getManagersForApp(str, false);
        for (int i = 0; managersForApp != null && i < managersForApp.size(); i++) {
            try {
                websecurityProbeProvider.securityManagerDestructionStartedEvent(str);
                managersForApp.get(i).destroy();
                websecurityProbeProvider.securityManagerDestructionEndedEvent(str);
                websecurityProbeProvider.securityManagerDestructionEvent(str);
                z = true;
            } catch (PolicyContextException e) {
                _logger.log(Level.WARNING, "Unable to destroy WebSecurityManager", (Throwable) e);
            }
        }
        return z;
    }

    public static List<EventTypes> getDeploymentEvents() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(Deployment.APPLICATION_PREPARED);
        return arrayList;
    }

    @Override // org.jvnet.hk2.component.PostConstruct
    public void postConstruct() {
        this.listener = new AppDeployEventListener();
        ((Events) this.habitat.getByContract(Events.class)).register(this.listener);
    }
}
