package org.apache.shiro.biz.web.filter;

import java.io.Serializable;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.apache.shiro.web.util.WebUtils;

/* loaded from: input_file:org/apache/shiro/biz/web/filter/HttpServletSessionControlFilter.class */
public abstract class HttpServletSessionControlFilter extends AccessControlFilter {
    private static final String DEFAULT_SESSION_CONTROL_CACHE_NAME = "ZFTAL_SHIRO_SESSION_CONTROL_CACHE";
    protected Cache<String, Map<Serializable, SessionControl>> sessionControlCache;
    protected CacheManager cacheManager;
    protected String sessionControlCacheName = DEFAULT_SESSION_CONTROL_CACHE_NAME;

    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) throws Exception {
        return !getSubject(servletRequest, servletResponse).isAuthenticated();
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        if (this.cacheManager == null) {
            throw new AuthenticationException("cacheManage must be set for this filter");
        }
        if (this.sessionControlCache == null) {
            this.sessionControlCache = this.cacheManager.getCache(getSessionControlCacheName());
        }
        Subject subject = getSubject(servletRequest, servletResponse);
        Serializable id = subject.getSession().getId();
        SessionControl sessionControl = new SessionControl(id, SessionControl.STATE_VALID);
        Map map = (Map) this.sessionControlCache.get(getSessionControlCacheKey(subject.getPrincipal()));
        if (map == null || map.isEmpty()) {
            Hashtable hashtable = new Hashtable();
            hashtable.put(id, sessionControl);
            this.sessionControlCache.put(getSessionControlCacheKey(subject.getPrincipal()), hashtable);
            return true;
        }
        if (!map.containsKey(id)) {
            Iterator it = map.keySet().iterator();
            while (it.hasNext()) {
                ((SessionControl) map.get(it.next())).setState(SessionControl.STATE_INVALID);
            }
            map.put(id, sessionControl);
            return true;
        }
        SessionControl sessionControl2 = (SessionControl) map.get(id);
        if (sessionControl2 != null && !SessionControl.STATE_INVALID.equals(sessionControl2.getState())) {
            return true;
        }
        try {
            map.remove(id);
            subject.logout();
        } catch (Exception e) {
        }
        saveRequest(servletRequest);
        WebUtils.issueRedirect(servletRequest, servletResponse, getLoginUrl());
        return false;
    }

    protected abstract String getSessionControlCacheKey(Object obj);

    public void setCacheManager(CacheManager cacheManager) {
        this.cacheManager = cacheManager;
    }

    public CacheManager getCacheManager() {
        return this.cacheManager;
    }

    public String getSessionControlCacheName() {
        return this.sessionControlCacheName;
    }

    public void setSessionControlCacheName(String str) {
        this.sessionControlCacheName = str;
    }
}
