package com.ibm.ISecurityLocalObjectBaseL13Impl;

import com.ibm.CORBA.iiop.ORB;
import com.ibm.ISecurityL13SupportImpl.LoginPanel;
import com.ibm.ISecurityL13SupportImpl.SecurityMessages;
import com.ibm.ISecurityUtilityImpl.KeyFile;
import com.ibm.ISecurityUtilityImpl.KeyFileEntry;
import com.ibm.ISecurityUtilityImpl.RealmSecurityName;
import com.ibm.ISecurityUtilityImpl.SourceLocation;
import com.ibm.ISecurityUtilityImpl.StdinLoginPrompt;
import com.ibm.ISecurityUtilityImpl.StringBytesConversion;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ffdc.Manager;
import com.ibm.websphere.security.WebSphereRuntimePermission;
import com.ibm.websphere.security.auth.WSLoginFailedException;
import com.ibm.websphere.security.auth.callback.NonPromptCallbackHandler;
import com.ibm.websphere.security.auth.callback.WSCcacheCallBackHandlerImpl;
import com.ibm.websphere.security.auth.callback.WSGUICallbackHandlerImpl;
import com.ibm.websphere.security.auth.callback.WSStdinCallbackHandlerImpl;
import com.ibm.ws.security.auth.SubjectHelper;
import com.ibm.ws.security.config.AdminData;
import com.ibm.ws.security.config.CSIv2Config;
import com.ibm.ws.security.config.SecurityObjectLocator;
import com.ibm.ws.security.core.ContextManager;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.util.PlatformHelperFactory;
import com.ibm.ws.util.StringUtils;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.security.AccessController;
import java.security.PrivilegedAction;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.swing.JFrame;
import org.omg.CORBA.NO_MEMORY;

/* loaded from: input_file:WEB-INF/lib/admin-8.5.0.jar:com/ibm/ISecurityLocalObjectBaseL13Impl/LoginHelperImpl.class */
public class LoginHelperImpl {
    private VaultImpl _vault;
    private ORB _orb;
    private int _loginSource;
    private int _loginTimeout;
    private int _authenticationTarget;
    private String _loginModule;
    private String r_name;
    private String s_name;
    private String p_name;
    private String p_word;
    private byte[] a_data;
    private boolean isBasicAuth;
    private int result;
    private static KeyFile _keyFile = null;
    private static int stdinRetry = 0;
    private static final WebSphereRuntimePermission perm = new WebSphereRuntimePermission("SecOwnCredentials");
    private static final TraceComponent tc = Tr.register((Class<?>) LoginHelperImpl.class, "SASRas", "com.ibm.ISecurityL13SupportImpl.sec");

    protected LoginHelperImpl() {
        this._vault = null;
        this._orb = null;
        this._authenticationTarget = 0;
        this._loginModule = null;
        this.r_name = null;
        this.s_name = null;
        this.p_name = null;
        this.p_word = null;
        this.a_data = null;
        this.isBasicAuth = false;
        this.result = 0;
    }

    public LoginHelperImpl(ORB orb) {
        this._vault = null;
        this._orb = null;
        this._authenticationTarget = 0;
        this._loginModule = null;
        this.r_name = null;
        this.s_name = null;
        this.p_name = null;
        this.p_word = null;
        this.a_data = null;
        this.isBasicAuth = false;
        this.result = 0;
        CSIv2Config cSIv2Config = SecurityObjectLocator.getCSIv2Config();
        if (orb == null) {
            this._loginSource = cSIv2Config.getInteger(CSIv2Config.DEFAULT_LOGIN_SOURCE);
            this._loginTimeout = cSIv2Config.getInteger(CSIv2Config.DEFAULT_LOGIN_TIMEOUT);
            return;
        }
        this._vault = VaultImpl.getInstance();
        this._orb = orb;
        this._loginSource = cSIv2Config.getInteger("com.ibm.CORBA.loginSource");
        this._loginTimeout = cSIv2Config.getInteger("com.ibm.CORBA.loginTimeout");
        this._authenticationTarget = cSIv2Config.getInteger("com.ibm.CORBA.authenticationTarget");
        try {
            if (this._authenticationTarget == 6) {
                setKrbConfigProp(cSIv2Config.getString(CSIv2Config.KERBEROS_CONFIG_FILE));
                this._loginModule = "WSKRB5Login";
                this.isBasicAuth = false;
            } else {
                if (this._authenticationTarget != 4) {
                    throw new Exception("The value of com.ibm.CORBA.authenticationTarget property in sas.client.props file is either null or not supported");
                }
                this._loginModule = "WSLogin";
                this.isBasicAuth = true;
            }
            _keyFile = getKeyFileObject();
        } catch (Exception e) {
            Manager.Ffdc.log(e, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.LoginHelperImpl.LoginHelperImpl", "194", this);
            Tr.debug(tc, e.getMessage(), new Object[]{e});
        }
    }

    private void getEnvironmentLogin() {
    }

    private String getHostName() {
        String str;
        try {
            str = this._orb.getLocalHost();
        } catch (Exception e) {
            Manager.Ffdc.log(e, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.LoginHelperImpl.getHostName", "239", this);
            str = null;
        }
        if (str == null || str.length() == 0) {
            str = "localHost";
        }
        return str;
    }

    private void getKeyFileLogin() {
        CSIv2Config cSIv2Config = SecurityObjectLocator.getCSIv2Config();
        if (this.p_name == null) {
            this.p_name = cSIv2Config.getString("com.ibm.CORBA.principalName");
            this.p_name = RealmSecurityName.getRealmSecurityName(this.p_name);
            this.s_name = RealmSecurityName.getSecurityName(this.p_name);
            this.r_name = RealmSecurityName.getRealm(this.p_name);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Getting login information from key-file for " + this.p_name);
        }
        if (_keyFile == null) {
            _keyFile = new KeyFile(cSIv2Config.getString("com.ibm.CORBA.keyFileName"));
        }
        KeyFileEntry find = _keyFile.find(this.r_name, this.s_name);
        if (find == null) {
            this.p_word = null;
            Tr.audit(tc, SecurityMessages.getMsgOrUseDefault("JSAS0454A", "JSAS0454A: The indicated entry was not found in the key file."));
            return;
        }
        this.p_name = find.getUserid();
        this.p_word = find.getPassword();
        this.p_name = RealmSecurityName.getRealmSecurityName(this.r_name, this.p_name);
        this.s_name = RealmSecurityName.getSecurityName(this.p_name);
        this.r_name = RealmSecurityName.getRealm(this.p_name);
    }

    public KeyFile getKeyFileObject() {
        String string = SecurityObjectLocator.getCSIv2Config().getString("com.ibm.CORBA.keyFileName");
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Getting an authentication key file object.");
        }
        if (_keyFile == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Authentication key file is: " + string);
            }
            _keyFile = new KeyFile(string);
        }
        if (_keyFile.isEmpty()) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Returning authentication key file object is empty.");
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Returning authentication key file object is initialized.");
        }
        return _keyFile;
    }

    private void getPropertiesLogin() {
        CSIv2Config cSIv2Config = SecurityObjectLocator.getCSIv2Config();
        if (this.r_name == null || this.r_name.length() <= 0 || !cSIv2Config.getBoolean(CSIv2Config.MULTI_REALM_LOGIN_ENABLED)) {
            this.p_name = cSIv2Config.getString("com.ibm.CORBA.loginUserid");
            this.p_word = cSIv2Config.getString("com.ibm.CORBA.loginPassword");
        } else {
            this.p_name = cSIv2Config.getloginUserid(this.r_name);
            this.p_word = cSIv2Config.getloginPassword(this.r_name);
        }
        this.p_name = RealmSecurityName.getRealmSecurityName(this.p_name);
        this.s_name = RealmSecurityName.getSecurityName(this.p_name);
    }

    private void getStdInLogin() {
        try {
            if (stdinRetry < 1) {
                if (this.r_name.length() > 0) {
                    System.out.println(SecurityMessages.getMsgOrUseDefault("RealmName", "Realm (Cell) Name") + ": " + this.r_name);
                }
                String[] uidAndPassword = new StdinLoginPrompt().getUidAndPassword();
                if (uidAndPassword != null) {
                    this.p_word = uidAndPassword[1];
                    this.p_name = RealmSecurityName.getRealmSecurityName(uidAndPassword[0]);
                    this.s_name = RealmSecurityName.getSecurityName(uidAndPassword[0]);
                    if (this.r_name.length() == 0) {
                        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(System.in));
                        System.out.print(SecurityMessages.getMsgOrUseDefault("RealmName", "Realm (Cell) Name") + ": ");
                        this.r_name = bufferedReader.readLine().trim();
                        if (this.r_name.length() == 0) {
                            this.r_name = getHostName();
                        }
                        this.p_name = RealmSecurityName.getRealmSecurityName(this.r_name, this.s_name);
                    }
                    stdinRetry = 0;
                } else {
                    stdinRetry++;
                    this.r_name = null;
                    this.s_name = null;
                    this.p_name = null;
                    this.p_word = null;
                }
            } else {
                stdinRetry = 0;
                this.r_name = null;
                this.s_name = null;
                this.p_name = null;
                this.p_word = null;
            }
        } catch (IOException e) {
            Manager.Ffdc.log(e, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.LoginHelperImpl.getStdInLogin", "414", this);
            System.out.println("unable to get system input stream");
        }
    }

    private synchronized boolean getPromptLogin() {
        boolean z = false;
        boolean z2 = false;
        while (!z) {
            JFrame jFrame = new JFrame();
            LoginPanel loginPanel = new LoginPanel(this.s_name, this.r_name, this.p_word, this._loginTimeout, jFrame);
            this.result = loginPanel.showPanel();
            if (this.result == 2) {
                String id = loginPanel.getId();
                if (id == null || id.length() <= 0) {
                    this.s_name = "";
                    this.r_name = "";
                    this.p_name = "";
                    this.p_word = "";
                } else {
                    this.s_name = new String(id.trim());
                    if (this.s_name == null || this.s_name.length() <= 0) {
                        this.r_name = "";
                        this.p_name = "";
                        this.p_word = "";
                    } else {
                        String cell = loginPanel.getCell();
                        if (cell == null || cell.length() <= 0) {
                            this.r_name = "";
                        } else {
                            this.r_name = new String(cell.trim());
                        }
                        this.p_name = RealmSecurityName.getRealmSecurityName(this.r_name, this.s_name);
                        String password = loginPanel.getPassword();
                        if (password == null || password.length() <= 0) {
                            this.p_word = "";
                        } else {
                            this.p_word = new String(password);
                        }
                        loginPanel.dispose();
                        loginPanel = null;
                        z = true;
                    }
                }
                if (!z) {
                    loginPanel.dispose();
                    z = true;
                }
            } else {
                z2 = true;
                loginPanel.dispose();
                this.r_name = null;
                this.s_name = null;
                this.p_name = null;
                this.p_word = null;
                z = true;
            }
            if (jFrame != null) {
                jFrame.dispose();
            }
        }
        return !z2;
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Failed to find 'out' block for switch in B:139:0x022b. Please report as an issue. */
    public synchronized Subject request_login_controlled(String str, String str2, String str3, byte[] bArr, boolean z) throws WSLoginFailedException {
        SecurityManager securityManager;
        if (str != null) {
            str = str.trim();
        }
        if (str3 != null && !PlatformHelperFactory.getPlatformHelper().isZOS()) {
            str3 = str3.trim();
        }
        if ((str == null || str.equals("") || str3 == null || str3.equals("")) && (securityManager = System.getSecurityManager()) != null) {
            Tr.debug(tc, "Performing Java 2 Security Permission Check ...Expecting : " + perm.toString());
            securityManager.checkPermission(perm);
        }
        boolean z2 = false;
        Subject subject = null;
        ContextManager contextManagerFactory = ContextManagerFactory.getInstance();
        this.r_name = null;
        this.s_name = null;
        this.p_name = null;
        this.p_word = null;
        this.a_data = null;
        if (bArr == null) {
            if (str != null) {
                this.s_name = new String(str.trim());
                if (this.s_name == null) {
                    throw new NO_MEMORY();
                }
            }
            if (str2 != null) {
                this.r_name = new String(str2.trim());
                if (this.r_name == null) {
                    throw new NO_MEMORY();
                }
            }
            if (str3 != null) {
                this.p_word = new String(str3);
                if (this.p_word == null) {
                    throw new NO_MEMORY();
                }
            }
            if (this.s_name == null && this.p_word == null) {
                String property = this._orb.getProperty("com.ibm.CORBA.BVTestPrincipalName");
                if (property != null && property.length() > 0) {
                    this.s_name = new String(RealmSecurityName.getSecurityName(property));
                    if (this.s_name == null) {
                        throw new NO_MEMORY();
                    }
                    this.r_name = new String(RealmSecurityName.getRealm(property));
                    if (this.r_name == null) {
                        throw new NO_MEMORY();
                    }
                }
                String property2 = this._orb.getProperty("com.ibm.CORBA.BVTestPassword");
                if (property2 != null && property2.length() > 0) {
                    this.p_word = new String(property2);
                    if (this.p_word == null) {
                        throw new NO_MEMORY();
                    }
                }
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "s_name: " + this.s_name + ", p_word: " + StringUtils.mask(this.p_word) + ", r_name: " + this.r_name);
            }
            if (this.s_name == null || this.s_name.length() == 0 || this.p_word == null || this.p_word.length() == 0) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Login source is " + SourceLocation.strings.get(new Integer(this._loginSource)) + ".");
                }
                switch (this._loginSource) {
                    case 1:
                        if (this.isBasicAuth) {
                            try {
                                if (!getPromptLogin() || (this.s_name != null && this.s_name.length() != 0 && this.p_word != null && this.p_word.length() != 0)) {
                                    break;
                                } else {
                                    throw new WSLoginFailedException("username and/or password is null");
                                }
                            } catch (WSLoginFailedException e) {
                                throw e;
                            } catch (Throwable th) {
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "Error occurred with GUI prompt, logging in with console prompt.");
                                }
                                getStdInLogin();
                                break;
                            }
                        } else {
                            this._vault.getCurrent().setAllowUnauthCredForAuthenticate(true);
                            try {
                                z2 = true;
                                try {
                                    try {
                                        new JFrame();
                                        LoginContext loginContext = new LoginContext(this._loginModule, new WSGUICallbackHandlerImpl(this.r_name));
                                        loginContext.login();
                                        subject = loginContext.getSubject();
                                    } catch (SecurityException e2) {
                                        Manager.Ffdc.log(e2, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.loginHelper.request_login_controlled", "731", this);
                                        if (tc.isDebugEnabled()) {
                                            Tr.debug(tc, e2.getMessage(), new Object[]{e2});
                                        }
                                        throw new WSLoginFailedException(e2.getMessage(), e2);
                                    } catch (LoginException e3) {
                                        Manager.Ffdc.log(e3, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.loginHelper.request_login_controlled", "723", this);
                                        if (tc.isDebugEnabled()) {
                                            Tr.debug(tc, e3.getMessage(), new Object[]{e3});
                                        }
                                        if (e3 instanceof WSLoginFailedException) {
                                            throw ((WSLoginFailedException) e3);
                                        }
                                        throw new WSLoginFailedException(e3.getMessage(), e3);
                                    }
                                } catch (WSLoginFailedException e4) {
                                    Manager.Ffdc.log(e4, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.loginHelper.request_login_controlled", "702", this);
                                    if (tc.isDebugEnabled()) {
                                        Tr.debug(tc, e4.getMessage(), new Object[]{e4});
                                    }
                                    throw e4;
                                } catch (LoginException e5) {
                                    Manager.Ffdc.log(e5, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.loginHelper.request_login_controlled", "707", this);
                                    if (tc.isDebugEnabled()) {
                                        Tr.debug(tc, e5.getMessage(), new Object[]{e5});
                                    }
                                    if (e5 instanceof WSLoginFailedException) {
                                        throw ((WSLoginFailedException) e5);
                                    }
                                    throw new WSLoginFailedException(e5.getMessage(), e5);
                                } catch (Throwable th2) {
                                    LoginContext loginContext2 = new LoginContext(this._loginModule, new WSStdinCallbackHandlerImpl(this.r_name));
                                    loginContext2.login();
                                    subject = loginContext2.getSubject();
                                }
                                break;
                            } finally {
                            }
                        }
                        break;
                    case 3:
                        getKeyFileLogin();
                        break;
                    case 4:
                        getEnvironmentLogin();
                        break;
                    case 5:
                        getPropertiesLogin();
                        break;
                    case 6:
                        if (this.isBasicAuth) {
                            getStdInLogin();
                            break;
                        } else {
                            try {
                                z2 = true;
                                LoginContext loginContext3 = new LoginContext(this._loginModule, new WSStdinCallbackHandlerImpl(this.r_name));
                                loginContext3.login();
                                subject = loginContext3.getSubject();
                                break;
                            } catch (WSLoginFailedException e6) {
                                Manager.Ffdc.log(e6, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.loginHelper.request_login_controlled", "761", this);
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, e6.getMessage(), new Object[]{e6});
                                }
                                throw e6;
                            } catch (LoginException e7) {
                                Manager.Ffdc.log(e7, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.loginHelper.request_login_controlled", "766", this);
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, e7.getMessage(), new Object[]{e7});
                                }
                                if (e7 instanceof WSLoginFailedException) {
                                    throw ((WSLoginFailedException) e7);
                                }
                                throw new WSLoginFailedException(e7.getMessage(), e7);
                            }
                        }
                    case 7:
                        z2 = true;
                        try {
                            subject = krb5CcacheLogin();
                            break;
                        } catch (WSLoginFailedException e8) {
                            throw e8;
                        }
                    case 8:
                        z2 = true;
                        try {
                            try {
                                subject = krb5CcacheLogin();
                            } catch (WSLoginFailedException e9) {
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "Fall back to Prompt login");
                                }
                                try {
                                    new JFrame();
                                    LoginContext loginContext4 = new LoginContext(this._loginModule, new WSGUICallbackHandlerImpl(this.r_name));
                                    loginContext4.login();
                                    subject = loginContext4.getSubject();
                                } catch (WSLoginFailedException e10) {
                                    Manager.Ffdc.log(e10, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.loginHelper.request_login_controlled", "800", this);
                                    if (tc.isDebugEnabled()) {
                                        Tr.debug(tc, e10.getMessage(), new Object[]{e10});
                                    }
                                    throw e10;
                                } catch (LoginException e11) {
                                    Manager.Ffdc.log(e11, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.loginHelper.request_login_controlled", "805", this);
                                    if (tc.isDebugEnabled()) {
                                        Tr.debug(tc, e11.getMessage(), new Object[]{e11});
                                    }
                                    if (e11 instanceof WSLoginFailedException) {
                                        throw ((WSLoginFailedException) e11);
                                    }
                                    throw new WSLoginFailedException(e11.getMessage(), e11);
                                } catch (Throwable th3) {
                                    LoginContext loginContext5 = new LoginContext(this._loginModule, new WSStdinCallbackHandlerImpl(this.r_name));
                                    loginContext5.login();
                                    subject = loginContext5.getSubject();
                                }
                            }
                            break;
                        } catch (SecurityException e12) {
                            Manager.Ffdc.log(e12, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.loginHelper.request_login_controlled", "830", this);
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, e12.getMessage(), new Object[]{e12});
                            }
                            throw new WSLoginFailedException(e12.getMessage(), e12);
                        } catch (LoginException e13) {
                            Manager.Ffdc.log(e13, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.loginHelper.request_login_controlled", "822", this);
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, e13.getMessage(), new Object[]{e13});
                            }
                            if (e13 instanceof WSLoginFailedException) {
                                throw ((WSLoginFailedException) e13);
                            }
                            throw new WSLoginFailedException(e13.getMessage(), e13);
                        }
                    case 9:
                        z2 = true;
                        try {
                            try {
                                subject = krb5CcacheLogin();
                            } catch (WSLoginFailedException e14) {
                                LoginContext loginContext6 = new LoginContext(this._loginModule, new WSStdinCallbackHandlerImpl(this.r_name));
                                loginContext6.login();
                                subject = loginContext6.getSubject();
                            }
                            break;
                        } catch (SecurityException e15) {
                            Manager.Ffdc.log(e15, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.loginHelper.request_login_controlled", "854", this);
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, e15.getMessage(), new Object[]{e15});
                                break;
                            }
                        } catch (LoginException e16) {
                            Manager.Ffdc.log(e16, this, "com.ibm.websphere.management.AdminClientFactory.jaas_login", "847", this);
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, e16.getMessage(), new Object[]{e16});
                            }
                            if (e16 instanceof WSLoginFailedException) {
                                throw ((WSLoginFailedException) e16);
                            }
                            throw new WSLoginFailedException(e16.getMessage(), e16);
                        }
                        break;
                    case 10:
                        z2 = true;
                        try {
                            try {
                                subject = krb5CcacheLogin();
                            } catch (WSLoginFailedException e17) {
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "Fall back to Properties login");
                                }
                                getPropertiesLogin();
                                LoginContext loginContext7 = new LoginContext(this._loginModule, new NonPromptCallbackHandler(this.r_name, this.s_name, this.p_word));
                                loginContext7.login();
                                subject = loginContext7.getSubject();
                            }
                            break;
                        } catch (SecurityException e18) {
                            Manager.Ffdc.log(e18, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.loginHelper.request_login_controlled", "880", this);
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, e18.getMessage(), new Object[]{e18});
                            }
                            throw new WSLoginFailedException(e18.getMessage(), e18);
                        } catch (LoginException e19) {
                            Manager.Ffdc.log(e19, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.loginHelper.request_login_controlled", "872", this);
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, e19.getMessage(), new Object[]{e19});
                            }
                            if (e19 instanceof WSLoginFailedException) {
                                throw ((WSLoginFailedException) e19);
                            }
                            throw new WSLoginFailedException(e19.getMessage(), e19);
                        }
                    case 11:
                        if (this.s_name == null || this.s_name.length() == 0 || this.p_word == null || this.p_word.length() == 0) {
                            return SubjectHelper.createUnauthenticatedSubject();
                        }
                        break;
                }
            }
            this.p_name = RealmSecurityName.getRealmSecurityName(this.r_name, this.s_name);
            this.a_data = StringBytesConversion.getConvertedBytes(this.p_word);
        } else {
            this.a_data = bArr;
        }
        if (this.result == 3) {
            return SubjectHelper.createUnauthenticatedSubject();
        }
        if ((this.a_data == null || this.a_data.length == 0) && !z2) {
            Tr.audit(tc, SecurityMessages.getMsgOrUseDefault("JSAS0455A", "JSAS0455A: Unable to login principal, invalid authentication information."));
            throw new WSLoginFailedException(SecurityMessages.getMsgOrUseDefault("JSAS0455A", "JSAS0455A: Unable to login principal, invalid authentication information."));
        }
        this._vault.getCurrent().setAllowUnauthCredForAuthenticate(true);
        try {
            if (!z2) {
                try {
                    if (bArr != null) {
                        subject = contextManagerFactory.login(this.r_name, this.a_data);
                    } else if (this.isBasicAuth) {
                        subject = contextManagerFactory.login(this.r_name, this.s_name, this.p_word);
                    } else {
                        LoginContext loginContext8 = new LoginContext(this._loginModule, new NonPromptCallbackHandler(this.r_name, this.s_name, this.p_word));
                        loginContext8.login();
                        subject = loginContext8.getSubject();
                    }
                    this._vault.getCurrent().setAllowUnauthCredForAuthenticate(false);
                } catch (Exception e20) {
                    Manager.Ffdc.log(e20, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.LoginHelperImpl.request_login_controlled", "947", this);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, e20.getMessage(), new Object[]{e20});
                    }
                    if (e20 instanceof WSLoginFailedException) {
                        throw ((WSLoginFailedException) e20);
                    }
                    throw new WSLoginFailedException(e20.getMessage(), e20);
                }
            }
            if (subject == null) {
                Tr.error(tc, "security.JSAS0240E");
                throw new WSLoginFailedException(SecurityMessages.getMsgOrUseDefault("JSAS0240E", "JSAS0240E: Login failed.  Verify the userid/password is correct.  Check the properties file to ensure the login source is valid.  If this error occurs on the server, check the server properties to ensure the principalName has a valid realm and userid."));
            }
            if (z) {
                try {
                    contextManagerFactory.setInvocationSubject(subject);
                } catch (Exception e21) {
                    Manager.Ffdc.log(e21, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.LoginHelperImpl.request_login_controlled", "981", this);
                    Tr.error(tc, "security.JSAS0054E", new Object[]{e21});
                    if (e21 instanceof WSLoginFailedException) {
                        throw ((WSLoginFailedException) e21);
                    }
                    throw new WSLoginFailedException(e21.getMessage(), e21);
                }
            }
            if (!SecurityObjectLocator.getAdminData().getBoolean(AdminData.IS_SERVER_PROCESS)) {
                this._vault.set_default_subject(subject);
            }
            return subject;
        } finally {
            this._vault.getCurrent().setAllowUnauthCredForAuthenticate(false);
        }
    }

    public synchronized Subject krb5CcacheLogin() throws WSLoginFailedException {
        String str = "true";
        new Subject();
        try {
            CSIv2Config cSIv2Config = SecurityObjectLocator.getCSIv2Config();
            String string = cSIv2Config.getString(CSIv2Config.KERBEROS_CACHE_FILE);
            if (string != null && string.length() > 0) {
                str = "false";
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "_krb5Ccache: " + string);
            }
            this.p_name = cSIv2Config.getString("com.ibm.CORBA.loginUserid");
            LoginContext loginContext = new LoginContext(this._loginModule, new WSCcacheCallBackHandlerImpl(this.p_name, this.r_name, string, str));
            loginContext.login();
            return loginContext.getSubject();
        } catch (WSLoginFailedException e) {
            throw e;
        } catch (LoginException e2) {
            Manager.Ffdc.log(e2, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.loginHelper.krb5CcacheLogin", "1027", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, e2.getMessage(), new Object[]{e2});
            }
            if (e2 instanceof WSLoginFailedException) {
                throw ((WSLoginFailedException) e2);
            }
            throw new WSLoginFailedException(e2.getMessage(), e2);
        }
    }

    public static void setKrbConfigProp(final String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setKrbConfigProp");
        }
        if (str != null && str.length() != 0) {
            String str2 = (String) AccessController.doPrivileged(new PrivilegedAction() { // from class: com.ibm.ISecurityLocalObjectBaseL13Impl.LoginHelperImpl.1
                @Override // java.security.PrivilegedAction
                public Object run() {
                    String property = System.getProperty("java.security.krb5.conf");
                    System.setProperty("java.security.krb5.conf", str);
                    return property;
                }
            });
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "java.security.krb5.conf property previous: " + (str2 != null ? str2 : "<null>") + " and now: " + str);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setKrbConfigProp");
        }
    }
}
