package com.ibm.ws.security.spnego;

import com.ibm.ras.RASFormatter;
import com.ibm.websphere.models.config.security.SecurityPackage;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.management.cmdframework.impl.CommandSecurityUtil;
import com.ibm.ws.security.auth.kerberos.Krb5Utils;
import com.ibm.ws.security.config.AuthMechanismConfig;
import com.ibm.ws.security.config.SecurityConfig;
import com.ibm.ws.security.config.SecurityConfigObjectList;
import com.ibm.ws.security.config.SecurityObjectLocator;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.Provider;
import java.security.Security;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Properties;
import java.util.StringTokenizer;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.eclipse.jst.jsp.core.internal.java.JSPTranslator;

/* loaded from: input_file:WEB-INF/lib/admin-8.5.0.jar:com/ibm/ws/security/spnego/AllServerConfigs.class */
public final class AllServerConfigs {
    private int numberOfServers;
    private boolean includePortInSPN;
    private static final String ME = AllServerConfigs.class.getName();
    private static Logger logger = Logger.getLogger(ME, Constants.MSGS_BUNDLE);
    private Hashtable serverConfigs;
    private boolean taiEnabled;
    private boolean reloadEnabled;
    private boolean isProviderConfigured;
    private String useSubjCredsValue;
    private boolean useSubjCredsState;
    private int reloadTimeout;
    private long lastReloadTime;
    private long lastPropFileModifiedTime;
    private String reloadFile;
    private Properties currentProps;
    private static final short STR_LENGTH = 200;
    private boolean taEnabled;
    private boolean dynamicUpdate;
    private boolean spnegoWebEnabled;
    private boolean allowAppAuthMethodFallback;
    private String krb5Config;
    private String krb5Keytab;
    private boolean canonicalSupport;
    private HashMap hostMap;
    private boolean spnegoTAIEnabled;

    private AllServerConfigs() {
        this.includePortInSPN = false;
        this.reloadEnabled = false;
        this.isProviderConfigured = false;
        this.useSubjCredsValue = null;
        this.useSubjCredsState = true;
        this.lastPropFileModifiedTime = 0L;
        this.taEnabled = false;
        this.dynamicUpdate = false;
        this.spnegoWebEnabled = false;
        this.allowAppAuthMethodFallback = false;
        this.krb5Config = null;
        this.krb5Keytab = null;
        this.canonicalSupport = false;
        this.spnegoTAIEnabled = false;
    }

    public AllServerConfigs(Properties properties) throws TAIConfigurationException {
        this.includePortInSPN = false;
        this.reloadEnabled = false;
        this.isProviderConfigured = false;
        this.useSubjCredsValue = null;
        this.useSubjCredsState = true;
        this.lastPropFileModifiedTime = 0L;
        this.taEnabled = false;
        this.dynamicUpdate = false;
        this.spnegoWebEnabled = false;
        this.allowAppAuthMethodFallback = false;
        this.krb5Config = null;
        this.krb5Keytab = null;
        this.canonicalSupport = false;
        this.spnegoTAIEnabled = false;
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(ME, "<constructor> Properties=" + properties);
        }
        long j = 0;
        this.spnegoTAIEnabled = Boolean.getBoolean(Constants.KEY_TAI_ENABLED);
        getSpnegoWebAuth();
        if (this.spnegoWebEnabled && this.spnegoTAIEnabled && this.taEnabled) {
            throw new TAIConfigurationException("com.ibm.ws.security.spnego.isEnabled JVM property is true and SPNEGO web authentication is enabled, no further processing will be done.");
        }
        SecurityConfig securityConfig = SecurityObjectLocator.getSecurityConfig();
        Boolean valueOf = Boolean.valueOf(securityConfig.getPropertyBool(SecurityConfig.CANONICAL_HOST));
        if (valueOf != null) {
            this.canonicalSupport = valueOf.booleanValue();
            this.hostMap = new HashMap();
            if (logger.isLoggable(Level.FINER)) {
                logger.logp(Level.FINER, ME, "<constructor>", "com.ibm.websphere.security.krb.canonical_host is configured.");
            }
            String property = securityConfig.getProperty("com.ibm.websphere.security.skip.canonical.lookup");
            if (logger.isLoggable(Level.FINER)) {
                logger.logp(Level.FINER, ME, "<constructor>", "com.ibm.websphere.security.skip.canonical.lookup=" + property);
            }
            if (property != null && !property.isEmpty()) {
                StringTokenizer stringTokenizer = new StringTokenizer(property, CommandSecurityUtil.PARAM_DELIM);
                while (stringTokenizer.hasMoreTokens()) {
                    String nextToken = stringTokenizer.nextToken();
                    if (nextToken != null) {
                        this.hostMap.put(nextToken, nextToken);
                    }
                    if (logger.isLoggable(Level.FINER)) {
                        logger.logp(Level.FINER, ME, "<constructor>", "Hostname:" + nextToken + " has been added to hostMap. Further canonical lookup will not be performed for this hostname.");
                    }
                }
            }
        } else if (logger.isLoggable(Level.FINER)) {
            logger.logp(Level.FINER, ME, "<constructor>", "com.ibm.websphere.security.krb.canonical_host is not defined in the configuration");
        }
        if (this.spnegoWebEnabled) {
            setTaiEnabled(true);
        } else {
            setTaiEnabled(this.spnegoTAIEnabled);
            if (!isTAIEnabled()) {
                throw new TAIConfigurationException("com.ibm.ws.security.spnego.isEnabled JVM property is false or not set, no further processing will be done.");
            }
            String property2 = System.getProperty(Constants.KEY_TAI_RELOAD_TIMEOUT);
            String property3 = System.getProperty(Constants.KEY_TAI_RELOAD_FILE);
            if (!(!(property2 == null || property3 == null) || (property2 == null && property3 == null))) {
                throw new TAIConfigurationException("com.ibm.ws.security.spnego.propertyReloadTimeout and com.ibm.ws.security.spnego.propertyReloadFile JVM properties are invalid, both or none must be set.");
            }
            if (property2 != null) {
                try {
                    if (property2.length() != 0) {
                        this.reloadTimeout = Integer.parseInt(property2);
                    }
                } catch (NumberFormatException e) {
                    throw new TAIConfigurationException("com.ibm.ws.security.spnego.propertyReloadTimeout JVM property value is invalid: " + e + ". It must be a positive integer.");
                }
            }
            if (property3 != null && property3.length() != 0) {
                try {
                    Properties properties2 = new Properties();
                    properties2.load(new FileInputStream(property3));
                    setReloadFile(property3);
                    setReloadEnabled(true);
                    properties = properties2;
                    j = new File(property3).lastModified();
                } catch (IOException e2) {
                    throw new TAIConfigurationException("com.ibm.ws.security.spnego.propertyReloadFile JVM property value is invalid: " + e2.toString());
                }
            }
        }
        setIncludePortInSPN(Boolean.valueOf(System.getProperty(Constants.KEY_TAI_SPN_INCLUDE_PORT)).booleanValue());
        doLoad(properties);
        setLastReloadTime();
        setCurrentProps(properties);
        if (j != 0) {
            this.lastPropFileModifiedTime = j;
        }
        addSpnegoProvider();
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(ME, "<constructor>");
        }
    }

    private void addSpnegoProvider() throws TAIConfigurationException {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(ME, "addSpnegoProvider");
        }
        AccessController.doPrivileged(new PrivilegedAction() { // from class: com.ibm.ws.security.spnego.AllServerConfigs.1
            @Override // java.security.PrivilegedAction
            public Object run() {
                AllServerConfigs.this.useSubjCredsValue = System.getProperty(Constants.KEY_JGSS_USE_SUBJ_CREDS);
                if (AllServerConfigs.logger.isLoggable(Level.FINER)) {
                    AllServerConfigs.logger.logp(Level.FINER, AllServerConfigs.ME, "addSpnegoProvider", "useSubjCredsValue = " + AllServerConfigs.this.useSubjCredsValue);
                }
                if (AllServerConfigs.this.useSubjCredsValue != null && (AllServerConfigs.this.useSubjCredsValue == null || !AllServerConfigs.this.useSubjCredsValue.equalsIgnoreCase("true"))) {
                    return null;
                }
                System.setProperty(Constants.KEY_JGSS_USE_SUBJ_CREDS, "false");
                AllServerConfigs.this.useSubjCredsState = false;
                if (!AllServerConfigs.logger.isLoggable(Level.FINER)) {
                    return null;
                }
                AllServerConfigs.logger.logp(Level.FINER, AllServerConfigs.ME, "addSpnegoProvider", "set useSubjectCredsOnly to false");
                return null;
            }
        });
        Provider provider = Security.getProvider(Constants.SPNEGO_PROVIDER_NAME);
        if (provider == null) {
            try {
                Security.addProvider((Provider) Class.forName(Constants.SPNEGO_PROVIDER_CLASS).newInstance());
                Provider provider2 = Security.getProvider(Constants.SPNEGO_PROVIDER_NAME);
                this.isProviderConfigured = true;
                logger.logp(Level.INFO, ME, "addSpnegoProvider", "security.spnego.init.provider", provider2.toString());
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.spnego.AllServerConfigs.addSpnegoProvider", "248", this);
                logger.logp(Level.SEVERE, ME, "addSpnegoProvider", "security.spnego.provider.failed", (Throwable) e);
                throw new TAIConfigurationException(e.getLocalizedMessage());
            }
        } else if (logger.isLoggable(Level.FINER)) {
            logger.logp(Level.FINER, ME, "addSpnegoProvider", provider.toString() + " is already installed.");
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(ME, "addSpnegoProvider");
        }
    }

    public boolean isProviderConfigured() {
        return this.isProviderConfigured;
    }

    public void cleanup() {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(ME, "cleanup");
        }
        if (isProviderConfigured()) {
            Provider provider = Security.getProvider(Constants.SPNEGO_PROVIDER_NAME);
            Security.removeProvider(Constants.SPNEGO_PROVIDER_NAME);
            logger.logp(Level.INFO, ME, "cleanup", "security.spnego.remove.provider", provider.toString());
        }
        if (!this.useSubjCredsState) {
            AccessController.doPrivileged(new PrivilegedAction() { // from class: com.ibm.ws.security.spnego.AllServerConfigs.2
                @Override // java.security.PrivilegedAction
                public Object run() {
                    if (AllServerConfigs.this.useSubjCredsValue != null) {
                        System.setProperty(Constants.KEY_JGSS_USE_SUBJ_CREDS, AllServerConfigs.this.useSubjCredsValue);
                    } else {
                        System.clearProperty(Constants.KEY_JGSS_USE_SUBJ_CREDS);
                    }
                    if (!AllServerConfigs.logger.isLoggable(Level.FINER)) {
                        return null;
                    }
                    AllServerConfigs.logger.logp(Level.FINER, AllServerConfigs.ME, "addSpnegoProvider", "set useSubjectCredsOnly back to " + AllServerConfigs.this.useSubjCredsValue);
                    return null;
                }
            });
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(ME, "cleanup");
        }
    }

    private void doLoad(Properties properties) throws TAIConfigurationException {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(ME, "doLoad");
        }
        this.numberOfServers = Util.getSpnIdMap(Constants.KEY_TAI_SPN_ID, properties).size();
        if (this.numberOfServers < 1) {
            throw new TAIConfigurationException("No properties (com.ibm.ws.security.spnego.SPN*) for the SPNEGO TAI are defined.");
        }
        initServerConfigs(properties);
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(ME, "doLoad");
        }
    }

    private void initServerConfigs(Properties properties) throws TAIConfigurationException {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(ME, "initServerConfigs");
        }
        Hashtable hashtable = new Hashtable(this.numberOfServers);
        for (int i = 0; i < this.numberOfServers; i++) {
            String str = Constants.KEY_TAI_SPN_ID + Integer.toString(i + 1);
            if (logger.isLoggable(Level.FINER)) {
                logger.logp(Level.FINER, ME, "initServerConfigs", "Setting TAI properties with key = " + str);
            }
            String property = properties.getProperty(str + Constants.KEY_TAI_GSS_NAME_TYPE);
            String property2 = properties.getProperty(str + Constants.KEY_TAI_GSS_CRED_TYPE);
            String property3 = properties.getProperty(str + Constants.KEY_TAI_GSS_CRED_DURATION);
            String property4 = properties.getProperty(str + Constants.KEY_TAI_ENABLE_CRED_DELEG);
            String property5 = properties.getProperty(str + Constants.KEY_TAI_TRIM_USERNAME);
            String property6 = properties.getProperty(str + Constants.KEY_TAI_HOSTNAME);
            if (property6 == null || property6.length() == 0) {
                throw new TAIConfigurationException(str + Constants.KEY_TAI_HOSTNAME + " property must be specified.");
            }
            String trim = property6.trim();
            if (logger.isLoggable(Level.FINER)) {
                logger.logp(Level.FINER, ME, "initServerConfigs", "Setting TAI configuration for HostName = " + trim);
            }
            String property7 = this.spnegoWebEnabled ? properties.getProperty(str + ".ntlmTokenReceivedPage") : properties.getProperty(str + Constants.KEY_TAI_PAGE_NTLMTOKEN);
            String property8 = properties.getProperty(str + Constants.KEY_TAI_PAGE_SPNEGOSUPT);
            String property9 = properties.getProperty(str + Constants.KEY_TAI_CLASS_FILTER);
            String property10 = properties.getProperty(str + Constants.KEY_TAI_FILTER);
            String property11 = properties.getProperty(str + Constants.KEY_TAI_KRB_REALM);
            if (property11 == null || property11.length() == 0) {
                try {
                    property11 = Krb5Utils.getKrb5Realm();
                } catch (Exception e) {
                    FFDCFilter.processException(e, "com.ibm.ws.security.spnego.AllServerConfigs.initServerConfigs", "381", this);
                    logger.logp(Level.SEVERE, ME, "initServerConfigs", "security.spnego.krbconf.nodefaultrealm", new Object[]{e});
                    throw new TAIConfigurationException(str + Constants.KEY_TAI_KRB_REALM + RASFormatter.DEFAULT_SEPARATOR + e.getMessage());
                }
            }
            String trim2 = property11.trim();
            ServerConfig serverConfig = new ServerConfig();
            if (property != null) {
                serverConfig.setGssNameType(property);
            }
            if (property2 != null) {
                serverConfig.setGssCredType(property2);
            }
            if (property3 != null) {
                serverConfig.setGssCredDuration(property3);
            }
            if (property4 != null) {
                serverConfig.setEnableCredDelegate(property4);
            }
            if (property7 != null) {
                serverConfig.setNTLMTokenReceivedPage(property7);
            }
            if (property8 != null) {
                serverConfig.setSpnegoNotSupportedPage(property8);
            }
            if (property5 != null) {
                serverConfig.setTrimUserName(property5);
            }
            serverConfig.setRealm(trim2);
            if (this.canonicalSupport) {
                try {
                    trim = getCanonicalHostname(trim);
                } catch (UnknownHostException e2) {
                    FFDCFilter.processException(e2, "com.ibm.ws.security.spnego.AllServerConfigs.initServerConfigs", "521", this);
                    if (logger.isLoggable(Level.FINER)) {
                        logger.logp(Level.FINER, ME, "initServerConfigs", "Canonical support specified but error when looking up - " + trim + " failed. Aliases will not work.");
                    }
                    throw new TAIConfigurationException(str + Constants.KEY_TAI_HOSTNAME + " is unknown.");
                }
            }
            serverConfig.setServerName(trim);
            serverConfig.setFilterClass(property9);
            serverConfig.setFilter(property10, serverConfig.getFilterClass());
            if (hashtable.get(trim) == null) {
                hashtable.put(trim, serverConfig);
                if (logger.isLoggable(Level.FINER)) {
                    logger.logp(Level.FINER, ME, "initServerConfigs", "Finished adding Config to Hashtable");
                }
            } else if (logger.isLoggable(Level.FINER)) {
                logger.logp(Level.FINER, ME, "initServerConfigs", "Config not added to Hashtable - hostname " + trim + " is already configured.");
            }
        }
        this.serverConfigs = new Hashtable(this.numberOfServers);
        this.serverConfigs.putAll(hashtable);
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(ME, "initServerConfigs");
        }
    }

    public synchronized void reload() {
        if (logger.isLoggable(Level.FINER)) {
            logger.entering(ME, "reload");
        }
        if (isItTimeToReload()) {
            long lastModified = new File(getReloadFile()).lastModified();
            if (lastModified != this.lastPropFileModifiedTime) {
                Properties properties = new Properties();
                try {
                    properties.load(new FileInputStream(getReloadFile()));
                    doLoad(properties);
                    setCurrentProps(properties);
                    this.lastPropFileModifiedTime = lastModified;
                    try {
                        SpnegoHandler.initializeServerCreds(this);
                        logger.logp(Level.INFO, ME, "reload", "security.spnego.reload.ok", new Object[]{toString()});
                    } catch (Exception e) {
                        FFDCFilter.processException(e, "com.ibm.ws.security.spnego.AllServerConfigs.reload", "445", this);
                        logger.logp(Level.WARNING, ME, "reload", "security.spnego.reload.initialize.failed");
                    }
                } catch (Exception e2) {
                    FFDCFilter.processException(e2, "com.ibm.ws.security.spnego.AllServerConfigs.reload", "472", this);
                    logger.logp(Level.WARNING, ME, "reload", "security.spnego.reload.failed");
                }
            } else {
                logger.logp(Level.INFO, ME, "reload", "security.spnego.reload.not.needed");
            }
            setLastReloadTime();
        }
        if (logger.isLoggable(Level.FINER)) {
            logger.exiting(ME, "reload");
        }
    }

    public boolean isItTimeToReload() {
        return System.currentTimeMillis() - getLastReloadTime() > ((long) (getReloadTimeout() * 1000));
    }

    public final boolean isTAIEnabled() {
        return this.taiEnabled;
    }

    private final void setTaiEnabled(boolean z) {
        this.taiEnabled = z;
    }

    public final boolean isSpengoTAIEnabled() {
        return this.spnegoTAIEnabled;
    }

    public final boolean isIncludePortInSPN() {
        return this.includePortInSPN;
    }

    public final void setIncludePortInSPN(boolean z) {
        this.includePortInSPN = z;
    }

    private int getNumberOfServers() {
        return this.numberOfServers;
    }

    public Hashtable getServerConfigs() {
        return this.serverConfigs;
    }

    public ServerConfig getServerConfig(String str) {
        if (logger.isLoggable(Level.FINER)) {
            logger.logp(Level.FINER, ME, "getServerConfig", "server = " + str);
        }
        return (ServerConfig) this.serverConfigs.get(str);
    }

    public boolean isReloadEnabled() {
        return this.reloadEnabled;
    }

    private String getReloadFile() {
        return this.reloadFile;
    }

    private int getReloadTimeout() {
        return this.reloadTimeout;
    }

    private void setReloadEnabled(boolean z) {
        this.reloadEnabled = z;
    }

    private void setReloadFile(String str) {
        this.reloadFile = str;
    }

    private void setCurrentProps(Properties properties) {
        this.currentProps = properties;
    }

    private void setReloadTimeout(int i) {
        this.reloadTimeout = i;
    }

    private long getLastReloadTime() {
        return this.lastReloadTime;
    }

    public void setLastReloadTime() {
        this.lastReloadTime = System.currentTimeMillis();
        if (logger.isLoggable(Level.FINER)) {
            logger.logp(Level.FINER, ME, "setLastReloadTime", "currentTimeMillis = " + this.lastReloadTime);
        }
    }

    public boolean getCanonicalSupport() {
        return this.canonicalSupport;
    }

    public String getCanonicalHostname(String str) throws UnknownHostException {
        if (getCanonicalSupport()) {
            String str2 = (String) this.hostMap.get(str);
            if (str2 != null) {
                if (logger.isLoggable(Level.FINER)) {
                    logger.logp(Level.FINER, ME, "getCanonicalHostname", "CanonicalSupport has converted " + str + " to " + str2);
                }
                str = str2;
            } else {
                if (logger.isLoggable(Level.FINER)) {
                    logger.logp(Level.FINER, ME, "getCanonicalHostname", "CanonicalSupport is configured. serverName is not found in the hostMap. Looking up " + str);
                }
                try {
                    String canonicalHostName = InetAddress.getByName(str).getCanonicalHostName();
                    if (this.serverConfigs == null || this.serverConfigs.get(canonicalHostName) != null) {
                        this.hostMap.put(str, canonicalHostName);
                        str = canonicalHostName;
                        if (logger.isLoggable(Level.FINER)) {
                            logger.logp(Level.FINER, ME, "getCanonicalHostName", "Canonicalization support will map " + str + " to " + canonicalHostName);
                        }
                    } else if (logger.isLoggable(Level.FINER)) {
                        logger.logp(Level.FINER, ME, "getCanonicalHostName", str + " was resolved to " + canonicalHostName + ". Neither hostname is configured for SPNEGO SSO.");
                    }
                } catch (UnknownHostException e) {
                    FFDCFilter.processException(e, "com.ibm.ws.security.spnego.AllServerConfigs.getCanonicalHost", "835", this);
                    if (logger.isLoggable(Level.FINER)) {
                        logger.logp(Level.FINER, ME, "getCanonicalHostName", "Canonical support specified but error when looking up - " + str + "failed. Aliases will not work.");
                    }
                }
            }
        }
        return str;
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer(200 * getNumberOfServers());
        if (this.spnegoWebEnabled) {
            stringBuffer.append("\tSPNEGO Web Authentication:");
            stringBuffer.append("\n\t").append("enabled = ").append(this.spnegoWebEnabled);
            stringBuffer.append("\n\t").append("dynamically update = ").append(this.dynamicUpdate);
            stringBuffer.append("\n\t").append("allowAppAuthMethodFallback = ").append(this.allowAppAuthMethodFallback);
            stringBuffer.append("\n\t").append("krb5Config = ").append(this.krb5Config);
            stringBuffer.append("\n\t").append("krb5Keytab = ").append(this.krb5Keytab);
        } else {
            stringBuffer.append("\tTAI configuration (JVM) properties:");
            stringBuffer.append("\n\t").append("com.ibm.ws.security.spnego.isEnabled=").append(isTAIEnabled());
            if (isReloadEnabled()) {
                stringBuffer.append("\n\t").append("com.ibm.ws.security.spnego.propertyReloadTimeout=").append(getReloadTimeout());
                stringBuffer.append("\n\t").append("com.ibm.ws.security.spnego.propertyReloadFile=").append(getReloadFile());
            }
        }
        Enumeration elements = getServerConfigs().elements();
        while (elements.hasMoreElements()) {
            stringBuffer.append(JSPTranslator.ENDL).append(((ServerConfig) elements.nextElement()).toString());
        }
        stringBuffer.append("\n\t").append("cannonicalSupport=").append(getCanonicalSupport());
        return stringBuffer.toString();
    }

    public void getSpnegoWebAuth() {
        SecurityConfig securityConfig = SecurityObjectLocator.getSecurityConfig();
        Boolean.valueOf(securityConfig.getTrustAssociation().getBoolean("enabled"));
        AuthMechanismConfig authMechanism = securityConfig.getAuthMechanism(AuthMechanismConfig.TYPE_SPNEGO);
        if (authMechanism != null) {
            this.spnegoWebEnabled = authMechanism.getBoolean(AuthMechanismConfig.SPNEGO_ENABLED);
            this.allowAppAuthMethodFallback = authMechanism.getBoolean(AuthMechanismConfig.SPNEGO_ALLOW_APP_AUTH_METHOD_FALLBACK);
        }
        this.krb5Config = securityConfig.getAuthMechanism(AuthMechanismConfig.TYPE_KERBEROS).getString("krb5Config");
        if (this.krb5Config != null) {
            Krb5Utils.setKrbConfigProp(this.krb5Config);
        }
        this.krb5Keytab = securityConfig.getAuthMechanism(AuthMechanismConfig.TYPE_KERBEROS).getString("krb5Keytab");
        if (this.krb5Keytab != null) {
            Krb5Utils.setKrbKeytabProp(this.krb5Keytab);
        }
        SecurityConfigObjectList objectList = SecurityObjectLocator.getSecurityConfigManager().getObjectList("Security::dynamicReload::authMechanisms");
        if (objectList != null) {
            for (int i = 0; i < objectList.size(); i++) {
                if (objectList.get(i).instanceOf(SecurityPackage.eNS_URI, AuthMechanismConfig.TYPE_SPNEGO)) {
                    this.dynamicUpdate = true;
                }
            }
        }
    }
}
