package com.ibm.ws.security.admintask.securityDomain;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.InvalidParameterNameException;
import com.ibm.websphere.management.cmdframework.InvalidParameterValueException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.TaskCommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand;
import com.ibm.websphere.management.cmdframework.provider.TaskCommandResultImpl;
import com.ibm.websphere.management.configservice.ConfigDataId;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.management.configservice.SystemAttributes;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.common.util.AuditConstants;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.ws.security.config.AuthMechanismConfig;
import com.ibm.ws.security.jaspi.commands.AdminConstants;
import com.ibm.ws.security.profiletask.MessageFormatHelper;
import java.util.ArrayList;
import java.util.Locale;
import java.util.ResourceBundle;
import javax.management.Attribute;
import javax.management.AttributeList;
import javax.management.ObjectName;
import org.eclipse.xsd.util.XSDConstants;

/* loaded from: input_file:WEB-INF/lib/admin-8.5.0.jar:com/ibm/ws/security/admintask/securityDomain/ConfigureJAASLogin.class */
public class ConfigureJAASLogin extends AbstractTaskCommand {
    private static String BUNDLE_NAME = AdminConstants.MSG_BUNDLE_NAME;
    private static ResourceBundle resBundle = ResourceBundle.getBundle(BUNDLE_NAME, Locale.getDefault());
    private static TraceComponent tc = Tr.register((Class<?>) ConfigureJAASLogin.class, "ConfigureJAASLogin", "com.ibm.ws.security.admintask.securityDomain");
    private static String LOGIN_MODULE_PROXY = "com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy";
    private ObjectName secObj;
    private ObjectName globalSecObj;
    private ConfigService configService;
    private Session session;
    private String type;
    private String secDomain;
    private String loginType;
    private String loginEntryAlias;
    private String loginModules;
    private String authStrategies;
    private String loginModule;
    private String authStrategy;
    private String customProperties;
    private Boolean useProxy;
    private Boolean newModule;
    private Integer modifyModule;

    public ConfigureJAASLogin(TaskCommandMetadata taskCommandMetadata) throws CommandNotFoundException {
        super(taskCommandMetadata);
        this.secDomain = null;
        this.loginType = null;
        this.loginEntryAlias = null;
        this.loginModules = null;
        this.authStrategies = null;
        this.loginModule = null;
        this.authStrategy = null;
        this.customProperties = null;
        this.useProxy = null;
        this.newModule = null;
        this.modifyModule = null;
    }

    public ConfigureJAASLogin(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        super(commandData);
        this.secDomain = null;
        this.loginType = null;
        this.loginEntryAlias = null;
        this.loginModules = null;
        this.authStrategies = null;
        this.loginModule = null;
        this.authStrategy = null;
        this.customProperties = null;
        this.useProxy = null;
        this.newModule = null;
        this.modifyModule = null;
    }

    private String getMsg(ResourceBundle resourceBundle, String str, Object[] objArr) {
        return MessageFormatHelper.getFormattedMessage(resourceBundle, str, objArr);
    }

    private boolean validLoginType(String str) {
        return str.equalsIgnoreCase(XSDConstants.SYSTEM_ATTRIBUTE) || str.equalsIgnoreCase("application");
    }

    private boolean validLoginStrategies(String[] strArr) {
        for (int i = 0; i < strArr.length; i++) {
            if (!strArr[i].equalsIgnoreCase("REQUIRED") && !strArr[i].equalsIgnoreCase("REQUISITE") && !strArr[i].equalsIgnoreCase("SUFFICIENT") && !strArr[i].equalsIgnoreCase("OPTIONAL")) {
                return false;
            }
        }
        return true;
    }

    public void configureJAASLoginEntry() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "configureJAASLoginEntry");
        }
        AttributeList attributeList = null;
        String[] strArr = null;
        String[] strArr2 = null;
        ArrayList arrayList = new ArrayList();
        ObjectName objectName = null;
        try {
            try {
                if (this.loginModules != null && !this.loginModules.equals("")) {
                    strArr = this.loginModules.split(",");
                    if (this.authStrategies != null && !this.authStrategies.equals("")) {
                        strArr2 = this.authStrategies.split(",");
                        if (!validLoginStrategies(strArr2)) {
                            throw new CommandValidationException(getMsg(resBundle, "security.admintask.strategyTypeNotValid.SECJ7706E", null));
                        }
                        if (strArr.length != strArr2.length) {
                            throw new CommandValidationException(getMsg(resBundle, "security.admintask.strategyTypeMismatch.SECJ7707E", null));
                        }
                    }
                    if (strArr != null && strArr.length > 0) {
                        for (String str : strArr) {
                            if (str.trim().equals("com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy")) {
                                throw new CommandValidationException(getMsg(resBundle, "security.admintask.noLoginModulNamed.SECJ7774E", new Object[]{"com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy"}));
                            }
                        }
                    }
                }
                if (this.secDomain != null) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "In a security domain may need to add the JAASConfiguration");
                    }
                    AttributeList attributeList2 = (AttributeList) ConfigServiceHelper.getAttributeValue(this.configService.getAttributes(this.session, this.secObj, new String[]{this.type}, true), this.type);
                    if (attributeList2 == null || attributeList2.isEmpty()) {
                        AttributeList attributeList3 = new AttributeList();
                        AttributeList attributeList4 = new AttributeList();
                        attributeList3.add(new Attribute("alias", this.loginEntryAlias));
                        attributeList4.add(new Attribute("entries", ConfigServiceHelper.createObjectName(attributeList3)));
                        this.configService.createConfigData(this.session, this.secObj, this.type, "JAASConfiguration", attributeList4);
                    }
                }
                if (0 != 0) {
                    attributeList.clear();
                }
                AttributeList attributes = this.configService.getAttributes(this.session, this.secObj, new String[]{this.type}, true);
                AttributeList attributeList5 = (AttributeList) ConfigServiceHelper.getAttributeValue(attributes, this.type);
                ObjectName[] queryConfigObjects = this.configService.queryConfigObjects(this.session, this.secObj, ConfigServiceHelper.createObjectName(attributeList5), null);
                ArrayList arrayList2 = (ArrayList) ConfigServiceHelper.getAttributeValue(attributeList5, "entries");
                if (arrayList2 != null) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "loginEntryAlias is " + this.loginEntryAlias);
                    }
                    objectName = findEntryObj(arrayList2, this.loginEntryAlias, queryConfigObjects[0]);
                    ArrayList arrayList3 = (ArrayList) this.configService.getAttribute(this.session, objectName, "loginModules", true);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "modules size is " + arrayList3.size());
                    }
                    if (strArr != null && strArr.length > 0) {
                        arrayList = (arrayList3 == null || arrayList3.size() <= 0) ? buildNewLoginModuleArray(strArr, strArr2) : buildLoginModuleArray(objectName, arrayList3, strArr);
                    }
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "savedLoginEntries.size()" + arrayList.size());
                    for (int i = 0; i < arrayList.size(); i++) {
                        if (arrayList.get(i) != null) {
                            Tr.debug(tc, "Entry[" + i + "]=" + arrayList.get(i).toString());
                        } else {
                            Tr.debug(tc, "Entry[" + i + "]= null");
                        }
                    }
                }
                for (int i2 = 0; i2 < arrayList.size(); i2++) {
                    attributes.clear();
                    AttributeList attributeList6 = (AttributeList) arrayList.get(i2);
                    if (attributeList6 != null) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "creating config data->" + attributeList6.toString());
                        }
                        this.configService.createConfigData(this.session, objectName, "loginModules", null, attributeList6);
                    } else {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "savedLoginEntry is null. Adding loginModuleEntries[" + i2 + "]");
                            Tr.debug(tc, "loginModuleEntries=" + strArr[i2].toString());
                        }
                        attributes.add(new Attribute("moduleClassName", strArr[i2].trim()));
                        if (strArr2 != null) {
                            attributes.add(new Attribute("authenticationStrategy", strArr2[i2].toUpperCase()));
                        } else {
                            attributes.add(new Attribute("authenticationStrategy", "REQUIRED"));
                        }
                        this.configService.createConfigData(this.session, objectName, "loginModules", null, attributes);
                    }
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "configureJAASLoginEntry");
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.ConfigureJAASLogin", "283");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "configureJAASLoginEntry");
            }
            throw th;
        }
    }

    public ObjectName findEntryObj(ArrayList arrayList, String str, ObjectName objectName) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "findEntryObj");
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "loginEntryAlias is " + str);
        }
        for (int i = 0; i < arrayList.size(); i++) {
            AttributeList attributeList = (AttributeList) arrayList.get(i);
            ObjectName[] queryConfigObjects = this.configService.queryConfigObjects(this.session, objectName, ConfigServiceHelper.createObjectName(attributeList), null);
            if (((String) ConfigServiceHelper.getAttributeValue(attributeList, "alias")).equals(str)) {
                return queryConfigObjects[0];
            }
        }
        AttributeList attributeList2 = new AttributeList();
        attributeList2.add(new Attribute("alias", str));
        ObjectName createConfigData = this.configService.createConfigData(this.session, objectName, "entries", null, attributeList2);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "findEntryObj");
        }
        return createConfigData;
    }

    public ArrayList buildNewLoginModuleArray(String[] strArr, String[] strArr2) {
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < strArr.length; i++) {
            String str = strArr[i];
            AttributeList attributeList = new AttributeList();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Adding new loginModule " + str);
            }
            attributeList.add(new Attribute("moduleClassName", str.trim()));
            if (strArr2 != null && strArr2.length == strArr.length) {
                String str2 = strArr2[i];
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Adding strategy " + str2);
                }
                attributeList.add(new Attribute("authenticationStrategy", str2.toUpperCase()));
            }
            arrayList.add(attributeList);
        }
        return arrayList;
    }

    public ArrayList buildLoginModuleArray(ObjectName objectName, ArrayList arrayList, String[] strArr) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "buildLoginModuleArray ");
        }
        if (tc.isDebugEnabled()) {
            if (objectName != null) {
                Tr.debug(tc, "entryObj=" + objectName.toString());
            }
            if (arrayList != null) {
                Tr.debug(tc, "Curently defined loginModules - modules size=" + arrayList.size());
            }
            if (strArr != null) {
                Tr.debug(tc, "Command input loginModuleEntries length=" + strArr.length);
                for (int i = 0; i < strArr.length; i++) {
                    if (strArr[i] != null) {
                        Tr.debug(tc, "loginModuleEntries[" + i + "]=" + strArr[i].toString());
                    } else {
                        Tr.debug(tc, "loginModuleEntries[" + i + "]= null");
                    }
                }
            }
        }
        ArrayList arrayList2 = new ArrayList();
        for (int i2 = 0; i2 < strArr.length; i2++) {
            String trim = strArr[i2].trim();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "*** loginModuleEntry[" + i2 + "] : " + trim + " against existing loginModule");
            }
            boolean z = false;
            for (int i3 = 0; i3 < arrayList.size(); i3++) {
                boolean z2 = false;
                AttributeList attributeList = (AttributeList) arrayList.get(i3);
                ConfigDataId configDataId = (ConfigDataId) ConfigServiceHelper.getAttributeValue(attributeList, SystemAttributes._WEBSPHERE_CONFIG_DATA_ID);
                String configDataId2 = configDataId.toString();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "***** Existing module #" + i3 + " id=" + configDataId + " configId=" + configDataId2);
                }
                if (configDataId2.equals(trim)) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "***** configId matching moduleEntry");
                    }
                    z2 = true;
                } else {
                    String str = (String) ConfigServiceHelper.getAttributeValue(attributeList, "moduleClassName");
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "***** moduleName=" + str);
                    }
                    if (str.equals("com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy")) {
                        ArrayList arrayList3 = (ArrayList) ConfigServiceHelper.getAttributeValue(attributeList, "options");
                        String str2 = null;
                        int i4 = 0;
                        while (true) {
                            if (i4 >= arrayList3.size()) {
                                break;
                            }
                            AttributeList attributeList2 = (AttributeList) arrayList3.get(i4);
                            if (((String) ConfigServiceHelper.getAttributeValue(attributeList2, "name")).equals(AuditConstants.DELEGATE)) {
                                str2 = (String) ConfigServiceHelper.getAttributeValue(attributeList2, "value");
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "***** deletegate value is " + str2);
                                }
                            } else {
                                i4++;
                            }
                        }
                        if (str2 != null && str2.equals(trim)) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "***** deletegate " + str2 + " is a match");
                            }
                            z2 = true;
                        }
                    } else if (str.equals(trim)) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "***** moduleEntry matches " + str);
                        }
                        z2 = true;
                    }
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "saveModuleAttrs=" + z2);
                }
                if (z2) {
                    ObjectName[] queryConfigObjects = this.configService.queryConfigObjects(this.session, objectName, ConfigServiceHelper.createObjectName(attributeList), null);
                    if (queryConfigObjects == null) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Limitation handling same name loginModules.  No change in the order. Please use commandLine (PM98406)");
                        }
                        return new ArrayList();
                    }
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Saving the loginModule to the list.");
                    }
                    arrayList2.add(this.configService.getAttributes(this.session, queryConfigObjects[0], null, true));
                    this.configService.deleteConfigData(this.session, queryConfigObjects[0]);
                    z = true;
                }
            }
            if (!z) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "No existing entries.  Adding new loginModule " + trim);
                }
                AttributeList attributeList3 = new AttributeList();
                attributeList3.add(new Attribute("moduleClassName", trim.trim()));
                attributeList3.add(new Attribute("authenticationStrategy", "REQUIRED"));
                arrayList2.add(attributeList3);
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Match was found with existing loginModule. " + trim);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "buildLoginModuleArray");
        }
        return arrayList2;
    }

    public ArrayList listJAASLoginEntries() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "listJAASLoginEntries");
        }
        ArrayList arrayList = new ArrayList();
        try {
            try {
                AttributeList attributeList = (AttributeList) this.configService.getAttribute(this.session, this.secObj, this.type);
                ArrayList arrayList2 = attributeList != null ? (ArrayList) ConfigServiceHelper.getAttributeValue(attributeList, "entries") : null;
                if (arrayList2 != null) {
                    for (int i = 0; i < arrayList2.size(); i++) {
                        arrayList.add((AttributeList) arrayList2.get(i));
                    }
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "listJAASLoginEntries");
                }
                return arrayList;
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.ConfigureJAASLogin", "323");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "listJAASLoginEntries");
            }
            throw th;
        }
    }

    public String configureLoginModule() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "configureLoginModule");
        }
        String str = null;
        AttributeList attributeList = null;
        ObjectName objectName = null;
        boolean z = false;
        if (this.newModule != null && this.newModule.booleanValue()) {
            z = true;
        }
        boolean booleanValue = this.useProxy != null ? this.useProxy.booleanValue() : false;
        String str2 = this.loginModule;
        try {
            try {
                if (this.authStrategy != null && !validLoginStrategies(new String[]{this.authStrategy})) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.strategyTypeNotValid.SECJ7706E", null));
                }
                if (this.loginModule.equals("com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy")) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.noLoginModulNamed.SECJ7774E", new Object[]{"com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy"}));
                }
                if (0 != 0) {
                    attributeList.clear();
                }
                AttributeList attributes = this.configService.getAttributes(this.session, this.secObj, new String[]{this.type}, true);
                AttributeList attributeList2 = (AttributeList) ConfigServiceHelper.getAttributeValue(attributes, this.type);
                if (attributeList2 == null) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.loginAliasDoesNotExist.SECJ7736E", new Object[]{this.loginEntryAlias}));
                }
                ObjectName[] queryConfigObjects = this.configService.queryConfigObjects(this.session, this.secObj, ConfigServiceHelper.createObjectName(attributeList2), null);
                ArrayList arrayList = (ArrayList) ConfigServiceHelper.getAttributeValue(attributeList2, "entries");
                if (arrayList != null) {
                    ObjectName[] objectNameArr = null;
                    ObjectName objectName2 = null;
                    ObjectName objectName3 = null;
                    int i = 0;
                    while (true) {
                        if (i >= arrayList.size()) {
                            break;
                        }
                        AttributeList attributeList3 = (AttributeList) arrayList.get(i);
                        ObjectName[] queryConfigObjects2 = this.configService.queryConfigObjects(this.session, queryConfigObjects[0], ConfigServiceHelper.createObjectName(attributeList3), null);
                        if (((String) ConfigServiceHelper.getAttributeValue(attributeList3, "alias")).equals(this.loginEntryAlias)) {
                            objectName = queryConfigObjects2[0];
                            ArrayList arrayList2 = (ArrayList) ConfigServiceHelper.getAttributeValue(attributeList3, "loginModules");
                            if (this.modifyModule != null) {
                                int intValue = this.modifyModule.intValue() - 1;
                                if (intValue >= 0 && intValue < arrayList2.size()) {
                                    AttributeList attributeList4 = (AttributeList) arrayList2.get(intValue);
                                    objectName2 = getLoginModuleInLoginEntryFromAttributes(objectName, attributeList4);
                                    String str3 = (String) ConfigServiceHelper.getAttributeValue(attributeList4, "moduleClassName");
                                    if (isLoginModuleProxy(str3)) {
                                        objectName3 = getDelegateInLoginEntryFromAttributesAndModule(objectName, attributeList4, objectName2);
                                        str3 = (String) this.configService.getAttribute(this.session, objectName3, "value");
                                    }
                                    str2 = str3;
                                }
                            } else if (!z) {
                                for (int i2 = 0; i2 < arrayList2.size(); i2++) {
                                    AttributeList attributeList5 = (AttributeList) arrayList2.get(i2);
                                    String configDataId = ((ConfigDataId) ConfigServiceHelper.getAttributeValue(attributeList5, SystemAttributes._WEBSPHERE_CONFIG_DATA_ID)).toString();
                                    String str4 = (String) ConfigServiceHelper.getAttributeValue(attributeList5, "moduleClassName");
                                    if (isLoginModuleProxy(str4)) {
                                        ArrayList arrayList3 = (ArrayList) ConfigServiceHelper.getAttributeValue(attributeList5, "options");
                                        int i3 = 0;
                                        while (true) {
                                            if (i3 >= arrayList3.size()) {
                                                break;
                                            }
                                            AttributeList attributeList6 = (AttributeList) arrayList3.get(i3);
                                            if (((String) ConfigServiceHelper.getAttributeValue(attributeList6, "name")).equals(AuditConstants.DELEGATE) && ((String) ConfigServiceHelper.getAttributeValue(attributeList6, "value")).equals(this.loginModule)) {
                                                objectNameArr = this.configService.queryConfigObjects(this.session, queryConfigObjects2[0], ConfigServiceHelper.createObjectName(attributeList5), null);
                                                objectName3 = this.configService.queryConfigObjects(this.session, objectNameArr[0], ConfigServiceHelper.createObjectName(attributeList6), null)[0];
                                                break;
                                            }
                                            i3++;
                                        }
                                        if (objectName3 != null) {
                                            break;
                                        }
                                    } else {
                                        if (str4.equals(this.loginModule) || configDataId.equals(this.loginModule)) {
                                            str2 = str4;
                                            objectNameArr = this.configService.queryConfigObjects(this.session, queryConfigObjects2[0], ConfigServiceHelper.createObjectName(attributeList5), null);
                                            break;
                                        }
                                    }
                                }
                                if (objectNameArr != null) {
                                    objectName2 = objectNameArr[0];
                                }
                            }
                        }
                        i++;
                    }
                    if (attributes != null) {
                        attributes.clear();
                    }
                    if (booleanValue) {
                        attributes.add(new Attribute("moduleClassName", "com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy"));
                    } else {
                        attributes.add(new Attribute("moduleClassName", str2.trim()));
                    }
                    if (this.authStrategy != null) {
                        attributes.add(new Attribute("authenticationStrategy", this.authStrategy.toUpperCase()));
                    }
                    if (objectName2 == null || z) {
                        if (objectName == null) {
                            throw new CommandValidationException(getMsg(resBundle, "security.admintask.loginAliasDoesNotExist.SECJ7736E", new Object[]{this.loginEntryAlias}));
                        }
                        if (attributes != null) {
                            objectName2 = this.configService.createConfigData(this.session, objectName, "loginModules", null, attributes);
                        }
                    } else if (attributes != null) {
                        this.configService.setAttributes(this.session, objectName2, attributes);
                    }
                    attributes.clear();
                    if (objectName3 != null) {
                        if (!booleanValue) {
                            this.configService.deleteConfigData(this.session, objectName3);
                        }
                    } else if (booleanValue) {
                        attributes.add(new Attribute("name", AuditConstants.DELEGATE));
                        attributes.add(new Attribute("value", str2));
                        this.configService.createConfigData(this.session, objectName2, "options", null, attributes);
                        attributes.clear();
                    }
                    if (this.customProperties != null) {
                        SecConfigTaskHelper.addCustomEntries(this.session, this.configService, objectName2, this.customProperties, "options");
                    }
                    str = ((ConfigDataId) ConfigServiceHelper.getAttributeValue(this.configService.getAttributes(this.session, objectName2, null, false), SystemAttributes._WEBSPHERE_CONFIG_DATA_ID)).toString();
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "configureLoginModule");
                }
                return str;
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.ConfigureJAASLogin", "507");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "configureLoginModule");
            }
            throw th;
        }
    }

    private boolean isLoginModuleProxy(String str) {
        return LOGIN_MODULE_PROXY.equals(str);
    }

    private ObjectName getLoginModuleInLoginEntryFromAttributes(ObjectName objectName, AttributeList attributeList) throws Exception {
        ObjectName[] queryConfigObjects = this.configService.queryConfigObjects(this.session, objectName, ConfigServiceHelper.createObjectName(attributeList), null);
        if (queryConfigObjects != null) {
            return queryConfigObjects[0];
        }
        return null;
    }

    private ObjectName getDelegateInLoginEntryFromAttributesAndModule(ObjectName objectName, AttributeList attributeList, ObjectName objectName2) throws Exception {
        ArrayList arrayList = (ArrayList) ConfigServiceHelper.getAttributeValue(attributeList, "options");
        ObjectName objectName3 = null;
        int i = 0;
        while (true) {
            if (i >= arrayList.size()) {
                break;
            }
            AttributeList attributeList2 = (AttributeList) arrayList.get(i);
            if (((String) ConfigServiceHelper.getAttributeValue(attributeList2, "name")).equals(AuditConstants.DELEGATE)) {
                objectName3 = this.configService.queryConfigObjects(this.session, objectName2, ConfigServiceHelper.createObjectName(attributeList2), null)[0];
                break;
            }
            i++;
        }
        return objectName3;
    }

    public ArrayList listLoginModules() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "listLoginModules");
        }
        ArrayList arrayList = new ArrayList();
        try {
            try {
                AttributeList attributeList = (AttributeList) this.configService.getAttribute(this.session, this.secObj, this.type);
                ArrayList arrayList2 = attributeList != null ? (ArrayList) ConfigServiceHelper.getAttributeValue(attributeList, "entries") : null;
                if (arrayList2 != null) {
                    int i = 0;
                    while (true) {
                        if (i >= arrayList2.size()) {
                            break;
                        }
                        AttributeList attributeList2 = (AttributeList) arrayList2.get(i);
                        if (((String) ConfigServiceHelper.getAttributeValue(attributeList2, "alias")).equals(this.loginEntryAlias)) {
                            ArrayList arrayList3 = (ArrayList) ConfigServiceHelper.getAttributeValue(attributeList2, "loginModules");
                            for (int i2 = 0; i2 < arrayList3.size(); i2++) {
                                arrayList.add((AttributeList) arrayList3.get(i2));
                            }
                        } else {
                            i++;
                        }
                    }
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "listLoginModules");
                }
                return arrayList;
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.ConfigureJAASLogin", "593");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "listLoginModules");
            }
            throw th;
        }
    }

    public void unconfigureJAASLoginEntry() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "unconfigureJAASLoginEntry");
        }
        try {
            try {
                AttributeList attributeList = (AttributeList) ConfigServiceHelper.getAttributeValue(this.configService.getAttributes(this.session, this.secObj, new String[]{this.type}, true), this.type);
                if (attributeList != null && !attributeList.isEmpty()) {
                    ObjectName[] queryConfigObjects = this.configService.queryConfigObjects(this.session, this.secObj, ConfigServiceHelper.createObjectName(attributeList), null);
                    ArrayList arrayList = (ArrayList) ConfigServiceHelper.getAttributeValue(attributeList, "entries");
                    if (arrayList == null) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.loginDoesNotExist.SECJ7735E", null));
                    }
                    int i = 0;
                    while (true) {
                        if (i >= arrayList.size()) {
                            break;
                        }
                        AttributeList attributeList2 = (AttributeList) arrayList.get(i);
                        ObjectName[] queryConfigObjects2 = this.configService.queryConfigObjects(this.session, queryConfigObjects[0], ConfigServiceHelper.createObjectName(attributeList2), null);
                        if (!((String) ConfigServiceHelper.getAttributeValue(attributeList2, "alias")).equals(this.loginEntryAlias)) {
                            i++;
                        } else {
                            if (!okayToDeleteEntry(this.loginEntryAlias, this.type)) {
                                throw new CommandValidationException(getMsg(resBundle, "security.admintask.cannotRemove.SECJ7737E", new Object[]{this.loginEntryAlias}));
                            }
                            this.configService.deleteConfigData(this.session, queryConfigObjects2[0]);
                        }
                    }
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "unconfigureJAASLoginEntry");
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.ConfigureJAASLogin", "649");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "unconfigureJAASLoginEntry");
            }
            throw th;
        }
    }

    public AttributeList getJAASLoginEntryInfo() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getJAASLoginEntryInfo");
        }
        try {
            try {
                ArrayList arrayList = (ArrayList) ConfigServiceHelper.getAttributeValue((AttributeList) ConfigServiceHelper.getAttributeValue(this.configService.getAttributes(this.session, this.secObj, new String[]{this.type}, true), this.type), "entries");
                if (arrayList == null) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.loginDoesNotExist.SECJ7735E", null));
                }
                for (int i = 0; i < arrayList.size(); i++) {
                    AttributeList attributeList = (AttributeList) arrayList.get(i);
                    if (((String) ConfigServiceHelper.getAttributeValue(attributeList, "alias")).equals(this.loginEntryAlias)) {
                        if (tc.isEntryEnabled()) {
                            Tr.exit(tc, "getJAASLoginEntryInfo");
                        }
                        return attributeList;
                    }
                }
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.loginAliasDoesNotExist.SECJ7736E", new Object[]{this.loginEntryAlias}));
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.ConfigureJAASLogin", "695");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getJAASLoginEntryInfo");
            }
            throw th;
        }
    }

    public void unconfigureLoginModule() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "unconfigureLoginModule");
        }
        try {
            try {
                AttributeList attributeList = (AttributeList) ConfigServiceHelper.getAttributeValue(this.configService.getAttributes(this.session, this.secObj, new String[]{this.type}, true), this.type);
                if (attributeList != null && !attributeList.isEmpty()) {
                    ObjectName[] queryConfigObjects = this.configService.queryConfigObjects(this.session, this.secObj, ConfigServiceHelper.createObjectName(attributeList), null);
                    ArrayList arrayList = (ArrayList) ConfigServiceHelper.getAttributeValue(attributeList, "entries");
                    if (arrayList == null) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.loginDoesNotExist.SECJ7735E", null));
                    }
                    for (int i = 0; i < arrayList.size(); i++) {
                        AttributeList attributeList2 = (AttributeList) arrayList.get(i);
                        ObjectName[] queryConfigObjects2 = this.configService.queryConfigObjects(this.session, queryConfigObjects[0], ConfigServiceHelper.createObjectName(attributeList2), null);
                        if (((String) ConfigServiceHelper.getAttributeValue(attributeList2, "alias")).equals(this.loginEntryAlias)) {
                            ArrayList arrayList2 = (ArrayList) ConfigServiceHelper.getAttributeValue(attributeList2, "loginModules");
                            for (int i2 = 0; i2 < arrayList2.size(); i2++) {
                                AttributeList attributeList3 = (AttributeList) arrayList2.get(i2);
                                String configDataId = ((ConfigDataId) ConfigServiceHelper.getAttributeValue(attributeList3, SystemAttributes._WEBSPHERE_CONFIG_DATA_ID)).toString();
                                String str = (String) ConfigServiceHelper.getAttributeValue(attributeList3, "moduleClassName");
                                if (str.trim().equals(this.loginModule) || configDataId.equals(this.loginModule)) {
                                    this.configService.deleteConfigData(this.session, this.configService.queryConfigObjects(this.session, queryConfigObjects2[0], ConfigServiceHelper.createObjectName(attributeList3), null)[0]);
                                    break;
                                }
                                if (str.trim().equals("com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy")) {
                                    ArrayList arrayList3 = (ArrayList) ConfigServiceHelper.getAttributeValue(attributeList3, "options");
                                    int i3 = 0;
                                    while (true) {
                                        if (i3 < arrayList3.size()) {
                                            AttributeList attributeList4 = (AttributeList) arrayList3.get(i3);
                                            if (((String) ConfigServiceHelper.getAttributeValue(attributeList4, "name")).equals(AuditConstants.DELEGATE) && ((String) ConfigServiceHelper.getAttributeValue(attributeList4, "value")).equals(this.loginModule)) {
                                                this.configService.deleteConfigData(this.session, this.configService.queryConfigObjects(this.session, queryConfigObjects2[0], ConfigServiceHelper.createObjectName(attributeList3), null)[0]);
                                                break;
                                            }
                                            i3++;
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "unconfigureLoginModule");
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.ConfigureJAASLogin", "777");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "unconfigureLoginModule");
            }
            throw th;
        }
    }

    public void unconfigureJAASLogin() throws Exception {
        AttributeList attributeList;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "unconfigureJAASLogin");
        }
        try {
            try {
                AttributeList attributes = this.configService.getAttributes(this.session, this.secObj, new String[]{this.type}, true);
                if (attributes != null && (attributeList = (AttributeList) ConfigServiceHelper.getAttributeValue(attributes, this.type)) != null) {
                    ObjectName createObjectName = ConfigServiceHelper.createObjectName(attributeList);
                    if (createObjectName == null) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.loginDoesNotExist.SECJ7735E", null));
                    }
                    this.configService.deleteConfigData(this.session, createObjectName);
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "unconfigureLocalOSUserRegistry");
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.ConfigureJAASLogin", "818");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "unconfigureLocalOSUserRegistry");
            }
            throw th;
        }
    }

    private boolean okayToDeleteEntry(String str, String str2) {
        boolean z = true;
        if (this.secDomain != null) {
            return true;
        }
        if (str2.equals("systemLoginConfig")) {
            if (str.equals(AuthMechanismConfig.TYPE_SWAM) || str.equals(AuthMechanismConfig.TYPE_KERBEROS) || str.equals("LTPA") || str.equals("wssecurity.IDAssertion") || str.equals("wssecurity.Signature") || str.equals("LTPA_WEB") || str.equals("WEB_INBOUND") || str.equals("RMI_INBOUND") || str.equals("DEFAULT") || str.equals("RMI_OUTBOUND") || str.equals("wssecurity.X509BST") || str.equals("wssecurity.PkiPath") || str.equals("wssecurity.PKCS7") || str.equals("wssecurity.UsernameToken") || str.equals("wssecurity.IDAssertionUsernameToken") || str.equals("WSS_INBOUND") || str.equals("WSS_OUTBOUND") || str.equals("DESERIALIZE_ASYNCH_CONTEXT") || str.equals("wssecurity.KRB5BST") || str.equals("wssecurity.KRB5BSTIdentityMapping") || str.equals("wss.generate.x509") || str.equals("wss.consume.x509") || str.equals("wss.generate.unt") || str.equals("wss.consume.unt") || str.equals("wss.generate.sct") || str.equals("wss.consume.sct") || str.equals("wss.caller") || str.equals("wss.generate.pkcs7") || str.equals("wss.consume.pkcs7") || str.equals("wss.generate.pkiPath") || str.equals("wss.consume.pkiPath") || str.equals("wss.generate.ltpa") || str.equals("wss.consume.ltpa") || str.equals("wss.generate.ltpaProp") || str.equals("wss.consume.ltpaProp") || str.equals("wss.inbound.propagation") || str.equals("wss.inbound.deserialize") || str.equals("wss.auth.sts") || str.equals("wss.generate.KRB5BST") || str.equals("wss.consume.KRB5BST")) {
                z = false;
            }
        } else if (str2.equals("applicationLoginConfig") && (str.equals("ClientContainer") || str.equals("WSLogin") || str.equals("WSKRB5Login") || str.equals("DefaultPrincipalMapping") || str.equals("TrustedConnectionMapping"))) {
            z = false;
        }
        return z;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand
    public void afterStepsExecuted() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "afterStepsExecuted");
        }
        super.afterStepsExecuted();
        TaskCommandResultImpl taskCommandResultImpl = (TaskCommandResultImpl) getTaskCommandResult();
        if (!taskCommandResultImpl.isSuccessful()) {
            if (tc.isDebugEnabled()) {
                Tr.exit(tc, "afterStepsExecuted");
                return;
            }
            return;
        }
        String name = getName();
        try {
            try {
                this.configService = getConfigService();
                this.session = getConfigSession();
                try {
                    this.secDomain = (String) getParameter("securityDomainName");
                } catch (InvalidParameterNameException e) {
                }
                try {
                    this.loginType = (String) getParameter("loginType");
                } catch (InvalidParameterNameException e2) {
                }
                try {
                    this.loginEntryAlias = (String) getParameter("loginEntryAlias");
                } catch (InvalidParameterNameException e3) {
                }
                try {
                    this.loginModules = (String) getParameter("loginModules");
                } catch (InvalidParameterNameException e4) {
                }
                try {
                    this.authStrategies = (String) getParameter("authStrategies");
                } catch (InvalidParameterNameException e5) {
                }
                try {
                    this.loginModule = (String) getParameter("loginModule");
                } catch (InvalidParameterNameException e6) {
                }
                try {
                    this.authStrategy = (String) getParameter("authStrategy");
                } catch (InvalidParameterNameException e7) {
                }
                try {
                    this.loginEntryAlias = (String) getParameter("loginEntryAlias");
                } catch (InvalidParameterNameException e8) {
                }
                try {
                    this.useProxy = (Boolean) getParameter("useLoginModuleProxy");
                } catch (InvalidParameterNameException e9) {
                }
                try {
                    this.customProperties = (String) getParameter(CommonConstants.CUSTOM_PROPERTIES);
                } catch (InvalidParameterNameException e10) {
                }
                try {
                    this.newModule = (Boolean) getParameter("newModule");
                } catch (InvalidParameterNameException e11) {
                }
                try {
                    this.modifyModule = (Integer) getParameter("modifyModule");
                } catch (InvalidParameterNameException e12) {
                }
                if (!validLoginType(this.loginType)) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.InvalidLoginModuleType.SECJ7705E", null));
                }
                if (this.secDomain != null && tc.isDebugEnabled()) {
                    Tr.debug(tc, "securityDomainName name is " + this.secDomain);
                }
                if (this.loginType != null && tc.isDebugEnabled()) {
                    Tr.debug(tc, "loginType name is " + this.loginType);
                }
                if (this.loginEntryAlias != null && tc.isDebugEnabled()) {
                    Tr.debug(tc, "loginEntryAlias name is " + this.loginEntryAlias);
                }
                if (this.loginModules != null && tc.isDebugEnabled()) {
                    Tr.debug(tc, "loginModules name is " + this.loginModules);
                }
                if (this.authStrategies != null && tc.isDebugEnabled()) {
                    Tr.debug(tc, "authStrategies name is " + this.authStrategies);
                }
                if (this.loginModule != null && tc.isDebugEnabled()) {
                    Tr.debug(tc, "loginModule name is " + this.loginModule);
                }
                if (this.authStrategy != null && tc.isDebugEnabled()) {
                    Tr.debug(tc, "authStrategy name is " + this.authStrategy);
                }
                if (this.loginEntryAlias != null && tc.isDebugEnabled()) {
                    Tr.debug(tc, "loginEntryAlias name is " + this.loginEntryAlias);
                }
                if (this.useProxy != null && tc.isDebugEnabled()) {
                    Tr.debug(tc, "useLoginModuleProxy name is " + this.useProxy.toString());
                }
                if (this.newModule != null && tc.isDebugEnabled()) {
                    Tr.debug(tc, "newModule name is " + this.newModule.toString());
                }
                if (this.modifyModule != null && tc.isDebugEnabled()) {
                    Tr.debug(tc, "modifyModule name is " + this.modifyModule.toString());
                }
                if (this.loginType.equalsIgnoreCase(XSDConstants.SYSTEM_ATTRIBUTE)) {
                    this.type = "systemLoginConfig";
                } else if (this.loginType.equalsIgnoreCase("application")) {
                    this.type = "applicationLoginConfig";
                }
                this.globalSecObj = SecConfigTaskHelper.getSecurityObjectName(this.session, this.configService);
                if (this.loginModule != null) {
                    this.loginModule = this.loginModule.trim();
                }
                if (name.equals("configureJAASLoginEntry") && this.loginEntryAlias != null && !SecConfigTaskHelper.checkForXSSString(this.loginEntryAlias)) {
                    InvalidParameterValueException invalidParameterValueException = new InvalidParameterValueException(name, "loginEntryAlias", this.loginEntryAlias);
                    throw new CommandValidationException(invalidParameterValueException, invalidParameterValueException.getMessage());
                }
                if (this.secDomain == null) {
                    this.secObj = this.globalSecObj;
                } else {
                    if ((name.equals("configureJAASLoginEntry") || name.equals("configureLoginModule") || name.equals("unconfigureJAASLoginEntry") || name.equals("unconfigureLoginModule") || name.equals("unconfigureJAASLogin")) && this.secDomain.equals(CommonConstants.GLOBALSECURITY_DOMAIN)) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.unableToRunCommand.SECJ7810E", new Object[]{name, this.secDomain}));
                    }
                    this.secObj = SecConfigTaskHelper.getSecDomain(this.session, this.configService, this.secDomain);
                    if (this.secObj == null) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.config.does.not.exist.SECJ7702E", new Object[]{this.secDomain}));
                    }
                }
                if (name.equals("configureJAASLoginEntry")) {
                    configureJAASLoginEntry();
                }
                if (name.equals("listJAASLoginEntries")) {
                    taskCommandResultImpl.setResult(listJAASLoginEntries());
                }
                if (name.equals("configureLoginModule")) {
                    taskCommandResultImpl.setResult(configureLoginModule());
                }
                if (name.equals("listLoginModules")) {
                    taskCommandResultImpl.setResult(listLoginModules());
                }
                if (name.equals("unconfigureJAASLoginEntry")) {
                    unconfigureJAASLoginEntry();
                }
                if (name.equals("unconfigureLoginModule")) {
                    unconfigureLoginModule();
                }
                if (name.equals("unconfigureJAASLogin")) {
                    unconfigureJAASLogin();
                }
                if (name.equals("getJAASLoginEntryInfo")) {
                    taskCommandResultImpl.setResult(getJAASLoginEntryInfo());
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "afterStepsExecuted");
                }
            } catch (Throwable th) {
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "afterStepsExecuted");
                }
                throw th;
            }
        } catch (Exception e13) {
            FFDCFilter.processException(e13, "com.ibm.ws.security.commands.securityDomain.ConfigureJAASLogin", "1035");
            Tr.debug(tc, "exception caught", e13);
            taskCommandResultImpl.setException(new CommandValidationException(e13, e13.getMessage()));
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "afterStepsExecuted");
            }
        }
    }
}
