package com.sun.web.security;

import com.sun.enterprise.security.SecurityContext;
import com.sun.enterprise.security.acl.GuardedResource;
import com.sun.enterprise.security.acl.Resource;
import com.sun.enterprise.security.acl.ResourceAccessManager;
import com.sun.enterprise.security.acl.RoleMapper;
import com.sun.enterprise.security.acl.WebResource;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.tomcat.core.Context;
import org.apache.tomcat.core.HttpServletRequestFacade;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/sun/web/security/SecurityHandler.class */
public abstract class SecurityHandler {
    private static final boolean debug = false;
    private ResourceAccessManager accessManager;
    private RoleMapper roleMapper;
    private AccessControlInfo acInfo;
    private Context context;

    /* JADX INFO: Access modifiers changed from: protected */
    public SecurityHandler(Context context) {
        this.context = context;
        this.acInfo = AccessControlInfo.getInstance(context);
        this.accessManager = this.acInfo.getAccessManager();
        this.roleMapper = RoleMapper.getRoleMapper(this.acInfo.getApplicationName());
    }

    public boolean authenticateRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        return true;
    }

    public boolean authorizeRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (!((HttpServletRequestFacade) httpServletRequest).getRealRequest().getLookupPath().toLowerCase().startsWith("/web-inf")) {
            return true;
        }
        httpServletResponse.sendError(403);
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public HttpAuthenticator getAuthenticator(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        FormAuthentication formAuthentication;
        GuardedResource guard = getGuard(httpServletRequest);
        if (initSecurityContext(httpServletRequest, httpServletResponse)) {
            return null;
        }
        if (guard == null) {
            HttpSession session = httpServletRequest.getSession(false);
            if (session == null || (formAuthentication = (FormAuthentication) session.getAttribute(FormAuthentication.AUTH_REALM)) == null) {
                return null;
            }
            FormAuthentication formAuthentication2 = new FormAuthentication(httpServletRequest, httpServletResponse);
            formAuthentication2.setRealm(formAuthentication.getRealm());
            formAuthentication2.setErrorPage(formAuthentication.getErrorPage());
            formAuthentication2.setLoginPage(formAuthentication.getLoginPage());
            session.setAttribute(FormAuthentication.AUTH_REALM, formAuthentication2);
            if (formAuthentication2.shouldAuthenticate()) {
                return formAuthentication2;
            }
            return null;
        }
        ProtectionDomain protectionDomain = this.acInfo.getProtectionDomain(this.context);
        if (protectionDomain.getAuthMethod().equals("BASIC")) {
            BasicAuthentication basicAuthentication = new BasicAuthentication(httpServletRequest, httpServletResponse);
            basicAuthentication.setRealm(protectionDomain.getRealmName());
            return basicAuthentication;
        }
        if (!protectionDomain.getAuthMethod().equals("FORM")) {
            if (protectionDomain.getAuthMethod().equals("CLIENT-CERT")) {
                return new MutualAuthentication(httpServletRequest, httpServletResponse);
            }
            return null;
        }
        FormAuthentication formAuthentication3 = new FormAuthentication(httpServletRequest, httpServletResponse);
        formAuthentication3.setRealm(protectionDomain.getRealmName());
        formAuthentication3.setErrorPage(protectionDomain.getLoginErrorPage());
        formAuthentication3.setLoginPage(protectionDomain.getLoginPage());
        return formAuthentication3;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public GuardedResource getGuard(HttpServletRequest httpServletRequest) {
        GuardedResource guardedResource = this.accessManager.getGuardedResource(getResource(httpServletRequest));
        if (guardedResource == null) {
            guardedResource = this.accessManager.getGuardedResource(new WebResource(this.acInfo.getApplicationName(), httpServletRequest.getRequestURI(), httpServletRequest.getMethod()));
        }
        return guardedResource;
    }

    private Resource getResource(HttpServletRequest httpServletRequest) {
        return new WebResource(this.acInfo.getApplicationName(), httpServletRequest.getRequestURI(), httpServletRequest.getMethod());
    }

    protected ResourceAccessManager getResourceAccessManager() {
        return this.accessManager;
    }

    protected RoleMapper getRoleMapper() {
        return this.roleMapper;
    }

    protected boolean initSecurityContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        SecurityContext securityContext;
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null && (securityContext = (SecurityContext) session.getAttribute(HttpAuthenticator.SECURITY_CONTEXT)) != null) {
            SecurityContext.setCurrent(securityContext);
        }
        SecurityContext.getCurrent();
        return httpServletRequest.getUserPrincipal() != null;
    }
}
