package com.sun.server.security;

import com.sun.server.realm.NoSuchUserException;
import com.sun.server.realm.Realm;
import com.sun.server.realm.User;
import com.sun.server.realm.certificate.CertificateRealm;
import java.security.Principal;
import java.security.acl.Acl;
import java.security.acl.Permission;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.StringTokenizer;
import java.util.Vector;
import sun.security.acl.PermissionImpl;
import sun.security.x509.X509Cert;

/* loaded from: input_file:com/sun/server/security/ServletAclInfo.class */
public class ServletAclInfo {
    public static final Permission P_LOAD = new PermissionImpl("LOAD");
    public static final Permission P_FILEREAD = new PermissionImpl("FILEREAD");
    public static final Permission P_FILEWRITE = new PermissionImpl("FILEWRITE");
    public static final Permission P_SOCKETCONNECT = new PermissionImpl("SOCKETCONNECT");
    public static final Permission P_SOCKETLISTEN = new PermissionImpl("SOCKETLISTEN");
    public static final Permission P_EXEC = new PermissionImpl("EXEC");
    public static final Permission P_LINK = new PermissionImpl("LINK");
    public static final Permission P_PROPACCESS = new PermissionImpl("PROPACCESS");
    public static final Hashtable Perm = new Hashtable();
    public static final String[] PermName = {"LOAD", "FILEREAD", "FILEWRITE", "SOCKETCONNECT", "SOCKETLISTEN", "EXEC", "LINK", "PROPACCESS"};
    public static final String[] PermDescr = {"Load servlet", "Read files", "Write files", "Open remote socket", "Listen to socket", "Execute programs", "Link libraries", "Access system properties"};
    private static final String REALMNAME = "servletMgrRealm";
    private static final String ACLNAME = "servletAcl";
    private static final String OWNER = "admin";
    private static final String ACL_PROPERTY_GROUP = "acl";
    private Acl servletAcl;
    private CertificateRealm realm;
    private Principal owner;
    private boolean enable;

    public ServletAclInfo(boolean z) {
        this.enable = z;
        try {
            this.realm = (CertificateRealm) Realm.get(REALMNAME);
            this.owner = this.realm.getUser(OWNER);
        } catch (Exception unused) {
        }
    }

    void updateEnable(boolean z) {
        this.enable = z;
    }

    public boolean checkAccess(X509Cert x509Cert, Permission permission) {
        if (!this.enable) {
            return true;
        }
        if (x509Cert == null) {
            return checkAccess("unsigned", permission);
        }
        try {
            User user = this.realm.getUser(x509Cert);
            if (user != null) {
                return checkAccess(user, permission);
            }
            p("User null");
            return false;
        } catch (NoSuchUserException unused) {
            return false;
        }
    }

    public boolean checkAccess(String str, Permission permission) {
        if (!this.enable) {
            return true;
        }
        p(new StringBuffer("Checking access of ").append(str).append(" for ").append(permission.toString()).toString());
        try {
            return checkAccess(this.realm.getUser(str), permission);
        } catch (NoSuchUserException unused) {
            return false;
        }
    }

    private boolean checkAccess(User user, Permission permission) {
        p(new StringBuffer("Checking access of ").append(user).append(" for ").append(permission.toString()).toString());
        try {
            this.servletAcl = this.realm.getAcl(ACLNAME);
            return this.servletAcl.checkPermission(user, permission);
        } catch (Exception e) {
            e.printStackTrace(System.err);
            return false;
        }
    }

    public Enumeration listAcls() {
        try {
            this.servletAcl = this.realm.getAcl(ACLNAME);
            StringTokenizer stringTokenizer = new StringTokenizer(this.servletAcl.toString(), "\n");
            Vector vector = new Vector();
            while (stringTokenizer.hasMoreTokens()) {
                vector.addElement(stringTokenizer.nextToken());
            }
            return vector.elements();
        } catch (Exception e) {
            e.printStackTrace(System.err);
            return null;
        }
    }

    public static String[] getPermissionDescriptions() {
        String[] strArr = new String[PermDescr.length];
        System.arraycopy(PermDescr, 0, strArr, 0, PermDescr.length);
        return strArr;
    }

    public static String[] getPermissionNames() {
        String[] strArr = new String[PermName.length];
        System.arraycopy(PermName, 0, strArr, 0, PermName.length);
        return strArr;
    }

    private void p(String str) {
    }

    static {
        Perm.put("LOAD", P_LOAD);
        Perm.put("FILEREAD", P_FILEREAD);
        Perm.put("FILEWRITE", P_FILEWRITE);
        Perm.put("SOCKETCONNECT", P_SOCKETCONNECT);
        Perm.put("SOCKETLISTEN", P_SOCKETLISTEN);
        Perm.put("EXEC", P_EXEC);
        Perm.put("LINK", P_LINK);
        Perm.put("PROPACCESS", P_PROPACCESS);
    }
}
