package com.ibm.ISecurityLocalObjectBaseL13Impl;

import com.ibm.CORBA.iiop.ExtendedIORInfo;
import com.ibm.CORBA.iiop.ORB;
import com.ibm.CORBA.iiop.ObjectKey;
import com.ibm.IExtendedSecurityPriv.ComponentData;
import com.ibm.ISecurityUtilityImpl.ObjectList;
import com.ibm.ISecurityUtilityImpl.SecConstants;
import com.ibm.ISecurityUtilityImpl.SecurityMinorCodes;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ffdc.Manager;
import com.ibm.rmi.Profile;
import com.ibm.rmi.pi.IORInfoImpl;
import com.ibm.ws.security.config.CSIv2Config;
import com.ibm.ws.security.config.SecurityObjectLocator;
import com.ibm.ws.security.core.ContextManager;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.security.util.AccessController;
import com.ibm.ws.security.util.MultiDomainHelper;
import com.ibm.ws.util.PlatformHelperFactory;
import java.security.PrivilegedExceptionAction;
import org.omg.CORBA.CompletionStatus;
import org.omg.CORBA.INTERNAL;
import org.omg.CORBA.LocalObject;
import org.omg.CORBA.Object;
import org.omg.CORBA.SystemException;
import org.omg.IOP.TaggedComponent;
import org.omg.PortableInterceptor.IORInfo;
import org.omg.PortableInterceptor.IORInterceptor;
import org.omg.PortableInterceptor.ORBInitInfo;
import org.omg.PortableInterceptor.ORBInitInfoPackage.DuplicateName;
import org.omg.PortableInterceptor.ORBInitializer;

/* loaded from: input_file:wasJars/sas.jar:com/ibm/ISecurityLocalObjectBaseL13Impl/SecurityComponentFactory.class */
public class SecurityComponentFactory extends LocalObject implements ORBInitializer, IORInterceptor {
    private static final long serialVersionUID = 47242221431011068L;
    private static final String ADMIN_CLASS = "adminsec.txt";
    private Object lock = new Object();
    private boolean _attemptingToInitialize = false;
    private ORB _orb = null;
    private SecurityTaggedComponentAssistorImpl[] _assistorList = null;
    private VaultImpl _vault = null;
    private String name = "SecurityIORInterceptor";
    private static final TraceComponent tc = Tr.register(SecurityComponentFactory.class, "SASRas", "com.ibm.ISecurityL13SupportImpl.sec");
    public static ObjectList list = null;

    public SecurityComponentFactory() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "ctor");
        }
    }

    public String name() {
        return this.name;
    }

    public void destroy() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "destroy");
        }
    }

    public void pre_init(ORBInitInfo oRBInitInfo) {
        if (SecurityObjectLocator.getCSIv2Config().getBoolean("com.ibm.CORBA.securityEnabled")) {
            try {
                if (tc.isEntryEnabled()) {
                    Tr.entry(tc, "pre_init");
                }
                oRBInitInfo.add_ior_interceptor(this);
                if (tc.isAuditEnabled()) {
                    Tr.audit(tc, "security.IORInterceptor");
                }
            } catch (DuplicateName e) {
                Manager.Ffdc.log(e, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityComponentFactory.pre_init", "151", this);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Exception occurred adding IORInterceptor.", e);
                }
                if (tc.isAuditEnabled()) {
                    Tr.audit(tc, "Exception occurred adding IORInterceptor.", e);
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "pre_init");
            }
        }
    }

    public void post_init(ORBInitInfo oRBInitInfo) {
        if (SecurityObjectLocator.getCSIv2Config().getBoolean("com.ibm.CORBA.securityEnabled")) {
            if (tc.isEntryEnabled()) {
                Tr.entry(tc, "post_init");
            }
            this._vault = VaultImpl.getInstance();
            if (this._vault != null) {
                this._orb = this._vault.getORB();
                try {
                    this._assistorList = SecurityTaggedComponentAssistorImpl.create(this._orb, this._vault.getMechanismFactory(), this._vault.getSecurityConnectionInterceptor());
                } catch (Exception e) {
                    Manager.Ffdc.log(e, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityComponentFactory.post_init", "202", this);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Java Exception creating SecurityTaggedComponentAssistorImpl.", e);
                    }
                    if (tc.isAuditEnabled()) {
                        Tr.audit(tc, "Java Exception creating SecurityTaggedComponentAssistorImpl.", e);
                    }
                }
                list = new ObjectList(ADMIN_CLASS);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "post_init");
            }
        }
    }

    public static String constructServerName(String str, int i) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "constructServerName", new Object[]{str, new Integer(i)});
        }
        return str.replace('.', '-') + "." + new Integer(i).toString();
    }

    public void establish_components(IORInfo iORInfo) {
        byte[] taggedComponent;
        byte[] taggedComponent2;
        byte[] taggedComponent3;
        String managedNodeUUID;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "establish_components", iORInfo);
        }
        boolean z = false;
        try {
            try {
                ContextManager contextManagerFactory = ContextManagerFactory.getInstance();
                if (!contextManagerFactory.isCellSecurityEnabled()) {
                    if (tc.isEntryEnabled()) {
                        Tr.exit(tc, "Security disabled.");
                    }
                    if (z) {
                        return;
                    } else {
                        return;
                    }
                }
                String str = null;
                if (PlatformHelperFactory.getPlatformHelper().isServantJvm() || PlatformHelperFactory.getPlatformHelper().isCRAJvm()) {
                    if (tc.isEntryEnabled()) {
                        Tr.exit(tc, "Servant JVM, returning from IOR interceptor.");
                    }
                    if (0 != 0) {
                        SecurityObjectLocator.popContext();
                    }
                    if (0 != 0) {
                        CSIServerRIBase.popAdminContext();
                        return;
                    }
                    return;
                }
                try {
                    Profile profile = ((IORInfoImpl) iORInfo).getProfile();
                    if (profile != null) {
                        ObjectKey objectKeyObject = profile.getObjectKeyObject();
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "objectKey: " + objectKeyObject);
                        }
                        if (objectKeyObject != null) {
                            byte[] userKey = objectKeyObject.getUserKey();
                            if (userKey != null) {
                                if (contextManagerFactory != null) {
                                    if (tc.isDebugEnabled()) {
                                        Tr.debug(tc, "User key bytes: " + userKey);
                                    }
                                    str = contextManagerFactory.getObjectAdapterName(userKey);
                                }
                            } else if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "null userKeyBytes");
                            }
                        } else if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "null objectKey");
                        }
                    } else if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "null profile");
                    }
                } catch (Exception e) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "exception trying to get the object adapter name: " + e.getMessage());
                    }
                }
                Object target = ((ExtendedIORInfo) iORInfo).getTarget();
                if (tc.isDebugEnabled()) {
                    if (target != null) {
                        Tr.debug(tc, "Adding tagged components for class name: " + target.getClass().getName());
                    } else {
                        Tr.debug(tc, "Adding tagged components for UNKNOWN class name (getTarget() returned null) .");
                    }
                }
                boolean z2 = false;
                String name = target != null ? target.getClass().getName() : "UKNOWN";
                if (!DomainInfo.isMultiDomainDefined() || MultiDomainHelper.isClassNameAdmin(name) || (str != null && str.startsWith("JTS"))) {
                    z2 = true;
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "The IOR is tagged to be an admin IOR: " + name);
                    }
                }
                boolean pushAdminContext = z2 ? SecurityObjectLocator.pushAdminContext("establish_components") : SecurityObjectLocator.pushAppContext("establish_components");
                if (SecurityObjectLocator.getSecurityConfigManager().isAdminAgent() && (managedNodeUUID = CSIServerRIBase.getManagedNodeUUID(iORInfo)) != null) {
                    z = CSIServerRIBase.pushAdminContext(managedNodeUUID);
                }
                String property = this._orb.getProperty("com.ibm.CORBA.ServerName");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "serverName = " + property);
                }
                CSIv2Config cSIv2Config = SecurityObjectLocator.getCSIv2Config();
                if (!property.equals("nodeagent") && !property.equals("dmgr") && !cSIv2Config.getBoolean("com.ibm.CORBA.serverSecurityEnabled") && !cSIv2Config.getBoolean(CSIv2Config.CLAIM_TRANSPORT_ASSOCIATION_SSL_TLS_REQUIRED)) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Server Security is disabled for managed process, checking to see if admin class.");
                    }
                    if (target != null && !list.find(name)) {
                        if (tc.isEntryEnabled()) {
                            Tr.exit(tc, "Not adding tagged components for user class: " + name);
                        }
                        if (pushAdminContext) {
                            SecurityObjectLocator.popContext();
                        }
                        if (z) {
                            CSIServerRIBase.popAdminContext();
                            return;
                        }
                        return;
                    }
                }
                final com.ibm.CORBA.iiop.Profile profile2 = ((ExtendedIORInfo) iORInfo).getProfile();
                try {
                    taggedComponent = profile2.getTaggedComponent(SecConstants.SECURITY_TAG);
                    taggedComponent2 = profile2.getTaggedComponent(20);
                    taggedComponent3 = profile2.getTaggedComponent(SecConstants.APP_SEC_ENABLED_TAG);
                } catch (Exception e2) {
                    Manager.Ffdc.log(e2, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityComponentFactory.establish_components", "369", this);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Exception occurred accessing IOR tagged profile.", e2);
                    }
                }
                if (taggedComponent != null && taggedComponent2 != null && taggedComponent3 != null) {
                    if (tc.isEntryEnabled()) {
                        Tr.exit(tc, "Tagged components already added.");
                    }
                    if (pushAdminContext) {
                        SecurityObjectLocator.popContext();
                    }
                    if (z) {
                        CSIServerRIBase.popAdminContext();
                        return;
                    }
                    return;
                }
                String str2 = (String) AccessController.doPrivileged(new PrivilegedExceptionAction() { // from class: com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityComponentFactory.1
                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws Exception {
                        return SecurityConnectionInterceptor.getHostfromProfile(profile2);
                    }
                });
                if (str2 == null || str2.trim().length() == 0) {
                    if (tc.isErrorEnabled()) {
                        Tr.error(tc, "security.JSAS0467E");
                    }
                    if (tc.isEntryEnabled()) {
                        Tr.exit(tc, "No host IP addr");
                    }
                    if (pushAdminContext) {
                        SecurityObjectLocator.popContext();
                    }
                    if (z) {
                        CSIServerRIBase.popAdminContext();
                        return;
                    }
                    return;
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "The profile host and port for accessing Assistor are: " + str2 + ":" + profile2.getPort());
                }
                synchronized (this.lock) {
                    if (!this._attemptingToInitialize) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Attempting to initialize.");
                        }
                        try {
                            ComponentData[] componentDataArr = null;
                            if (0 < this._assistorList.length) {
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "Found local tagged component assistor... getting component data.");
                                }
                                if (PlatformHelperFactory.getPlatformHelper().isZOS() && MultiDomainHelper.isConfigDomainSpecific()) {
                                    if (tc.isDebugEnabled()) {
                                        Tr.debug(tc, "The platform is zOS and the config is domain-specific. A partial tag will be created.");
                                    }
                                    componentDataArr = this._assistorList[0].getComponentData(profile2, true, true);
                                } else {
                                    componentDataArr = this._assistorList[0].getComponentData(profile2, z2, false);
                                }
                            }
                            if (componentDataArr != null) {
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "Total number of tagged components: " + componentDataArr.length);
                                }
                                for (int i = 0; i < componentDataArr.length; i++) {
                                    if (componentDataArr[i] != null && componentDataArr[i].componentBodyValue != null) {
                                        if (tc.isDebugEnabled()) {
                                            Tr.debug(tc, "Adding tagged component ID: " + componentDataArr[i].componentID);
                                        }
                                        iORInfo.add_ior_component(new TaggedComponent(componentDataArr[i].componentID, componentDataArr[i].componentBodyValue));
                                    } else if (tc.isDebugEnabled()) {
                                        Tr.debug(tc, "Tagged component array had a null value and was not added to the IOR.");
                                    }
                                }
                            } else if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "No security tagged components applied to IOR during create.");
                            }
                        } catch (Exception e3) {
                            Manager.Ffdc.log(e3, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityComponentFactory.establish_components", "436", this);
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "Exception adding tagged components to IOR.", e3);
                            }
                            throw e3;
                        }
                    } else if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Already initializing.");
                    }
                }
                if (pushAdminContext) {
                    SecurityObjectLocator.popContext();
                }
                if (z) {
                    CSIServerRIBase.popAdminContext();
                }
            } finally {
                if (0 != 0) {
                    SecurityObjectLocator.popContext();
                }
                if (0 != 0) {
                    CSIServerRIBase.popAdminContext();
                }
            }
        } catch (Exception e4) {
            Manager.Ffdc.log(e4, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.SecurityComponentFactory.establish_components", "508", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception in establish_components.", e4);
            }
            if (!(e4 instanceof SystemException)) {
                throw new INTERNAL("Exception adding tagged components to IOR, extended message: " + e4.getMessage(), SecurityMinorCodes.TAG_COMPONENT_FORMAT_ERROR, CompletionStatus.COMPLETED_NO);
            }
            throw e4;
        }
    }
}
