package com.ibm.ISecurityLocalObjectBaseL13Impl;

import com.ibm.CORBA.iiop.ExtendedORBInitInfo;
import com.ibm.CORBA.iiop.ExtendedServerRequestInfo;
import com.ibm.CORBA.iiop.ORB;
import com.ibm.CORBA.iiop.ObjectKey;
import com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.ServerConnectionKey;
import com.ibm.ISecurityLocalObjectCSIv2UtilityImpl.SessionEntry;
import com.ibm.ISecurityUtilityImpl.AuditData;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ffdc.Manager;
import com.ibm.websphere.management.application.AppConstants;
import com.ibm.websphere.security.ProviderFailureException;
import com.ibm.ws.orb.transport.ConnectionData;
import com.ibm.ws.orb.transport.ServerConnectionData;
import com.ibm.ws.orbimpl.transport.ConnectionInformationImpl;
import com.ibm.ws.security.audit.utils.DataHelper;
import com.ibm.ws.security.config.CSIv2Config;
import com.ibm.ws.security.config.SecurityObjectLocator;
import com.ibm.ws.security.core.ContextManager;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.security.orbssl.SSLServerConnectionDataImpl;
import com.ibm.ws.security.util.MultiDomainHelper;
import com.ibm.wsspi.security.audit.AuditOutcome;
import com.ibm.wsspi.security.audit.ContextHandler;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Map;
import org.omg.CORBA.Object;
import org.omg.CSI.EstablishContext;
import org.omg.CSI.IdentityToken;
import org.omg.CSI.SASContextBody;
import org.omg.PortableInterceptor.ForwardRequest;
import org.omg.PortableInterceptor.ORBInitInfo;
import org.omg.PortableInterceptor.ServerRequestInfo;

/* loaded from: input_file:wasJars/sas.jar:com/ibm/ISecurityLocalObjectBaseL13Impl/CSIServerRI.class */
public class CSIServerRI extends CSIServerRIBase {
    private static final TraceComponent tc = Tr.register(CSIServerRI.class, "SASRas", "com.ibm.ISecurityL13SupportImpl.sec");
    private String princ = null;
    private static Class controlAdminServiceClz;
    private static Class rirProxyClz;

    @Override // com.ibm.ISecurityLocalObjectBaseL13Impl.CSIServerRIBase, com.ibm.ISecurityLocalObjectBaseL13Impl.CSIORBInit
    public void pre_init(ORBInitInfo oRBInitInfo) {
        super.pre_init(oRBInitInfo);
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "pre_init", new Object[]{oRBInitInfo, this});
        }
        if (SecurityObjectLocator.getCSIv2Config().getBoolean("com.ibm.CORBA.securityEnabled")) {
            Tr.audit(tc, "security.ServerCSI");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Register server request interceptor.");
            }
            try {
                this.slotid = oRBInitInfo.allocate_slot_id();
                ((ExtendedORBInitInfo) oRBInitInfo).add_server_request_interceptor(this, false);
            } catch (Exception e) {
                Manager.Ffdc.log(e, this, "com.ibm.ISecurityLocalObjectBaseL13Impl.CSIServerRI.pre_init", "264", this);
                Tr.error(tc, "security.JSAS0488E", new Object[]{e});
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "pre_init");
        }
    }

    @Override // com.ibm.ISecurityLocalObjectBaseL13Impl.CSIServerRIBase, com.ibm.ISecurityLocalObjectBaseL13Impl.CSIORBInit
    public void post_init(ORBInitInfo oRBInitInfo) {
        super.post_init(oRBInitInfo);
    }

    @Override // com.ibm.ISecurityLocalObjectBaseL13Impl.CSIServerRIBase
    public void receive_request_service_contexts(ServerRequestInfo serverRequestInfo) throws ForwardRequest {
    }

    @Override // com.ibm.ISecurityLocalObjectBaseL13Impl.CSIServerRIBase
    public void receive_request(ServerRequestInfo serverRequestInfo) throws ForwardRequest {
        ConnectionData sSLServerConnectionDataImpl;
        SessionEntry sessionEntry;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "receive_request", new Object[]{serverRequestInfo, this});
        }
        long j = 0;
        String managedNodeUUID = getManagedNodeUUID(serverRequestInfo);
        boolean z = false;
        boolean z2 = false;
        try {
            z = pushAdminContext(managedNodeUUID);
            CSIv2Config cSIv2Config = SecurityObjectLocator.getCSIv2Config();
            ContextManager contextManagerFactory = ContextManagerFactory.getInstance();
            try {
                if (contextManagerFactory.isPMIEnabled()) {
                    j = System.currentTimeMillis();
                    contextManagerFactory.pmiCountStatistic("RMIAuthCount");
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "receive_request *** setting security thread local ***");
                }
                Object target = ((ExtendedServerRequestInfo) serverRequestInfo).getTarget();
                String name = target != null ? target.getClass().getName() : "<unknown>";
                String iORInfoDomain = MultiDomainHelper.getIORInfoDomain(serverRequestInfo, name);
                if (iORInfoDomain.equalsIgnoreCase("admin")) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "receive_request pushing null");
                    }
                    z2 = SecurityObjectLocator.pushAdminContext();
                } else if (iORInfoDomain.equalsIgnoreCase(AppConstants.APPUPDATE_CONTENT_APP)) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "receive_request pushing app name" + name);
                    }
                    z2 = SecurityObjectLocator.pushAppContext(name);
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "receive_request userKeyBytes is null: cannot set thread local context");
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "*** RECEIVING REQUEST ***");
                    entry(serverRequestInfo, "receive_request");
                }
                if (qualifyServerRequest(serverRequestInfo)) {
                    if (tc.isEntryEnabled()) {
                        Tr.exit(tc, "receive_request");
                    }
                    if (contextManagerFactory.isPMIEnabled()) {
                        contextManagerFactory.pmiTimeStatistic("RMIAuthTime", System.currentTimeMillis() - j);
                    }
                    if (z2) {
                        SecurityObjectLocator.popContext();
                    }
                    if (z) {
                        popAdminContext();
                        return;
                    }
                    return;
                }
                String str = null;
                ConnectionInformationImpl connectionInformationImpl = (ConnectionInformationImpl) ((ExtendedServerRequestInfo) serverRequestInfo).getConnectionData();
                if (connectionInformationImpl != null) {
                    sSLServerConnectionDataImpl = (ConnectionData) connectionInformationImpl.getConnectionData();
                    if (!(sSLServerConnectionDataImpl instanceof ServerConnectionData)) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Callback method. Return from interceptor.");
                        }
                        if (tc.isEntryEnabled()) {
                            Tr.exit(tc, "receive_request");
                        }
                        if (contextManagerFactory.isPMIEnabled()) {
                            contextManagerFactory.pmiTimeStatistic("RMIAuthTime", System.currentTimeMillis() - j);
                        }
                        if (z2) {
                            SecurityObjectLocator.popContext();
                        }
                        if (z) {
                            popAdminContext();
                            return;
                        }
                        return;
                    }
                } else {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Connection info not present on local connection, creating connection info");
                    }
                    sSLServerConnectionDataImpl = new SSLServerConnectionDataImpl();
                    sSLServerConnectionDataImpl.setConnectionKey("LOCAL_CONNECTION");
                    sSLServerConnectionDataImpl.setConnectionType(3L);
                    connectionInformationImpl = new ConnectionInformationImpl(sSLServerConnectionDataImpl, null, System.currentTimeMillis(), "LOCAL_CONNECTION", 0);
                }
                CurrentImpl current = this.myVault.getCurrent();
                if (((ExtendedServerRequestInfo) serverRequestInfo).getTarget() != null) {
                    name = ((ExtendedServerRequestInfo) serverRequestInfo).getTarget().getClass().getName();
                }
                SASContextBody cSIv2MessageFromServiceContext = getCSIv2MessageFromServiceContext(serverRequestInfo);
                X509Certificate[] clientX509Certificate = connectionInformationImpl.getClientX509Certificate();
                boolean z3 = cSIv2Config.getBoolean("com.ibm.CSI.neverUseClientCertificateForCallerLogin");
                if (z3) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Client certificate not considered for login.");
                    }
                } else if (cSIv2Config.getBoolean("com.ibm.CORBA.serverSecurityEnabled")) {
                    if (clientX509Certificate != null && clientX509Certificate[0] != null) {
                        str = clientX509Certificate[0].getSubjectDN().getName();
                    }
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Server security enabled, getting transport principal (if present): " + name);
                    }
                } else if (SecurityComponentFactory.list != null && SecurityComponentFactory.list.find(name)) {
                    if (clientX509Certificate != null && clientX509Certificate[0] != null) {
                        str = clientX509Certificate[0].getSubjectDN().getName();
                    }
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Server security disabled, getting transport principal (if present) for class_name " + name + ": " + str);
                    }
                }
                AuditData initializeAuditService = initializeAuditService(serverRequestInfo.operation(), connectionInformationImpl.getRemoteHost(), connectionInformationImpl.getRemotePort(), str);
                if (!verifySecurityInfoIsSufficientToContinue(clientX509Certificate, cSIv2MessageFromServiceContext, null, connectionInformationImpl.getRemoteHost(), connectionInformationImpl.getRemotePort(), name, serverRequestInfo.operation(), initializeAuditService)) {
                    current.clear_requestor_context();
                    if (tc.isEntryEnabled()) {
                        Tr.exit(tc, "receive_request");
                    }
                    if (contextManagerFactory.isPMIEnabled()) {
                        contextManagerFactory.pmiTimeStatistic("RMIAuthTime", System.currentTimeMillis() - j);
                    }
                    if (z2) {
                        SecurityObjectLocator.popContext();
                    }
                    if (z) {
                        popAdminContext();
                        return;
                    }
                    return;
                }
                byte[] bArr = null;
                boolean z4 = false;
                long j2 = 0;
                ServerConnectionKey serverConnectionKey = null;
                SecurityContextImpl securityContextImpl = this.csiUtil.get_security_context_impl("", "");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "*** GET J2EE APPLICATION NAME ***");
                }
                ObjectKey objectKey = new ObjectKey(serverRequestInfo.object_id());
                byte[] bArr2 = null;
                if (objectKey != null) {
                    bArr2 = objectKey.getUserKey();
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "objectKey is null;  object_id was " + new String(serverRequestInfo.object_id()));
                }
                Map j2EEName = getJ2EEName(bArr2);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "*** BEGIN STATEFUL CODE ***");
                }
                if (cSIv2Config.getBoolean(CSIv2Config.CLAIM_STATEFUL)) {
                    serverConnectionKey = new ServerConnectionKey(connectionInformationImpl.getConnectionCreationTime(), connectionInformationImpl.getRemoteHost(), connectionInformationImpl.getRemotePort());
                    sessionEntry = handleStatefulContext(cSIv2MessageFromServiceContext, clientX509Certificate, initializeAuditService, connectionInformationImpl.getRemoteHost(), connectionInformationImpl.getRemotePort(), serverConnectionKey, securityContextImpl, j2EEName);
                    if (sessionEntry == null) {
                        if (tc.isEntryEnabled()) {
                            Tr.exit(tc, "receive_request");
                        }
                        if (contextManagerFactory.isPMIEnabled()) {
                            contextManagerFactory.pmiTimeStatistic("RMIAuthTime", System.currentTimeMillis() - j);
                        }
                        if (z2) {
                            SecurityObjectLocator.popContext();
                        }
                        if (z) {
                            popAdminContext();
                            return;
                        }
                        return;
                    }
                    if (SecurityObjectLocator.getSecurityConfigManager().isAdminAgent() && managedNodeUUID != null && managedNodeUUID.length() > 0) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Admin Agent session managed node uuid: " + managedNodeUUID);
                        }
                        sessionEntry.set_managed_node_uuid(managedNodeUUID);
                    }
                    j2 = sessionEntry.get_client_context_id();
                    if (sessionEntry.get_renegotiate_to_stateless()) {
                        j2 = 0;
                        sessionEntry.reset_renegotiate_to_stateless();
                    }
                } else {
                    sessionEntry = new SessionEntry(0L);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "*** BEGIN AUTHENTICATION CODE ***");
                }
                if (cSIv2MessageFromServiceContext != null) {
                    if (cSIv2MessageFromServiceContext.discriminator() == 0) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "*** MTEstablishContext ***");
                        }
                    } else if (cSIv2MessageFromServiceContext.discriminator() == 5) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "*** MTMessageInContext ***");
                        }
                    } else if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "*** other message type ***");
                    }
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "*** msg == null ***");
                }
                if (cSIv2MessageFromServiceContext != null && cSIv2MessageFromServiceContext.discriminator() == 0) {
                    EstablishContext establish_msg = cSIv2MessageFromServiceContext.establish_msg();
                    this.csiUtil.print_ec_message(establish_msg, "receive_request");
                    IdentityToken identityToken = establish_msg.identity_token;
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "identity token present: " + (identityToken.discriminator() != 0) + ", client_authentication_token present: " + (establish_msg.client_authentication_token != null && establish_msg.client_authentication_token.length > 0) + ", certificate chain present: " + (clientX509Certificate != null));
                    }
                    securityContextImpl = getSecurityContext(establish_msg, initializeAuditService, sSLServerConnectionDataImpl, sessionEntry, j2, serverConnectionKey);
                    if (identityToken.discriminator() != 0 && identityToken.discriminator() != 1) {
                        bArr = processIdentityToken(establish_msg, identityToken, initializeAuditService, sessionEntry, j2, serverConnectionKey, securityContextImpl, clientX509Certificate, str);
                        sessionEntry.set_in_token(bArr);
                        sessionEntry.set_identity_assertion_type(securityContextImpl.getIdentityName());
                        sessionEntry.set_identity_assertion_data(securityContextImpl.getIdentityValue());
                    } else {
                        if (establish_msg.client_authentication_token == null || establish_msg.client_authentication_token.length <= 0 || identityToken.discriminator() == 1) {
                            processUnauthenticated(initializeAuditService, securityContextImpl, sessionEntry, j2, serverConnectionKey);
                            if (tc.isEntryEnabled()) {
                                Tr.exit(tc, "receive_request");
                            }
                            if (contextManagerFactory.isPMIEnabled()) {
                                contextManagerFactory.pmiTimeStatistic("RMIAuthTime", System.currentTimeMillis() - j);
                            }
                            if (z2) {
                                SecurityObjectLocator.popContext();
                            }
                            if (z) {
                                popAdminContext();
                                return;
                            }
                            return;
                        }
                        bArr = processClientAuthToken(establish_msg, initializeAuditService, securityContextImpl);
                        sessionEntry.set_in_token(bArr);
                        sessionEntry.set_identity_assertion_type(securityContextImpl.getIdentityName());
                        sessionEntry.set_identity_assertion_data(securityContextImpl.getIdentityValue());
                    }
                    handlePropagationToken(establish_msg, sessionEntry, initializeAuditService);
                } else {
                    if (z3) {
                        if (tc.isEntryEnabled()) {
                            Tr.exit(tc, "receive_request there is no identity to process, returning from receive_request.");
                        }
                        if (contextManagerFactory.isPMIEnabled()) {
                            contextManagerFactory.pmiTimeStatistic("RMIAuthTime", System.currentTimeMillis() - j);
                        }
                        if (z2) {
                            SecurityObjectLocator.popContext();
                        }
                        if (z) {
                            popAdminContext();
                            return;
                        }
                        return;
                    }
                    if (clientX509Certificate == null || clientX509Certificate.length <= 0) {
                        processInvalidMessage(initializeAuditService, sessionEntry, j2, serverConnectionKey);
                    } else {
                        processCertificateChain(clientX509Certificate, str, initializeAuditService, securityContextImpl, sessionEntry, j2, serverConnectionKey);
                        z4 = true;
                    }
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "*** Authentication ***");
                }
                finishSessionProcessing(securityContextImpl, authenticateSecurityTokens(bArr, clientX509Certificate, initializeAuditService, securityContextImpl, sessionEntry, j2, serverConnectionKey, connectionInformationImpl.getRemoteHost(), connectionInformationImpl.getRemotePort(), j2EEName), sessionEntry, j2, serverConnectionKey, z4, j2EEName);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "*** BEGIN PREINVOKE ***");
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "receive_request");
                }
                ContextHandler contextHandler = null;
                if (auditService != null) {
                    contextHandler = auditService.getContextHandler();
                    if (contextHandler == null) {
                        Tr.error(tc, "security.audit.service.context.error");
                        auditService.processAuditFailure("security.audit.service.context.error", null);
                    }
                }
                if (auditService != null && auditService.isEventRequired("SECURITY_AUTHN", "SUCCESS")) {
                    if (initializeAuditService == null || initializeAuditService.getReceivedSubject() == null) {
                        this.princ = null;
                    } else {
                        this.princ = ((Principal) initializeAuditService.getReceivedSubject().getPrincipals().toArray()[0]).getName();
                    }
                    contextHandler.buildContextObject("SESSION_CONTEXT", DataHelper.buildSessionData(new Long(initializeAuditService.getStatefulContextId()).toString(), null, initializeAuditService.getRemoteHost(), new Integer(initializeAuditService.getRemotePort()).toString()));
                    contextHandler.buildContextObject("ACCESS_CONTEXT", DataHelper.buildAccessData("WebSphere", initializeAuditService.getOperation(), this.princ, initializeAuditService.getTransportPrincipal(), "authnSuccess", initializeAuditService.getOperation(), "ORB", new Long(0L), null, null, null, null));
                    contextHandler.buildContextObject("EVENT_CONTEXT", DataHelper.buildEventData(auditService.getLastTrailId(), auditService.getEventTrailIds(), new Date(), new Long(0L).longValue()));
                    contextHandler.buildContextObject("PROPAGATION_CONTEXT", DataHelper.buildPropagationData(auditService.getFirstCaller(), auditService.getCallerList()));
                    contextHandler.buildContextObject("PROCESS_CONTEXT", DataHelper.buildProcessData(auditService.getDomain(), auditService.getRealm()));
                    contextHandler.buildContextObject("REGISTRY_CONTEXT", DataHelper.buildRegistryData(DataHelper.convertRegistryInfoType(this.activeUserRegistry)));
                    contextHandler.buildContextObject("AUTHN_CONTEXT", DataHelper.buildAuthnData("challengeResponse"));
                    contextHandler.buildContextObject("AUTHN_PROVIDER_CONTEXT", DataHelper.buildProviderData(initializeAuditService.getProviderName(), new Boolean(initializeAuditService.getProviderSuccessful()).toString()));
                    this.auditOutcome = DataHelper.buildOutcomeData(AuditOutcome.SUCCESSFUL, new Integer(0), new Integer(0), "SUCCESS", 5L);
                    try {
                        auditService.sendEvent("SECURITY_AUTHN", this.auditOutcome);
                    } catch (ProviderFailureException e) {
                        Tr.error(tc, "security.JSAS1503E", new Object[]{e});
                        auditService.processAuditFailure("security.audit.service.sendevent.error", e);
                    }
                }
                if (contextManagerFactory.isPMIEnabled()) {
                    contextManagerFactory.pmiTimeStatistic("RMIAuthTime", System.currentTimeMillis() - j);
                }
                if (z2) {
                    SecurityObjectLocator.popContext();
                }
                if (z) {
                    popAdminContext();
                }
            } catch (Throwable th) {
                if (contextManagerFactory.isPMIEnabled()) {
                    contextManagerFactory.pmiTimeStatistic("RMIAuthTime", System.currentTimeMillis() - 0);
                }
                throw th;
            }
        } catch (Throwable th2) {
            if (0 != 0) {
                SecurityObjectLocator.popContext();
            }
            if (z) {
                popAdminContext();
            }
            throw th2;
        }
    }

    @Override // com.ibm.ISecurityLocalObjectBaseL13Impl.CSIServerRIBase
    public void send_reply(ServerRequestInfo serverRequestInfo) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "send_reply", new Object[]{serverRequestInfo, this});
        }
        if (tc.isDebugEnabled()) {
            entry(serverRequestInfo, "send_reply");
        }
        try {
            boolean pushAdminContext = pushAdminContext(getManagedNodeUUID(serverRequestInfo));
            SecurityObjectLocator.popContext();
            CSIv2Config cSIv2Config = SecurityObjectLocator.getCSIv2Config();
            if (is_local_server_request(serverRequestInfo)) {
                send_reply_local(serverRequestInfo);
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "send_reply");
                }
                if (pushAdminContext) {
                    popAdminContext();
                    return;
                }
                return;
            }
            String name = ((ExtendedServerRequestInfo) serverRequestInfo).getTarget() != null ? ((ExtendedServerRequestInfo) serverRequestInfo).getTarget().getClass().getName() : "<unknown>";
            if (SecurityConnectionInterceptor.isSpecialNamingMethod(serverRequestInfo.operation(), name) || SecurityConnectionInterceptor.isSpecialSSLRequiredNamingMethod(serverRequestInfo.operation(), name) || (ORB.isSpecialMethod(serverRequestInfo.operation()) && !this.csiUtil.isCORBAAuthRequired())) {
                this.csiUtil.getCurrent().clear_requestor_context();
                Tr.debug(tc, "Special naming method or other corba special method. Return from interceptor.");
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "send_reply");
                }
                if (pushAdminContext) {
                    popAdminContext();
                    return;
                }
                return;
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "*** END POSTINVOKE ***");
            }
            SecurityContextImpl securityContext = this.csiUtil.getCurrent().getSecurityContext();
            this.csiUtil.getCurrent().setSecurityContext((SecurityContextImpl) null);
            if (securityContext != null) {
                securityContext.csi_server_preprotect(serverRequestInfo, securityContext);
                if (securityContext.get_discard_context()) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Discarding context per request.  SESSION_REJECTED for future requests.");
                    }
                    long csi_get_context_id_from_service_context = this.sessionMgr.csi_get_context_id_from_service_context(securityContext);
                    ServerConnectionKey serverConnectionKey = securityContext.get_server_conn_key();
                    if (cSIv2Config.getBoolean(CSIv2Config.CLAIM_STATEFUL) && csi_get_context_id_from_service_context != 0 && serverConnectionKey != null) {
                        this.sessionMgr.csi_server_session_status_update(csi_get_context_id_from_service_context, serverConnectionKey, 7);
                    }
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Could not get security context in send_reply.  May be unprotected request.");
            }
            this.csiUtil.getCurrent().clear_requestor_context();
            if (pushAdminContext) {
                popAdminContext();
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "*** SENDING REPLY ***");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "send_reply");
            }
        } catch (Throwable th) {
            if (0 != 0) {
                popAdminContext();
            }
            throw th;
        }
    }

    public void send_reply_local(ServerRequestInfo serverRequestInfo) {
    }

    @Override // com.ibm.ISecurityLocalObjectBaseL13Impl.CSIServerRIBase
    public void send_exception(ServerRequestInfo serverRequestInfo) throws ForwardRequest {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "send_exception", new Object[]{serverRequestInfo, this});
        }
        if (tc.isDebugEnabled()) {
            entry(serverRequestInfo, "send_exception");
        }
        try {
            boolean pushAdminContext = pushAdminContext(getManagedNodeUUID(serverRequestInfo));
            SecurityObjectLocator.popContext();
            if (is_local_server_request(serverRequestInfo)) {
                send_exception_local(serverRequestInfo);
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "send_exception");
                }
                if (pushAdminContext) {
                    popAdminContext();
                    return;
                }
                return;
            }
            String name = ((ExtendedServerRequestInfo) serverRequestInfo).getTarget() != null ? ((ExtendedServerRequestInfo) serverRequestInfo).getTarget().getClass().getName() : "<unknown>";
            if (SecurityConnectionInterceptor.isSpecialNamingMethod(serverRequestInfo.operation(), name) || SecurityConnectionInterceptor.isSpecialSSLRequiredNamingMethod(serverRequestInfo.operation(), name) || (ORB.isSpecialMethod(serverRequestInfo.operation()) && !this.csiUtil.isCORBAAuthRequired())) {
                this.csiUtil.getCurrent().clear_requestor_context();
                Tr.debug(tc, "Special naming method or other corba special method. Return from interceptor.");
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "send_exception");
                }
                if (pushAdminContext) {
                    popAdminContext();
                    return;
                }
                return;
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "*** END POSTINVOKE ***");
            }
            SecurityContextImpl securityContext = this.csiUtil.getCurrent().getSecurityContext();
            this.csiUtil.getCurrent().setSecurityContext((SecurityContextImpl) null);
            String read_detailed_message = this.csiUtil.read_detailed_message(serverRequestInfo);
            if (!read_detailed_message.equals("")) {
                Tr.debug(tc, "The following exception occurred on the server, sending context error back to client: " + read_detailed_message);
            }
            if (securityContext != null) {
                securityContext.csi_server_preprotect(serverRequestInfo, securityContext);
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Could not get security context in send_exception.  May be unprotected request.");
            }
            this.csiUtil.getCurrent().clear_requestor_context();
            if (pushAdminContext) {
                popAdminContext();
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "*** SENDING EXCEPTION ***");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "send_exception");
            }
        } catch (Throwable th) {
            if (0 != 0) {
                popAdminContext();
            }
            throw th;
        }
    }

    public void send_exception_local(ServerRequestInfo serverRequestInfo) throws ForwardRequest {
    }

    @Override // com.ibm.ISecurityLocalObjectBaseL13Impl.CSIServerRIBase
    public void send_other(ServerRequestInfo serverRequestInfo) throws ForwardRequest {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "send_other", new Object[]{serverRequestInfo, this});
        }
        if (tc.isDebugEnabled()) {
            entry(serverRequestInfo, "send_other");
        }
        try {
            boolean pushAdminContext = pushAdminContext(getManagedNodeUUID(serverRequestInfo));
            SecurityObjectLocator.popContext();
            if (is_local_server_request(serverRequestInfo)) {
                send_other_local(serverRequestInfo);
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "send_other");
                }
                if (pushAdminContext) {
                    popAdminContext();
                    return;
                }
                return;
            }
            String name = ((ExtendedServerRequestInfo) serverRequestInfo).getTarget() != null ? ((ExtendedServerRequestInfo) serverRequestInfo).getTarget().getClass().getName() : "<unknown>";
            if (SecurityConnectionInterceptor.isSpecialNamingMethod(serverRequestInfo.operation(), name) || SecurityConnectionInterceptor.isSpecialSSLRequiredNamingMethod(serverRequestInfo.operation(), name) || (ORB.isSpecialMethod(serverRequestInfo.operation()) && !this.csiUtil.isCORBAAuthRequired())) {
                Tr.debug(tc, "Special naming method.");
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "send_other");
                }
                if (pushAdminContext) {
                    popAdminContext();
                    return;
                }
                return;
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "*** END POSTINVOKE ***");
            }
            SecurityContextImpl securityContext = this.csiUtil.getCurrent().getSecurityContext();
            this.csiUtil.getCurrent().setSecurityContext((SecurityContextImpl) null);
            if (securityContext != null) {
                securityContext.csi_server_preprotect(serverRequestInfo, securityContext);
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Could not get security context in send_other.  May be unprotected request.");
            }
            this.csiUtil.getCurrent().clear_requestor_context();
            if (pushAdminContext) {
                popAdminContext();
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "*** SENDING OTHER ***");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "send_other");
            }
        } catch (Throwable th) {
            if (0 != 0) {
                popAdminContext();
            }
            throw th;
        }
    }

    public void send_other_local(ServerRequestInfo serverRequestInfo) throws ForwardRequest {
    }

    public void entry(ServerRequestInfo serverRequestInfo, String str) {
        StringBuffer stringBuffer = new StringBuffer(100);
        String name = ((ExtendedServerRequestInfo) serverRequestInfo).getTarget() != null ? ((ExtendedServerRequestInfo) serverRequestInfo).getTarget().getClass().getName() : "<unknown>";
        if (name != null) {
            stringBuffer.append("Request_id: ").append(serverRequestInfo.request_id()).append(", class: ").append(name).append(", operation: ").append(serverRequestInfo.operation());
        } else {
            stringBuffer.append("Enter... request_id: ").append(serverRequestInfo.request_id()).append(", operation: ").append(serverRequestInfo.operation());
        }
        Tr.debug(tc, stringBuffer.toString());
    }

    static {
        controlAdminServiceClz = null;
        rirProxyClz = null;
        try {
            controlAdminServiceClz = Class.forName("com.ibm.ws.management.ControlAdminService");
            rirProxyClz = Class.forName("com.ibm.ws390.orb.RIRProtectedProxyHandler");
        } catch (Throwable th) {
        }
    }
}
