package com.ibm.ws.security.admintask.securityDomain;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.AdminClient;
import com.ibm.websphere.management.AdminServiceFactory;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.provider.AbstractAdminCommand;
import com.ibm.websphere.management.cmdframework.provider.SimpleCommandProvider;
import com.ibm.websphere.management.configservice.ConfigDataId;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.management.configservice.SystemAttributes;
import com.ibm.websphere.models.config.ipc.ssl.SecureSocketLayer;
import com.ibm.websphere.security.CustomRegistryException;
import com.ibm.websphere.security.Result;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.management.cmdframework.impl.CommandSecurityUtil;
import com.ibm.ws.management.touchpoint.common.Constants;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.ws.security.config.SearchFilterConfig;
import com.ibm.ws.security.config.UserRegistryConfig;
import com.ibm.ws.security.config.securitydomain.SecDomainHelper;
import com.ibm.ws.security.profiletask.MessageFormatHelper;
import com.ibm.ws.security.registry.UserRegistryImpl;
import com.ibm.ws.security.securitydomain.DomainCheckerExtensionsProcessor;
import com.ibm.ws.security.securitydomain.ServerProcessNotFoundException;
import com.ibm.ws.security.util.ConfigUtils;
import com.ibm.ws.sm.workspace.impl.WorkSpaceConstant;
import com.ibm.ws.ssl.config.SSLConfig;
import com.ibm.ws.ssl.config.SSLConfigManager;
import com.ibm.ws.util.PlatformHelperFactory;
import com.ibm.ws.wlm.admin.ClusterConfigCommandProvider;
import java.rmi.RemoteException;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Properties;
import java.util.ResourceBundle;
import javax.management.Attribute;
import javax.management.AttributeList;
import javax.management.ObjectName;

/* loaded from: input_file:wasJars/securityimpl.jar:com/ibm/ws/security/admintask/securityDomain/SecurityRealmProvider.class */
public class SecurityRealmProvider extends SimpleCommandProvider {
    private static TraceComponent tc = Tr.register(SecurityRealmProvider.class, "security", "com.ibm.ws.security.admintask.securityDomain");
    private static String BUNDLE_NAME = "com.ibm.ejs.resources.security";
    private static ResourceBundle resBundle = ResourceBundle.getBundle(BUNDLE_NAME, Locale.getDefault());

    private String getMsg(ResourceBundle resourceBundle, String str, Object[] objArr) {
        return MessageFormatHelper.getFormattedMessage(resourceBundle, str, objArr);
    }

    public List listSecurityRealms(AbstractAdminCommand abstractAdminCommand) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "listSecurityRealms");
        }
        new ArrayList();
        try {
            try {
                ConfigService configService = getCommandProviderHelper().getConfigService();
                Session configSession = abstractAdminCommand.getConfigSession();
                List cellRealms = getCellRealms(configSession, configService, SecConfigTaskHelper.getSecurityObjectName(configSession, configService));
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "listSecurityRealms");
                }
                return cellRealms;
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "104");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "listSecurityRealms");
            }
            throw th;
        }
    }

    public List listRegistryUsers(AbstractAdminCommand abstractAdminCommand) throws Exception {
        AttributeList securityAttrsForDomain;
        String resourceOfDomain;
        String str;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "listRegistryUsers");
        }
        List arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        try {
            try {
                ConfigService configService = getCommandProviderHelper().getConfigService();
                Session configSession = abstractAdminCommand.getConfigSession();
                String str2 = (String) abstractAdminCommand.getParameter("securityRealmName");
                String str3 = (String) abstractAdminCommand.getParameter(CommonConstants.RESOURCE_NAME);
                String str4 = (String) abstractAdminCommand.getParameter("securityDomainName");
                Boolean bool = (Boolean) abstractAdminCommand.getParameter("displayAccessIds");
                String str5 = (String) abstractAdminCommand.getParameter(SearchFilterConfig.USER_FILTER);
                Integer num = (Integer) abstractAdminCommand.getParameter("numberOfUsers");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "securityRealmName name is " + str2);
                }
                if (str2 != null && str2.length() == 0) {
                    str2 = null;
                }
                if (str3 != null && str3.length() == 0) {
                    str3 = null;
                }
                if (str4 != null && str4.length() == 0) {
                    str4 = null;
                }
                if (num.intValue() < 1) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.greater.SECJ7756E", new Object[]{"numberOfUsers"}));
                }
                if ((str2 != null && (str3 != null || str4 != null)) || ((str3 != null && (str2 != null || str4 != null)) || (str4 != null && (str3 != null || str2 != null)))) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.dupType.SECJ7761E", null));
                }
                if (str2 != null) {
                    securityAttrsForDomain = getSecurityAttrsForRealm(configSession, configService, str2);
                    resourceOfDomain = getResourceOfRealm(configSession, configService, str2);
                } else if (str3 != null) {
                    securityAttrsForDomain = getSecurityAttrsForResource(configSession, configService, str3);
                    resourceOfDomain = findProcessForResource(configSession, configService, str3);
                } else if (str4 != null) {
                    securityAttrsForDomain = getSecurityAttrsForDomain(configSession, configService, str4);
                    resourceOfDomain = getResourceOfDomain(configSession, configService, str4);
                } else {
                    securityAttrsForDomain = getSecurityAttrsForDomain(configSession, configService, null);
                    resourceOfDomain = getResourceOfDomain(configSession, configService, null);
                }
                if (securityAttrsForDomain == null) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.noUserReg.SECJ7762E", null));
                }
                String str6 = (String) ConfigServiceHelper.getAttributeValue(securityAttrsForDomain, SystemAttributes._WEBSPHERE_CONFIG_DATA_TYPE);
                if (str6.equals("LocalOSUserRegistry")) {
                    arrayList = getLocalOSList(securityAttrsForDomain, "getUsers", bool, str5, num.intValue(), resourceOfDomain);
                } else if (str6.equals("CustomUserRegistry")) {
                    arrayList = getCustomList(securityAttrsForDomain, "getUsers", bool, str5, num.intValue(), resourceOfDomain);
                } else if (str6.equals("LDAPUserRegistry")) {
                    arrayList = getLDAPList(securityAttrsForDomain, "getUsers", bool, str5, num.intValue(), resourceOfDomain);
                } else if (str6.equals(UserRegistryConfig.TYPE_WIM)) {
                    arrayList = getWIMList(securityAttrsForDomain, "getUsers", bool, str5, num.intValue(), resourceOfDomain);
                }
                if (arrayList != null && str2 != null) {
                    for (int i = 0; i < arrayList.size(); i++) {
                        if (bool.booleanValue()) {
                            AttributeList attributeList = (AttributeList) arrayList.get(i);
                            if (attributeList != null && (str = (String) ConfigServiceHelper.getAttributeValue(attributeList, "name")) != null) {
                                ConfigServiceHelper.setAttributeValue(attributeList, "name", str + "@" + str2);
                            }
                        } else {
                            String str7 = (String) arrayList.get(i);
                            if (str7 != null) {
                                arrayList2.add(str7 + "@" + str2);
                            }
                        }
                    }
                    if (!arrayList2.isEmpty()) {
                        arrayList.clear();
                        arrayList = arrayList2;
                    }
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "listRegistryUsers");
                }
                return arrayList;
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "168");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "listRegistryUsers");
            }
            throw th;
        }
    }

    public List listRegistryGroups(AbstractAdminCommand abstractAdminCommand) throws Exception {
        AttributeList securityAttrsForDomain;
        String resourceOfDomain;
        String str;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "listGroupsInRealm");
        }
        List arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        try {
            try {
                ConfigService configService = getCommandProviderHelper().getConfigService();
                Session configSession = abstractAdminCommand.getConfigSession();
                String str2 = (String) abstractAdminCommand.getParameter("securityRealmName");
                String str3 = (String) abstractAdminCommand.getParameter(CommonConstants.RESOURCE_NAME);
                String str4 = (String) abstractAdminCommand.getParameter("securityDomainName");
                Boolean bool = (Boolean) abstractAdminCommand.getParameter("displayAccessIds");
                String str5 = (String) abstractAdminCommand.getParameter(SearchFilterConfig.GROUP_FILTER);
                Integer num = (Integer) abstractAdminCommand.getParameter("numberOfGroups");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "securityRealmName name is " + str2);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "resourceName name is " + str3);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "securityDomainName name is " + str4);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "displayAccessIds name is " + bool);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "groupFilter name is " + str5);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "numberOfGroups name is " + num);
                }
                if (str2 != null && str2.length() == 0) {
                    str2 = null;
                }
                if (str3 != null && str3.length() == 0) {
                    str3 = null;
                }
                if (str4 != null && str4.length() == 0) {
                    str4 = null;
                }
                if (num.intValue() < 1) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.greater.SECJ7756E", new Object[]{"numberOfGroups"}));
                }
                if ((str2 != null && (str3 != null || str4 != null)) || ((str3 != null && (str2 != null || str4 != null)) || (str4 != null && (str3 != null || str2 != null)))) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.dupType.SECJ7761E", null));
                }
                if (str2 != null) {
                    securityAttrsForDomain = getSecurityAttrsForRealm(configSession, configService, str2);
                    resourceOfDomain = getResourceOfRealm(configSession, configService, str2);
                } else if (str3 != null) {
                    securityAttrsForDomain = getSecurityAttrsForResource(configSession, configService, str3);
                    resourceOfDomain = findProcessForResource(configSession, configService, str3);
                } else if (str4 != null) {
                    securityAttrsForDomain = getSecurityAttrsForDomain(configSession, configService, str4);
                    resourceOfDomain = getResourceOfDomain(configSession, configService, str4);
                } else {
                    securityAttrsForDomain = getSecurityAttrsForDomain(configSession, configService, null);
                    resourceOfDomain = getResourceOfDomain(configSession, configService, null);
                }
                if (securityAttrsForDomain == null) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.noUserReg.SECJ7762E", null));
                }
                String str6 = (String) ConfigServiceHelper.getAttributeValue(securityAttrsForDomain, SystemAttributes._WEBSPHERE_CONFIG_DATA_TYPE);
                if (str6.equals("LocalOSUserRegistry")) {
                    arrayList = getLocalOSList(securityAttrsForDomain, "getGroups", bool, str5, num.intValue(), resourceOfDomain);
                } else if (str6.equals("CustomUserRegistry")) {
                    arrayList = getCustomList(securityAttrsForDomain, "getGroups", bool, str5, num.intValue(), resourceOfDomain);
                } else if (str6.equals("LDAPUserRegistry")) {
                    arrayList = getLDAPList(securityAttrsForDomain, "getGroups", bool, str5, num.intValue(), resourceOfDomain);
                } else if (str6.equals(UserRegistryConfig.TYPE_WIM)) {
                    arrayList = getWIMList(securityAttrsForDomain, "getGroups", bool, str5, num.intValue(), resourceOfDomain);
                }
                if (arrayList != null && str2 != null) {
                    for (int i = 0; i < arrayList.size(); i++) {
                        if (bool.booleanValue()) {
                            AttributeList attributeList = (AttributeList) arrayList.get(i);
                            if (attributeList != null && (str = (String) ConfigServiceHelper.getAttributeValue(attributeList, "name")) != null) {
                                ConfigServiceHelper.setAttributeValue(attributeList, "name", str + "@" + str2);
                            }
                        } else {
                            String str7 = (String) arrayList.get(i);
                            if (str7 != null) {
                                arrayList2.add(str7 + "@" + str2);
                            }
                        }
                    }
                    if (!arrayList2.isEmpty()) {
                        arrayList.clear();
                        arrayList = arrayList2;
                    }
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "listGroupsInRealm");
                }
                return arrayList;
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "229");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "listGroupsInRealm");
            }
            throw th;
        }
    }

    public void configureTrustedRealms(AbstractAdminCommand abstractAdminCommand) throws Exception {
        ObjectName securityObjectName;
        String str;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "configureTrustedRealm");
        }
        AttributeList attributeList = new AttributeList();
        try {
            try {
                ConfigService configService = getCommandProviderHelper().getConfigService();
                Session configSession = abstractAdminCommand.getConfigSession();
                String str2 = (String) abstractAdminCommand.getParameter("securityDomainName");
                String str3 = (String) abstractAdminCommand.getParameter("communicationType");
                String str4 = (String) abstractAdminCommand.getParameter("realmList");
                Boolean bool = (Boolean) abstractAdminCommand.getParameter("trustAllRealms");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "securityDomain name is " + str2);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "realmList name is " + str4);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "trustAllRealms name is " + bool);
                }
                if (str2 != null) {
                    securityObjectName = SecConfigTaskHelper.getSecDomain(configSession, configService, str2);
                    if (securityObjectName == null) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.config.does.not.exist.SECJ7702E", new Object[]{str2}));
                    }
                } else {
                    securityObjectName = SecConfigTaskHelper.getSecurityObjectName(configSession, configService);
                }
                if (str3.equalsIgnoreCase("inbound")) {
                    str = "inboundTrustedAuthenticationRealm";
                } else {
                    if (!str3.equalsIgnoreCase("outbound")) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.invalidCommoType.SECJ7752E", null));
                    }
                    str = "outboundTrustedAuthenticationRealm";
                }
                if (str4 != null) {
                    attributeList.add(new Attribute("realmList", str4));
                }
                if (bool != null) {
                    attributeList.add(new Attribute("trustAllRealms", bool));
                }
                ObjectName trustedRealms = SecConfigTaskHelper.getTrustedRealms(configSession, configService, securityObjectName, str);
                if (trustedRealms != null) {
                    configService.setAttributes(configSession, trustedRealms, attributeList);
                } else {
                    configService.createConfigData(configSession, securityObjectName, str, "TrustedAuthenticationRealm", attributeList);
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "configureTrustedRealm");
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "315");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "configureTrustedRealm");
            }
            throw th;
        }
    }

    public void addTrustedRealms(AbstractAdminCommand abstractAdminCommand) throws Exception {
        ObjectName securityObjectName;
        String str;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addTrustedRealm");
        }
        AttributeList attributeList = new AttributeList();
        String str2 = null;
        try {
            try {
                ConfigService configService = getCommandProviderHelper().getConfigService();
                Session configSession = abstractAdminCommand.getConfigSession();
                String str3 = (String) abstractAdminCommand.getParameter("communicationType");
                String str4 = (String) abstractAdminCommand.getParameter("securityDomainName");
                String str5 = (String) abstractAdminCommand.getParameter("realmList");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "securityDomain name is " + str4);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "realmList name is " + str5);
                }
                if (str4 != null) {
                    securityObjectName = SecConfigTaskHelper.getSecDomain(configSession, configService, str4);
                    if (securityObjectName == null) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.config.does.not.exist.SECJ7702E", new Object[]{str4}));
                    }
                } else {
                    securityObjectName = SecConfigTaskHelper.getSecurityObjectName(configSession, configService);
                }
                if (str3.equalsIgnoreCase("inbound")) {
                    str = "inboundTrustedAuthenticationRealm";
                } else {
                    if (!str3.equalsIgnoreCase("outbound")) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.invalidCommoType.SECJ7752E", null));
                    }
                    str = "outboundTrustedAuthenticationRealm";
                }
                ObjectName trustedRealms = SecConfigTaskHelper.getTrustedRealms(configSession, configService, securityObjectName, str);
                if (str5 != null && str5.length() > 0) {
                    str2 = addRealmsToList(configSession, configService, trustedRealms, str5);
                }
                if (str2 == null || str2.length() <= 0) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.noRealms.SECJ7753E", null));
                }
                attributeList.add(new Attribute("realmList", str2));
                if (trustedRealms != null) {
                    configService.setAttributes(configSession, trustedRealms, attributeList);
                } else {
                    configService.createConfigData(configSession, securityObjectName, str, "TrustedAuthenticationRealm", attributeList);
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "addTrustedRealm");
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "398");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "addTrustedRealm");
            }
            throw th;
        }
    }

    public List listTrustedRealms(AbstractAdminCommand abstractAdminCommand) throws Exception {
        String str;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "listTrustedRealms");
        }
        new ArrayList();
        String str2 = null;
        try {
            ConfigService configService = getCommandProviderHelper().getConfigService();
            Session configSession = abstractAdminCommand.getConfigSession();
            String str3 = (String) abstractAdminCommand.getParameter("communicationType");
            String str4 = (String) abstractAdminCommand.getParameter("securityRealmName");
            String str5 = (String) abstractAdminCommand.getParameter(CommonConstants.RESOURCE_NAME);
            String str6 = (String) abstractAdminCommand.getParameter("securityDomainName");
            Boolean bool = (Boolean) abstractAdminCommand.getParameter("expandRealmList");
            Boolean bool2 = (Boolean) abstractAdminCommand.getParameter("includeCurrentRealm");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "communicationType name is " + str3);
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "securityRealmName name is " + str4);
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "resourceName name is " + str5);
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "securityDomainName name is " + str6);
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "expandRealmList name is " + bool);
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "expandRealmList name is " + bool);
            }
            if (str4 != null && str4.length() == 0) {
                str4 = null;
            }
            if (str5 != null && str5.length() == 0) {
                str5 = null;
            }
            if (str6 != null && str6.length() == 0) {
                str6 = null;
            }
            if (str3.equalsIgnoreCase("inbound")) {
                str = "inboundTrustedAuthenticationRealm";
            } else {
                if (!str3.equalsIgnoreCase("outbound")) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.invalidCommoType.SECJ7752E", null));
                }
                str = "outboundTrustedAuthenticationRealm";
            }
            if ((str4 != null && (str5 != null || str6 != null)) || ((str5 != null && (str4 != null || str6 != null)) || (str6 != null && (str5 != null || str4 != null)))) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.dupType.SECJ7761E", null));
            }
            if (!str.equals("outboundTrustedAuthenticationRealm")) {
                str2 = getGlobalSecurityRealm(configSession, configService);
            }
            List findTrustedRealmAttrs = str4 != null ? findTrustedRealmAttrs(configSession, configService, str4, str, str2, bool.booleanValue(), bool2.booleanValue()) : str5 != null ? findTrustedRealmAttrsForResource(configSession, configService, str5, str, str2, bool.booleanValue(), bool2.booleanValue()) : str6 != null ? findTrustedRealmAttrsForDomain(configSession, configService, str6, str, str2, bool.booleanValue(), bool2.booleanValue()) : findTrustedRealmAttrsForDomain(configSession, configService, null, str, str2, bool.booleanValue(), bool2.booleanValue());
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "listTrustedRealms", new Object[]{findTrustedRealmAttrs});
            }
            return findTrustedRealmAttrs;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "483");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught", e);
            }
            throw e;
        }
    }

    public void removeTrustedRealms(AbstractAdminCommand abstractAdminCommand) throws Exception {
        ObjectName securityObjectName;
        String str;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "removeTrustedRealm");
        }
        AttributeList attributeList = new AttributeList();
        try {
            try {
                ConfigService configService = getCommandProviderHelper().getConfigService();
                Session configSession = abstractAdminCommand.getConfigSession();
                String str2 = (String) abstractAdminCommand.getParameter("communicationType");
                String str3 = (String) abstractAdminCommand.getParameter("securityDomainName");
                String str4 = (String) abstractAdminCommand.getParameter("realmList");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "securityDomain name is " + str3);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "realmList name is " + str4);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "communicationType name is " + str2);
                }
                if (str3 != null) {
                    securityObjectName = SecConfigTaskHelper.getSecDomain(configSession, configService, str3);
                    if (securityObjectName == null) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.config.does.not.exist.SECJ7702E", new Object[]{str3}));
                    }
                } else {
                    securityObjectName = SecConfigTaskHelper.getSecurityObjectName(configSession, configService);
                }
                if (str2.equalsIgnoreCase("inbound")) {
                    str = "inboundTrustedAuthenticationRealm";
                } else {
                    if (!str2.equalsIgnoreCase("outbound")) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.invalidCommoType.SECJ7752E", null));
                    }
                    str = "outboundTrustedAuthenticationRealm";
                }
                String globalSecurityRealm = getGlobalSecurityRealm(configSession, configService);
                if (globalSecurityRealm != null && isRealmInRealmList(globalSecurityRealm, str4)) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.cannotRemoveRealm.SECJ7795E", new Object[]{globalSecurityRealm}));
                }
                ObjectName objectName = (ObjectName) configService.getAttribute(configSession, securityObjectName, "activeUserRegistry");
                if (objectName != null) {
                    String str5 = (String) configService.getAttribute(configSession, objectName, "realm");
                    if (isRealmInRealmList(str5, str4)) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.cannotRemoveRealm.SECJ7796E", new Object[]{str5}));
                    }
                }
                ObjectName trustedRealms = SecConfigTaskHelper.getTrustedRealms(configSession, configService, securityObjectName, str);
                if (trustedRealms == null) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.noTrustedRealm.SECJ7755E", null));
                }
                if (str4 != null && str4.length() > 0) {
                    attributeList.add(new Attribute("realmList", SecConfigTaskHelper.updateRealmList(configSession, configService, trustedRealms, str4)));
                }
                if (trustedRealms != null && !attributeList.isEmpty()) {
                    configService.setAttributes(configSession, trustedRealms, attributeList);
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "removeTrustedRealm");
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "652");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "removeTrustedRealm");
            }
            throw th;
        }
    }

    public void unconfigureTrustedRealms(AbstractAdminCommand abstractAdminCommand) throws Exception {
        ObjectName securityObjectName;
        String str;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "unconfigureTrustedRealms");
        }
        try {
            try {
                ConfigService configService = getCommandProviderHelper().getConfigService();
                Session configSession = abstractAdminCommand.getConfigSession();
                String str2 = (String) abstractAdminCommand.getParameter("communicationType");
                String str3 = (String) abstractAdminCommand.getParameter("securityDomainName");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "commoType name is " + str2);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "secDomain name is " + str3);
                }
                if (str3 != null) {
                    securityObjectName = SecConfigTaskHelper.getSecDomain(configSession, configService, str3);
                    if (securityObjectName == null) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.config.does.not.exist.SECJ7702E", new Object[]{str3}));
                    }
                } else {
                    securityObjectName = SecConfigTaskHelper.getSecurityObjectName(configSession, configService);
                }
                if (str2.equalsIgnoreCase("inbound")) {
                    str = "inboundTrustedAuthenticationRealm";
                } else {
                    if (!str2.equalsIgnoreCase("outbound")) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.invalidCommoType.SECJ7752E", null));
                    }
                    str = "outboundTrustedAuthenticationRealm";
                }
                ObjectName trustedRealms = SecConfigTaskHelper.getTrustedRealms(configSession, configService, securityObjectName, str);
                if (trustedRealms != null) {
                    configService.deleteConfigData(configSession, trustedRealms);
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "unconfigureTrustedRealms");
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "315");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "unconfigureTrustedRealms");
            }
            throw th;
        }
    }

    private List getList(Properties properties, String str, Boolean bool, String str2, int i, String str3) throws Exception {
        List arrayList = new ArrayList();
        try {
            boolean z = str.equals("getGroups") ? false : true;
            if (str2 == null) {
                str2 = "*";
            }
            String processName = (str3 == null || str3.indexOf("Server=") < 0) ? AdminServiceFactory.getAdminService().getProcessName() : str3.substring(str3.indexOf("Server=") + 7);
            Iterator it = AdminServiceFactory.getAdminService().queryNames(new ObjectName("WebSphere:type=SecurityAdmin,process=" + processName + ",*"), null).iterator();
            if (!it.hasNext()) {
                throw new ServerProcessNotFoundException("Server process not found for " + processName);
            }
            ObjectName objectName = (ObjectName) it.next();
            Result result = (Result) AdminServiceFactory.getAdminService().invoke(objectName, str, new Object[]{str2, new Integer(i), properties}, new String[]{"java.lang.String", "java.lang.Integer", "java.util.Properties"});
            if (result != null && result.getList() != null) {
                List list = result.getList();
                if (bool == null || !bool.booleanValue()) {
                    arrayList = list;
                } else {
                    for (int i2 = 0; i2 < list.size(); i2++) {
                        String str4 = (String) list.get(i2);
                        String str5 = (String) AdminServiceFactory.getAdminService().invoke(objectName, "getAccessIds", new Object[]{new Boolean(z), str4, properties}, new String[]{Boolean.TYPE.getName(), String.class.getName(), Properties.class.getName()});
                        if (str5 != null) {
                            AttributeList attributeList = new AttributeList();
                            attributeList.add(new Attribute("name", str4));
                            attributeList.add(new Attribute("accessId", str5));
                            arrayList.add(attributeList);
                        }
                    }
                }
            }
            return arrayList;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "710");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception while trying get the userList", e);
            }
            throw e;
        }
    }

    private AttributeList getSecurityAttrsForRealm(Session session, ConfigService configService, String str) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSecurityAttrsForRealm", str);
        }
        try {
            ObjectName objectName = configService.queryConfigObjects(session, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, "Security"), null)[0];
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Security ObjectName is " + objectName + ". Cell Name is " + ConfigServiceHelper.getDisplayName(objectName));
            }
            ArrayList arrayList = (ArrayList) configService.getAttribute(session, objectName, "userRegistries");
            if (arrayList != null) {
                for (int i = 0; i < arrayList.size(); i++) {
                    AttributeList attributeList = (AttributeList) arrayList.get(i);
                    String str2 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "realm");
                    if (str2 != null && str2.equals(str)) {
                        if (tc.isEntryEnabled()) {
                            Tr.exit(tc, "getSecurityObjectName");
                        }
                        return attributeList;
                    }
                }
            }
            for (ObjectName objectName2 : configService.queryConfigObjects(session, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, "AppSecurity"), null)) {
                ArrayList arrayList2 = (ArrayList) configService.getAttribute(session, objectName2, "userRegistries");
                if (arrayList2 != null) {
                    for (int i2 = 0; i2 < arrayList2.size(); i2++) {
                        AttributeList attributeList2 = (AttributeList) arrayList2.get(i2);
                        String str3 = (String) ConfigServiceHelper.getAttributeValue(attributeList2, "realm");
                        if (str3 != null && str3.equals(str)) {
                            if (tc.isEntryEnabled()) {
                                Tr.exit(tc, "getSecurityObjectName");
                            }
                            return attributeList2;
                        }
                    }
                }
            }
            if (PlatformHelperFactory.getPlatformHelper().isZOS()) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Looking to see if the ZOS realm is a match");
                }
                ObjectName objectName3 = (ObjectName) configService.getAttribute(session, objectName, "activeUserRegistry");
                if (objectName3 != null) {
                    AttributeList attributes = configService.getAttributes(session, objectName3, null, false);
                    if (((String) ConfigServiceHelper.getAttributeValue(attributes, SystemAttributes._WEBSPHERE_CONFIG_DATA_TYPE)).equalsIgnoreCase("LocalOSUserRegistry") && SecConfigTaskHelper.getDefaultRealm(getLocalOSProps(attributes)).equals(str)) {
                        if (tc.isEntryEnabled()) {
                            Tr.exit(tc, "getSecurityObjectName - ZOS realm");
                        }
                        return attributes;
                    }
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Realm not found in Zos");
                }
            }
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "getSecurityObjectName");
            return null;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "772");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught", e);
            }
            throw e;
        }
    }

    private AttributeList getSecurityAttrsForDomain(Session session, ConfigService configService, String str) throws Exception {
        ObjectName objectName;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSecurityAttrsForDomain", str);
        }
        try {
            if (str == null) {
                ObjectName objectName2 = configService.queryConfigObjects(session, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, "Security"), null)[0];
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Security ObjectName is " + objectName2 + ". Cell Name is " + ConfigServiceHelper.getDisplayName(objectName2));
                }
                ObjectName objectName3 = (ObjectName) configService.getAttribute(session, objectName2, "activeUserRegistry");
                if (objectName3 != null) {
                    return configService.getAttributes(session, objectName3, null, true);
                }
            } else {
                for (ObjectName objectName4 : configService.queryConfigObjects(session, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, "SecurityDomain"), null)) {
                    if (((String) configService.getAttribute(session, objectName4, "name")).equals(str)) {
                        ObjectName[] queryConfigObjects = configService.queryConfigObjects(session, objectName4, ConfigServiceHelper.createObjectName((ConfigDataId) null, "AppSecurity"), null);
                        if (queryConfigObjects[0] != null && (objectName = (ObjectName) configService.getAttribute(session, queryConfigObjects[0], "activeUserRegistry")) != null) {
                            return configService.getAttributes(session, objectName, null, true);
                        }
                    }
                }
            }
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "getSecurityAttrsForDomain");
            return null;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "772");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught", e);
            }
            throw e;
        }
    }

    private AttributeList getSecurityAttrsForResource(Session session, ConfigService configService, String str) throws Exception {
        ObjectName objectName;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSecurityAttrsForResource", str);
        }
        try {
            ObjectName[] queryConfigObjects = configService.queryConfigObjects(session, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, "SecurityDomain"), null);
            ObjectName[] resolve = configService.resolve(session, str);
            if (resolve.length <= 0) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.scopeNotValid.SECJ7718E", new Object[]{str}));
            }
            String configDataId = ConfigServiceHelper.getConfigDataId(resolve[0]).toString();
            if (!DomainCheckerExtensionsProcessor.getProcessor().processHandleResource(ConfigServiceHelper.getConfigDataType(resolve[0]))) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.scopeNotValid.SECJ7718E", new Object[]{str}));
            }
            String substring = (configDataId == null || configDataId.lastIndexOf(ConfigDataId.delimiter) <= 0) ? configDataId : configDataId.substring(0, configDataId.lastIndexOf(ConfigDataId.delimiter));
            for (ObjectName objectName2 : queryConfigObjects) {
                List list = (List) configService.getAttribute(session, objectName2, ClusterConfigCommandProvider.MEMBERS_STEP_NAME);
                for (int i = 0; i < list.size(); i++) {
                    if (((String) ConfigServiceHelper.getAttributeValue((AttributeList) list.get(i), CommonConstants.RESOURCE_NAME)).equalsIgnoreCase(substring)) {
                        ObjectName[] queryConfigObjects2 = configService.queryConfigObjects(session, objectName2, ConfigServiceHelper.createObjectName((ConfigDataId) null, "AppSecurity"), null);
                        if (queryConfigObjects2[0] != null && (objectName = (ObjectName) configService.getAttribute(session, queryConfigObjects2[0], "activeUserRegistry")) != null) {
                            return configService.getAttributes(session, objectName, null, true);
                        }
                    }
                }
            }
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "getSecurityAttrsForResource");
            return null;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "772");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught", e);
            }
            throw e;
        }
    }

    private List getCellRealms(Session session, ConfigService configService, ObjectName objectName) throws Exception {
        try {
            try {
                List realmNames = getRealmNames(session, configService, objectName, new ArrayList());
                for (ObjectName objectName2 : configService.queryConfigObjects(session, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, "AppSecurity"), null)) {
                    realmNames = getRealmNames(session, configService, objectName2, realmNames);
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "listSecurityRealms");
                }
                return realmNames;
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "971");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "listSecurityRealms");
            }
            throw th;
        }
    }

    private List getRealmNames(Session session, ConfigService configService, ObjectName objectName, List list) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getRealmNames");
        }
        try {
            ArrayList arrayList = (ArrayList) configService.getAttribute(session, objectName, "userRegistries");
            if (arrayList != null) {
                for (int i = 0; i < arrayList.size(); i++) {
                    String str = (String) ConfigServiceHelper.getAttributeValue((AttributeList) arrayList.get(i), "realm");
                    if (str != null && str.length() > 0 && !list.contains(str)) {
                        list.add(str);
                    }
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getRealmNames");
            }
            return list;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "839");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught", e);
            }
            throw e;
        }
    }

    private List getLocalOSList(AttributeList attributeList, String str, Boolean bool, String str2, int i, String str3) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getLocalOSList");
        }
        List list = null;
        Properties localOSProps = getLocalOSProps(attributeList);
        if (localOSProps != null) {
            list = getList(localOSProps, str, bool, str2, i, str3);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getLocalOSList");
        }
        return list;
    }

    private Properties getLocalOSProps(AttributeList attributeList) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getLocalOSProps");
        }
        Properties customProperties = getCustomProperties(attributeList, new Properties());
        customProperties.setProperty("activeRegistry", "LOCALOS");
        Boolean bool = (Boolean) ConfigServiceHelper.getAttributeValue(attributeList, UserRegistryConfig.IGNORE_CASE);
        if (bool != null) {
            customProperties.setProperty(CommonConstants.IGNORE_CASE, bool.toString());
        }
        Boolean bool2 = (Boolean) ConfigServiceHelper.getAttributeValue(attributeList, "useRegistryRealm");
        String str = (String) ConfigServiceHelper.getAttributeValue(attributeList, "realm");
        if (bool2 != null && str != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Setting WAS_UseRegistryRealm = " + bool2.toString() + " and WAS_Realm = " + str);
            }
            customProperties.setProperty("WAS_UseRegistryRealm", bool2.toString());
            customProperties.setProperty("WAS_Realm", str);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getLocalOSProps");
        }
        return customProperties;
    }

    private List getWIMList(AttributeList attributeList, String str, Boolean bool, String str2, int i, String str3) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getWIMList");
        }
        List list = null;
        Properties wIMProps = getWIMProps(attributeList);
        if (wIMProps != null) {
            list = getList(wIMProps, str, bool, str2, i, str3);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getWIMList");
        }
        return list;
    }

    private Properties getWIMProps(AttributeList attributeList) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getWIMList");
        }
        Properties customProperties = getCustomProperties(attributeList, new Properties());
        String str = (String) ConfigServiceHelper.getAttributeValue(attributeList, UserRegistryConfig.REGISTRY_CLASS_NAME);
        if (str != null) {
            customProperties.setProperty("CustUserRegImplClass", str);
        }
        Boolean bool = (Boolean) ConfigServiceHelper.getAttributeValue(attributeList, UserRegistryConfig.IGNORE_CASE);
        if (bool != null) {
            customProperties.setProperty(CommonConstants.IGNORE_CASE, bool.toString());
        }
        customProperties.setProperty("activeRegistry", "WIM");
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getWIMList");
        }
        return customProperties;
    }

    private List getCustomList(AttributeList attributeList, String str, Boolean bool, String str2, int i, String str3) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getCustomList");
        }
        List list = null;
        Properties customProps = getCustomProps(attributeList);
        if (customProps != null) {
            list = getList(customProps, str, bool, str2, i, str3);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getCustomList");
        }
        return list;
    }

    private Properties getCustomProps(AttributeList attributeList) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getCustomProps");
        }
        Properties customProperties = getCustomProperties(attributeList, new Properties());
        customProperties.setProperty("activeRegistry", "CUSTOM");
        String str = (String) ConfigServiceHelper.getAttributeValue(attributeList, UserRegistryConfig.CUSTOM_REGISTRY_CLASS_NAME);
        if (str != null) {
            customProperties.setProperty("CustUserRegImplClass", str);
        }
        Boolean bool = (Boolean) ConfigServiceHelper.getAttributeValue(attributeList, UserRegistryConfig.IGNORE_CASE);
        if (bool != null) {
            customProperties.setProperty(CommonConstants.IGNORE_CASE, bool.toString());
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getCustomProps");
        }
        return customProperties;
    }

    private List getLDAPList(AttributeList attributeList, String str, Boolean bool, String str2, int i, String str3) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getLDAPList");
        }
        List list = null;
        Properties lDAPProps = getLDAPProps(attributeList);
        if (lDAPProps != null) {
            list = getList(lDAPProps, str, bool, str2, i, str3);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getLDAPList");
        }
        return list;
    }

    private Properties getLDAPProps(AttributeList attributeList) throws Exception {
        AttributeList attributeList2;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getLDAPProps");
        }
        Properties customProperties = getCustomProperties(attributeList, new Properties());
        customProperties.setProperty("activeRegistry", "LDAP");
        String str = (String) ConfigServiceHelper.getAttributeValue(attributeList, UserRegistryConfig.BASE_DN);
        if (str != null) {
            customProperties.setProperty("ldap.basedn", str);
        }
        String str2 = (String) ConfigServiceHelper.getAttributeValue(attributeList, UserRegistryConfig.BIND_DN);
        if (str2 != null) {
            customProperties.setProperty("java.naming.security.principal", str2);
        }
        String str3 = (String) ConfigServiceHelper.getAttributeValue(attributeList, UserRegistryConfig.BIND_PASSWORD);
        if (str3 != null) {
            customProperties.setProperty("java.naming.security.credentials", str3);
        }
        Boolean bool = (Boolean) ConfigServiceHelper.getAttributeValue(attributeList, UserRegistryConfig.REUSE_CONNECTION);
        if (bool != null) {
            customProperties.setProperty(CommonConstants.LDAP_REUSE_CONN, bool.toString());
        }
        Long l = (Long) ConfigServiceHelper.getAttributeValue(attributeList, UserRegistryConfig.SEARCH_TIMEOUT);
        if (l != null) {
            customProperties.setProperty(CommonConstants.LDAP_SEARCH_TIME_LIMIT, l.toString());
        }
        String str4 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "type");
        if (str4 != null) {
            customProperties.setProperty("dirType", str4);
        }
        Boolean bool2 = (Boolean) ConfigServiceHelper.getAttributeValue(attributeList, "sslEnabled");
        if (bool2 != null) {
            customProperties.put("sslEnabled", bool2);
        }
        String str5 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "realm");
        if (str5 != null) {
            customProperties.setProperty("LDAP.server.realm", str5);
        }
        Boolean bool3 = (Boolean) ConfigServiceHelper.getAttributeValue(attributeList, UserRegistryConfig.IGNORE_CASE);
        if (bool3 != null) {
            customProperties.setProperty(CommonConstants.IGNORE_CASE, bool3.toString());
        }
        List list = (List) ConfigServiceHelper.getAttributeValue(attributeList, Constants.RELATIONSHIP_HOSTS);
        if (list != null && (attributeList2 = (AttributeList) list.get(0)) != null) {
            String str6 = (String) ConfigServiceHelper.getAttributeValue(attributeList2, "host");
            Integer num = (Integer) ConfigServiceHelper.getAttributeValue(attributeList2, "port");
            if (str6 != null && num != null) {
                StringBuffer stringBuffer = new StringBuffer();
                if (str6.indexOf(":") != -1) {
                    stringBuffer.append("ldap://").append(WorkSpaceConstant.FIELD_SEPERATOR + str6 + "]");
                } else {
                    stringBuffer.append("ldap://").append(str6);
                }
                if (num != null && num.intValue() > 0) {
                    stringBuffer.append(":" + num.intValue());
                }
                customProperties.setProperty("java.naming.provider.url", stringBuffer.toString());
            }
        }
        customProperties.setProperty("CustUserRegImplClass", CommonConstants.LDAP_REG_IMPL_CLASS);
        AttributeList attributeList3 = (AttributeList) ConfigServiceHelper.getAttributeValue(attributeList, "searchFilter");
        if (attributeList3 != null) {
            String str7 = (String) ConfigServiceHelper.getAttributeValue(attributeList3, SearchFilterConfig.USER_FILTER);
            if (str7 != null) {
                customProperties.setProperty("user.filter", str7);
            }
            String str8 = (String) ConfigServiceHelper.getAttributeValue(attributeList3, SearchFilterConfig.GROUP_FILTER);
            if (str8 != null) {
                customProperties.setProperty("group.filter", str8);
            }
            String str9 = (String) ConfigServiceHelper.getAttributeValue(attributeList3, SearchFilterConfig.USER_ID_MAP);
            if (str9 != null) {
                customProperties.setProperty("user.idmap", str9);
            }
            String str10 = (String) ConfigServiceHelper.getAttributeValue(attributeList3, SearchFilterConfig.GROUP_ID_MAP);
            if (str10 != null) {
                customProperties.setProperty("group.idmap", str10);
            }
            String str11 = (String) ConfigServiceHelper.getAttributeValue(attributeList3, SearchFilterConfig.GROUP_MEMBER_ID_MAP);
            if (str11 != null) {
                customProperties.setProperty("groupmember.idmap", str11);
            }
            String str12 = (String) ConfigServiceHelper.getAttributeValue(attributeList3, SearchFilterConfig.CERTIFICATE_MAP_MODE);
            if (str12 != null) {
                if (str12.equals("EXACT_DN")) {
                    customProperties.setProperty("certificate.map.mode", "exactDNMode");
                } else {
                    customProperties.setProperty("certificate.map.mode", str12);
                }
            }
            String str13 = (String) ConfigServiceHelper.getAttributeValue(attributeList3, SearchFilterConfig.CERTIFICATE_FILTER);
            if (str13 != null) {
                customProperties.setProperty("certificate.map.filter", str13);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getLDAPProps");
        }
        return customProperties;
    }

    private Properties getCustomProperties(AttributeList attributeList, Properties properties) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getCustomProperties");
        }
        try {
            List list = (List) ConfigServiceHelper.getAttributeValue(attributeList, "properties");
            if (list != null) {
                for (int i = 0; i < list.size(); i++) {
                    AttributeList attributeList2 = (AttributeList) list.get(i);
                    properties.setProperty((String) ConfigServiceHelper.getAttributeValue(attributeList2, "name"), (String) ConfigServiceHelper.getAttributeValue(attributeList2, "value"));
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getCustomProperties");
            }
            return properties;
        } catch (Exception e) {
            throw e;
        }
    }

    private static String addRealmsToList(Session session, ConfigService configService, ObjectName objectName, String str) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addRealmsToList");
        }
        String str2 = objectName != null ? (String) configService.getAttribute(session, objectName, "realmList") : null;
        if (str2 == null || str2.length() <= 0) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "addRealmsToList");
            }
            return str;
        }
        String[] split = str2.split("\\|");
        String[] split2 = str.split("\\|");
        for (int i = 0; i < split2.length; i++) {
            String str3 = null;
            int i2 = 0;
            while (true) {
                if (i2 >= split.length) {
                    break;
                }
                str3 = split2[i];
                if (split[i2].equals(str3)) {
                    str3 = null;
                    break;
                }
                i2++;
            }
            if (str3 != null) {
                str2 = str2 + CommandSecurityUtil.PARAM_DELIM + str3;
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "addRealmsToList");
        }
        return str2;
    }

    private List findTrustedRealmAttrs(Session session, ConfigService configService, String str, String str2, String str3, boolean z, boolean z2) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "findTrustedRealmAttrs", new Object[]{str, str2, str3});
        }
        List arrayList = new ArrayList();
        new AttributeList();
        String str4 = null;
        try {
            ObjectName objectName = configService.queryConfigObjects(session, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, "Security"), null)[0];
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Security ObjectName is " + objectName + ". Cell Name is " + ConfigServiceHelper.getDisplayName(objectName));
            }
            ArrayList arrayList2 = (ArrayList) configService.getAttribute(session, objectName, "userRegistries");
            if (arrayList2 != null) {
                for (int i = 0; i < arrayList2.size(); i++) {
                    String str5 = (String) ConfigServiceHelper.getAttributeValue((AttributeList) arrayList2.get(i), "realm");
                    if (str5 != null && str5.equals(str)) {
                        if (tc.isEntryEnabled()) {
                            Tr.exit(tc, "findTrustedRealmAttrs");
                        }
                        AttributeList attributeList = (AttributeList) configService.getAttribute(session, objectName, str2);
                        if (!z2) {
                            str5 = null;
                        }
                        if (attributeList != null && !attributeList.isEmpty()) {
                            Boolean bool = (Boolean) ConfigServiceHelper.getAttributeValue(attributeList, "trustAllRealms");
                            if (bool != null && bool.booleanValue()) {
                                if (z) {
                                    arrayList = getAllRealms(session, configService, str5, str3);
                                } else {
                                    arrayList.add("trustAllRealms");
                                }
                                return arrayList;
                            }
                            str4 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "realmList");
                        }
                        List makeRealmList = makeRealmList(str4, str5, str3);
                        if (tc.isEntryEnabled()) {
                            Tr.exit(tc, "findTrustedRealmAttrs", makeRealmList);
                        }
                        return makeRealmList;
                    }
                }
            }
            for (ObjectName objectName2 : configService.queryConfigObjects(session, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, "AppSecurity"), null)) {
                ArrayList arrayList3 = (ArrayList) configService.getAttribute(session, objectName2, "userRegistries");
                if (arrayList3 != null) {
                    for (int i2 = 0; i2 < arrayList3.size(); i2++) {
                        String str6 = (String) ConfigServiceHelper.getAttributeValue((AttributeList) arrayList3.get(i2), "realm");
                        if (str6 != null && str6.equals(str)) {
                            AttributeList attributeList2 = (AttributeList) configService.getAttribute(session, objectName, str2);
                            if (!z2) {
                                str6 = null;
                            }
                            if (attributeList2 != null && !attributeList2.isEmpty()) {
                                Boolean bool2 = (Boolean) ConfigServiceHelper.getAttributeValue(attributeList2, "trustAllRealms");
                                if (bool2 != null && bool2.booleanValue()) {
                                    if (z) {
                                        arrayList = getAllRealms(session, configService, str6, str3);
                                    } else {
                                        arrayList.add("trustAllRealms");
                                    }
                                    return arrayList;
                                }
                                str4 = (String) ConfigServiceHelper.getAttributeValue(attributeList2, "realmList");
                            }
                            List makeRealmList2 = makeRealmList(str4, str6, str3);
                            if (tc.isEntryEnabled()) {
                                Tr.exit(tc, "findTrustedRealmAttrs", makeRealmList2);
                            }
                            return makeRealmList2;
                        }
                    }
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "findTrustedRealmAttrs");
            }
            return arrayList;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "1219");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught", e);
            }
            throw e;
        }
    }

    private List findTrustedRealmAttrsForResource(Session session, ConfigService configService, String str, String str2, String str3, boolean z, boolean z2) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "findTrustedRealmAttrsForResource", new Object[]{str, str2, str3});
        }
        List arrayList = new ArrayList();
        new AttributeList();
        ObjectName objectName = null;
        String str4 = null;
        String str5 = null;
        try {
            ObjectName[] resolve = configService.resolve(session, str);
            if (resolve.length > 0) {
                String configDataId = ConfigServiceHelper.getConfigDataId(resolve[0]).toString();
                String substring = (configDataId == null || configDataId.lastIndexOf(ConfigDataId.delimiter) <= 0) ? configDataId : configDataId.substring(0, configDataId.lastIndexOf(ConfigDataId.delimiter));
                for (ObjectName objectName2 : configService.queryConfigObjects(session, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, "SecurityDomain"), null)) {
                    List list = (List) configService.getAttribute(session, objectName2, ClusterConfigCommandProvider.MEMBERS_STEP_NAME);
                    for (int i = 0; i < list.size(); i++) {
                        String str6 = (String) ConfigServiceHelper.getAttributeValue((AttributeList) list.get(i), CommonConstants.RESOURCE_NAME);
                        if (str6.equalsIgnoreCase(substring)) {
                            ObjectName objectName3 = configService.queryConfigObjects(session, objectName2, ConfigServiceHelper.createObjectName((ConfigDataId) null, "AppSecurity"), null)[0];
                            if (objectName3 != null) {
                                ObjectName objectName4 = (ObjectName) configService.getAttribute(session, objectName3, "activeUserRegistry");
                                if (objectName4 != null && z2) {
                                    str4 = (String) configService.getAttribute(session, objectName4, "realm");
                                }
                                AttributeList attributeList = (AttributeList) configService.getAttribute(session, objectName3, str2);
                                if (attributeList != null && !attributeList.isEmpty()) {
                                    Boolean bool = (Boolean) ConfigServiceHelper.getAttributeValue(attributeList, "trustAllRealms");
                                    if (bool != null && bool.booleanValue()) {
                                        if (z) {
                                            arrayList = getAllRealms(session, configService, str4, str3);
                                        } else {
                                            arrayList.add("trustAllRealms");
                                        }
                                        return arrayList;
                                    }
                                    str5 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "realmList");
                                }
                                List makeRealmList = makeRealmList(str5, str4, str3);
                                if (tc.isEntryEnabled()) {
                                    Tr.exit(tc, "findTrustedRealmAttrsForResource", makeRealmList);
                                }
                                return makeRealmList;
                            }
                        } else {
                            ObjectName[] resolve2 = configService.resolve(session, SecDomainHelper.convertResource(str6));
                            if (resolve2.length > 0 && ConfigServiceHelper.getConfigDataType(resolve2[0]).equalsIgnoreCase("Cell")) {
                                objectName = configService.queryConfigObjects(session, objectName2, ConfigServiceHelper.createObjectName((ConfigDataId) null, "AppSecurity"), null)[0];
                            }
                        }
                    }
                }
                if (objectName != null) {
                    ObjectName objectName5 = (ObjectName) configService.getAttribute(session, objectName, "activeUserRegistry");
                    if (objectName5 != null && z2) {
                        str4 = (String) configService.getAttribute(session, objectName5, "realm");
                    }
                    AttributeList attributeList2 = (AttributeList) configService.getAttribute(session, objectName, str2);
                    if (attributeList2 != null && !attributeList2.isEmpty()) {
                        Boolean bool2 = (Boolean) ConfigServiceHelper.getAttributeValue(attributeList2, "trustAllRealms");
                        if (bool2 != null && bool2.booleanValue()) {
                            if (z) {
                                arrayList = getAllRealms(session, configService, str4, str3);
                            } else {
                                arrayList.add("trustAllRealms");
                            }
                            return arrayList;
                        }
                        str5 = (String) ConfigServiceHelper.getAttributeValue(attributeList2, "realmList");
                    }
                    arrayList = makeRealmList(str5, str4, str3);
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "findTrustedRealmAttrsForResource", arrayList);
            }
            return arrayList;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "1288");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught", e);
            }
            throw e;
        }
    }

    private List findTrustedRealmAttrsForDomain(Session session, ConfigService configService, String str, String str2, String str3, boolean z, boolean z2) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "findTrustedRealmAttrsForDomain", new Object[]{str, str2, str3});
        }
        List arrayList = new ArrayList();
        new AttributeList();
        String str4 = null;
        String str5 = null;
        try {
            if (str != null) {
                for (ObjectName objectName : configService.queryConfigObjects(session, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, "SecurityDomain"), null)) {
                    if (((String) configService.getAttribute(session, objectName, "name")).equals(str)) {
                        ObjectName[] queryConfigObjects = configService.queryConfigObjects(session, objectName, ConfigServiceHelper.createObjectName((ConfigDataId) null, "AppSecurity"), null);
                        if (queryConfigObjects[0] != null) {
                            ObjectName objectName2 = (ObjectName) configService.getAttribute(session, queryConfigObjects[0], "activeUserRegistry");
                            if (objectName2 != null && z2) {
                                str4 = (String) configService.getAttribute(session, objectName2, "realm");
                            }
                            AttributeList attributeList = (AttributeList) configService.getAttribute(session, queryConfigObjects[0], str2);
                            if (attributeList != null && !attributeList.isEmpty()) {
                                Boolean bool = (Boolean) ConfigServiceHelper.getAttributeValue(attributeList, "trustAllRealms");
                                if (bool != null && bool.booleanValue()) {
                                    if (z) {
                                        arrayList = getAllRealms(session, configService, str4, str3);
                                    } else {
                                        arrayList.add("trustAllRealms");
                                    }
                                    return arrayList;
                                }
                                str5 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "realmList");
                            }
                            List makeRealmList = makeRealmList(str5, str4, str3);
                            if (tc.isEntryEnabled()) {
                                Tr.exit(tc, "findTrustedRealmAttrsForDomain", makeRealmList);
                            }
                            return makeRealmList;
                        }
                    }
                }
            } else {
                ObjectName objectName3 = configService.queryConfigObjects(session, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, "Security"), null)[0];
                if (objectName3 != null) {
                    ObjectName objectName4 = (ObjectName) configService.getAttribute(session, objectName3, "activeUserRegistry");
                    if (objectName4 != null && z2) {
                        str4 = (String) configService.getAttribute(session, objectName4, "realm");
                    }
                    AttributeList attributeList2 = (AttributeList) configService.getAttribute(session, objectName3, str2);
                    if (attributeList2 != null && !attributeList2.isEmpty()) {
                        Boolean bool2 = (Boolean) ConfigServiceHelper.getAttributeValue(attributeList2, "trustAllRealms");
                        if (bool2 != null && bool2.booleanValue()) {
                            if (z) {
                                arrayList = getAllRealms(session, configService, str4, str3);
                            } else {
                                arrayList.add("trustAllRealms");
                            }
                            return arrayList;
                        }
                        str5 = (String) ConfigServiceHelper.getAttributeValue(attributeList2, "realmList");
                    }
                    List makeRealmList2 = makeRealmList(str5, str4, str3);
                    if (tc.isEntryEnabled()) {
                        Tr.exit(tc, "findTrustedRealmAttrsForDomain", makeRealmList2);
                    }
                    return makeRealmList2;
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "findTrustedRealmAttrsForDomain");
            }
            return arrayList;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "1288");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught", e);
            }
            throw e;
        }
    }

    private List makeRealmList(String str, String str2, String str3) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "makeRealmList");
        }
        ArrayList arrayList = new ArrayList();
        if (str != null && str.length() > 0) {
            for (String str4 : str.split("\\|")) {
                arrayList.add(str4);
            }
        }
        if (str2 != null && str2.length() > 0) {
            if (arrayList.contains(str2)) {
                arrayList.remove(str2);
            }
            arrayList.add(0, str2);
        }
        if (str3 != null && str3.length() > 0) {
            if (arrayList.contains(str3)) {
                arrayList.remove(str3);
            }
            if (str2 == null || str2.length() <= 0 || arrayList.size() <= 0) {
                arrayList.add(0, str3);
            } else {
                arrayList.add(1, str3);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "makeRealmList");
        }
        return arrayList;
    }

    private String getGlobalSecurityRealm(Session session, ConfigService configService) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getGlobalSecurityRealm");
        }
        String str = null;
        try {
            try {
                ObjectName objectName = (ObjectName) configService.getAttribute(session, SecConfigTaskHelper.getSecurityObjectName(session, configService), "activeUserRegistry");
                if (objectName != null) {
                    str = (String) configService.getAttribute(session, objectName, "realm");
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "getGlobalSecurityRealm");
                }
                return str;
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "1713");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getGlobalSecurityRealm");
            }
            throw th;
        }
    }

    public Boolean checkRegistryUserPassword(AbstractAdminCommand abstractAdminCommand) throws Exception {
        AttributeList securityAttrsForDomain;
        String resourceOfDomain;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkRegistryUserPassword");
        }
        try {
            try {
                ConfigService configService = getCommandProviderHelper().getConfigService();
                Session configSession = abstractAdminCommand.getConfigSession();
                String str = (String) abstractAdminCommand.getParameter("realmName");
                String str2 = (String) abstractAdminCommand.getParameter("securityDomainName");
                String str3 = (String) abstractAdminCommand.getParameter(CommonConstants.RESOURCE_NAME);
                String str4 = (String) abstractAdminCommand.getParameter(AdminClient.USERNAME);
                String str5 = (String) abstractAdminCommand.getParameter("password");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "realmName name is " + str);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "securityDomainName name is " + str2);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "resourceName name is " + str3);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "username name is " + str4);
                }
                if (str != null && str.length() == 0) {
                    str = null;
                }
                if (str2 != null && str2.length() == 0) {
                    str2 = null;
                }
                if ((str != null && (str3 != null || str2 != null)) || ((str3 != null && (str != null || str2 != null)) || (str2 != null && (str3 != null || str != null)))) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.dupType.SECJ7761E", null));
                }
                if (str != null) {
                    securityAttrsForDomain = getSecurityAttrsForRealm(configSession, configService, str);
                    resourceOfDomain = getResourceOfRealm(configSession, configService, str);
                } else if (str3 != null) {
                    securityAttrsForDomain = getSecurityAttrsForResource(configSession, configService, str3);
                    resourceOfDomain = findProcessForResource(configSession, configService, str3);
                } else if (str2 != null) {
                    securityAttrsForDomain = getSecurityAttrsForDomain(configSession, configService, str2);
                    resourceOfDomain = getResourceOfDomain(configSession, configService, str2);
                } else {
                    securityAttrsForDomain = getSecurityAttrsForDomain(configSession, configService, null);
                    resourceOfDomain = getResourceOfDomain(configSession, configService, null);
                }
                if (securityAttrsForDomain == null) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.noUserReg.SECJ7762E", null));
                }
                String str6 = (String) ConfigServiceHelper.getAttributeValue(securityAttrsForDomain, SystemAttributes._WEBSPHERE_CONFIG_DATA_TYPE);
                Properties properties = null;
                if (str6.equals("LocalOSUserRegistry")) {
                    properties = getLocalOSProps(securityAttrsForDomain);
                } else if (str6.equals("CustomUserRegistry")) {
                    properties = getCustomProps(securityAttrsForDomain);
                } else if (str6.equals("LDAPUserRegistry")) {
                    properties = getLDAPProps(securityAttrsForDomain);
                } else if (str6.equals(UserRegistryConfig.TYPE_WIM)) {
                    properties = getWIMProps(securityAttrsForDomain);
                }
                Boolean bool = SecConfigTaskHelper.authenticateUser(configSession, str4, str5, str6, properties, resourceOfDomain) ? Boolean.TRUE : Boolean.FALSE;
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "checkRegistryUserPassword");
                }
                return bool;
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "168");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "checkRegistryUserPassword");
            }
            throw th;
        }
    }

    public Boolean checkRegistryRunAsUser(AbstractAdminCommand abstractAdminCommand) throws Exception {
        AttributeList securityAttrsForDomain;
        String resourceOfDomain;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkRegistryRunAsUser");
        }
        try {
            try {
                ConfigService configService = getCommandProviderHelper().getConfigService();
                Session configSession = abstractAdminCommand.getConfigSession();
                ArrayList arrayList = new ArrayList();
                ArrayList arrayList2 = new ArrayList();
                String str = (String) abstractAdminCommand.getParameter("realmName");
                String str2 = (String) abstractAdminCommand.getParameter("securityDomainName");
                String str3 = (String) abstractAdminCommand.getParameter(CommonConstants.RESOURCE_NAME);
                String str4 = (String) abstractAdminCommand.getParameter("userList");
                String str5 = (String) abstractAdminCommand.getParameter("groupList");
                String str6 = (String) abstractAdminCommand.getParameter(AdminClient.USERNAME);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "realmName name is " + str);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "securityDomainName name is " + str2);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "resourceName name is " + str3);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "userList name is " + str4);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "groupList name is " + str5);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "username name is " + str6);
                }
                if (str != null && str.length() == 0) {
                    str = null;
                }
                if (str2 != null && str2.length() == 0) {
                    str2 = null;
                }
                if (str3 != null && str3.length() == 0) {
                    str3 = null;
                }
                if (str6 != null && str6.length() == 0) {
                    str6 = null;
                }
                if ((str != null && (str3 != null || str2 != null)) || ((str3 != null && (str != null || str2 != null)) || (str2 != null && (str3 != null || str != null)))) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.dupType.SECJ7761E", null));
                }
                if (str != null) {
                    securityAttrsForDomain = getSecurityAttrsForRealm(configSession, configService, str);
                    resourceOfDomain = getResourceOfRealm(configSession, configService, str);
                } else if (str3 != null) {
                    securityAttrsForDomain = getSecurityAttrsForResource(configSession, configService, str3);
                    resourceOfDomain = findProcessForResource(configSession, configService, str3);
                } else if (str2 != null) {
                    securityAttrsForDomain = getSecurityAttrsForDomain(configSession, configService, str2);
                    resourceOfDomain = getResourceOfDomain(configSession, configService, str2);
                } else {
                    securityAttrsForDomain = getSecurityAttrsForDomain(configSession, configService, null);
                    resourceOfDomain = getResourceOfDomain(configSession, configService, null);
                }
                if (str4 != null && str4.length() > 0) {
                    for (String str7 : str4.split("\\|")) {
                        arrayList.add(str7);
                    }
                }
                if (str5 != null && str5.length() > 0) {
                    for (String str8 : str5.split("\\|")) {
                        arrayList2.add(str8);
                    }
                }
                if (securityAttrsForDomain == null) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.noUserReg.SECJ7762E", null));
                }
                String str9 = (String) ConfigServiceHelper.getAttributeValue(securityAttrsForDomain, SystemAttributes._WEBSPHERE_CONFIG_DATA_TYPE);
                Properties properties = null;
                if (str9.equals("LocalOSUserRegistry")) {
                    properties = getLocalOSProps(securityAttrsForDomain);
                } else if (str9.equals("CustomUserRegistry")) {
                    properties = getCustomProps(securityAttrsForDomain);
                } else if (str9.equals("LDAPUserRegistry")) {
                    properties = getLDAPProps(securityAttrsForDomain);
                } else if (str9.equals(UserRegistryConfig.TYPE_WIM)) {
                    properties = getWIMProps(securityAttrsForDomain);
                }
                Boolean bool = SecConfigTaskHelper.checkRunAsUser(configSession, arrayList, arrayList2, str6, properties, resourceOfDomain) ? Boolean.TRUE : Boolean.FALSE;
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "checkRegistryRunAsUser");
                }
                return bool;
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "1976");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "checkRegistryRunAsUser");
            }
            throw th;
        }
    }

    public String getAccessIdFromServerId(AbstractAdminCommand abstractAdminCommand) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getRegistryObj");
        }
        String str = null;
        try {
            ConfigService configService = getCommandProviderHelper().getConfigService();
            Session configSession = abstractAdminCommand.getConfigSession();
            String str2 = (String) abstractAdminCommand.getParameter("realmName");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "realmName name is " + str2);
            }
            if (str2 != null && str2.length() == 0) {
                str2 = null;
            }
            AttributeList securityAttrsForRealm = str2 != null ? getSecurityAttrsForRealm(configSession, configService, str2) : getSecurityAttrsForDomain(configSession, configService, null);
            if (securityAttrsForRealm == null) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.noUserReg.SECJ7762E", null));
            }
            String str3 = (String) ConfigServiceHelper.getAttributeValue(securityAttrsForRealm, SystemAttributes._WEBSPHERE_CONFIG_DATA_TYPE);
            Properties properties = null;
            String str4 = (String) ConfigServiceHelper.getAttributeValue(securityAttrsForRealm, UserRegistryConfig.SERVER_ID);
            if (str4 != null && str4.length() > 0) {
                if (str3.equals("LocalOSUserRegistry")) {
                    properties = getLocalOSProps(securityAttrsForRealm);
                } else if (str3.equals("CustomUserRegistry")) {
                    properties = getCustomProps(securityAttrsForRealm);
                } else if (str3.equals("LDAPUserRegistry")) {
                    properties = getLDAPProps(securityAttrsForRealm);
                } else if (str3.equals(UserRegistryConfig.TYPE_WIM)) {
                    properties = getWIMProps(securityAttrsForRealm);
                }
                if (properties != null) {
                    str = getServerAccessId(str4, properties);
                }
            }
            return str;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "168");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught", e);
            }
            throw e;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v60, types: [java.util.Properties] */
    private String getServerAccessId(String str, Properties properties) throws Exception {
        Boolean bool;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getServerAccessId " + ConfigUtils.maskPasswords(properties));
        }
        String str2 = null;
        Properties properties2 = null;
        if (properties != null) {
            try {
                properties2 = new Properties();
                Enumeration keys = properties.keys();
                while (keys.hasMoreElements()) {
                    String str3 = (String) keys.nextElement();
                    properties2.put(str3, properties.get(str3));
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.core.SecurityAdmin.getRegistry", "1790", this);
                Tr.error(tc, "security.registry.createerror", new Object[]{e});
                throw e;
            } catch (RemoteException e2) {
                FFDCFilter.processException((Throwable) e2, "com.ibm.ws.security.core.SecurityAdmin.getRegistry", "1778", (Object) this);
                Tr.error(tc, "security.registry.createerror", new Object[]{e2});
                throw e2;
            } catch (CustomRegistryException e3) {
                FFDCFilter.processException(e3, "com.ibm.ws.security.core.SecurityAdmin.getRegistry", "1784", this);
                Tr.error(tc, "security.registry.createerror", new Object[]{e3});
                throw e3;
            }
        }
        if (properties2 != null && (bool = (Boolean) properties2.get("sslEnabled")) != null && bool.booleanValue()) {
            SSLConfig sSLConfig = null;
            try {
                sSLConfig = (Properties) properties2.get("sslConfig");
            } catch (ClassCastException e4) {
                SecureSocketLayer secureSocketLayer = (SecureSocketLayer) properties2.get("sslConfig");
                if (secureSocketLayer != null) {
                    try {
                        sSLConfig = SSLConfigManager.getInstance().parseSecureSocketLayer(null, null, secureSocketLayer, true);
                    } catch (Exception e5) {
                        FFDCFilter.processException(e5, "com.ibm.ws.security.core.SecurityAdmin.createPropertiesFromSecureSocketLayer", "1814", this);
                        if (!tc.isDebugEnabled()) {
                            return null;
                        }
                        Tr.debug(tc, "Exception converting the properties.", new Object[]{e5});
                        return null;
                    }
                }
            }
            if (sSLConfig != null) {
                properties2.put("sslConfig", sSLConfig);
            }
        }
        UserRegistryImpl userRegistryImpl = new UserRegistryImpl();
        userRegistryImpl.initialize(properties2);
        String uniqueUserId = userRegistryImpl.getUniqueUserId(str);
        if (uniqueUserId != null) {
            str2 = uniqueUserId;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getServerAccessId", str2);
        }
        return str2;
    }

    private String getResourceOfDomain(Session session, ConfigService configService, String str) throws Exception {
        String str2;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getResourceOfDomain", str);
        }
        if (str != null) {
            try {
                for (ObjectName objectName : configService.queryConfigObjects(session, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, "SecurityDomain"), null)) {
                    if (((String) configService.getAttribute(session, objectName, "name")).equals(str)) {
                        String str3 = (String) SecConfigTaskHelper.getPropertyValue(session, configService, configService.queryConfigObjects(session, objectName, ConfigServiceHelper.createObjectName((ConfigDataId) null, "AppSecurity"), null)[0], "properties", "com.ibm.websphere.lookupRegistryOnProcess");
                        if (str3 == null) {
                            str3 = (String) SecConfigTaskHelper.getPropertyValue(session, configService, SecConfigTaskHelper.getSecurityObjectName(session, configService), "properties", "com.ibm.websphere.lookupRegistryOnProcess");
                        }
                        if (str3 != null && str3.equalsIgnoreCase("true")) {
                            List list = (List) configService.getAttribute(session, objectName, ClusterConfigCommandProvider.MEMBERS_STEP_NAME);
                            if (list.size() > 0 && (str2 = (String) ConfigServiceHelper.getAttributeValue((AttributeList) list.get(0), CommonConstants.RESOURCE_NAME)) != null) {
                                return SecDomainHelper.convertResource(str2);
                            }
                        }
                    }
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "2247");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSecurityAttrsForDomain");
        }
        return null;
    }

    private String getResourceOfRealm(Session session, ConfigService configService, String str) throws Exception {
        ArrayList arrayList;
        String str2;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getResourceOfRealm", str);
        }
        try {
            ObjectName securityObjectName = SecConfigTaskHelper.getSecurityObjectName(session, configService);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Security ObjectName is " + securityObjectName + ". Cell Name is " + ConfigServiceHelper.getDisplayName(securityObjectName));
            }
            ArrayList arrayList2 = (ArrayList) configService.getAttribute(session, securityObjectName, "userRegistries");
            if (arrayList2 != null) {
                for (int i = 0; i < arrayList2.size(); i++) {
                    String str3 = (String) ConfigServiceHelper.getAttributeValue((AttributeList) arrayList2.get(i), "realm");
                    if (str3 != null && str3.equals(str)) {
                        if (tc.isEntryEnabled()) {
                            Tr.exit(tc, "getResourceOfRealm");
                        }
                        return null;
                    }
                }
            }
            for (ObjectName objectName : configService.queryConfigObjects(session, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, "SecurityDomain"), null)) {
                ObjectName objectName2 = configService.queryConfigObjects(session, objectName, ConfigServiceHelper.createObjectName((ConfigDataId) null, "AppSecurity"), null)[0];
                if (objectName2 != null && (arrayList = (ArrayList) configService.getAttribute(session, objectName2, "userRegistries")) != null) {
                    for (int i2 = 0; i2 < arrayList.size(); i2++) {
                        String str4 = (String) ConfigServiceHelper.getAttributeValue((AttributeList) arrayList.get(i2), "realm");
                        if (str4 != null && str4.equals(str)) {
                            String str5 = (String) SecConfigTaskHelper.getPropertyValue(session, configService, objectName2, "properties", "com.ibm.websphere.lookupRegistryOnProcess");
                            if (str5 == null) {
                                str5 = (String) SecConfigTaskHelper.getPropertyValue(session, configService, securityObjectName, "properties", "com.ibm.websphere.lookupRegistryOnProcess");
                            }
                            if (str5 == null || !str5.equalsIgnoreCase("true")) {
                                return null;
                            }
                            List list = (List) configService.getAttribute(session, objectName, ClusterConfigCommandProvider.MEMBERS_STEP_NAME);
                            if (list.size() > 0 && (str2 = (String) ConfigServiceHelper.getAttributeValue((AttributeList) list.get(0), CommonConstants.RESOURCE_NAME)) != null) {
                                return SecDomainHelper.convertResource(str2);
                            }
                        }
                    }
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getResourceOfRealm");
            }
            return null;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "772");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught", e);
            }
            throw e;
        }
    }

    private String findProcessForResource(Session session, ConfigService configService, String str) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "findProcessForResource", new Object[]{str});
        }
        ObjectName[] resolve = configService.resolve(session, str);
        if (resolve.length > 0) {
            String configDataId = ConfigServiceHelper.getConfigDataId(resolve[0]).toString();
            String substring = (configDataId == null || configDataId.lastIndexOf(ConfigDataId.delimiter) <= 0) ? configDataId : configDataId.substring(0, configDataId.lastIndexOf(ConfigDataId.delimiter));
            for (ObjectName objectName : configService.queryConfigObjects(session, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, "SecurityDomain"), null)) {
                List list = (List) configService.getAttribute(session, objectName, ClusterConfigCommandProvider.MEMBERS_STEP_NAME);
                for (int i = 0; i < list.size(); i++) {
                    if (((String) ConfigServiceHelper.getAttributeValue((AttributeList) list.get(i), CommonConstants.RESOURCE_NAME)).equalsIgnoreCase(substring)) {
                        String str2 = (String) SecConfigTaskHelper.getPropertyValue(session, configService, configService.queryConfigObjects(session, objectName, ConfigServiceHelper.createObjectName((ConfigDataId) null, "AppSecurity"), null)[0], "properties", "com.ibm.websphere.lookupRegistryOnProcess");
                        if (str2 == null) {
                            str2 = (String) SecConfigTaskHelper.getPropertyValue(session, configService, SecConfigTaskHelper.getSecurityObjectName(session, configService), "properties", "com.ibm.websphere.lookupRegistryOnProcess");
                        }
                        if (str2 != null && str2.equalsIgnoreCase("true")) {
                            return str;
                        }
                    }
                }
            }
        }
        if (!tc.isEntryEnabled()) {
            return null;
        }
        Tr.exit(tc, "findProcessForResource", new Object[]{null});
        return null;
    }

    private List getAllRealms(Session session, ConfigService configService, String str, String str2) {
        ArrayList arrayList;
        ArrayList arrayList2 = new ArrayList();
        try {
            ArrayList arrayList3 = (ArrayList) configService.getAttribute(session, SecConfigTaskHelper.getSecurityObjectName(session, configService), "userRegistries");
            if (arrayList3 != null) {
                for (int i = 0; i < arrayList3.size(); i++) {
                    String str3 = (String) ConfigServiceHelper.getAttributeValue((AttributeList) arrayList3.get(i), "realm");
                    if (str3 != null && str3.length() > 0 && !arrayList2.contains(str3)) {
                        arrayList2.add(str3);
                    }
                }
            }
            for (ObjectName objectName : configService.queryConfigObjects(session, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, "SecurityDomain"), null)) {
                ObjectName objectName2 = configService.queryConfigObjects(session, objectName, ConfigServiceHelper.createObjectName((ConfigDataId) null, "AppSecurity"), null)[0];
                if (objectName2 != null && (arrayList = (ArrayList) configService.getAttribute(session, objectName2, "userRegistries")) != null) {
                    for (int i2 = 0; i2 < arrayList.size(); i2++) {
                        String str4 = (String) ConfigServiceHelper.getAttributeValue((AttributeList) arrayList.get(i2), "realm");
                        if (str4 != null && str4.length() > 0 && !arrayList2.contains(str4)) {
                            arrayList2.add(str4);
                        }
                    }
                }
            }
            if (str != null && str.length() > 0) {
                if (arrayList2.contains(str)) {
                    arrayList2.remove(str);
                }
                arrayList2.add(0, str);
            }
            if (str2 != null && str2.length() > 0) {
                if (arrayList2.contains(str2)) {
                    arrayList2.remove(str2);
                }
                if (str == null || str.length() <= 0 || arrayList2.size() <= 0) {
                    arrayList2.add(0, str2);
                } else {
                    arrayList2.add(1, str2);
                }
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityRealmProvider", "2512");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught while getting list of all realms ", e);
            }
        }
        return arrayList2;
    }

    private boolean isRealmInRealmList(String str, String str2) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isRealmInRealmList");
        }
        for (String str3 : str2.split("\\|")) {
            if (str.equals(str3)) {
                if (!tc.isEntryEnabled()) {
                    return true;
                }
                Tr.exit(tc, "isRealmInRealmList");
                return true;
            }
        }
        if (!tc.isEntryEnabled()) {
            return false;
        }
        Tr.exit(tc, "isRealmInRealmList");
        return false;
    }
}
