package com.ibm.ws.security.web;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ras.RASFormatter;
import com.ibm.websphere.csi.CSIException;
import com.ibm.websphere.management.AdminContext;
import com.ibm.websphere.security.WSSecurityException;
import com.ibm.websphere.security.WSSecurityHelper;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.runtime.deploy.DeployedModule;
import com.ibm.ws.security.config.AuthorizationConfig;
import com.ibm.ws.security.config.JaspiConfiguration;
import com.ibm.ws.security.config.SecurityConfig;
import com.ibm.ws.security.config.SecurityConfigResource;
import com.ibm.ws.security.config.SecurityObjectLocator;
import com.ibm.ws.security.core.ContextManager;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.security.core.WSAccessManager;
import com.ibm.ws.security.util.AccessController;
import com.ibm.ws.security.util.Constants;
import com.ibm.ws.security.util.ServerIdentityHelper;
import com.ibm.ws.security.web.JaspiCollaborator;
import com.ibm.ws.security.zOS.threadid.ThreadIdentityManager;
import com.ibm.ws.sm.workspace.impl.WorkSpaceConstant;
import com.ibm.ws.threadContext.ComponentMetaDataAccessorImpl;
import com.ibm.ws.util.PlatformHelperFactory;
import com.ibm.ws390.sm.smf.SmfContainerInfo;
import com.ibm.wsspi.security.token.PropagationToken;
import com.ibm.wsspi.wswebcontainer.metadata.WebComponentMetaData;
import com.ibm.wsspi.wswebcontainer.metadata.WebModuleMetaData;
import java.io.IOException;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Enumeration;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.message.config.AuthConfigProvider;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.jst.j2ee.internal.web.operations.CreateServletTemplateModel;
import org.eclipse.jst.j2ee.webapplication.WebApp;

/* loaded from: input_file:wasJars/securityimpl.jar:com/ibm/ws/security/web/EJSWebCollaborator.class */
public class EJSWebCollaborator extends WebCollaborator implements WebSecurityCollaborator {
    private static final TraceComponent tc = Tr.register((Class<?>) EJSWebCollaborator.class, "Security", (String) null);
    private final ContextManager contextManager = ContextManagerFactory.getInstance();
    private ThreadIdentityManager threadIdManager = null;
    private final boolean isZOS = PlatformHelperFactory.getPlatformHelper().isZOS();
    private WebAppCache webCache = new WebAppCache();

    public EJSWebCollaborator() throws Exception {
        init();
    }

    @Override // com.ibm.ws.security.web.WebCollaborator
    protected WebAppCache getWebCache() {
        return this.webCache;
    }

    @Override // com.ibm.ws.security.web.WebSecurityCollaborator
    public Object preInvoke() throws WebSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "preInvoke");
        }
        try {
            this.contextManager.clearCallerContext();
            try {
                if (this.isZOS && SmfContainerInfo.isSmf120St9Enabled()) {
                    doSmfLogging(getServerSubject(), this.contextManager.getCallerSubject(), this.contextManager.getInvocationSubject());
                }
            } catch (WSSecurityException e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.web.EJSWebCollaborator.preInvoke", "241", this);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Caught unexpected exception", e);
                }
            }
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "preInvoke", null);
            return null;
        } catch (Exception e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.web.EJSWebCollaborator.preInvoke", "178", this);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "preInvoke", e2);
            }
            throw new WebSecurityException(e2.getMessage(), new DenyReply("Unable to clear caller context."), null);
        }
    }

    /* JADX WARN: Finally extract failed */
    @Override // com.ibm.ws.security.web.WebSecurityCollaborator
    public Object preInvoke(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, String str3, boolean z) throws WebSecurityException, IOException {
        JaspiCollaborator.JaspiAuthContext jaspiAuthContext;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "preInvoke", new Object[]{httpServletRequest, httpServletResponse, str, str2, str3, new Boolean(z)});
        }
        if (tc.isDebugEnabled() && httpServletRequest != null) {
            Tr.debug(tc, "Http Header names and values:\n" + debugGetAllHttpHdrs(httpServletRequest));
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(" Request Context Path=").append(httpServletRequest.getContextPath());
            stringBuffer.append(", Servlet Path=").append(httpServletRequest.getServletPath());
            stringBuffer.append(", Path Info=").append(httpServletRequest.getPathInfo());
            Tr.debug(tc, stringBuffer.toString());
        }
        Subject subject = null;
        Subject subject2 = null;
        Map map = null;
        try {
            subject = this.contextManager.getInvocationSubject();
            subject2 = this.contextManager.getCallerSubject();
            map = this.contextManager.getPropagationTokens();
        } catch (WSSecurityException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.web.EJSWebCollaborator.preInvoke", "241", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Caught unexpected exception", e);
            }
        }
        WebSecurityContext webSecurityContext = new WebSecurityContext(subject, subject2, map);
        if (SetUnauthenticatedSubjectIfNeeded(subject, subject2)) {
            try {
                subject = this.contextManager.getInvocationSubject();
            } catch (WSSecurityException e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.security.web.EJSWebCollaborator.preInvoke", "257", this);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Caught unexpected exception", e2);
                }
            }
        }
        String str4 = str2 + ":" + str;
        String str5 = "";
        String str6 = "";
        if (z || this.contextManager.getPlatformHelper().isZOS()) {
            try {
                WebComponentMetaData componentMetaData = ComponentMetaDataAccessorImpl.getComponentMetaDataAccessor().getComponentMetaData();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "WebComponentMetaData", componentMetaData);
                }
                if (componentMetaData != null) {
                    WebModuleMetaData moduleMetaData = componentMetaData.getModuleMetaData();
                    str5 = moduleMetaData.getConfiguration().getModuleName();
                    str6 = moduleMetaData.getApplicationMetaData().getName();
                    boolean checkIfAdminApp = WSAccessManager.checkIfAdminApp(str6);
                    if (!SecurityObjectLocator.getSecurityConfigManager().isAdminAgent() && !checkIfAdminApp && httpServletRequest != null) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "preInvoke pushing app name " + str6);
                        }
                        webSecurityContext.setPushedSecurityContext(SecurityObjectLocator.pushAppContext(str6));
                    }
                    boolean isServerSecurityEnabled = WSSecurityHelper.isServerSecurityEnabled();
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "preInvoke", "app_name=" + str6 + " isAdminApp=" + checkIfAdminApp + " isAppSecurityOn=" + isServerSecurityEnabled);
                    }
                    if (!isServerSecurityEnabled && !checkIfAdminApp) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "preInvoke", "Skip authorization for non-system apps when app security is disabled.");
                        }
                        return webSecurityContext;
                    }
                    if (z) {
                        boolean z2 = false;
                        if (str6 != null) {
                            z2 = "filetransferSecured".equals(str6) || "filetransfer".equals(str6);
                        }
                        boolean isAdminAgent = SecurityObjectLocator.getSecurityConfigManager().isAdminAgent();
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "isAdminAgent: " + isAdminAgent + " isFileTransferApp: " + z2 + " req != null " + (httpServletRequest != null));
                        }
                        if (isAdminAgent && httpServletRequest != null && z2) {
                            String parameter = httpServletRequest.getParameter("uuid");
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "uuid for filetransfer: " + parameter);
                            }
                            if (parameter != null) {
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "preInvoke pushing uuid \"" + parameter + "\" for filetransfer application.");
                                }
                                webSecurityContext.setPushedAdminContext(AdminContext.push(parameter));
                            }
                        } else if (SecurityObjectLocator.getSecurityConfigManager().isAdminAgent() && str != null && str.equals("/ibm/console") && httpServletRequest != null) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "preInvoke app name " + str6);
                            }
                            String str7 = null;
                            try {
                                str7 = (String) httpServletRequest.getSession().getAttribute("iscSelectedProfileKey");
                            } catch (IllegalStateException e3) {
                            }
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "Pushing UUID for AdminConsole: " + str7);
                            }
                            webSecurityContext.setPushedAdminContext(AdminContext.push(str7));
                        }
                        if (httpServletRequest != null && checkIfAdminApp) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "preInvoke pushing admin");
                            }
                            webSecurityContext.setPushedSecurityContext(SecurityObjectLocator.pushAdminContext());
                        }
                    }
                }
            } catch (Exception e4) {
                Tr.error(tc, "security.web.compmetadata.error", new Object[]{str, e4});
                FFDCFilter.processException(e4, "com.ibm.ws.security.web.EJSWebCollaborator.preInvoke", "335", this);
                throw new WebSecurityException(e4.getMessage(), new DenyReply("Unable to get WebComponentMetaData object."), webSecurityContext);
            }
        }
        AuthConfigProvider authConfigProvider = null;
        WebRequestImpl webRequestImpl = null;
        if (httpServletRequest != null && z) {
            try {
                SecurityConfig securityConfig = SecurityObjectLocator.getSecurityConfig();
                boolean z3 = securityConfig.getAuthorizationConfig().getBoolean(AuthorizationConfig.USE_JACC_PROVIDER);
                WebAccessContext webAccessContext = getWebCache().getWebAccessContext(str6, str4);
                String str8 = str2 + RASFormatter.DEFAULT_SEPARATOR + str;
                webRequestImpl = new WebRequestImpl(z, false, false, true, true, httpServletRequest, httpServletResponse, str8, str5, str6, z3, webAccessContext, webSecurityContext, this.contextManager, WebAuthenticator.getInstance(), securityConfig);
                JaspiConfiguration jaspiConfiguration = securityConfig.getJaspiConfiguration(true);
                if (jaspiConfiguration != null && jaspiConfiguration.getBoolean("enabled")) {
                    authConfigProvider = jaspiCollaborator.getAuthConfigProvider(str8);
                    if (authConfigProvider != null && (jaspiAuthContext = jaspiCollaborator.getJaspiAuthContext(webRequestImpl, authConfigProvider)) != null) {
                        webSecurityContext.setJaspiAuthContext(jaspiAuthContext);
                    }
                }
                WebReply authorizeForJACC = z3 ? authorizeForJACC(webRequestImpl) : authorize(webRequestImpl);
                if (authorizeForJACC.getStatusCode() != 200) {
                    throw new WebSecurityException(authorizeForJACC.message, authorizeForJACC, webSecurityContext);
                }
                authorizeForJACC.writeResponse(httpServletResponse);
            } catch (Throwable th) {
                if (SecurityObjectLocator.getSecurityConfigManager().isAdminAgent() && webSecurityContext != null && webSecurityContext.getPushedAdminContext()) {
                    String pop = AdminContext.pop();
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "preInvoke popped uuid \"" + pop + "\".");
                    }
                }
                throw th;
            }
        }
        Subject subject3 = null;
        try {
            subject3 = this.contextManager.getCallerSubject();
        } catch (WSSecurityException e5) {
            FFDCFilter.processException(e5, "com.ibm.ws.security.web.EJSWebCollaborator.preInvoke", "364", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Caught unexpected exception", e5);
            }
        }
        Subject subject4 = null;
        if (z) {
            subject4 = delegate(authConfigProvider, webRequestImpl, subject3, str4, str3, str6);
        }
        if (subject4 != null) {
            try {
                this.contextManager.setInvocationSubject(subject4);
                subject = subject4;
            } catch (Exception e6) {
                FFDCFilter.processException(e6, "com.ibm.ws.security.web.EJSWebCollaborator.preInvoke", "382", this);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Unexpected exception when setting the invocation subject", e6);
                }
                throw new WebSecurityException(null, new DenyReply("DelgationFailed"), webSecurityContext);
            }
        }
        if (this.contextManager.getPlatformHelper().isZOS()) {
            boolean isThreadLocalApplicationSyncEnabled = this.threadIdManager.isThreadLocalApplicationSyncEnabled();
            webSecurityContext.setSyncToThreadToken(setOSThreadIdentity(subject, str4, isThreadLocalApplicationSyncEnabled, str6));
            webSecurityContext.setAppSyncToOSThreadEnabled(isThreadLocalApplicationSyncEnabled);
        }
        if (SecurityObjectLocator.getSecurityConfigManager().isAdminAgent() && webSecurityContext != null && webSecurityContext.getPushedAdminContext()) {
            String pop2 = AdminContext.pop();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "preInvoke popped uuid \"" + pop2 + "\".");
            }
        }
        if (this.isZOS && SmfContainerInfo.isSmf120St9Enabled()) {
            doSmfLogging(getServerSubject(), subject2, subject);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "preInvoke", webSecurityContext);
        }
        return webSecurityContext;
    }

    @Override // com.ibm.ws.security.web.WebSecurityCollaborator
    public Object preInvoke(String str, String str2, String str3) throws WebSecurityException, IOException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "preInvoke", new Object[]{str, str2, str3});
        }
        try {
            Subject invocationSubject = this.contextManager.getInvocationSubject();
            Subject callerSubject = this.contextManager.getCallerSubject();
            WebSecurityContext webSecurityContext = new WebSecurityContext(invocationSubject, callerSubject, this.contextManager.getPropagationTokens());
            try {
                AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() { // from class: com.ibm.ws.security.web.EJSWebCollaborator.1
                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws Exception {
                        EJSWebCollaborator.this.contextManager.setInvocationSubject(EJSWebCollaborator.this.contextManager.getServerSubject());
                        return null;
                    }
                });
                WebSecurityContext webSecurityContext2 = (WebSecurityContext) preInvoke(null, null, str, str2, str3, true);
                webSecurityContext.setSyncToThreadToken(webSecurityContext2.getSyncToThreadToken());
                webSecurityContext.setAppSyncToOSThreadEnabled(webSecurityContext2.isAppSyncToOSThreadEnabled());
                if (this.isZOS && SmfContainerInfo.isSmf120St9Enabled()) {
                    doSmfLogging(getServerSubject(), callerSubject, invocationSubject);
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "preInvoke", webSecurityContext);
                }
                return webSecurityContext;
            } catch (PrivilegedActionException e) {
                FFDCFilter.processException(e.getException(), "com.ibm.ws.security.EJSWebCollaborator", "468", this);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Exception setting ServerSubject on thread : ", new Object[]{e.getException()});
                }
                throw new WebSecurityException(e.getException().getMessage(), new DenyReply("Exception setting ServerSubject on thread"));
            }
        } catch (WSSecurityException e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.web.EJSWebCollaborator.preInvoke", "449", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Caught unexpected exception", e2);
            }
            throw new WebSecurityException(e2.getMessage(), new DenyReply("Unexpected exception in CntextManager."));
        }
    }

    @Override // com.ibm.ws.security.web.WebSecurityCollaborator
    public void postInvoke(Object obj) throws WebSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "postInvoke", obj);
        }
        if (this.securityEnabled && obj != null) {
            WebSecurityContext webSecurityContext = (WebSecurityContext) obj;
            if (webSecurityContext != null && webSecurityContext.getJaspiAuthContext() != null) {
                jaspiCollaborator.postInvoke(webSecurityContext);
            }
            try {
                try {
                    Subject invokedSubject = webSecurityContext.getInvokedSubject();
                    Subject receivedSubject = webSecurityContext.getReceivedSubject();
                    Map propagationTokens = webSecurityContext.getPropagationTokens();
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Resetting invoked: " + getPrivTraceData(invokedSubject) + " and received: " + getPrivTraceData(receivedSubject) + "subjects");
                    }
                    this.contextManager.setInvocationSubject(invokedSubject);
                    this.contextManager.setCallerSubject(receivedSubject);
                    if (propagationTokens != null) {
                        for (String str : propagationTokens.keySet()) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "Resetting propagation token: " + str);
                            }
                            this.contextManager.setPropagationToken(str, (PropagationToken) propagationTokens.get(str));
                        }
                    }
                    if (this.contextManager.getPlatformHelper().isZOS()) {
                        this.threadIdManager.setThreadLocalApplicationSyncEnabled(webSecurityContext.isAppSyncToOSThreadEnabled());
                        Object syncToThreadToken = webSecurityContext.getSyncToThreadToken();
                        if (syncToThreadToken != null) {
                            this.threadIdManager.restoreLocalOSThreadID(syncToThreadToken);
                        }
                    }
                    if (webSecurityContext.getPushedSecurityContext()) {
                        SecurityConfigResource popContext = SecurityObjectLocator.popContext();
                        if (tc.isDebugEnabled()) {
                            if (popContext != null) {
                                Tr.debug(tc, "postInvoke popped resource " + popContext.getName() + " of type " + popContext.getType());
                            } else {
                                Tr.debug(tc, "postInvoke popped null resource");
                            }
                        }
                    }
                } catch (Exception e) {
                    FFDCFilter.processException(e, "com.ibm.ws.security.web.EJSWebCollaborator.postInvoke", "535", this);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Caught unexpected exception", e);
                    }
                    if (webSecurityContext.getPushedSecurityContext()) {
                        SecurityConfigResource popContext2 = SecurityObjectLocator.popContext();
                        if (tc.isDebugEnabled()) {
                            if (popContext2 != null) {
                                Tr.debug(tc, "postInvoke popped resource " + popContext2.getName() + " of type " + popContext2.getType());
                            } else {
                                Tr.debug(tc, "postInvoke popped null resource");
                            }
                        }
                    }
                }
            } catch (Throwable th) {
                if (webSecurityContext.getPushedSecurityContext()) {
                    SecurityConfigResource popContext3 = SecurityObjectLocator.popContext();
                    if (tc.isDebugEnabled()) {
                        if (popContext3 != null) {
                            Tr.debug(tc, "postInvoke popped resource " + popContext3.getName() + " of type " + popContext3.getType());
                        } else {
                            Tr.debug(tc, "postInvoke popped null resource");
                        }
                    }
                }
                throw th;
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "postInvoke");
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:24:0x0135  */
    /* JADX WARN: Removed duplicated region for block: B:30:0x00b8 A[Catch: WebSecurityException -> 0x00c8, TryCatch #0 {WebSecurityException -> 0x00c8, blocks: (B:10:0x004f, B:15:0x006b, B:17:0x007b, B:19:0x0084, B:20:0x009d, B:28:0x00af, B:30:0x00b8, B:31:0x00c0), top: B:9:0x004f }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private javax.security.auth.Subject delegate(javax.security.auth.message.config.AuthConfigProvider r8, com.ibm.ws.security.web.WebRequest r9, javax.security.auth.Subject r10, java.lang.String r11, java.lang.String r12, java.lang.String r13) throws com.ibm.websphere.csi.CSIException {
        /*
            Method dump skipped, instructions count: 325
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.security.web.EJSWebCollaborator.delegate(javax.security.auth.message.config.AuthConfigProvider, com.ibm.ws.security.web.WebRequest, javax.security.auth.Subject, java.lang.String, java.lang.String, java.lang.String):javax.security.auth.Subject");
    }

    @Override // com.ibm.ws.security.web.WebSecurityCollaborator
    public void handleException(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, WebSecurityException webSecurityException) throws ServletException, IOException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "handleException", new Object[]{httpServletRequest, httpServletResponse, webSecurityException});
        }
        WebReply webReply = webSecurityException.getWebReply();
        if (webReply.getStatusCode() == 500) {
            ServletException servletException = new ServletException(Constants.nls.getString("security.web.internalservererror", "Internal Server Error"), webSecurityException);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "HandleException", servletException);
            }
            throw servletException;
        }
        WebSecurityContext webSecurityContext = (WebSecurityContext) webSecurityException.getWebSecurityContext();
        if (webSecurityContext != null) {
            if (webSecurityContext.getPushedSecurityContext()) {
                SecurityConfigResource popContext = SecurityObjectLocator.popContext();
                if (tc.isDebugEnabled()) {
                    if (popContext != null) {
                        Tr.debug(tc, "handleException popped resource " + popContext.getName() + " of type " + popContext.getType());
                    } else {
                        Tr.debug(tc, "handleException popped null resource");
                    }
                }
            }
            if (webSecurityContext.getPushedAdminContext()) {
                String pop = AdminContext.pop();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "handleException popped uuid \"" + pop + "\".");
                }
            }
        }
        webReply.writeResponse(httpServletResponse);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "handleException");
        }
    }

    public void init() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, CreateServletTemplateModel.INIT);
        }
        try {
            createAuthorizationManager();
            if (this.contextManager.getPlatformHelper().isZOS()) {
                this.threadIdManager = ThreadIdentityManager.getThreadIdentityManager();
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.web.EJSWebCollaborator.init", "630", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Unexpected exception", e);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, CreateServletTemplateModel.INIT);
        }
    }

    @Override // com.ibm.ws.security.web.WebSecurityCollaborator
    public void addWebAppConfig(String str, WebApp webApp, String str2, Object obj) throws WebSecurityConfigException {
        boolean pushAdminContext;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addWebAppConfig", new Object[]{str, webApp, str2, obj});
        }
        if (WSAccessManager.checkIfAdminApp(str2)) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "addWebAppConfig pushing Admin");
            }
            pushAdminContext = SecurityObjectLocator.pushAdminContext();
        } else {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "addWebAppConfig pushing app name " + str2);
            }
            pushAdminContext = SecurityObjectLocator.pushAppContext(str2);
        }
        try {
            try {
                addWebApp(str2, str, webApp, (DeployedModule) obj);
                if (pushAdminContext) {
                    SecurityObjectLocator.popContext();
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "addWebAppConfig");
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.web.EJSWebCollaborator.addWebAppConfig", "597", this);
                throw new WebSecurityConfigException(e.getMessage(), null);
            }
        } catch (Throwable th) {
            if (pushAdminContext) {
                SecurityObjectLocator.popContext();
            }
            throw th;
        }
    }

    private String debugGetAllHttpHdrs(HttpServletRequest httpServletRequest) {
        StringBuffer stringBuffer = new StringBuffer(512);
        try {
            Enumeration<String> headerNames = httpServletRequest.getHeaderNames();
            while (headerNames.hasMoreElements()) {
                String nextElement = headerNames.nextElement();
                stringBuffer.append(nextElement).append("=");
                stringBuffer.append(WorkSpaceConstant.FIELD_SEPERATOR).append(WebAuthenticator.getHeader(httpServletRequest, nextElement)).append("]\n");
            }
        } catch (Throwable th) {
        }
        return stringBuffer.toString();
    }

    private Object setOSThreadIdentity(Subject subject, String str, boolean z, String str2) throws CSIException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setOSThreadIdentity", new Object[]{subject, str, new Boolean(z), str2});
        }
        Object obj = null;
        WebAttributes webAttributes = this.webCache.getWebAccessContext(str2, str).getWebAttributes();
        if (webAttributes != null) {
            boolean isApplicationSyncToOSThreadEnabled = webAttributes.isApplicationSyncToOSThreadEnabled();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Sync to thread enabled: " + isApplicationSyncToOSThreadEnabled);
            }
            try {
            } catch (Throwable th) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Unexpected exception", th);
                }
            }
            if (isApplicationSyncToOSThreadEnabled) {
                obj = this.threadIdManager.setAppLocalOSThreadID(subject);
            } else {
                if (z) {
                    obj = ServerIdentityHelper.getServerIdentityHelper().push();
                }
                this.threadIdManager.setThreadLocalApplicationSyncEnabled(isApplicationSyncToOSThreadEnabled);
            }
            this.threadIdManager.setThreadLocalApplicationSyncEnabled(isApplicationSyncToOSThreadEnabled);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setOSThreadIdentity", obj);
        }
        return obj;
    }

    private static String getPrivTraceData(final Object obj) {
        String str = null;
        if (obj != null) {
            try {
                str = (String) AccessController.doPrivileged(new PrivilegedAction<String>() { // from class: com.ibm.ws.security.web.EJSWebCollaborator.2
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedAction
                    public String run() {
                        return obj.toString();
                    }
                });
            } catch (Exception e) {
                str = "Exception in toString: " + e.getMessage();
            }
        }
        return str;
    }
}
