package com.ibm.ws.security.server;

import com.ibm.ISecurityLocalObjectBaseL13Impl.DomainInfo;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.cache.DistributedMap;
import com.ibm.websphere.management.AdminContext;
import com.ibm.websphere.security.UserRegistry;
import com.ibm.websphere.security.auth.CredentialDestroyedException;
import com.ibm.websphere.security.auth.WSLoginFailedException;
import com.ibm.websphere.security.cred.WSCredential;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.management.profileregistry.ProfileRegistry;
import com.ibm.ws.management.profileregistry.ProfileRegistryFactory;
import com.ibm.ws.security.auth.BasicAuthData;
import com.ibm.ws.security.auth.DistributedMapFactory;
import com.ibm.ws.security.config.SecurityConfig;
import com.ibm.ws.security.config.SecurityConfigManager;
import com.ibm.ws.security.config.SecurityConfigResource;
import com.ibm.ws.security.config.SecurityObjectLocator;
import com.ibm.ws.security.config.ServerStatusHelper;
import com.ibm.ws.security.config.UserRegistryConfig;
import com.ibm.ws.security.core.ContextManager;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.security.jaspi.commands.AdminConstants;
import com.ibm.ws.security.registry.UserRegistryImpl;
import com.ibm.ws.security.role.RoleBasedAuthorizer;
import com.ibm.ws.security.role.RoleBasedConfigurator;
import com.ibm.ws.security.util.ByteArray;
import com.ibm.ws.security.util.Constants;
import com.ibm.ws.security.util.PasswordUtil;
import com.ibm.wsspi.security.token.TokenHolder;
import java.io.ByteArrayOutputStream;
import java.io.PrintStream;
import java.rmi.RemoteException;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import javax.rmi.PortableRemoteObject;
import javax.security.auth.Subject;
import javax.security.auth.login.CredentialExpiredException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:wasJars/com.ibm.ws.admin.client_9.0.jar:com/ibm/ws/security/server/SecurityServerImpl.class */
public class SecurityServerImpl extends PortableRemoteObject implements SecurityServer {
    private boolean securityEnabled = false;
    private static UserRegistry registryImpl;
    private static UserRegistry appRegistryImpl;
    private static UserRegistry registry;
    private static UserRegistry appRegistry;
    private static final TraceComponent tc = Tr.register((Class<?>) SecurityServerImpl.class, "Security", AdminConstants.MSG_BUNDLE_NAME);
    private static RoleBasedAuthorizer authorizer = null;
    private static UserRegistryImpl appUserRegistryImpl = null;
    private static SecurityConfigManager scm = SecurityObjectLocator.getSecurityConfigManager();
    private static final String nullString = new String();
    private static final String[] nullStringArray = new String[0];
    private static String remoteReg = null;
    private static byte[] authen_successful = {0};
    private static byte[] authen_failure = {-1};

    public SecurityServerImpl() throws RemoteException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "<init>");
        }
        initializeRegistries();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "<init>", this);
        }
    }

    private static void initializeRegistries() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initializeRegistries");
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "<init> getting admin registry");
        }
        boolean pushAdminContext = SecurityObjectLocator.pushAdminContext();
        try {
            try {
                UserRegistryConfig activeUserRegistry = SecurityObjectLocator.getSecurityConfig().getActiveUserRegistry();
                registryImpl = (UserRegistry) activeUserRegistry.getUserRegistryImpl();
                registry = (UserRegistry) activeUserRegistry.getUserRegistryStub();
                DomainInfo.setAdminRealm(activeUserRegistry.getString("realm"));
                if (pushAdminContext) {
                    SecurityObjectLocator.popContext();
                }
            } catch (Exception e) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "<init> unexpected exception getting admin registry impl or stub", e);
                }
                if (pushAdminContext) {
                    SecurityObjectLocator.popContext();
                }
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "<init> getting application registry");
            }
            boolean pushAppContext = SecurityObjectLocator.pushAppContext("");
            try {
                try {
                    UserRegistryConfig activeUserRegistry2 = SecurityObjectLocator.getSecurityConfig().getActiveUserRegistry();
                    appRegistryImpl = (UserRegistry) activeUserRegistry2.getUserRegistryImpl();
                    appRegistry = (UserRegistry) activeUserRegistry2.getUserRegistryStub();
                    DomainInfo.setAppRealm(activeUserRegistry2.getString("realm"));
                    if (pushAppContext) {
                        SecurityObjectLocator.popContext();
                    }
                } catch (Exception e2) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "<init> unexpected exception getting domain registry impl or stub", e2);
                    }
                    if (pushAppContext) {
                        SecurityObjectLocator.popContext();
                    }
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "initializeRegistries");
                }
            } catch (Throwable th) {
                if (pushAppContext) {
                    SecurityObjectLocator.popContext();
                }
                throw th;
            }
        } catch (Throwable th2) {
            if (pushAdminContext) {
                SecurityObjectLocator.popContext();
            }
            throw th2;
        }
    }

    /* JADX WARN: Finally extract failed */
    @Override // com.ibm.ws.security.server.SecurityServer
    public boolean simple_authenticate(BasicAuthData basicAuthData) throws WSLoginFailedException, RemoteException {
        boolean pushContext;
        String string;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "simple_authenticate", basicAuthData);
        }
        String str = null;
        if (basicAuthData.getRealm() == null || basicAuthData.getRealm().equals("")) {
            basicAuthData.setRealm(DomainInfo.getAdminRealm());
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "simple_authenticate setting ba realm to admin realm: " + basicAuthData.getRealm());
            }
        } else {
            try {
                if (SecurityObjectLocator.getSecurityConfigManager().isAdminAgent()) {
                    try {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "In admin agent, looking for profile.");
                        }
                        final ProfileRegistry registry2 = ProfileRegistryFactory.getRegistry();
                        List list = (List) ContextManagerFactory.getInstance().runAsSystem(new PrivilegedExceptionAction() { // from class: com.ibm.ws.security.server.SecurityServerImpl.1
                            @Override // java.security.PrivilegedExceptionAction
                            public Object run() throws Exception {
                                return registry2.getRemoteProfileKeys();
                            }
                        });
                        if (list != null) {
                            for (int i = 0; i < list.size(); i++) {
                                String str2 = (String) list.get(i);
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "Looking for realm of profile UUID: " + str2);
                                }
                                boolean push = AdminContext.push(str2);
                                try {
                                    try {
                                        string = SecurityObjectLocator.getSecurityConfig().getActiveUserRegistry().getString("realm");
                                    } catch (Exception e) {
                                        if (tc.isDebugEnabled()) {
                                            Tr.debug(tc, "Exception looking for realm in simple_authenticate.", new Object[]{e});
                                        }
                                        if (push) {
                                            AdminContext.pop();
                                        }
                                    }
                                    if (string == null || !string.equals(basicAuthData.getRealm())) {
                                        if (push) {
                                            AdminContext.pop();
                                        }
                                    } else {
                                        str = (String) list.get(i);
                                        if (tc.isDebugEnabled()) {
                                            Tr.debug(tc, "Found first profile that owns realm name \"" + basicAuthData.getRealm() + "\".");
                                        }
                                        if (push) {
                                            AdminContext.pop();
                                        }
                                    }
                                } catch (Throwable th) {
                                    if (push) {
                                        AdminContext.pop();
                                    }
                                    throw th;
                                }
                            }
                        } else if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "There are no profiles returned from the profile registry.");
                        }
                    } catch (Throwable th2) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Exception getting profile registry or profile for realm.", new Object[]{th2});
                        }
                    }
                } else {
                    str = basicAuthData.getRealm().equalsIgnoreCase(DomainInfo.getAdminRealm()) ? "admin" : "application";
                }
            } catch (Exception e2) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "simple_authenticate unexpected Exception occurred.", new Object[]{e2});
                }
                throw new WSLoginFailedException(e2.getMessage(), e2);
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Pushing resourceName: " + str);
        }
        if (SecurityObjectLocator.getSecurityConfigManager().isAdminAgent()) {
            if (str != null && str.equals("admin")) {
                str = null;
            }
            pushContext = AdminContext.push(str);
        } else {
            if (str == null) {
                str = "admin";
            }
            pushContext = SecurityObjectLocator.pushContext("", str);
        }
        try {
            try {
                try {
                    ContextManager contextManagerFactory = ContextManagerFactory.getInstance();
                    SecurityConfig securityConfig = SecurityObjectLocator.getSecurityConfig();
                    String property = securityConfig.getProperty("WAS_UseRemoteRegistry");
                    if (property == null || !(property.equalsIgnoreCase("node") || property.equalsIgnoreCase("cell"))) {
                        if (securityConfig.getActiveUserRegistry().getUserRegistryImpl() != null) {
                            try {
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "simple_authenticate using local registry to authenticate.");
                                }
                                if (contextManagerFactory.login(basicAuthData.getRealm(), basicAuthData.getUserid(), PasswordUtil.passwordDecode(basicAuthData.getPassword()), securityConfig.getProperty("com.ibm.CSI.rmiInboundLoginConfig"), (HttpServletRequest) null, (HttpServletResponse) null, (Map) null, (Subject) null) != null) {
                                    if (tc.isDebugEnabled()) {
                                        Tr.debug(tc, "simple_authenticate found subject from login, returning true for simple_authenticate.");
                                    }
                                    if (pushContext) {
                                        if (SecurityObjectLocator.getSecurityConfigManager().isAdminAgent()) {
                                            AdminContext.pop();
                                        } else {
                                            SecurityObjectLocator.popContext();
                                        }
                                    }
                                    return true;
                                }
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "simple_authenticate subject is null after login, returning false for simple_authenticate.");
                                }
                                if (pushContext) {
                                    if (SecurityObjectLocator.getSecurityConfigManager().isAdminAgent()) {
                                        AdminContext.pop();
                                    } else {
                                        SecurityObjectLocator.popContext();
                                    }
                                }
                                return false;
                            } catch (Exception e3) {
                                FFDCFilter.processException(e3, "com.ibm.ws.security.server.SecurityServerImpl.simple_authenticate", "345", this);
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "The following exception occurred in SecurityServerImpl: ", new Object[]{e3});
                                }
                                if (!securityConfig.getPropertyBool("com.ibm.websphere.security.registry.propagateExceptionsToClient")) {
                                    throw new WSLoginFailedException("Authentication Failed.  \nNote: The propagation of native registry error information is disabled by default. You may enable it by setting the property \"com.ibm.websphere.security.registry.propagateExceptionsToClient=true\" using the server's administration console at Security -> Global Security -> Custom Properties.\n");
                                }
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "propagateExceptionToClient is enabled. Throwing exception.");
                                }
                                throw new WSLoginFailedException(createMessageForClient(e3), e3);
                            }
                        }
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "simple_authenticate in bootstrap mode");
                        }
                    } else {
                        if (((UserRegistry) securityConfig.getActiveUserRegistry().getUserRegistryStub()) != null) {
                            try {
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "simple_authenticate using remote registry to authenticate.");
                                }
                                if (contextManagerFactory.login(basicAuthData.getRealm(), basicAuthData.getUserid(), PasswordUtil.passwordDecode(basicAuthData.getPassword()), securityConfig.getProperty("com.ibm.CSI.rmiInboundLoginConfig"), (HttpServletRequest) null, (HttpServletResponse) null, (Map) null, (Subject) null) != null) {
                                    if (tc.isDebugEnabled()) {
                                        Tr.debug(tc, "simple_authenticate found subject from login, returning true for simple_authenticate.");
                                    }
                                    if (pushContext) {
                                        if (SecurityObjectLocator.getSecurityConfigManager().isAdminAgent()) {
                                            AdminContext.pop();
                                        } else {
                                            SecurityObjectLocator.popContext();
                                        }
                                    }
                                    return true;
                                }
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "simple_authenticate subject is null after login, returning false for simple_authenticate.");
                                }
                                if (pushContext) {
                                    if (SecurityObjectLocator.getSecurityConfigManager().isAdminAgent()) {
                                        AdminContext.pop();
                                    } else {
                                        SecurityObjectLocator.popContext();
                                    }
                                }
                                return false;
                            } catch (Exception e4) {
                                FFDCFilter.processException(e4, "com.ibm.ws.security.server.SecurityServerImpl.simple_authenticate", "311", this);
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "The following exception occurred in SecurityServerImpl: ", new Object[]{e4});
                                }
                                throw new WSLoginFailedException(e4.getMessage(), e4);
                            }
                        }
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "simple_authenticate in bootstrap mode");
                        }
                    }
                    if (!tc.isEntryEnabled()) {
                        return true;
                    }
                    Tr.exit(tc, "simple_authenticate returning true");
                    return true;
                } finally {
                    if (pushContext) {
                        if (SecurityObjectLocator.getSecurityConfigManager().isAdminAgent()) {
                            AdminContext.pop();
                        } else {
                            SecurityObjectLocator.popContext();
                        }
                    }
                }
            } catch (WSLoginFailedException e5) {
                throw e5;
            }
        } catch (Exception e6) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "simple_authenticate unexpected exception", e6);
            }
            throw new WSLoginFailedException("Exception in simple_authenticate: " + e6.getMessage(), e6);
        }
    }

    String createMessageForClient(Exception exc) {
        String message = exc.getMessage();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "e.getMessage()=" + message);
        }
        if (message == null || message.length() == 0) {
            StringBuffer stringBuffer = new StringBuffer("e.getMessage() from original exception was empty. Sending information from printStackTrace instead. \n ");
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            exc.printStackTrace(new PrintStream(byteArrayOutputStream));
            stringBuffer.append("\n");
            stringBuffer.append(byteArrayOutputStream);
            stringBuffer.append("--------end of stack trace ---------");
            message = stringBuffer.toString();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "original message in exception has no info.  Filling it with StackTrace:" + message);
            }
        }
        return message;
    }

    @Override // com.ibm.ws.security.server.SecurityServer
    public byte[] token_authenticate(BasicAuthData basicAuthData) throws WSLoginFailedException, RemoteException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "token_authenticate", basicAuthData);
        }
        ContextManager contextManagerFactory = ContextManagerFactory.getInstance();
        try {
            String property = SecurityObjectLocator.getSecurityConfig().getProperty("com.ibm.CSI.rmiInboundLoginConfig");
            if (basicAuthData.getRealm() == null || basicAuthData.getRealm().equals("")) {
                basicAuthData.setRealm(DomainInfo.getDefaultRealm());
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "token_authenticate setting ba realm: " + basicAuthData.getRealm());
                }
            }
            Subject login = contextManagerFactory.login(basicAuthData.getRealm(), basicAuthData.getUserid(), PasswordUtil.passwordDecode(basicAuthData.getPassword()), property, (HttpServletRequest) null, (HttpServletResponse) null, (Map) null, (Subject) null);
            byte[] bArr = authen_failure;
            if (login != null) {
                try {
                    bArr = ((WSCredential) login.getPublicCredentials(Class.forName("com.ibm.websphere.security.cred.WSCredential")).iterator().next()).getCredentialToken();
                    if (bArr == null) {
                        bArr = authen_successful;
                    }
                } catch (CredentialExpiredException e) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "token_authenticate login CredentialDestroyedException: ", e.getMessage());
                    }
                    throw new WSLoginFailedException(e.getMessage(), e);
                } catch (CredentialDestroyedException e2) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "token_authenticate login CredentialDestroyedException: ", e2.getMessage());
                    }
                    throw new WSLoginFailedException(e2.getMessage());
                } catch (ClassNotFoundException e3) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "token_authenticate login ClassNotFoundException: ", e3.getMessage());
                    }
                    throw new WSLoginFailedException(e3.getMessage());
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "token_authenticate success");
            }
            return bArr;
        } catch (NullPointerException e4) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "token_authenticate login NullPointerException: ", e4.getMessage());
            }
            throw new WSLoginFailedException(e4.getMessage());
        }
    }

    @Override // com.ibm.ws.security.server.SecurityServer
    public byte[] token_authenticate(String str, byte[] bArr) throws WSLoginFailedException, RemoteException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "token_authenticate (1) ");
        }
        try {
            Subject login = ContextManagerFactory.getInstance().login(str, bArr, SecurityObjectLocator.getSecurityConfig().getProperty("com.ibm.CSI.rmiInboundLoginConfig"), (HttpServletRequest) null, (HttpServletResponse) null, (Map) null, (Subject) null);
            byte[] bArr2 = authen_failure;
            if (login != null) {
                bArr2 = bArr;
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "token_authenticate (1) success");
            }
            return bArr2;
        } catch (NullPointerException e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "token_authenticate (1) login NullPointerException: ", e.getMessage());
            }
            throw new WSLoginFailedException(e.getMessage());
        }
    }

    @Override // com.ibm.ws.security.server.SecurityServer
    public TokenHolder getOpaqueToken(ByteArray byteArray) throws WSLoginFailedException, RemoteException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getOpaqueToken");
        }
        byte[] bArr = null;
        TokenHolder tokenHolder = null;
        try {
            DistributedMap map = DistributedMapFactory.getMap("WSSecureMap");
            if (map != null) {
                bArr = (byte[]) map.get(byteArray);
            }
            if (bArr != null) {
                tokenHolder = new TokenHolder(bArr, "WS_OPAQUE", 1);
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "getOpaqueToken returns opaque token.", tokenHolder);
                }
            } else if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getOpaqueToken returns null.");
            }
            return tokenHolder;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.server.SecurityServerImpl.getOpaqueToken", "506", this);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getOpaqueToken exception getting opaque token from distributed map.", new Object[]{e});
            }
            throw new WSLoginFailedException(e.getMessage(), e);
        }
    }

    public UserRegistry getRegistry() throws RemoteException {
        return getRegistry(null);
    }

    @Override // com.ibm.ws.security.server.SecurityServer
    public UserRegistry getRegistry(String str) throws RemoteException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getRegistry " + str);
        }
        if (registry == null || appRegistry == null) {
            initializeRegistries();
        }
        UserRegistry userRegistry = null;
        SecurityConfig securityConfig = SecurityObjectLocator.getSecurityConfig();
        if (str == null || str.length() <= 0) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "getRegistry null realm, returning thread context registry");
            }
            userRegistry = (UserRegistry) securityConfig.getActiveUserRegistry().getUserRegistryStub();
        } else {
            if (DomainInfo.isAppRealmDefined() && str.equalsIgnoreCase(DomainInfo.getAppRealm())) {
                if (AdminContext.peek() != null && AdminContext.peek() != "admin") {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "getRegistry returning app registry - AA");
                    }
                    userRegistry = appRegistry;
                } else if (ServerStatusHelper.isServer() && securityConfig.getPropertyBool(SecurityConfig.USE_ACTIVE_REGISTRY_FOR_NEW_DEFAULT_SSO_TOKENS)) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "getRegistry returning active user registry for default SSO tokens");
                    }
                    userRegistry = (UserRegistry) securityConfig.getActiveUserRegistry().getUserRegistryStub();
                } else {
                    SecurityConfigResource peekContext = SecurityObjectLocator.peekContext();
                    if (peekContext != null && peekContext.isApplication()) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "getRegistry returning app registry - App Domain");
                        }
                        userRegistry = appRegistry;
                    }
                }
            }
            if (userRegistry == null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "getRegistry returning admin registry");
                }
                userRegistry = registry;
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getRegistry " + userRegistry);
        }
        return userRegistry;
    }

    public static UserRegistry getRegistryImpl() {
        return getRegistryImpl(null);
    }

    public static UserRegistry getRegistryImpl(String str) {
        UserRegistry userRegistry;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getRegistryImpl " + str);
        }
        if (registryImpl == null || appRegistryImpl == null) {
            initializeRegistries();
        }
        if (str == null || str.length() <= 0) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "getRegistryImpl null realm, returning thread context registry impl");
            }
            userRegistry = (UserRegistry) SecurityObjectLocator.getSecurityConfig().getActiveUserRegistry().getUserRegistryImpl();
        } else if (DomainInfo.isAppRealmDefined() && str != null && str.equalsIgnoreCase(DomainInfo.getAppRealm())) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "getRegistryImpl returning app registry impl");
            }
            userRegistry = appRegistryImpl;
        } else {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "getRegistryImpl returning admin registry impl");
            }
            userRegistry = registryImpl;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getRegistryImpl " + userRegistry);
        }
        return userRegistry;
    }

    public static UserRegistry getAppRegistryImpl(String str) {
        if (registry == null || appRegistry == null) {
            initializeRegistries();
        }
        return appUserRegistryImpl;
    }

    @Override // com.ibm.ws.security.server.SecurityServer
    public List getRealms() {
        ArrayList arrayList = new ArrayList();
        String str = null;
        try {
            str = getRegistry(null).getRealm();
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.server.SecurityServerImpl.getRealms", "643", this);
            Tr.error(tc, "security.secsrv.get.realm", new Object[]{e});
        }
        arrayList.add(str);
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setConfigurator(RoleBasedConfigurator roleBasedConfigurator) {
        if (authorizer == null) {
            try {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "setConfigurator getting RoleBasedConfigurator");
                }
                authorizer = roleBasedConfigurator.getRoleBasedAuthorizer(Constants.ADMIN_APP, "domain");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "setConfigurator got RoleBasedAuthorizer");
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.server.SecurityServerImpl.setConfigurator", "668", this);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "setConfigurator exception caught retrieving RoleBasedAuthorizer");
                }
                Tr.error(tc, "security.secsrv.get.RoleBasedAuthorizer", new Object[]{e});
            }
            UserRegistryImpl userRegistryImpl = (UserRegistryImpl) getRegistryImpl(null);
            if (userRegistryImpl != null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "setConfigurator setting configurator for registry");
                }
                userRegistryImpl.setConfigurator(roleBasedConfigurator);
            }
        }
    }
}
