package weblogic.security.service;

import com.bea.common.engine.ServiceInitializationException;
import com.bea.common.engine.ServiceNotFoundException;
import com.bea.common.security.service.AuditService;
import com.bea.common.security.service.PolicyConsumerService;
import com.bea.common.security.service.PrincipalValidationService;
import com.bea.common.security.service.RoleConsumerService;
import com.bea.common.security.service.SAML2Service;
import com.bea.common.security.utils.ThreadClassLoaderContextInvocationHandler;
import com.bea.security.css.CSS;
import com.oracle.weblogic.rcm.framework.spi.ManagedAccountingContext;
import com.oracle.weblogic.rcm.framework.spi.RCMResourceContextManager;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Proxy;
import java.security.AccessController;
import java.security.Policy;
import java.security.PrivilegedAction;
import java.security.PrivilegedExceptionAction;
import java.security.Security;
import java.util.HashMap;
import java.util.Iterator;
import java.util.concurrent.ConcurrentHashMap;
import javax.security.auth.login.LoginException;
import javax.security.jacc.PolicyConfigurationFactory;
import javax.security.jacc.PolicyContextException;
import org.jvnet.hk2.annotations.Service;
import weblogic.application.utils.ApplicationVersionUtils;
import weblogic.logging.Loggable;
import weblogic.management.ManagementException;
import weblogic.management.configuration.AppDeploymentMBean;
import weblogic.management.configuration.ConfigurationMBean;
import weblogic.management.configuration.SecurityConfigurationMBean;
import weblogic.management.provider.ManagementService;
import weblogic.management.runtime.RealmRuntimeMBean;
import weblogic.management.runtime.ServerSecurityRuntimeMBean;
import weblogic.management.security.ProviderMBean;
import weblogic.management.security.RealmMBean;
import weblogic.management.security.authentication.AuthenticationProviderMBean;
import weblogic.management.security.authorization.AuthorizerMBean;
import weblogic.management.security.authorization.RoleMapperMBean;
import weblogic.management.security.credentials.CredentialMapperMBean;
import weblogic.management.security.pk.CertPathProviderMBean;
import weblogic.management.utils.ErrorCollectionException;
import weblogic.security.RealmRuntime;
import weblogic.security.SecurityInitializationException;
import weblogic.security.SecurityLogger;
import weblogic.security.SecurityRuntime;
import weblogic.security.SimpleCallbackHandler;
import weblogic.security.SubjectUtils;
import weblogic.security.UserLockoutManagerRuntime;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.internal.AuditorServiceImpl;
import weblogic.security.internal.BootProperties;
import weblogic.security.internal.ForceDDOnly;
import weblogic.security.internal.SecurityServicesImpl;
import weblogic.security.jacc.RoleMapperFactory;
import weblogic.security.jacc.simpleprovider.PolicyConfigurationFactoryImpl;
import weblogic.security.jacc.simpleprovider.RoleMapperFactoryImpl;
import weblogic.security.service.SecurityService;
import weblogic.security.service.ServiceHandler;
import weblogic.security.service.internal.ApplicationVersioningService;
import weblogic.security.shared.LoggerWrapper;
import weblogic.security.spi.ApplicationInfo;
import weblogic.security.spi.AuditSeverity;
import weblogic.security.spi.SecurityProvider;
import weblogic.security.utils.CertPathTrustManagerUtils;
import weblogic.security.utils.PartitionUtils;
import weblogic.security.utils.ResourceIDDContextWrapper;
import weblogic.security.utils.SecurityUtils;
import weblogic.timers.Timer;
import weblogic.timers.TimerListener;
import weblogic.timers.TimerManagerFactory;
import weblogic.utils.annotation.Secure;

@Service
@Secure
/* loaded from: input_file:weblogic/security/service/CommonSecurityServiceManagerDelegateImpl.class */
public class CommonSecurityServiceManagerDelegateImpl implements SecurityServiceManagerDelegate {
    private static final String defaultRealmName = "weblogicDEFAULT";
    private static final String JACC_POLICY_PROVIDER = "javax.security.jacc.policy.provider";
    private static final String JACC_POLICYCONFIGURATIONFACTORY_PROVIDER = "javax.security.jacc.PolicyConfigurationFactory.provider";
    private static final String ROLEMAPPERFACTORY_PROVIDER = "weblogic.security.jacc.RoleMapperFactory.provider";
    public static final String OPSS_POLICY_PROVIDER = "oracle.security.jps.internal.policystore.JavaPolicyProvider";
    private static boolean opssLoadDebug;
    private static final String JPS_CFG_FILE_PROP = "oracle.security.jps.config";
    private static final String ORA_DOMAIN_CFG_DIR = "oracle.domain.config.dir";
    private static final AuthenticatedSubject kernelId;
    private static final String JAVA_SECURITY_MANAGER = "java.security.manager";
    private static final String JAVA_SECURITY_MANAGER_CLASS = "java.lang.SecurityManager";
    private static final String JAVA_SECURITY_POLICY = "java.security.policy";
    private static final String DEFAULT_JACC_SECURITY_POLICY_CONFIGURATION_FACTORY_PROVIDER_CLASSNAME = "weblogic.security.jacc.simpleprovider.PolicyConfigurationFactoryImpl";
    private static final String DEFAULT_JACC_SECURITY_POLICY_PROVIDER_CLASSNAME = "weblogic.security.jacc.simpleprovider.SimpleJACCPolicy";
    private static final String DEFAULT_ROLEMAPPERFACTORY_PROVIDER_CLASSNAME = "weblogic.security.jacc.simpleprovider.RoleMapperFactoryImpl";
    private static final Object[] ORDERED_MANAGER_KEY_LIST;
    private boolean consoleFullDelegation = false;
    private static final String FULL_DELEGATE_AUTHORIZATION = "weblogic.security.fullyDelegateAuthorization";
    private static final boolean FULL_DELEGATE_PROPERTY_ON_CMDLINE;
    private static final boolean FULL_DELEGATE_OVERRIDE_VALUE;
    private static boolean multipleRealmBootInitialize = false;
    private static ConcurrentHashMap<String, RealmServices> realmsHashMap = null;
    private static ConcurrentHashMap<String, RealmServices> shutdownRealmsHashMap = null;
    private static ConcurrentHashMap<RealmMBean, Object> realmsLockMap = null;
    private static HashMap<SecurityService.ServiceType, SecurityService> serviceProxiesHashMap = null;
    private static HashMap<String, Object> cssServiceProxiesHashMap = null;
    private static boolean initialized = false;
    private static String defaultConfiguredRealmName = null;
    public static boolean JACC_POLICY_LOADED = false;
    private static LoggerWrapper jaccDebugLogger = LoggerWrapper.getInstance("SecurityJACC");
    private static LoggerWrapper debugLogger = LoggerWrapper.getInstance("SecurityRealm");
    private static String JPS_STARTUP_CLASS = "oracle.security.jps.JpsStartup";
    public static boolean OPSS_POLICY_LOADED = false;
    private static String OPSS_LOAD_LOG = "DebugOPSSPolicyLoading";

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:weblogic/security/service/CommonSecurityServiceManagerDelegateImpl$ShutdownRealmInternalAction.class */
    public final class ShutdownRealmInternalAction implements PrivilegedAction<Object> {
        private final String realmName;

        private ShutdownRealmInternalAction(String str) {
            this.realmName = str;
        }

        @Override // java.security.PrivilegedAction
        public Object run() {
            CommonSecurityServiceManagerDelegateImpl.this.shutdownRealmInternal(this.realmName);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:weblogic/security/service/CommonSecurityServiceManagerDelegateImpl$StartRealmInternalAction.class */
    public final class StartRealmInternalAction implements PrivilegedExceptionAction<RealmServices> {
        private final RealmMBean realmMBean;

        private StartRealmInternalAction(RealmMBean realmMBean) {
            this.realmMBean = realmMBean;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.security.PrivilegedExceptionAction
        public RealmServices run() throws SecurityServiceException {
            return CommonSecurityServiceManagerDelegateImpl.this.startRealmInternal(this.realmMBean);
        }
    }

    public boolean isSecurityServiceInitialized() {
        return initialized;
    }

    private static boolean isRequiredSecurityService(SecurityService.ServiceType serviceType) {
        return serviceType == SecurityService.ServiceType.AUTHORIZE || serviceType == SecurityService.ServiceType.AUTHENTICATION || serviceType == SecurityService.ServiceType.ROLE;
    }

    public SecurityService getSecurityService(AuthenticatedSubject authenticatedSubject, String str, SecurityService.ServiceType serviceType) throws InvalidParameterException, NotYetInitializedException {
        SecurityService generateWiredServiceProxy;
        if (!initialized) {
            throw new NotYetInitializedException(SecurityLogger.getSecServiceMgrNotYetInit());
        }
        SecurityManager.checkKernelIdentity(authenticatedSubject);
        SecurityService securityServiceInternal = getSecurityServiceInternal(str, serviceType);
        if (securityServiceInternal == null && isRequiredSecurityService(serviceType)) {
            throw new NotYetInitializedException(SecurityLogger.getSecServiceNotYetInit("" + serviceType));
        }
        if (securityServiceInternal != null) {
            if (getContextSensitiveRealmName().equals(str)) {
                generateWiredServiceProxy = serviceProxiesHashMap.get(serviceType);
                if (generateWiredServiceProxy == null) {
                    generateWiredServiceProxy = generateWiredServiceProxy(defaultConfiguredRealmName, serviceType, securityServiceInternal);
                }
            } else {
                generateWiredServiceProxy = generateWiredServiceProxy(str, serviceType, securityServiceInternal);
            }
            if (generateWiredServiceProxy == null) {
                if (debugLogger.isDebugEnabled()) {
                    debugLogger.debug("getSecurityService: Proxy lookup failed for " + str + " to " + securityServiceInternal.toString());
                }
                throw new IllegalStateException("Unable to find or generate service proxy");
            }
            securityServiceInternal = generateWiredServiceProxy;
        }
        return securityServiceInternal;
    }

    public SecurityService getSecurityServiceInternal(String str, SecurityService.ServiceType serviceType) throws InvalidParameterException {
        if (null == str) {
            throw new InvalidParameterException(SecurityLogger.getMustSpecifyRealm());
        }
        if (null == serviceType) {
            throw new InvalidParameterException(SecurityLogger.getMustSpecifySecServiceType());
        }
        String str2 = defaultConfiguredRealmName;
        if (!str.equals(getContextSensitiveRealmName())) {
            str2 = str;
        }
        RealmServices realmServices = realmsHashMap.get(str2);
        if (realmServices == null) {
            startRealm(str2);
            realmServices = realmsHashMap.get(str2);
        }
        if (realmServices == null) {
            throw new InvalidParameterException(SecurityLogger.getRealmDoesNotExist(str2));
        }
        return (SecurityService) realmServices.getServices().get(serviceType);
    }

    public SecurityProvider createSecurityProvider(ProviderMBean providerMBean, Auditor auditor) {
        String providerClassName = providerMBean.getProviderClassName();
        try {
            try {
                SecurityProvider securityProvider = (SecurityProvider) Class.forName(providerClassName, true, providerMBean.getClass().getClassLoader()).newInstance();
                securityProvider.initialize(providerMBean, (SecurityServicesImpl) realmsHashMap.get(providerMBean.getRealm().getName()).getServices().get(SecurityService.ServiceType.SECURITY_SERVICES));
                return securityProvider;
            } catch (IllegalAccessException e) {
                throw new ProviderException(SecurityLogger.getSecProvErrorCreationExc(providerClassName), e);
            } catch (InstantiationException e2) {
                throw new ProviderException(SecurityLogger.getSecProvErrorCreationExc(providerClassName), e2);
            }
        } catch (ClassNotFoundException e3) {
            throw new ProviderException(SecurityLogger.getSecProvErrorNotFound(providerClassName), e3);
        }
    }

    public boolean doesRealmExist(String str) throws InvalidParameterException, NotYetInitializedException {
        if (initialized) {
            return doesRealmExistInternal(str);
        }
        throw new NotYetInitializedException(SecurityLogger.getSecServiceMgrNotYetInit());
    }

    public boolean doesRealmExistInternal(String str) throws InvalidParameterException, NotYetInitializedException {
        if (null == str) {
            throw new InvalidParameterException(SecurityLogger.getMustSpecifyRealm());
        }
        return realmsHashMap.containsKey(str);
    }

    public boolean isFullAuthorizationDelegationRequired(String str, SecurityApplicationInfo securityApplicationInfo) {
        String applicationIdentifier;
        if (ForceDDOnly.isForceDDOnly()) {
            return false;
        }
        if (this.consoleFullDelegation && securityApplicationInfo != null && (applicationIdentifier = securityApplicationInfo.getApplicationIdentifier()) != null && applicationIdentifier.startsWith("consoleapp") && "DDOnly".equals(securityApplicationInfo.getSecurityDDModel())) {
            return true;
        }
        if (securityApplicationInfo != null) {
            String securityDDModel = securityApplicationInfo.getSecurityDDModel();
            if (!"Advanced".equals(securityDDModel)) {
                boolean z = false;
                if ("CustomRolesAndPolicies".equals(securityDDModel)) {
                    z = true;
                }
                if (debugLogger.isDebugEnabled()) {
                    debugLogger.debug("isFullAuthorizationDelegationRequired: returning " + z);
                }
                return z;
            }
        }
        String actualRealmName = getActualRealmName(str);
        if (debugLogger.isDebugEnabled()) {
            debugLogger.debug("isFullAuthorizationDelegationRequired: returning realm setting from: " + actualRealmName);
        }
        try {
            RealmMBean realmFromName = getRealmFromName(actualRealmName);
            return (FULL_DELEGATE_PROPERTY_ON_CMDLINE && realmFromName.isDefaultRealm()) ? FULL_DELEGATE_OVERRIDE_VALUE : realmFromName.isFullyDelegateAuthorization();
        } catch (Exception e) {
            throw new IllegalStateException(SecurityLogger.getFailureWithRealm(actualRealmName), e);
        }
    }

    private RealmMBean getDefaultRealm() {
        RealmMBean defaultRealm = ManagementService.getRuntimeAccess(kernelId).getDomain().getSecurityConfiguration().getDefaultRealm();
        if (defaultRealm != null) {
            return defaultRealm;
        }
        throw new SecurityServiceRuntimeException(SecurityLogger.getInvSecConfigNoDefaultRealm());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public RealmServices initializeRealm(RealmMBean realmMBean, boolean z) throws SecurityServiceException {
        String name = realmMBean.getName();
        try {
            realmMBean.validate();
            if (!z) {
                return null;
            }
            ServerSecurityRuntimeMBean serverSecurityRuntime = ManagementService.getRuntimeAccess(kernelId).getServerRuntime().getServerSecurityRuntime();
            try {
                serverSecurityRuntime.addRealmRuntime(new RealmRuntime(name, serverSecurityRuntime));
                return new RealmServices(name, InitializeServiceEngine(realmMBean));
            } catch (ManagementException e) {
                if (debugLogger.isDebugEnabled()) {
                    debugLogger.debug("Can not initialize RealmRuntime for realm: " + name, e);
                }
                throw new SecurityServiceRuntimeException(e);
            }
        } catch (ErrorCollectionException e2) {
            throw new SecurityServiceRuntimeException(SecurityLogger.getSecRealmInvConfig(name), e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void postInitializeRealm(RealmMBean realmMBean, RealmServices realmServices) throws SecurityServiceException {
        HashMap<SecurityService.ServiceType, Object> services = realmServices.getServices();
        AuditorServiceImpl auditorServiceImpl = null;
        try {
            AuditService auditService = (AuditService) realmServices.getCSS().getService("AuditService");
            if (auditService.isAuditEnabled()) {
                AuditorImpl auditorImpl = new AuditorImpl(auditService);
                services.put(SecurityService.ServiceType.AUDIT, auditorImpl);
                auditorServiceImpl = new AuditorServiceImpl(auditorImpl);
                services.put(SecurityService.ServiceType.AUDITOR_SERVICE, auditorServiceImpl);
            }
        } catch (ServiceNotFoundException e) {
        } catch (ServiceInitializationException e2) {
            throw new SecurityServiceException(e2);
        }
        services.put(SecurityService.ServiceType.SECURITY_SERVICES, new SecurityServicesImpl(auditorServiceImpl, realmServices.getRealmName()));
        CredentialManager doCredentials = doCredentials(realmServices, realmMBean);
        if (doCredentials != null) {
            services.put(SecurityService.ServiceType.CREDENTIALMANAGER, doCredentials);
        }
        BulkRoleManager doBulkRole = doBulkRole(realmServices, realmMBean);
        if (doBulkRole != null) {
            services.put(SecurityService.ServiceType.BULKROLE, doBulkRole);
        }
        BulkAuthorizationManager doBulkATZ = doBulkATZ(realmServices, realmMBean);
        if (doBulkATZ != null) {
            services.put(SecurityService.ServiceType.BULKAUTHORIZE, doBulkATZ);
        }
        RoleManager doRole = doRole(realmServices, realmMBean);
        if (doRole != null) {
            services.put(SecurityService.ServiceType.ROLE, doRole);
        }
        AuthorizationManager doATZ = doATZ(realmServices, realmMBean);
        if (doATZ != null) {
            services.put(SecurityService.ServiceType.AUTHORIZE, doATZ);
        }
        PrincipalAuthenticator doATN = doATN(realmServices, realmMBean);
        if (doATN != null) {
            services.put(SecurityService.ServiceType.AUTHENTICATION, doATN);
        }
        CertPathManager doCertPath = doCertPath(realmServices, realmMBean);
        if (doCertPath != null) {
            services.put(SecurityService.ServiceType.CERTPATH, doCertPath);
        }
        SecurityTokenServiceManager doSTS = doSTS(realmServices, realmMBean);
        if (doSTS != null) {
            services.put(SecurityService.ServiceType.STSMANAGER, doSTS);
        }
        try {
            SAML2Service sAML2Service = (SAML2Service) realmServices.getCSS().getService("SingleSignOnService");
            if (sAML2Service != null) {
                services.put(SecurityService.ServiceType.SAML2_SSO, new SAML2ServiceWrapper((SAML2Service) Proxy.newProxyInstance(CSSWLSDelegateImpl.getSAML2ClassLoader(), sAML2Service.getClass().getInterfaces(), new ThreadClassLoaderContextInvocationHandler(CSSWLSDelegateImpl.getSAML2ClassLoader(), sAML2Service))));
            }
        } catch (ServiceInitializationException e3) {
        } catch (ServiceNotFoundException e4) {
        }
        if (services.size() == 0) {
            throw new SecurityServiceException(SecurityLogger.getFailedToInitRealm(realmServices.getRealmName()));
        }
        RealmRuntimeMBean lookupRealmRuntime = ManagementService.getRuntimeAccess(kernelId).getServerRuntime().getServerSecurityRuntime().lookupRealmRuntime(realmMBean.getName());
        if (lookupRealmRuntime == null || doATN == null) {
            return;
        }
        try {
            UserLockoutManager userLockoutManager = doATN.getUserLockoutManager();
            if (userLockoutManager.isLockoutEnabled()) {
                lookupRealmRuntime.setUserLockoutManagerRuntime(new UserLockoutManagerRuntime(userLockoutManager, lookupRealmRuntime));
            }
        } catch (ManagementException e5) {
            if (debugLogger.isDebugEnabled()) {
                debugLogger.debug("Cannot set userLockoutManagerRuntime for realm: " + realmMBean.getName());
            }
        }
    }

    private CredentialManager doCredentials(RealmServices realmServices, RealmMBean realmMBean) {
        CredentialManagerImpl credentialManagerImpl = null;
        CredentialMapperMBean[] credentialMappers = realmMBean.getCredentialMappers();
        if (null != credentialMappers && 0 != credentialMappers.length) {
            credentialManagerImpl = new CredentialManagerImpl(realmServices, credentialMappers);
        }
        return credentialManagerImpl;
    }

    private RoleManager doRole(RealmServices realmServices, RealmMBean realmMBean) {
        RoleMapperMBean[] roleMappers = realmMBean.getRoleMappers();
        if (null == roleMappers || 0 == roleMappers.length) {
            throw new SecurityServiceRuntimeException(SecurityLogger.getNeedToConfigureOneRoleMapper());
        }
        return new RoleManagerImpl(realmServices, roleMappers);
    }

    private BulkRoleManager doBulkRole(RealmServices realmServices, RealmMBean realmMBean) {
        ProviderMBean[] roleMappers = realmMBean.getRoleMappers();
        if (null == roleMappers || 0 == roleMappers.length) {
            throw new SecurityServiceRuntimeException(SecurityLogger.getNeedToConfigureOneRoleMapper());
        }
        BulkRoleManagerImpl bulkRoleManagerImpl = new BulkRoleManagerImpl();
        bulkRoleManagerImpl.initialize(realmServices, roleMappers);
        return bulkRoleManagerImpl;
    }

    private AuthorizationManager doATZ(RealmServices realmServices, RealmMBean realmMBean) {
        ProviderMBean[] providerMBeanArr;
        AuthorizerMBean[] authorizers = realmMBean.getAuthorizers();
        if (null == authorizers || 0 == authorizers.length) {
            throw new InvalidParameterException(SecurityLogger.getNeedToConfigureOneAtzMBean());
        }
        ProviderMBean adjudicator = realmMBean.getAdjudicator();
        if (adjudicator != null) {
            providerMBeanArr = new ProviderMBean[authorizers.length + 1];
            System.arraycopy(authorizers, 0, providerMBeanArr, 0, authorizers.length);
            providerMBeanArr[authorizers.length] = adjudicator;
        } else {
            providerMBeanArr = new ProviderMBean[authorizers.length];
            System.arraycopy(authorizers, 0, providerMBeanArr, 0, authorizers.length);
        }
        return new AuthorizationManagerImpl(realmServices, providerMBeanArr);
    }

    private BulkAuthorizationManager doBulkATZ(RealmServices realmServices, RealmMBean realmMBean) {
        ProviderMBean[] providerMBeanArr;
        AuthorizerMBean[] authorizers = realmMBean.getAuthorizers();
        if (null == authorizers || 0 == authorizers.length) {
            throw new InvalidParameterException(SecurityLogger.getNeedToConfigureOneAtzMBean());
        }
        ProviderMBean adjudicator = realmMBean.getAdjudicator();
        if (adjudicator != null) {
            providerMBeanArr = new ProviderMBean[authorizers.length + 1];
            System.arraycopy(authorizers, 0, providerMBeanArr, 0, authorizers.length);
            providerMBeanArr[authorizers.length] = adjudicator;
        } else {
            providerMBeanArr = new ProviderMBean[authorizers.length];
            System.arraycopy(authorizers, 0, providerMBeanArr, 0, authorizers.length);
        }
        BulkAuthorizationManagerImpl bulkAuthorizationManagerImpl = new BulkAuthorizationManagerImpl();
        bulkAuthorizationManagerImpl.initialize(realmServices, providerMBeanArr);
        return bulkAuthorizationManagerImpl;
    }

    private PrincipalAuthenticator doATN(RealmServices realmServices, RealmMBean realmMBean) {
        AuthenticationProviderMBean[] authenticationProviders = realmMBean.getAuthenticationProviders();
        if ((null == authenticationProviders || 0 == authenticationProviders.length) && debugLogger.isDebugEnabled()) {
            debugLogger.debug("Warning, PrincipalAuthenticator for realm " + realmServices.getRealmName() + " initializing without configuration");
        }
        return new PrincipalAuthenticatorImpl(realmServices, authenticationProviders);
    }

    private CertPathManager doCertPath(RealmServices realmServices, RealmMBean realmMBean) {
        CertPathProviderMBean[] certPathProviders = realmMBean.getCertPathProviders();
        CertPathProviderMBean[] certPathProviderMBeanArr = new CertPathProviderMBean[certPathProviders.length + 1];
        certPathProviderMBeanArr[0] = realmMBean.getCertPathBuilder();
        for (int i = 0; i < certPathProviders.length; i++) {
            certPathProviderMBeanArr[i + 1] = certPathProviders[i];
        }
        return new CertPathManagerImpl(realmServices, certPathProviderMBeanArr);
    }

    private SecurityTokenServiceManager doSTS(RealmServices realmServices, RealmMBean realmMBean) {
        SecurityTokenServiceManagerImpl securityTokenServiceManagerImpl = null;
        if (null != realmMBean) {
            securityTokenServiceManagerImpl = new SecurityTokenServiceManagerImpl(realmServices, realmMBean);
        }
        return securityTokenServiceManagerImpl;
    }

    private RealmServices loadRealm(String str, boolean z) throws SecurityServiceException {
        if (realmsHashMap.containsKey(str)) {
            return null;
        }
        return initializeRealm(getRealmFromName(str), z);
    }

    private void postLoadRealm(String str) throws SecurityServiceException {
        if (realmsHashMap.containsKey(str)) {
            postInitializeRealm(getRealmFromName(str), realmsHashMap.get(str));
        }
    }

    private static RealmMBean getRealmFromName(String str) throws SecurityServiceException {
        RealmMBean lookupRealm = ManagementService.getRuntimeAccess(kernelId).getDomain().getSecurityConfiguration().lookupRealm(str);
        if (lookupRealm == null) {
            throw new SecurityServiceException(SecurityLogger.getInvalidRealmName(str));
        }
        return lookupRealm;
    }

    private void initializeRealms() {
        multipleRealmBootInitialize = Boolean.getBoolean("weblogic.security.multirealm.boot.initialize");
        realmsHashMap = new ConcurrentHashMap<>();
        shutdownRealmsHashMap = new ConcurrentHashMap<>();
        realmsLockMap = new ConcurrentHashMap<>();
        RealmMBean defaultRealm = getDefaultRealm();
        if (defaultRealm == null) {
            throw new SecurityServiceRuntimeException(SecurityLogger.getNoRealmMBeanUnableToInit());
        }
        defaultConfiguredRealmName = defaultRealm.getName();
        try {
            SecurityLogger.logPreInitializingUsingRealm(defaultConfiguredRealmName);
            RealmServices loadRealm = loadRealm(defaultConfiguredRealmName, true);
            if (loadRealm != null) {
                loadRealm.setDefault();
                realmsHashMap.put(loadRealm.getRealmName(), loadRealm);
                realmsLockMap.put(defaultRealm, new Object());
            }
            RealmMBean[] realms = ManagementService.getRuntimeAccess(kernelId).getDomain().getSecurityConfiguration().getRealms();
            for (int i = 0; realms != null && i < realms.length; i++) {
                String name = realms[i].getName();
                if (!defaultConfiguredRealmName.equals(name)) {
                    try {
                        SecurityLogger.logPreInitializingUsingRealm(name);
                        RealmServices loadRealm2 = loadRealm(name, multipleRealmBootInitialize);
                        if (loadRealm2 != null) {
                            realmsHashMap.put(loadRealm2.getRealmName(), loadRealm2);
                            realmsLockMap.put(realms[i], new Object());
                        }
                    } catch (SecurityServiceException e) {
                        SecurityLogger.logLoadRealmFailed(name, e);
                        if (debugLogger.isDebugEnabled()) {
                            debugLogger.debug("Failed to preInitialize security realm: " + name);
                        }
                        throw new SecurityServiceRuntimeException(e);
                    }
                }
            }
        } catch (SecurityServiceException e2) {
            SecurityLogger.logLoadRealmFailed(defaultConfiguredRealmName, e2);
            if (debugLogger.isDebugEnabled()) {
                debugLogger.debug("Failed to preInitialize default security realm: " + defaultConfiguredRealmName);
            }
            throw new SecurityServiceRuntimeException(e2);
        }
    }

    private void postInitializeRealms() {
        if (defaultConfiguredRealmName == null) {
            throw new SecurityServiceRuntimeException(SecurityLogger.getNoRealmMBeanUnableToInit());
        }
        try {
            SecurityLogger.logPostInitializingUsingRealm(defaultConfiguredRealmName);
            postLoadRealm(defaultConfiguredRealmName);
            serviceProxiesHashMap = generateServiceProxies();
            cssServiceProxiesHashMap = generateCSSServiceProxies();
            initialized = true;
        } catch (SecurityServiceException e) {
            SecurityLogger.logLoadRealmFailed(defaultConfiguredRealmName, e);
            if (debugLogger.isDebugEnabled()) {
                debugLogger.debug("Failed to postInitialize default security realm: " + defaultConfiguredRealmName);
            }
        }
        if (multipleRealmBootInitialize) {
            RealmMBean[] realms = ManagementService.getRuntimeAccess(kernelId).getDomain().getSecurityConfiguration().getRealms();
            for (int i = 0; realms != null && i < realms.length; i++) {
                String name = realms[i].getName();
                if (!defaultConfiguredRealmName.equals(name)) {
                    try {
                        SecurityLogger.logPostInitializingUsingRealm(name);
                        postLoadRealm(name);
                    } catch (SecurityServiceException e2) {
                        SecurityLogger.logLoadRealmFailed(name, e2);
                        if (debugLogger.isDebugEnabled()) {
                            debugLogger.debug("Failed to postInitialize security realm: " + name);
                        }
                        throw new SecurityServiceRuntimeException(e2);
                    }
                }
            }
        }
    }

    private void doBootAuthorization() {
        boolean z = Boolean.getBoolean("weblogic.system.StoreBootIdentity");
        boolean z2 = Boolean.getBoolean("weblogic.system.RemoveBootIdentity");
        boolean z3 = Boolean.getBoolean("weblogic.system.NodeManagerBoot");
        if (z3) {
            z2 = true;
        }
        PrincipalAuthenticator securityServiceInternal = getSecurityServiceInternal(getContextSensitiveRealmName(), SecurityService.ServiceType.AUTHENTICATION);
        AuthorizationManager securityServiceInternal2 = getSecurityServiceInternal(getAdministrativeRealmName(), SecurityService.ServiceType.AUTHORIZE);
        if (securityServiceInternal == null || securityServiceInternal2 == null) {
            throw new SecurityServiceRuntimeException(SecurityLogger.getSecurityServicesUnavailable());
        }
        AuthenticatedSubject authenticatedSubject = null;
        String timestamp1 = ManagementService.getPropertyService(kernelId).getTimestamp1();
        String timestamp2 = ManagementService.getPropertyService(kernelId).getTimestamp2();
        String identityDomain = ManagementService.getPropertyService(kernelId).getIdentityDomain();
        try {
            long j = 0;
            long j2 = 0;
            long j3 = 500;
            long j4 = 0;
            boolean z4 = false;
            SecurityConfigurationMBean securityConfiguration = ManagementService.getRuntimeAccess(kernelId).getDomain().getSecurityConfiguration();
            if (securityConfiguration != null) {
                j = securityConfiguration.getBootAuthenticationRetryCount();
                j4 = securityConfiguration.getBootAuthenticationMaxRetryDelay();
            }
            do {
                if (identityDomain == null) {
                    try {
                        authenticatedSubject = securityServiceInternal.authenticate(new SimpleCallbackHandler(timestamp1, timestamp2.toCharArray()), (ContextHandler) null);
                    } catch (LoginServerNotAvailableException e) {
                        if (debugLogger.isDebugEnabled()) {
                            debugLogger.debug("Login server not available ", e);
                        }
                        j2++;
                        if (j2 > j) {
                            throw e;
                        }
                        SecurityLogger.logRetryBootAuthentication("" + j2, "" + j);
                        try {
                            Thread.sleep(j3 > j4 ? j4 : j3);
                        } catch (Exception e2) {
                        }
                        j3 *= 2;
                        if (j3 > j4) {
                            j3 = j4;
                        }
                    }
                } else {
                    authenticatedSubject = securityServiceInternal.authenticate(new SimpleCallbackHandler(timestamp1, identityDomain, timestamp2.toCharArray()), (ContextHandler) null);
                }
                z4 = true;
            } while (!z4);
            if (!z) {
                BootProperties.save();
            } else if (!z2) {
                BootProperties.output(ManagementService.getRuntimeAccess(kernelId).getDomain().getSecurityConfiguration(), System.getProperty("weblogic.system.BootIdentityFile"), ManagementService.getPropertyService(kernelId).getTimestamp1(), ManagementService.getPropertyService(kernelId).getTimestamp2(), ManagementService.getPropertyService(kernelId).getIdentityDomain(), System.getProperty("weblogic.security.TrustKeyStore"), System.getProperty("weblogic.security.CustomTrustKeyStoreFileName"), System.getProperty("weblogic.security.CustomTrustKeyStoreType"), System.getProperty("weblogic.security.CustomTrustKeyStorePassPhrase"), System.getProperty("weblogic.security.JavaStandardTrustKeyStorePassPhrase"), System.getProperty("CustomIdentityKeyStoreFileName"), System.getProperty("CustomIdentityKeyStoreType"), System.getProperty("CustomIdentityKeyStorePassPhrase"), System.getProperty("CustomIdentityKeyStoreAlias"), System.getProperty("CustomIdentityPrivateKeyPassPhrase"));
            }
            BootProperties.unload(z2);
            if (ManagementService.getRuntimeAccess(kernelId).isAdminServer() || !ManagementService.getRuntimeAccess(kernelId).isAdminServerAvailable()) {
                if (securityServiceInternal2.isAccessAllowed(authenticatedSubject, new ServerResource((String) null, ManagementService.getRuntimeAccess(kernelId).getServerName(), "boot"), new ResourceIDDContextWrapper(true))) {
                    return;
                }
                Loggable logUserNotPermittedToBootLoggable = SecurityLogger.logUserNotPermittedToBootLoggable(SubjectUtils.getUsername(authenticatedSubject));
                logUserNotPermittedToBootLoggable.log();
                throw new SecurityInitializationException(logUserNotPermittedToBootLoggable.getMessageText());
            }
        } catch (LoginException e3) {
            String property = System.getProperty("weblogic.management.startmode");
            if (property != null && property.compareTo("WinSvc") == 0) {
                Loggable logErrorBadPasswordRegisteredLoggable = SecurityLogger.logErrorBadPasswordRegisteredLoggable(timestamp1);
                logErrorBadPasswordRegisteredLoggable.log();
                throw new SecurityInitializationException(logErrorBadPasswordRegisteredLoggable.getMessageText(), e3);
            }
            if (BootProperties.getBootProperties() == null && !z3) {
                Loggable logAuthDeniedForUserLoggable = SecurityLogger.logAuthDeniedForUserLoggable(timestamp1);
                logAuthDeniedForUserLoggable.log();
                throw new SecurityInitializationException(logAuthDeniedForUserLoggable.getMessageText(), e3);
            }
            BootProperties.unload(z2);
            Loggable logBootIdentityNotValidLoggable = SecurityLogger.logBootIdentityNotValidLoggable();
            logBootIdentityNotValidLoggable.log();
            throw new SecurityInitializationException(logBootIdentityNotValidLoggable.getMessageText(), e3);
        }
    }

    public void initialize(AuthenticatedSubject authenticatedSubject) {
        preInitialize(authenticatedSubject);
        postInitialize(authenticatedSubject);
    }

    public void preInitialize(AuthenticatedSubject authenticatedSubject) {
        SecurityServiceManager.checkKernelIdentity(authenticatedSubject);
        setJAASConfiguration();
        checkOPSSPolicy();
        checkJACCCmdlineForConsistency();
        initJACCSecurity();
        if (null != realmsHashMap) {
            throw new SecurityServiceRuntimeException(SecurityLogger.getCanOnlyInitSecServiceOnce());
        }
        initializeRealms();
    }

    public void postInitialize(AuthenticatedSubject authenticatedSubject) {
        SecurityServiceManager.checkKernelIdentity(authenticatedSubject);
        postInitializeRealms();
        if (defaultConfiguredRealmName != null) {
            SecurityLogger.logInitializingUsingRealm(defaultConfiguredRealmName);
        } else {
            SecurityLogger.logInitializingUsingRealm("null");
        }
        this.consoleFullDelegation = ManagementService.getRuntimeAccess(kernelId).getDomain().getSecurityConfiguration().isConsoleFullDelegationEnabled();
        CertPathTrustManagerUtils.start();
        doBootAuthorization();
        if (System.getSecurityManager() != null) {
            SecurityLogger.logInitializingUsingJavaSecurityManager();
            new WLSPolicy().init();
        }
        if (isJACCEnabled()) {
            SecurityLogger.logInitializingUsingJACC();
        }
    }

    public void shutdown() {
        if (initialized) {
            Iterator<String> it = realmsHashMap.keySet().iterator();
            while (it.hasNext()) {
                RealmServices remove = realmsHashMap.remove(it.next());
                if (remove != null) {
                    try {
                        shutdownRealmServices(remove, false);
                    } catch (Exception e) {
                        if (debugLogger.isDebugEnabled()) {
                            debugLogger.debug("Failure during delegate shutdown for realm " + remove.getRealmName(), e);
                        }
                    }
                }
            }
            realmsHashMap = null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void shutdownManagers(String str, HashMap hashMap) {
        if (null == str || null == hashMap) {
            throw new SecurityServiceRuntimeException("Security Realm is in illegal state, failed to shutdown the security realm!");
        }
        if (debugLogger.isDebugEnabled()) {
            debugLogger.debug("Security Service is shutting down Managers in security realm " + str);
        }
        Auditor auditor = (Auditor) hashMap.get(ORDERED_MANAGER_KEY_LIST[0]);
        for (int length = ORDERED_MANAGER_KEY_LIST.length - 1; length > 0; length--) {
            SecurityService securityService = (SecurityService) hashMap.get(ORDERED_MANAGER_KEY_LIST[length]);
            if (securityService != null) {
                shutdownSecurityService(str, ORDERED_MANAGER_KEY_LIST[length].toString(), securityService, auditor);
                hashMap.remove(ORDERED_MANAGER_KEY_LIST[length]);
            }
        }
        if (auditor != null) {
            shutdownSecurityService(str, ORDERED_MANAGER_KEY_LIST[0].toString(), (SecurityService) auditor, auditor);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void shutdownCSS(RealmServices realmServices, boolean z) {
        if (realmServices == null) {
            throw new SecurityServiceRuntimeException("No RealmServices, failed to shutdown the security realm!");
        }
        if (debugLogger.isDebugEnabled()) {
            debugLogger.debug("Security Service is shutting CSS in security realm " + realmServices.getRealmName());
        }
        ((CSSWLSDelegateImpl) realmServices.getCSS().getDelegate()).shutdownInternal(z);
    }

    private void shutdownSecurityService(String str, String str2, SecurityService securityService, Auditor auditor) {
        boolean z = true;
        if (SecurityService.ServiceType.AUDIT.toString().equals(str2)) {
            z = false;
        }
        try {
            securityService.shutdown();
            String str3 = "Security Service " + str2 + " is shutdown in security realm " + str;
            if (z && auditor != null) {
                auditor.writeEvent(new AuditSecurityManagementEventImpl(AuditSeverity.SUCCESS, str2, str3, null));
            }
            if (debugLogger.isDebugEnabled()) {
                debugLogger.debug(str3);
            }
        } catch (RuntimeException e) {
            String str4 = "Security Service " + str2 + " failed to shutdown in security realm " + str;
            if (z && auditor != null) {
                auditor.writeEvent(new AuditSecurityManagementEventImpl(AuditSeverity.FAILURE, str2, str4, e));
            }
            if (debugLogger.isDebugEnabled()) {
                debugLogger.debug(str4, e);
            }
        }
    }

    @Deprecated
    public String getDefaultRealmName() {
        return defaultConfiguredRealmName;
    }

    public String getAdministrativeRealmName() {
        return defaultConfiguredRealmName;
    }

    public String getContextSensitiveRealmName() {
        return defaultRealmName;
    }

    public String getRealmName(String str) {
        return PartitionUtils.getRealmName(str, (ConfigurationMBean) null);
    }

    public String getRealmName(String str, ConfigurationMBean configurationMBean) {
        return PartitionUtils.getRealmName(str, configurationMBean);
    }

    public void applicationDeleted(ConfigurationMBean configurationMBean) {
        if (configurationMBean == null) {
            return;
        }
        if (!(configurationMBean instanceof AppDeploymentMBean)) {
            throw new IllegalArgumentException("The applicationDeleted method requires the use of a AppDeployment mbean, not any other type of bean");
        }
        AppDeploymentMBean appDeploymentMBean = (AppDeploymentMBean) configurationMBean;
        String applicationIdentifier = appDeploymentMBean.getApplicationIdentifier();
        String partitionName = ApplicationVersionUtils.getPartitionName(applicationIdentifier);
        if ("DOMAIN".equals(partitionName)) {
            partitionName = null;
        }
        String realmName = getRealmName(partitionName);
        if (realmName == null) {
            realmName = defaultConfiguredRealmName;
        }
        RealmServices realmServices = realmsHashMap.get(realmName);
        if (realmServices == null) {
            if (debugLogger.isDebugEnabled()) {
                debugLogger.debug("applicationDeleted: Realm is not running: " + realmName);
                return;
            }
            return;
        }
        try {
            RoleManager roleManager = (RoleManager) realmServices.getServices().get(SecurityService.ServiceType.ROLE);
            AuthorizationManager authorizationManager = (AuthorizationManager) realmServices.getServices().get(SecurityService.ServiceType.AUTHORIZE);
            ApplicationVersioningService applicationVersioningService = (ApplicationVersioningService) realmServices.getCSS().getService("ApplicationVersioningService");
            if (debugLogger.isDebugEnabled()) {
                debugLogger.debug("applicationDeleted: Using realm: " + realmName);
            }
            SecurityApplicationInfoImpl securityApplicationInfoImpl = new SecurityApplicationInfoImpl(appDeploymentMBean, ApplicationInfo.ComponentType.APPLICATION, (String) null);
            try {
                roleManager.deleteApplicationRoles(securityApplicationInfoImpl);
            } catch (Exception e) {
            }
            try {
                authorizationManager.deleteApplicationPolicies(securityApplicationInfoImpl);
            } catch (Exception e2) {
            }
            if (appDeploymentMBean.getVersionIdentifier() != null) {
                try {
                    applicationVersioningService.deleteApplicationVersion(applicationIdentifier);
                } catch (Exception e3) {
                }
            } else {
                try {
                    applicationVersioningService.deleteApplication(applicationIdentifier);
                } catch (Exception e4) {
                }
            }
        } catch (Exception e5) {
            throw new IllegalStateException(SecurityLogger.getFailureWithRealm(realmName), e5);
        }
    }

    public boolean isApplicationVersioningSupported(String str) {
        try {
            return getApplicationVersioningService(str).isApplicationVersioningSupported();
        } catch (Exception e) {
            throw new SecurityServiceRuntimeException(SecurityLogger.getFailureWithRealm(str), e);
        }
    }

    public void applicationVersionCreated(ConfigurationMBean configurationMBean, ConfigurationMBean configurationMBean2, String str) {
        if (configurationMBean == null) {
            return;
        }
        if (!(configurationMBean instanceof AppDeploymentMBean)) {
            throw new IllegalArgumentException("The applicationVersionCreated method requires the use of a AppDeployment mbean, not any other type of bean");
        }
        String applicationIdentifier = ((AppDeploymentMBean) configurationMBean).getApplicationIdentifier();
        String str2 = null;
        if (configurationMBean2 != null) {
            if (!(configurationMBean2 instanceof AppDeploymentMBean)) {
                throw new IllegalArgumentException("The applicationVersionCreated method requires the use of a AppDeployment mbean, not any other type of bean");
            }
            str2 = ((AppDeploymentMBean) configurationMBean2).getApplicationIdentifier();
        }
        try {
            getApplicationVersioningService(str).createApplicationVersion(applicationIdentifier, str2);
        } catch (Exception e) {
            throw new SecurityServiceRuntimeException(SecurityLogger.getFailureWithRealm(str), e);
        }
    }

    private ApplicationVersioningService getApplicationVersioningService(String str) throws ServiceInitializationException {
        String actualRealmName = getActualRealmName(str);
        RealmServices realmServices = realmsHashMap.get(actualRealmName);
        if (realmServices == null) {
            if (debugLogger.isDebugEnabled()) {
                debugLogger.debug("getApplicationVersioningService: Realm is not running: " + actualRealmName);
            }
            throw new IllegalStateException(SecurityLogger.getFailureWithRealm(actualRealmName));
        }
        if (debugLogger.isDebugEnabled()) {
            debugLogger.debug("getApplicationVersioningService: Using realm: " + actualRealmName);
        }
        return (ApplicationVersioningService) realmServices.getCSS().getService("ApplicationVersioningService");
    }

    private String getActualRealmName(String str) {
        if (str == null) {
            throw new InvalidParameterException(SecurityLogger.getMustSpecifyRealm());
        }
        String str2 = defaultConfiguredRealmName;
        if (str.equals(getContextSensitiveRealmName())) {
            String realmName = getRealmName(PartitionUtils.getPartitionName());
            if (realmName != null) {
                str2 = realmName;
            }
        } else {
            str2 = str;
        }
        return str2;
    }

    public void initJava2Security() {
        if (System.getSecurityManager() == null) {
            return;
        }
        SecurityServiceManager.setJava2SecurityMode(true);
    }

    private static void checkOPSSPolicy() {
        try {
            if (System.getProperty(JACC_POLICY_PROVIDER) == null || !OPSS_POLICY_PROVIDER.equals(Policy.getPolicy().getClass().getCanonicalName())) {
                return;
            }
            if (opssLoadDebug && debugLogger.isDebugEnabled()) {
                debugLogger.debug("Conflict between JACC Policy and OPSS Policy provider");
            }
            Loggable policyLoadJACCConflictMessageLoggable = SecurityLogger.getPolicyLoadJACCConflictMessageLoggable(OPSS_POLICY_PROVIDER);
            policyLoadJACCConflictMessageLoggable.log();
            throw new SecurityInitializationException(policyLoadJACCConflictMessageLoggable.getMessageText());
        } catch (Throwable th) {
            if (opssLoadDebug && debugLogger.isDebugEnabled()) {
                debugLogger.debug("Problem in checking OPSS security provider: " + th.getMessage());
            }
            Loggable loadPolicyProviderErrorMessageLoggable = SecurityLogger.getLoadPolicyProviderErrorMessageLoggable(OPSS_POLICY_PROVIDER, th.getMessage());
            loadPolicyProviderErrorMessageLoggable.log();
            throw new SecurityInitializationException(loadPolicyProviderErrorMessageLoggable.getMessageText(), th);
        }
    }

    private static void startJPS() throws ClassNotFoundException, NoSuchMethodException, InstantiationException, IllegalAccessException, InvocationTargetException {
        Class<?> cls = Class.forName(JPS_STARTUP_CLASS, true, Thread.currentThread().getContextClassLoader());
        cls.getMethod("start", new Class[0]).invoke(cls.getConstructor(String.class).newInstance("WEBLOGIC"), new Object[0]);
    }

    public void initJACCSecurity() {
        checkJACCCmdlineForConsistency();
        if (System.getProperty(JACC_POLICY_PROVIDER) != null && !isJACCEnabled()) {
            loadJACCPolicy();
        }
        if (System.getProperty(JACC_POLICYCONFIGURATIONFACTORY_PROVIDER) != null) {
            checkJACCConfiguration();
        }
    }

    private static void matchJACCWLSClasses(String str, String str2, String str3, ErrorCollectionException errorCollectionException) {
        boolean z = false;
        if (str != null) {
            z = str.equals(DEFAULT_JACC_SECURITY_POLICY_CONFIGURATION_FACTORY_PROVIDER_CLASSNAME);
        }
        boolean z2 = false;
        if (str2 != null) {
            z2 = str2.equals(DEFAULT_JACC_SECURITY_POLICY_PROVIDER_CLASSNAME);
        }
        boolean z3 = false;
        if (str3 != null) {
            z3 = str3.equals(DEFAULT_ROLEMAPPERFACTORY_PROVIDER_CLASSNAME);
        }
        if (z || z2) {
            if (z && z2 && z3) {
                return;
            }
            addError(errorCollectionException, SecurityLogger.getJACCWebLogicClassesMustMatch());
        }
    }

    private static void addError(ErrorCollectionException errorCollectionException, String str) {
        errorCollectionException.add(new Exception(str));
    }

    private static void loadJACCPolicy() {
        if (JACC_POLICY_LOADED) {
            if (jaccDebugLogger.isDebugEnabled()) {
                jaccDebugLogger.debug("SecurityServiceManagerDelegateImpl:loadJACCPolicy no policy loaded because it has been previously loaded.");
                return;
            }
            return;
        }
        String property = System.getProperty(JACC_POLICY_PROVIDER);
        if (property == null) {
            if (jaccDebugLogger.isDebugEnabled()) {
                jaccDebugLogger.debug("SecurityServiceManagerDelegateImpl:loadJACCPolicy no policy loaded because javax.security.jacc.policy.provider was not specified.");
                return;
            }
            return;
        }
        try {
            Object newInstance = Class.forName(property).newInstance();
            if (!(newInstance instanceof Policy)) {
                Loggable logNotAPolicyObjectLoggable = SecurityLogger.logNotAPolicyObjectLoggable(property);
                logNotAPolicyObjectLoggable.log();
                throw new SecurityInitializationException(logNotAPolicyObjectLoggable.getMessageText());
            }
            Policy policy = (Policy) newInstance;
            Policy.setPolicy(policy);
            policy.refresh();
            JACC_POLICY_LOADED = true;
            SecurityLogger.logJACCPolicyLoadedLoggable(property).log();
        } catch (ClassNotFoundException e) {
            Loggable logJACCPolicyProviderClassNotFoundLoggable = SecurityLogger.logJACCPolicyProviderClassNotFoundLoggable(property, e);
            logJACCPolicyProviderClassNotFoundLoggable.log();
            throw new SecurityInitializationException(logJACCPolicyProviderClassNotFoundLoggable.getMessageText());
        } catch (IllegalAccessException e2) {
            Loggable logIllegalAccessLoggable = SecurityLogger.logIllegalAccessLoggable(property, e2);
            logIllegalAccessLoggable.log();
            throw new SecurityInitializationException(logIllegalAccessLoggable.getMessageText());
        } catch (InstantiationException e3) {
            Loggable logInstantiationExceptionLoggable = SecurityLogger.logInstantiationExceptionLoggable(property, e3);
            logInstantiationExceptionLoggable.log();
            throw new SecurityInitializationException(logInstantiationExceptionLoggable.getMessageText());
        }
    }

    private static void checkJACCConfiguration() {
        try {
            PolicyConfigurationFactory policyConfigurationFactory = PolicyConfigurationFactory.getPolicyConfigurationFactory();
            if (policyConfigurationFactory == null || !(policyConfigurationFactory instanceof PolicyConfigurationFactory)) {
                Loggable logPolicyConfigurationFactoryProblemLoggable = SecurityLogger.logPolicyConfigurationFactoryProblemLoggable();
                logPolicyConfigurationFactoryProblemLoggable.log();
                throw new SecurityInitializationException(logPolicyConfigurationFactoryProblemLoggable.getMessageText());
            }
            SecurityLogger.logJACCPolicyConfigurationFactoryLoadedLoggable(policyConfigurationFactory.getClass().getName()).log();
            if ((policyConfigurationFactory instanceof PolicyConfigurationFactoryImpl) && jaccDebugLogger.isDebugEnabled()) {
                jaccDebugLogger.debug("SecurityServiceManagerDelegateImpl:checkJACCConfiguration. We found a weblogic.security.jacc.simpleprovider.PolicyConfigurationImpl and loaded it.");
            }
            try {
                RoleMapperFactory roleMapperFactory = RoleMapperFactory.getRoleMapperFactory();
                if (roleMapperFactory == null || !(roleMapperFactory instanceof RoleMapperFactory)) {
                    Loggable logRoleMapperFactoryProblemLoggable = SecurityLogger.logRoleMapperFactoryProblemLoggable();
                    logRoleMapperFactoryProblemLoggable.log();
                    throw new SecurityInitializationException(logRoleMapperFactoryProblemLoggable.getMessageText());
                }
                SecurityLogger.logJACCRoleMapperFactoryLoadedLoggable(roleMapperFactory.getClass().getName()).log();
                if ((roleMapperFactory instanceof RoleMapperFactoryImpl) && jaccDebugLogger.isDebugEnabled()) {
                    jaccDebugLogger.debug("SecurityServiceManagerDelegateImpl:checkJACCConfiguration. We found a weblogic.security.jacc.simpleprovider.RoleMapperFactoryImpl and loaded it.");
                }
            } catch (PolicyContextException e) {
                Loggable logPolicyContextExceptionLoggable = SecurityLogger.logPolicyContextExceptionLoggable(e);
                logPolicyContextExceptionLoggable.log();
                throw new SecurityInitializationException(logPolicyContextExceptionLoggable.getMessageText());
            } catch (ClassNotFoundException e2) {
                String property = System.getProperty(ROLEMAPPERFACTORY_PROVIDER);
                Loggable logJACCRoleMapperFactoryProviderClassNotFoundLoggable = SecurityLogger.logJACCRoleMapperFactoryProviderClassNotFoundLoggable(property == null ? "null" : property, e2);
                logJACCRoleMapperFactoryProviderClassNotFoundLoggable.log();
                throw new SecurityInitializationException(logJACCRoleMapperFactoryProviderClassNotFoundLoggable.getMessageText());
            }
        } catch (ClassNotFoundException e3) {
            String property2 = System.getProperty(JACC_POLICYCONFIGURATIONFACTORY_PROVIDER);
            Loggable logJACCPolicyConfigurationFactoryProviderClassNotFoundLoggable = SecurityLogger.logJACCPolicyConfigurationFactoryProviderClassNotFoundLoggable(property2 == null ? "null" : property2, e3);
            logJACCPolicyConfigurationFactoryProviderClassNotFoundLoggable.log();
            throw new SecurityInitializationException(logJACCPolicyConfigurationFactoryProviderClassNotFoundLoggable.getMessageText());
        } catch (PolicyContextException e4) {
            Loggable logPolicyContextExceptionLoggable2 = SecurityLogger.logPolicyContextExceptionLoggable(e4);
            logPolicyContextExceptionLoggable2.log();
            throw new SecurityInitializationException(logPolicyContextExceptionLoggable2.getMessageText());
        }
    }

    public boolean isJACCEnabled() {
        return JACC_POLICY_LOADED;
    }

    public DeploymentValidator getDeploymentValidator(AuthenticatedSubject authenticatedSubject, String str, SecurityApplicationInfo securityApplicationInfo) {
        return !securityApplicationInfo.isValidateDDSecurityData() ? new DeploymentValidatorUnknownImpl() : new DeploymentUtils(str, authenticatedSubject);
    }

    public int getRoleMappingBehavior(String str, SecurityApplicationInfo securityApplicationInfo) {
        int i = 1;
        if (securityApplicationInfo != null) {
            String securityDDModel = securityApplicationInfo.getSecurityDDModel();
            if (!"Advanced".equals(securityDDModel)) {
                if ("CustomRoles".equals(securityDDModel) || "CustomRolesAndPolicies".equals(securityDDModel)) {
                    i = 2;
                }
                if (debugLogger.isDebugEnabled()) {
                    debugLogger.debug("getRoleMappingBehavior: returning " + i);
                }
                return i;
            }
        }
        String actualRealmName = getActualRealmName(str);
        if (debugLogger.isDebugEnabled()) {
            debugLogger.debug("getRoleMappingBehavior: using realm setting from: " + actualRealmName);
        }
        try {
            if (!getRealmFromName(actualRealmName).isCombinedRoleMappingEnabled()) {
                i = 0;
            }
            if (debugLogger.isDebugEnabled()) {
                debugLogger.debug("getRoleMappingBehavior: returning " + i);
            }
            return i;
        } catch (Exception e) {
            throw new IllegalStateException(SecurityLogger.getFailureWithRealm(actualRealmName), e);
        }
    }

    private static void checkJACCCmdlineForConsistency() {
        ErrorCollectionException errorCollectionException = new ErrorCollectionException();
        String property = System.getProperty(JACC_POLICYCONFIGURATIONFACTORY_PROVIDER);
        String property2 = System.getProperty(JACC_POLICY_PROVIDER);
        String property3 = System.getProperty(ROLEMAPPERFACTORY_PROVIDER);
        if (DEFAULT_JACC_SECURITY_POLICY_CONFIGURATION_FACTORY_PROVIDER_CLASSNAME.equals(property) && DEFAULT_JACC_SECURITY_POLICY_PROVIDER_CLASSNAME.equals(property2) && property3 == null) {
            property3 = DEFAULT_ROLEMAPPERFACTORY_PROVIDER_CLASSNAME;
        }
        if (property != null && property2 != null && property3 == null) {
            throw new SecurityInitializationException(SecurityLogger.getJACCWebLogicRoleMapperFactoryNotSupplied());
        }
        matchJACCWLSClasses(property, property2, property3, errorCollectionException);
        if (!errorCollectionException.isEmpty()) {
            throw new SecurityInitializationException(SecurityLogger.getInconsistentSecurityConfiguration(), errorCollectionException);
        }
    }

    private CSS InitializeServiceEngine(RealmMBean realmMBean) throws SecurityServiceException {
        CSSWLSDelegateImpl cSSWLSDelegateImpl = new CSSWLSDelegateImpl();
        cSSWLSDelegateImpl.initialize(realmMBean);
        CSS css = CSS.getInstance();
        css.setDelegate(cSSWLSDelegateImpl);
        return css;
    }

    public CSS getCSS(AuthenticatedSubject authenticatedSubject, String str) {
        SecurityManager.checkKernelIdentity(authenticatedSubject);
        if (str == null) {
            return null;
        }
        RealmServices realmServices = realmsHashMap.get(str);
        if (realmServices == null) {
            throw new InvalidParameterException(SecurityLogger.getRealmDoesNotExist(str));
        }
        return realmServices.getCSS();
    }

    public Object getCSSServiceInternal(String str, String str2) throws InvalidParameterException {
        RealmServices realmServices = realmsHashMap.get(str);
        if (realmServices == null) {
            startRealm(str);
            realmServices = realmsHashMap.get(str);
        }
        if (realmServices == null) {
            throw new InvalidParameterException(SecurityLogger.getRealmDoesNotExist(str));
        }
        try {
            return realmServices.getCSS().getService(str2);
        } catch (ServiceInitializationException e) {
            throw new InvalidParameterException(SecurityLogger.getMustSpecifySecServiceType(), e);
        }
    }

    public Object getCSSServiceProxy(String str, String str2) throws InvalidParameterException {
        if (str == null) {
            throw new InvalidParameterException(SecurityLogger.getMustSpecifySecServiceType());
        }
        Object generateCSSWiredServiceProxy = str2 == null ? cssServiceProxiesHashMap.get(str) : generateCSSWiredServiceProxy(str2, str);
        if (generateCSSWiredServiceProxy == null) {
            throw new InvalidParameterException(SecurityLogger.getMustSpecifySecServiceType());
        }
        if (debugLogger.isDebugEnabled()) {
            debugLogger.debug("getCSSServiceProxy: returned proxy for " + str);
        }
        return generateCSSWiredServiceProxy;
    }

    public void initializeRealm(AuthenticatedSubject authenticatedSubject, String str) {
        if (initialized) {
            SecurityManager.checkKernelIdentity(authenticatedSubject);
            if (str == null) {
                return;
            }
            if (debugLogger.isDebugEnabled()) {
                debugLogger.debug("initializeRealm: starting realm " + str);
            }
            startRealm(str);
        }
    }

    public void shutdownRealm(AuthenticatedSubject authenticatedSubject, String str) {
        if (initialized) {
            SecurityManager.checkKernelIdentity(authenticatedSubject);
            if (str == null) {
                return;
            }
            if (debugLogger.isDebugEnabled()) {
                debugLogger.debug("shutdownRealm: shutting down realm " + str);
            }
            shutdownRealm(str);
        }
    }

    public void restartRealm(AuthenticatedSubject authenticatedSubject, String str) {
        if (initialized) {
            SecurityManager.checkKernelIdentity(authenticatedSubject);
            if (str == null) {
                return;
            }
            if (debugLogger.isDebugEnabled()) {
                debugLogger.debug("restartRealm: re-starting realm " + str);
            }
            restartRealm(str);
        }
    }

    public boolean isRealmShutdown(String str) {
        return initialized && str != null && shutdownRealmsHashMap.containsKey(str);
    }

    private void setJAASConfiguration() {
        AccessController.doPrivileged(new PrivilegedAction() { // from class: weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.1
            @Override // java.security.PrivilegedAction
            public Object run() {
                Security.setProperty("login.configuration.provider", "com.bea.common.security.jdkutils.JAASConfiguration");
                return null;
            }
        });
    }

    private HashMap<SecurityService.ServiceType, SecurityService> generateServiceProxies() {
        HashMap<SecurityService.ServiceType, SecurityService> hashMap = new HashMap<>();
        hashMap.put(SecurityService.ServiceType.AUTHENTICATION, getSecurityServiceProxy(SecurityService.ServiceType.AUTHENTICATION, PrincipalAuthenticatorImpl.class));
        hashMap.put(SecurityService.ServiceType.AUTHORIZE, getSecurityServiceProxy(SecurityService.ServiceType.AUTHORIZE, AuthorizationManagerImpl.class));
        hashMap.put(SecurityService.ServiceType.ROLE, getSecurityServiceProxy(SecurityService.ServiceType.ROLE, RoleManagerImpl.class));
        hashMap.put(SecurityService.ServiceType.CREDENTIALMANAGER, getSecurityServiceProxy(SecurityService.ServiceType.CREDENTIALMANAGER, CredentialManagerImpl.class));
        hashMap.put(SecurityService.ServiceType.AUDIT, getSecurityServiceProxy(SecurityService.ServiceType.AUDIT, AuditorImpl.class));
        hashMap.put(SecurityService.ServiceType.CERTPATH, getSecurityServiceProxy(SecurityService.ServiceType.CERTPATH, CertPathManagerImpl.class));
        hashMap.put(SecurityService.ServiceType.SAML2_SSO, getSecurityServiceProxy(SecurityService.ServiceType.SAML2_SSO, SAML2ServiceWrapper.class));
        hashMap.put(SecurityService.ServiceType.STSMANAGER, getSecurityServiceProxy(SecurityService.ServiceType.STSMANAGER, SecurityTokenServiceManagerImpl.class));
        hashMap.put(SecurityService.ServiceType.BULKAUTHORIZE, getSecurityServiceProxy(SecurityService.ServiceType.BULKAUTHORIZE, BulkAuthorizationManagerImpl.class));
        hashMap.put(SecurityService.ServiceType.BULKROLE, getSecurityServiceProxy(SecurityService.ServiceType.BULKROLE, BulkRoleManagerImpl.class));
        return hashMap;
    }

    private SecurityService getSecurityServiceProxy(SecurityService.ServiceType serviceType, Class cls) {
        return (SecurityService) Proxy.newProxyInstance(getClass().getClassLoader(), cls.getInterfaces(), new ServiceHandler.SecurityServiceHandler(serviceType, this, debugLogger));
    }

    private HashMap<String, Object> generateCSSServiceProxies() {
        HashMap<String, Object> hashMap = new HashMap<>();
        hashMap.put("PrincipalValidationService", getCSSSecurityServiceProxy("PrincipalValidationService", PrincipalValidationService.class));
        hashMap.put("PolicyConsumerService", getCSSSecurityServiceProxy("PolicyConsumerService", PolicyConsumerService.class));
        hashMap.put("RoleConsumerService", getCSSSecurityServiceProxy("RoleConsumerService", RoleConsumerService.class));
        return hashMap;
    }

    private Object getCSSSecurityServiceProxy(String str, Class cls) {
        return Proxy.newProxyInstance(getClass().getClassLoader(), new Class[]{cls}, new ServiceHandler.CSSServiceHandler(str, this, debugLogger));
    }

    private SecurityService generateWiredServiceProxy(String str, SecurityService.ServiceType serviceType, Object obj) {
        SecurityService securityService;
        RealmServices realmServices = realmsHashMap.get(str);
        if (realmServices == null) {
            return (SecurityService) obj;
        }
        synchronized (realmServices.getProxyLock()) {
            securityService = realmServices.getProxies().get(serviceType);
            if (securityService == null) {
                securityService = (SecurityService) Proxy.newProxyInstance(getClass().getClassLoader(), obj.getClass().getInterfaces(), new ServiceHandler.WiredServiceHandler(str, serviceType, this, debugLogger));
                realmServices.getProxies().put(serviceType, securityService);
                if (debugLogger.isDebugEnabled()) {
                    debugLogger.debug("generateWiredServiceProxy: added proxy for " + str + " to " + obj.toString());
                }
            }
        }
        return securityService;
    }

    private Class getCSSServiceInterface(String str) {
        boolean z = -1;
        switch (str.hashCode()) {
            case -1584352723:
                if (str.equals("PolicyConsumerService")) {
                    z = false;
                    break;
                }
                break;
            case -1262331506:
                if (str.equals("PrincipalValidationService")) {
                    z = 2;
                    break;
                }
                break;
            case 826859113:
                if (str.equals("RoleConsumerService")) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return PolicyConsumerService.class;
            case true:
                return RoleConsumerService.class;
            case true:
                return PrincipalValidationService.class;
            default:
                return null;
        }
    }

    private Object generateCSSWiredServiceProxy(String str, String str2) {
        Class cSSServiceInterface;
        Object obj = null;
        RealmServices realmServices = realmsHashMap.get(str);
        if (realmServices != null) {
            synchronized (realmServices.getProxyLock()) {
                obj = realmServices.getCSSProxies().get(str2);
                if (obj == null && (cSSServiceInterface = getCSSServiceInterface(str2)) != null) {
                    obj = Proxy.newProxyInstance(getClass().getClassLoader(), new Class[]{cSSServiceInterface}, new ServiceHandler.CSSWiredServiceHandler(str, str2, this, debugLogger));
                    realmServices.getCSSProxies().put(str2, obj);
                    if (debugLogger.isDebugEnabled()) {
                        debugLogger.debug("generateCSSWiredServiceProxy: added proxy for " + str + " to " + str2);
                    }
                }
            }
        }
        return obj;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public ClassLoader getThreadContextClassloader() {
        return (ClassLoader) AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() { // from class: weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public ClassLoader run() {
                return Thread.currentThread().getContextClassLoader();
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setThreadContextClassloader(final ClassLoader classLoader) {
        AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.3
            @Override // java.security.PrivilegedAction
            public Object run() {
                Thread.currentThread().setContextClassLoader(classLoader);
                return null;
            }
        });
    }

    private void startRealm(String str) {
        RealmMBean lookupRealm = ManagementService.getRuntimeAccess(kernelId).getDomain().getSecurityConfiguration().lookupRealm(str);
        if (lookupRealm == null) {
            throw new SecurityServiceRuntimeException(SecurityLogger.getRealmDoesNotExist(str));
        }
        synchronized (getRealmLock(lookupRealm)) {
            if (realmsHashMap.get(str) != null) {
                return;
            }
            SecurityLogger.logStartingRealm(str);
            try {
                RealmServices remove = shutdownRealmsHashMap.remove(str);
                RCMResourceContextManager resourceContextManager = SecurityUtils.getResourceContextManager();
                ManagedAccountingContext accountingContextAsGlobal = resourceContextManager != null ? resourceContextManager.setAccountingContextAsGlobal() : null;
                Throwable th = null;
                try {
                    try {
                        RealmServices realmServices = (RealmServices) AccessController.doPrivileged(new StartRealmInternalAction(lookupRealm));
                        if (accountingContextAsGlobal != null) {
                            if (0 != 0) {
                                try {
                                    accountingContextAsGlobal.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                accountingContextAsGlobal.close();
                            }
                        }
                        if (remove != null) {
                            realmServices.setCSSProxies(remove.getCSSProxies());
                            realmServices.setProxies(remove.getProxies());
                            realmServices.setProxyLock(remove.getProxyLock());
                            if (remove.isDefault()) {
                                realmServices.setDefault();
                            }
                        }
                        realmsHashMap.put(realmServices.getRealmName(), realmServices);
                        SecurityLogger.logCompletedStartingRealm(str);
                    } finally {
                    }
                } catch (Throwable th3) {
                    if (accountingContextAsGlobal != null) {
                        if (th != null) {
                            try {
                                accountingContextAsGlobal.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            accountingContextAsGlobal.close();
                        }
                    }
                    throw th3;
                }
            } catch (Exception e) {
                if (0 != 0) {
                    shutdownRealmsHashMap.put(str, null);
                }
                throw new SecurityServiceRuntimeException(e);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public RealmServices startRealmInternal(final RealmMBean realmMBean) throws SecurityServiceException {
        try {
            return (RealmServices) SecurityServiceManager.runAs(kernelId, kernelId, new PrivilegedExceptionAction<Object>() { // from class: weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.4
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    ClassLoader threadContextClassloader = CommonSecurityServiceManagerDelegateImpl.this.getThreadContextClassloader();
                    CommonSecurityServiceManagerDelegateImpl.this.setThreadContextClassloader(getClass().getClassLoader());
                    try {
                        RealmServices initializeRealm = CommonSecurityServiceManagerDelegateImpl.this.initializeRealm(realmMBean, true);
                        CommonSecurityServiceManagerDelegateImpl.this.postInitializeRealm(realmMBean, initializeRealm);
                        CommonSecurityServiceManagerDelegateImpl.this.setThreadContextClassloader(threadContextClassloader);
                        return initializeRealm;
                    } catch (Throwable th) {
                        CommonSecurityServiceManagerDelegateImpl.this.setThreadContextClassloader(threadContextClassloader);
                        throw th;
                    }
                }
            });
        } catch (Exception e) {
            String name = realmMBean.getName();
            SecurityLogger.logLoadRealmFailed(name, e);
            if (debugLogger.isDebugEnabled()) {
                debugLogger.debug("Failed to start security realm: " + name, e);
            }
            try {
                ServerSecurityRuntimeMBean serverSecurityRuntime = ManagementService.getRuntimeAccess(kernelId).getServerRuntime().getServerSecurityRuntime();
                serverSecurityRuntime.removeRealmRuntime(serverSecurityRuntime.lookupRealmRuntime(name));
            } catch (ManagementException e2) {
                if (debugLogger.isDebugEnabled()) {
                    debugLogger.debug("Failed cleanup of security realm runtime: " + name, e2);
                }
            }
            throw new SecurityServiceException(SecurityLogger.getFailureWithRealm(name), e);
        }
    }

    private void restartRealm(String str) {
        RealmMBean lookupRealm = ManagementService.getRuntimeAccess(kernelId).getDomain().getSecurityConfiguration().lookupRealm(str);
        if (lookupRealm == null) {
            throw new SecurityServiceRuntimeException(SecurityLogger.getRealmDoesNotExist(str));
        }
        synchronized (getRealmLock(lookupRealm)) {
            final RealmServices realmServices = realmsHashMap.get(str);
            if (realmServices == null) {
                return;
            }
            ServerSecurityRuntimeMBean serverSecurityRuntime = ManagementService.getRuntimeAccess(kernelId).getServerRuntime().getServerSecurityRuntime();
            RealmRuntime lookupRealmRuntime = serverSecurityRuntime.lookupRealmRuntime(str);
            if (lookupRealmRuntime == null) {
                throw new SecurityServiceRuntimeException("RealmRuntimeMBean not found!");
            }
            try {
                serverSecurityRuntime.removeRealmRuntime(lookupRealmRuntime);
                SecurityLogger.logRestartingRealm(str);
                try {
                    RealmServices realmServices2 = (RealmServices) AccessController.doPrivileged(new StartRealmInternalAction(lookupRealm));
                    if (realmServices.isDefault()) {
                        realmServices2.setDefault();
                    }
                    realmServices2.setCSSProxies(realmServices.getCSSProxies());
                    realmServices2.setProxies(realmServices.getProxies());
                    realmServices2.setProxyLock(realmServices.getProxyLock());
                    realmsHashMap.put(str, realmServices2);
                    flushProxies(cssServiceProxiesHashMap.values().iterator());
                    flushProxies(serviceProxiesHashMap.values().iterator());
                    synchronized (realmServices2.getProxyLock()) {
                        flushProxies(realmServices2.getProxies().values().iterator());
                        flushProxies(realmServices2.getCSSProxies().values().iterator());
                    }
                    SecurityLogger.logCompletedRestartingRealm(str);
                    TimerManagerFactory.getTimerManagerFactory().getDefaultTimerManager().schedule(new TimerListener() { // from class: weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.5
                        public final void timerExpired(Timer timer) {
                            try {
                                CommonSecurityServiceManagerDelegateImpl.this.shutdownRealmServices(realmServices, true);
                            } catch (Exception e) {
                                SecurityLogger.logShutdownRealmFailed(realmServices.getRealmName(), e);
                                if (CommonSecurityServiceManagerDelegateImpl.debugLogger.isDebugEnabled()) {
                                    CommonSecurityServiceManagerDelegateImpl.debugLogger.debug("Failure during shutdown of retired realm from re-start " + realmServices.getRealmName(), e);
                                }
                            }
                        }
                    }, lookupRealm.getRetireTimeoutSeconds() * 1000);
                } catch (Exception e) {
                    try {
                        ((SecurityRuntime) serverSecurityRuntime).registerRestart(str, lookupRealmRuntime);
                        lookupRealmRuntime.registerRestart();
                    } catch (ManagementException e2) {
                        if (debugLogger.isDebugEnabled()) {
                            debugLogger.debug("Failed re-register of security realm runtime: " + str, e2);
                        }
                    }
                    throw new SecurityServiceRuntimeException(e);
                }
            } catch (ManagementException e3) {
                if (debugLogger.isDebugEnabled()) {
                    debugLogger.debug("Failed to unregister security realm runtime: " + str, e3);
                }
                throw new SecurityServiceRuntimeException(e3);
            }
        }
    }

    private void flushProxies(Iterator it) {
        while (it.hasNext()) {
            Object next = it.next();
            if (next instanceof Proxy) {
                InvocationHandler invocationHandler = Proxy.getInvocationHandler(next);
                if (invocationHandler instanceof ServiceHandler) {
                    ((ServiceHandler) invocationHandler).flush();
                }
            }
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:37:0x0049, code lost:
    
        weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.realmsLockMap.remove(r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:38:0x0058, code lost:
    
        if (weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.debugLogger.isDebugEnabled() == false) goto L13;
     */
    /* JADX WARN: Code restructure failed: missing block: B:39:0x005b, code lost:
    
        weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.debugLogger.debug("Removed the lifecycle lock on realm " + r7);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void shutdownRealm(java.lang.String r7) {
        /*
            Method dump skipped, instructions count: 286
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.shutdownRealm(java.lang.String):void");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void shutdownRealmInternal(String str) {
        RealmServices remove = realmsHashMap.remove(str);
        if (remove == null) {
            return;
        }
        flushProxies(cssServiceProxiesHashMap.values().iterator());
        flushProxies(serviceProxiesHashMap.values().iterator());
        synchronized (remove.getProxyLock()) {
            flushProxies(remove.getProxies().values().iterator());
            flushProxies(remove.getCSSProxies().values().iterator());
        }
        shutdownRealmsHashMap.put(str, remove);
        try {
            shutdownRealmServices(remove, false);
        } catch (Exception e) {
            SecurityLogger.logShutdownRealmFailed(remove.getRealmName(), e);
            if (debugLogger.isDebugEnabled()) {
                debugLogger.debug("Failure during shutdown of realm services for " + str, e);
            }
        }
        try {
            ServerSecurityRuntimeMBean serverSecurityRuntime = ManagementService.getRuntimeAccess(kernelId).getServerRuntime().getServerSecurityRuntime();
            serverSecurityRuntime.removeRealmRuntime(serverSecurityRuntime.lookupRealmRuntime(str));
        } catch (Exception e2) {
            if (debugLogger.isDebugEnabled()) {
                debugLogger.debug("Failed at realm shutdown to unregister security realm runtime: " + str, e2);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void shutdownRealmServices(final RealmServices realmServices, final boolean z) {
        synchronized (realmServices) {
            if (realmServices.isShutdown()) {
                return;
            }
            try {
                realmServices.cleanup();
                SecurityServiceManager.runAs(kernelId, kernelId, new PrivilegedAction<Object>() { // from class: weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.6
                    @Override // java.security.PrivilegedAction
                    public Object run() {
                        ClassLoader threadContextClassloader = CommonSecurityServiceManagerDelegateImpl.this.getThreadContextClassloader();
                        CommonSecurityServiceManagerDelegateImpl.this.setThreadContextClassloader(getClass().getClassLoader());
                        try {
                            if (z) {
                                SecurityLogger.logShutdownRetiredSecurityRealm(realmServices.getRealmName());
                            } else {
                                SecurityLogger.logShutdownSecurityRealm(realmServices.getRealmName());
                            }
                            CommonSecurityServiceManagerDelegateImpl.this.shutdownManagers(realmServices.getRealmName(), realmServices.getServices());
                            CommonSecurityServiceManagerDelegateImpl.this.shutdownCSS(realmServices, z);
                            return null;
                        } finally {
                            CommonSecurityServiceManagerDelegateImpl.this.setThreadContextClassloader(threadContextClassloader);
                        }
                    }
                });
                realmServices.shutdown();
            } catch (Throwable th) {
                realmServices.shutdown();
                throw th;
            }
        }
    }

    private Object getRealmLock(RealmMBean realmMBean) {
        Object obj;
        synchronized (realmMBean) {
            Object obj2 = realmsLockMap.get(realmMBean);
            if (obj2 == null) {
                obj2 = new Object();
                realmsLockMap.put(realmMBean, obj2);
            }
            obj = obj2;
        }
        return obj;
    }

    static {
        boolean z;
        opssLoadDebug = System.getProperty(OPSS_LOAD_LOG) != null;
        kernelId = (AuthenticatedSubject) AccessController.doPrivileged(PrivilegedActions.getKernelIdentityAction());
        ORDERED_MANAGER_KEY_LIST = new Object[]{SecurityService.ServiceType.AUDIT, SecurityService.ServiceType.CREDENTIALMANAGER, SecurityService.ServiceType.BULKROLE, SecurityService.ServiceType.BULKAUTHORIZE, SecurityService.ServiceType.ROLE, SecurityService.ServiceType.AUTHORIZE, SecurityService.ServiceType.AUTHENTICATION, SecurityService.ServiceType.CERTPATH, SecurityService.ServiceType.STSMANAGER, SecurityService.ServiceType.SAML2_SSO};
        String str = null;
        try {
            str = System.getProperty(FULL_DELEGATE_AUTHORIZATION);
            z = str != null;
        } catch (SecurityException e) {
            z = false;
        }
        FULL_DELEGATE_PROPERTY_ON_CMDLINE = z;
        FULL_DELEGATE_OVERRIDE_VALUE = new Boolean(str).booleanValue();
    }
}
