package weblogic.servlet.security.internal;

import com.bea.httppubsub.bayeux.BayeuxConstants;
import java.io.IOException;
import java.lang.annotation.Annotation;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.Map;
import java.util.Set;
import javax.security.jacc.WebResourcePermission;
import javax.security.jacc.WebUserDataPermission;
import javax.servlet.ServletConfig;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.tools.ant.types.selectors.SelectorUtils;
import weblogic.application.utils.ApplicationVersionUtils;
import weblogic.descriptor.internal.AbstractDescriptorBean;
import weblogic.j2ee.descriptor.AuthConstraintBean;
import weblogic.j2ee.descriptor.SecurityConstraintBean;
import weblogic.j2ee.descriptor.SecurityRoleRefBean;
import weblogic.j2ee.descriptor.ServletBean;
import weblogic.j2ee.descriptor.UserDataConstraintBean;
import weblogic.j2ee.descriptor.WebAppBean;
import weblogic.j2ee.descriptor.WebResourceCollectionBean;
import weblogic.management.DeploymentException;
import weblogic.security.jacc.PolicyContextManager;
import weblogic.security.jaspic.SecurityServices;
import weblogic.security.jaspic.SecurityServicesImpl;
import weblogic.server.GlobalServiceLocator;
import weblogic.servlet.HTTPLogger;
import weblogic.servlet.internal.dd.UserDataConstraint;
import weblogic.servlet.internal.session.SessionConstants;
import weblogic.servlet.spi.JaccApplicationSecurity;
import weblogic.servlet.spi.SubjectHandle;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:weblogic/servlet/security/internal/WebAppSecurityJacc.class */
public final class WebAppSecurityJacc extends WebAppSecurity {
    private static final boolean DEBUG = false;
    private static final char DELIMITER = '_';
    private static final String HTTP_METHODS_PROPERTY_NAME = "HttpMethods";
    private static final String HTTP_METHOD_OMISSIONS_PROPERTY_NAME = "HttpMethodOmissions";
    private final String contextId;
    private boolean isPathPrefixPatternDefined;
    private HashMap<String, PatternHelper> patterns;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:weblogic/servlet/security/internal/WebAppSecurityJacc$PatternHelper.class */
    public static class PatternHelper {
        private final String pattern;
        private final boolean prefixPattern;
        private final boolean exactPattern;
        private final boolean extensionPattern;
        private final boolean defaultPattern;
        private final String prefix;
        private HttpMethodCombination httpMethodCombination = new HttpMethodCombination();
        private HttpMethodCombination httpMethodCombinationForWRP = new HttpMethodCombination();
        private HttpMethodCombination httpMethodCombinationForUDC = new HttpMethodCombination();
        private String qualifiedPattern;
        private final String extension;

        PatternHelper(String str) {
            this.pattern = str;
            this.qualifiedPattern = escapeEncodeUrlPattern(this.pattern);
            if (str == null) {
                throw new IllegalArgumentException("pattern is null");
            }
            if (str.length() == 1 && str.charAt(0) == '/') {
                this.defaultPattern = true;
                this.exactPattern = false;
                this.extensionPattern = false;
                this.prefixPattern = false;
                this.prefix = "";
                this.extension = null;
                return;
            }
            if (str.startsWith("*.")) {
                this.exactPattern = false;
                this.extensionPattern = true;
                this.prefixPattern = false;
                this.defaultPattern = false;
                this.prefix = null;
                this.extension = this.pattern.substring(1);
                return;
            }
            if (str.length() == 2 && str.equals(BayeuxConstants.SINGLE_WILD)) {
                this.exactPattern = false;
                this.extensionPattern = false;
                this.prefixPattern = true;
                this.defaultPattern = true;
                this.prefix = "";
                this.extension = null;
                return;
            }
            if (str.endsWith(BayeuxConstants.SINGLE_WILD)) {
                this.exactPattern = false;
                this.extensionPattern = false;
                this.prefixPattern = true;
                this.defaultPattern = false;
                this.prefix = this.pattern.substring(0, this.pattern.length() - 1);
                this.extension = null;
                return;
            }
            this.exactPattern = true;
            this.extensionPattern = false;
            this.prefixPattern = false;
            this.defaultPattern = false;
            this.prefix = str;
            this.extension = null;
        }

        String getPattern() {
            return this.pattern;
        }

        boolean isPrefixPattern() {
            return this.prefixPattern;
        }

        boolean isExactPattern() {
            return this.exactPattern;
        }

        boolean isExtensionPattern() {
            return this.extensionPattern;
        }

        boolean isDefaultPattern() {
            return this.defaultPattern;
        }

        String getPrefix() {
            return this.prefix;
        }

        String getQualifiedPattern() {
            return this.qualifiedPattern;
        }

        HttpMethodCombination getHttpMethodCombination() {
            return this.httpMethodCombination;
        }

        HttpMethodCombination getHttpMethodCombinationForWRP() {
            return this.httpMethodCombinationForWRP;
        }

        HttpMethodCombination getHttpMethodCombinationForUDC() {
            return this.httpMethodCombinationForUDC;
        }

        private String escapeEncodeUrlPattern(String str) {
            if (str == null) {
                return null;
            }
            return str.replace(":", "%3A");
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void computeQualifiedPatterns(HashMap hashMap) {
            if (isExactPattern()) {
                return;
            }
            for (PatternHelper patternHelper : hashMap.values()) {
                if (!patternHelper.getPattern().equals(this.pattern)) {
                    boolean z = false;
                    if (isDefaultPattern()) {
                        z = (patternHelper.getPattern().equals("/") || patternHelper.getPattern().equals(BayeuxConstants.SINGLE_WILD)) ? false : true;
                    } else if (isPrefixPattern()) {
                        if (patternHelper.isPrefixPattern()) {
                            z = patternHelper.getPrefix().startsWith(this.prefix);
                        } else if (patternHelper.isExactPattern()) {
                            z = patternHelper.getPattern().startsWith(this.prefix) || this.prefix.equals(new StringBuilder().append(patternHelper.getPattern()).append("/").toString());
                        }
                    } else if (patternHelper.isPrefixPattern()) {
                        z = true;
                    } else if (patternHelper.isExactPattern()) {
                        z = patternHelper.getPattern().endsWith(this.extension);
                    }
                    if (z) {
                        this.qualifiedPattern += ":" + escapeEncodeUrlPattern(patternHelper.getPattern());
                    }
                }
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public HttpMethodCombination createHttpMethodCombination(WebResourceCollectionBean webResourceCollectionBean) {
            HttpMethodCombination httpMethodCombination = new HttpMethodCombination();
            addHttpMethodLists(webResourceCollectionBean, httpMethodCombination);
            return httpMethodCombination;
        }

        /* JADX WARN: Multi-variable type inference failed */
        private void addHttpMethodLists(WebResourceCollectionBean webResourceCollectionBean, HttpMethodCombination httpMethodCombination) {
            String[] strArr = null;
            String[] strArr2 = null;
            if (webResourceCollectionBean instanceof AbstractDescriptorBean) {
                AbstractDescriptorBean abstractDescriptorBean = (AbstractDescriptorBean) webResourceCollectionBean;
                if (abstractDescriptorBean.isSet(WebAppSecurityJacc.HTTP_METHODS_PROPERTY_NAME)) {
                    strArr = webResourceCollectionBean.getHttpMethods();
                }
                if (abstractDescriptorBean.isSet(WebAppSecurityJacc.HTTP_METHOD_OMISSIONS_PROPERTY_NAME)) {
                    strArr2 = webResourceCollectionBean.getHttpMethodOmissions();
                }
            } else {
                strArr = webResourceCollectionBean.getHttpMethods();
                strArr2 = webResourceCollectionBean.getHttpMethodOmissions();
            }
            httpMethodCombination.addHttpMethodList(strArr);
            if (strArr2 != null) {
                httpMethodCombination.addHttpMethodOmissionList(strArr2);
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void addHttpMethodLists(WebResourceCollectionBean webResourceCollectionBean) {
            addHttpMethodLists(webResourceCollectionBean, this.httpMethodCombination);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void addHttpMethodListsForWRP(WebResourceCollectionBean webResourceCollectionBean) {
            addHttpMethodLists(webResourceCollectionBean, this.httpMethodCombinationForWRP);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void addHttpMethodListsForUDC(WebResourceCollectionBean webResourceCollectionBean) {
            addHttpMethodLists(webResourceCollectionBean, this.httpMethodCombinationForUDC);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public WebAppSecurityJacc(ServletSecurityContext servletSecurityContext, JaccApplicationSecurity jaccApplicationSecurity, ExternalRoleChecker externalRoleChecker) throws DeploymentException {
        this(servletSecurityContext, jaccApplicationSecurity, externalRoleChecker, (SecurityServices) GlobalServiceLocator.getServiceLocator().getService(SecurityServicesImpl.class, new Annotation[0]));
    }

    WebAppSecurityJacc(ServletSecurityContext servletSecurityContext, JaccApplicationSecurity jaccApplicationSecurity, ExternalRoleChecker externalRoleChecker, SecurityServices securityServices) throws DeploymentException {
        super(servletSecurityContext, jaccApplicationSecurity, externalRoleChecker, securityServices);
        this.isPathPrefixPatternDefined = false;
        this.patterns = new HashMap<>();
        this.contextId = servletSecurityContext.getServerName() + '_' + ApplicationVersionUtils.replaceDelimiter(servletSecurityContext.getApplicationId(), '_') + '_' + servletSecurityContext.getServletContext().getContextPath().replace('/', '_');
    }

    @Override // weblogic.servlet.security.internal.WebAppSecurity
    protected void deployRoles() throws DeploymentException {
        if (this.roleNames.isEmpty()) {
            return;
        }
        Iterator<String> it = this.roleNames.iterator();
        while (it.hasNext()) {
            String next = it.next();
            if (!isExternallyDefined(this.roleMapping.get(next))) {
                this.appSecurity.deployRole(next, null);
            }
        }
    }

    @Override // weblogic.servlet.security.internal.WebAppSecurity
    protected void mergePolicies(WebAppBean webAppBean, SecurityConstraintBean[] securityConstraintBeanArr) throws DeploymentException {
        collectPatterns(securityConstraintBeanArr);
        computeQualifiedPatterns();
        deployRegisteredPolicies(securityConstraintBeanArr);
        deployUncheckedPoliciesForException();
    }

    @Override // weblogic.servlet.security.internal.WebAppSecurity
    protected void deployPolicies() throws DeploymentException {
    }

    private void deployUncheckedPoliciesForException() throws DeploymentException {
        for (PatternHelper patternHelper : this.patterns.values()) {
            String flippedAction = patternHelper.getHttpMethodCombinationForWRP().getFlippedAction();
            boolean z = false;
            if (flippedAction != null) {
                z = true;
                if (this.isPathPrefixPatternDefined && patternHelper.getPattern().equals("/")) {
                    z = false;
                }
            }
            if (z) {
                this.appSecurity.deployUncheckedPolicy(new WebResourcePermission(patternHelper.getQualifiedPattern(), flippedAction));
            }
            String flippedAction2 = patternHelper.getHttpMethodCombinationForUDC().getFlippedAction();
            if (flippedAction2 != null) {
                this.appSecurity.deployUncheckedPolicy(new WebUserDataPermission(patternHelper.getQualifiedPattern(), flippedAction2));
            }
        }
    }

    private void deployRegisteredPolicies(SecurityConstraintBean[] securityConstraintBeanArr) throws DeploymentException {
        if (securityConstraintBeanArr == null) {
            return;
        }
        for (int i = 0; i < securityConstraintBeanArr.length; i++) {
            WebResourceCollectionBean[] webResourceCollections = securityConstraintBeanArr[i].getWebResourceCollections();
            if (webResourceCollections != null) {
                registerWebResourceCollections(securityConstraintBeanArr[i], webResourceCollections);
            }
        }
        if (isDenyUncoveredMethodsSet()) {
            deployExcludedPolicyForUncoveredMethods(securityConstraintBeanArr);
        }
    }

    private void registerWebResourceCollections(SecurityConstraintBean securityConstraintBean, WebResourceCollectionBean[] webResourceCollectionBeanArr) throws DeploymentException {
        for (WebResourceCollectionBean webResourceCollectionBean : webResourceCollectionBeanArr) {
            registerSecurityPattern(webResourceCollectionBean, securityConstraintBean);
        }
    }

    private void registerSecurityPattern(WebResourceCollectionBean webResourceCollectionBean, SecurityConstraintBean securityConstraintBean) throws DeploymentException {
        for (String str : webResourceCollectionBean.getUrlPatterns()) {
            PatternHelper patternHelper = this.patterns.get(fixupURLPattern(str));
            patternHelper.addHttpMethodLists(webResourceCollectionBean);
            registerAuthConstraint(patternHelper, securityConstraintBean, webResourceCollectionBean);
            UserDataConstraintBean userDataConstraint = securityConstraintBean.getUserDataConstraint();
            if (userDataConstraint != null) {
                registerUserDataConstraints(userDataConstraint, patternHelper, webResourceCollectionBean);
            }
        }
    }

    private void registerAuthConstraint(PatternHelper patternHelper, SecurityConstraintBean securityConstraintBean, WebResourceCollectionBean webResourceCollectionBean) throws DeploymentException {
        AuthConstraintBean authConstraint = securityConstraintBean.getAuthConstraint();
        if (authConstraint == null) {
            return;
        }
        String[] roleNames = authConstraint.getRoleNames();
        patternHelper.addHttpMethodListsForWRP(webResourceCollectionBean);
        if (roleNames != null && roleNames.length >= 1) {
            deployRoleBasedPolicies(roleNames, patternHelper, webResourceCollectionBean);
        } else {
            deployExcludedPolicy(patternHelper, webResourceCollectionBean);
            patternHelper.addHttpMethodListsForUDC(webResourceCollectionBean);
        }
    }

    private void registerUserDataConstraints(UserDataConstraintBean userDataConstraintBean, PatternHelper patternHelper, WebResourceCollectionBean webResourceCollectionBean) throws DeploymentException {
        String transportGuarantee = userDataConstraintBean.getTransportGuarantee();
        if (transportGuarantee != null) {
            if (transportGuarantee.equals(UserDataConstraint.CONFIDENTIAL) || transportGuarantee.equals(UserDataConstraint.INTEGRAL)) {
                patternHelper.addHttpMethodListsForUDC(webResourceCollectionBean);
                String action = patternHelper.createHttpMethodCombination(webResourceCollectionBean).getAction();
                if (action == null) {
                    action = "";
                }
                this.appSecurity.deployUncheckedPolicy(new WebUserDataPermission(patternHelper.getQualifiedPattern(), action + ":" + transportGuarantee));
            }
        }
    }

    private void deployRoleBasedPolicies(String[] strArr, PatternHelper patternHelper, WebResourceCollectionBean webResourceCollectionBean) throws DeploymentException {
        int i = 0;
        while (true) {
            if (i >= strArr.length) {
                break;
            }
            if (strArr[i].equals("*")) {
                strArr = new String[this.roleNames.size()];
                this.roleNames.toArray(strArr);
                if (!this.isAnyAuthUserRoleDefinedInDD) {
                    removeElement(strArr, SelectorUtils.DEEP_TREE_MATCH);
                }
            } else {
                i++;
            }
        }
        String action = patternHelper.createHttpMethodCombination(webResourceCollectionBean).getAction();
        for (String str : strArr) {
            getApplicationSecurity().deployRole(str, patternHelper.getQualifiedPattern(), action);
        }
    }

    private void deployExcludedPolicy(PatternHelper patternHelper, WebResourceCollectionBean webResourceCollectionBean) throws DeploymentException {
        this.appSecurity.deployExcludedPolicy(patternHelper.getQualifiedPattern(), patternHelper.createHttpMethodCombination(webResourceCollectionBean).getAction());
    }

    private void deployExcludedPolicyForUncoveredMethods(SecurityConstraintBean[] securityConstraintBeanArr) throws DeploymentException {
        HashMap hashMap = new HashMap();
        for (SecurityConstraintBean securityConstraintBean : securityConstraintBeanArr) {
            boolean z = false;
            AuthConstraintBean authConstraint = securityConstraintBean.getAuthConstraint();
            if (authConstraint != null && (authConstraint.getRoleNames() == null || authConstraint.getRoleNames().length == 0)) {
                z = true;
            }
            WebResourceCollectionBean[] webResourceCollections = securityConstraintBean.getWebResourceCollections();
            if (webResourceCollections != null) {
                for (WebResourceCollectionBean webResourceCollectionBean : webResourceCollections) {
                    for (String str : webResourceCollectionBean.getUrlPatterns()) {
                        PatternHelper patternHelper = this.patterns.get(fixupURLPattern(str));
                        HttpMethodCombination httpMethodCombination = (HttpMethodCombination) hashMap.get(patternHelper);
                        if (httpMethodCombination == null) {
                            httpMethodCombination = patternHelper.createHttpMethodCombination(webResourceCollectionBean);
                            if (authConstraint == null) {
                                httpMethodCombination.setAuthConstraintNull(true);
                            } else {
                                httpMethodCombination.setAuthConstraintNull(false);
                            }
                        }
                        String[] httpMethods = webResourceCollectionBean.getHttpMethods();
                        String[] httpMethodOmissions = webResourceCollectionBean.getHttpMethodOmissions();
                        Set<String> uncoveredHttpMethods = httpMethodCombination.getUncoveredHttpMethods();
                        if (uncoveredHttpMethods == null) {
                            uncoveredHttpMethods = new HashSet();
                        }
                        Set<String> coveredHttpMethods = httpMethodCombination.getCoveredHttpMethods();
                        if (coveredHttpMethods == null) {
                            coveredHttpMethods = new HashSet();
                        }
                        if (httpMethods == null || httpMethods.length <= 0 || z) {
                            if (httpMethodOmissions != null && httpMethodOmissions.length > 0 && !z) {
                                for (String str2 : webResourceCollectionBean.getHttpMethodOmissions()) {
                                    uncoveredHttpMethods.add(str2);
                                }
                            }
                        } else {
                            for (String str3 : httpMethods) {
                                coveredHttpMethods.add(str3);
                            }
                        }
                        httpMethodCombination.setCoveredHttpMethods(coveredHttpMethods);
                        httpMethodCombination.setUncoveredHttpMethods(uncoveredHttpMethods);
                        hashMap.put(patternHelper, httpMethodCombination);
                    }
                }
            }
        }
        for (Map.Entry entry : hashMap.entrySet()) {
            Set<String> uncoveredHttpMethods2 = ((HttpMethodCombination) entry.getValue()).getUncoveredHttpMethods();
            Set<String> coveredHttpMethods2 = ((HttpMethodCombination) entry.getValue()).getCoveredHttpMethods();
            PatternHelper patternHelper2 = (PatternHelper) entry.getKey();
            if (!uncoveredHttpMethods2.isEmpty() && !((HttpMethodCombination) entry.getValue()).isAuthConstraintNull()) {
                HTTPLogger.logInfo("WebAppSecurityJacc", "The following Http  methods are denied for pattern " + ((PatternHelper) entry.getKey()).getQualifiedPattern() + ": " + uncoveredHttpMethods2);
                this.appSecurity.deployExcludedPolicy(patternHelper2.getQualifiedPattern(), ((HttpMethodCombination) entry.getValue()).getActionString("", uncoveredHttpMethods2));
            }
            HTTPLogger.logInfo("WebAppSecurityJacc", "The following Http  methods are allowed for pattern " + entry.getKey() + ": " + ((HttpMethodCombination) entry.getValue()).toString());
            this.appSecurity.deployExcludedPolicy(patternHelper2.getQualifiedPattern(), ((HttpMethodCombination) entry.getValue()).getActionString(SessionConstants.DELIMITER, coveredHttpMethods2));
        }
    }

    private void collectPatterns(SecurityConstraintBean[] securityConstraintBeanArr) {
        this.patterns.put("/", new PatternHelper("/"));
        if (securityConstraintBeanArr == null) {
            return;
        }
        for (SecurityConstraintBean securityConstraintBean : securityConstraintBeanArr) {
            WebResourceCollectionBean[] webResourceCollections = securityConstraintBean.getWebResourceCollections();
            if (webResourceCollections != null && webResourceCollections.length >= 1) {
                for (WebResourceCollectionBean webResourceCollectionBean : webResourceCollections) {
                    String[] urlPatterns = webResourceCollectionBean.getUrlPatterns();
                    if (urlPatterns != null) {
                        for (String str : urlPatterns) {
                            String fixupURLPattern = fixupURLPattern(str);
                            if (fixupURLPattern.equals(BayeuxConstants.SINGLE_WILD)) {
                                this.isPathPrefixPatternDefined = true;
                            }
                            this.patterns.put(fixupURLPattern, new PatternHelper(fixupURLPattern));
                        }
                    }
                }
            }
        }
    }

    private void computeQualifiedPatterns() {
        if (this.patterns.isEmpty()) {
            return;
        }
        Iterator<PatternHelper> it = this.patterns.values().iterator();
        while (it.hasNext()) {
            it.next().computeQualifiedPatterns(this.patterns);
        }
    }

    @Override // weblogic.servlet.security.internal.WebAppSecurity
    protected void deployRoleLink(ServletConfig servletConfig, String str, String str2) throws DeploymentException {
        getApplicationSecurity().deployRoleLink(str2, servletConfig.getServletName(), str);
    }

    @Override // weblogic.servlet.security.internal.WebAppSecurity
    public void registerRoleRefs(ServletConfig servletConfig) throws DeploymentException {
        if (this.roleNames.isEmpty()) {
            return;
        }
        HashSet<String> roleRefsFromServletBean = getRoleRefsFromServletBean(servletConfig.getServletName());
        Iterator<String> it = this.roleNames.iterator();
        while (it.hasNext()) {
            String next = it.next();
            if (!roleRefsFromServletBean.contains(next)) {
                getApplicationSecurity().deployRoleLink(next, servletConfig.getServletName(), next);
            }
        }
    }

    private HashSet<String> getRoleRefsFromServletBean(String str) {
        SecurityRoleRefBean[] securityRoleRefs;
        HashSet<String> hashSet = new HashSet<>();
        ServletBean lookupServlet = getSecurityContext().lookupServlet(str);
        if (lookupServlet != null && (securityRoleRefs = lookupServlet.getSecurityRoleRefs()) != null && securityRoleRefs.length > 0) {
            for (SecurityRoleRefBean securityRoleRefBean : securityRoleRefs) {
                hashSet.add(securityRoleRefBean.getRoleName());
            }
        }
        return hashSet;
    }

    @Override // weblogic.servlet.security.internal.WebAppSecurity
    public void initContextHandler(HttpServletRequest httpServletRequest) {
        PolicyContextManager.setPolicyContext(getApplicationSecurity().createContextHandlerData(httpServletRequest));
        PolicyContextManager.setContextID(getApplicationSecurity().getContextID());
    }

    private JaccApplicationSecurity getApplicationSecurity() {
        return (JaccApplicationSecurity) this.appSecurity;
    }

    @Override // weblogic.servlet.security.internal.WebAppSecurity
    public void resetContextHandler() {
        PolicyContextManager.resetPolicyContext();
        PolicyContextManager.resetContextID();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // weblogic.servlet.security.internal.WebAppSecurity
    public boolean checkTransport(ResourceConstraint resourceConstraint, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String relativeURI = getRelativeURI(httpServletRequest);
        if (relativeURI.length() == 1 && relativeURI.charAt(0) == '/') {
            relativeURI = "";
        }
        String method = httpServletRequest.getMethod();
        if (httpServletRequest.isSecure()) {
            method = method + ":CONFIDENTIAL";
        }
        try {
            boolean checkTransport = checkTransport(relativeURI, method);
            if (checkTransport) {
                return true;
            }
            if (httpServletRequest.isSecure()) {
                httpServletResponse.sendError(403);
            } else {
                checkTransport = checkTransport(relativeURI, method + ":CONFIDENTIAL");
                if (checkTransport) {
                    String securedURL = getSecuredURL(httpServletRequest, httpServletResponse, httpServletRequest.getRequestURI());
                    if (securedURL != null) {
                        httpServletResponse.sendRedirect(securedURL);
                    } else {
                        httpServletResponse.sendError(403);
                    }
                } else {
                    httpServletResponse.sendError(403);
                }
            }
            return checkTransport;
        } catch (SecurityException e) {
            HTTPLogger.logSecurityException("user data constraints check", httpServletRequest.getRequestURI(), getSecurityContext().getLogContext(), e);
            return false;
        }
    }

    @Override // weblogic.servlet.security.internal.WebAppSecurity
    public boolean isSSLRequired(String str, String str2) {
        if (str.length() == 1 && str.charAt(0) == '/') {
            str = "";
        }
        try {
            if (checkTransport(str, str2)) {
                return false;
            }
            return checkTransport(str, str2 + ":CONFIDENTIAL");
        } catch (SecurityException e) {
            HTTPLogger.logSecurityException("user data constraints check", str, getSecurityContext().getLogContext(), e);
            return true;
        }
    }

    private boolean checkTransport(String str, String str2) {
        return getApplicationSecurity().checkTransport(str, str2);
    }

    @Override // weblogic.servlet.security.internal.WebAppSecurity
    public boolean isSubjectInRole(SubjectHandle subjectHandle, String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServletConfig servletConfig) {
        return this.appSecurity.isSubjectInRole(subjectHandle, str, httpServletRequest, httpServletResponse, getRequestFacade().isDynamicallyGenerated(servletConfig) ? "" : servletConfig.getServletName());
    }

    @Override // weblogic.servlet.security.internal.WebAppSecurity
    public ResourceConstraint getConstraint(HttpServletRequest httpServletRequest) {
        return null;
    }

    @Override // weblogic.servlet.security.internal.WebAppSecurity
    public void unregisterRolesAndPolicies() {
        super.unregisterRolesAndPolicies();
        try {
            this.appSecurity.unregisterPolicies();
        } catch (DeploymentException e) {
            HTTPLogger.logFailedToUndeploySecurityPolicy(e.getMessage(), e);
        }
    }

    private static String[] removeElement(String[] strArr, String str) {
        LinkedList linkedList = new LinkedList();
        for (String str2 : strArr) {
            if (!str.equals(str2)) {
                linkedList.add(str2);
            }
        }
        return (String[]) linkedList.toArray(strArr);
    }

    static {
        try {
            getProvider().initializeJACC();
        } catch (DeploymentException e) {
            HTTPLogger.logFailedToRegisterPolicyContextHandlers(e);
        }
    }
}
