package weblogic.iiop.server;

import java.io.IOException;
import java.util.Iterator;
import javax.security.auth.login.LoginException;
import org.jvnet.hk2.annotations.Service;
import weblogic.iiop.Connection;
import weblogic.iiop.EndPoint;
import weblogic.iiop.HostIDImpl;
import weblogic.iiop.IiopConfigurationDelegate;
import weblogic.iiop.ObjectKey;
import weblogic.iiop.ior.ClusterComponent;
import weblogic.iiop.ior.IOR;
import weblogic.kernel.Kernel;
import weblogic.kernel.KernelStatus;
import weblogic.management.configuration.SSLMBean;
import weblogic.management.provider.RuntimeAccess;
import weblogic.protocol.Protocol;
import weblogic.protocol.ProtocolHandlerAdmin;
import weblogic.protocol.ProtocolManager;
import weblogic.protocol.ServerChannel;
import weblogic.protocol.ServerChannelManager;
import weblogic.protocol.configuration.ChannelHelper;
import weblogic.rmi.client.facades.RmiClientSecurityFacade;
import weblogic.rmi.facades.RmiSecurityFacade;
import weblogic.rmi.spi.HostID;
import weblogic.security.SimpleCallbackHandler;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.service.SecurityServiceManager;
import weblogic.utils.LocatorUtilities;
import weblogic.work.WorkManagerFactory;

@Service
/* loaded from: input_file:weblogic/iiop/server/IiopConfigurationServerDelegate.class */
public class IiopConfigurationServerDelegate implements IiopConfigurationDelegate {
    @Override // weblogic.iiop.IiopConfigurationDelegate
    public int getSslListenPort() {
        return getSSLMbean().getListenPort();
    }

    @Override // weblogic.iiop.IiopConfigurationDelegate
    public boolean isClientCertificateEnforced() {
        return getSSLMbean().isClientCertificateEnforced();
    }

    @Override // weblogic.iiop.IiopConfigurationDelegate
    public String[] getCiphersuites() {
        return getSSLMbean().getCiphersuites();
    }

    private static SSLMBean getSSLMbean() {
        return getRuntimeAccess().getServer().getSSL();
    }

    @Override // weblogic.iiop.IiopConfigurationDelegate
    public boolean isSslChannelEnabled() {
        return Kernel.isServer() && ChannelHelper.isSSLChannelEnabled(getRuntimeAccess().getServer());
    }

    @Override // weblogic.iiop.IiopConfigurationDelegate
    public HostID getHostID(IOR ior) {
        ObjectKey objectKey = ObjectKey.getObjectKey(ior);
        return (!objectKey.isWLSKey() || objectKey.getTarget() == null) ? new HostIDImpl(ior.getProfile().getHost(), ior.getProfile().getPort()) : objectKey.getTarget();
    }

    @Override // weblogic.iiop.IiopConfigurationDelegate
    public Object getActivationID(IOR ior) {
        return ObjectKey.getObjectKey(ior).getActivationID();
    }

    @Override // weblogic.iiop.IiopConfigurationDelegate
    public int getObjectId(IOR ior) {
        ObjectKey objectKey = ObjectKey.getObjectKey(ior);
        if (objectKey.isWLSKey()) {
            return objectKey.getObjectID();
        }
        return -1;
    }

    @Override // weblogic.iiop.IiopConfigurationDelegate
    public boolean mayLoadRemoteClass(IOR ior) {
        return !ior.isRemote() || ior.getTypeId() == null || ior.getTypeId().isIDLType() || ObjectKey.getObjectKey(ior).isRepositoryIdAnInterface();
    }

    @Override // weblogic.iiop.IiopConfigurationDelegate
    public boolean isIiopEnabled() {
        return !Kernel.isServer() || getRuntimeAccess().getServer().isIIOPEnabled();
    }

    private static RuntimeAccess getRuntimeAccess() {
        return (RuntimeAccess) LocatorUtilities.getService(RuntimeAccess.class);
    }

    @Override // weblogic.iiop.IiopConfigurationDelegate
    public AuthenticatedSubject getSecureConnectionDefaultSubject(AuthenticatedSubject authenticatedSubject) {
        return useAnonymousConnectionDefaultSubject() ? RmiSecurityFacade.getAnonymousSubject() : getDefaultIiopSubject(authenticatedSubject);
    }

    private boolean useAnonymousConnectionDefaultSubject() {
        return !Kernel.isServer() || getRuntimeAccess().getServer().getDefaultIIOPUser() == null;
    }

    private AuthenticatedSubject getDefaultIiopSubject(AuthenticatedSubject authenticatedSubject) {
        try {
            return RmiSecurityFacade.getPrincipalAuthenticator(authenticatedSubject, SecurityServiceManager.defaultRealmName).authenticate(new SimpleCallbackHandler(getRuntimeAccess().getServer().getDefaultIIOPUser(), getRuntimeAccess().getServer().getDefaultIIOPPassword()));
        } catch (LoginException e) {
            return RmiSecurityFacade.getAnonymousSubject();
        }
    }

    @Override // weblogic.iiop.IiopConfigurationDelegate
    public int getPendingResponseTimeout() {
        return Kernel.getConfig().getIdlePeriodsUntilTimeout();
    }

    @Override // weblogic.iiop.IiopConfigurationDelegate
    public int getKeepAliveTimeout() {
        if (Kernel.isServer()) {
            return 0;
        }
        return Kernel.getConfig().getPeriodLength();
    }

    @Override // weblogic.iiop.IiopConfigurationDelegate
    public int getBackoffInterval() {
        return Kernel.getConfig().getSocketReaderTimeoutMinMillis();
    }

    @Override // weblogic.iiop.IiopConfigurationDelegate
    public void runAsynchronously(Runnable runnable) {
        WorkManagerFactory.getInstance().getSystem().schedule(runnable);
    }

    @Override // weblogic.iiop.IiopConfigurationDelegate
    public EndPoint createEndPoint(Connection connection) {
        return new ServerEndPointImpl(connection);
    }

    @Override // weblogic.iiop.IiopConfigurationDelegate
    public boolean isLocal(IOR ior) {
        return ior.hasIOPProfile() && (ObjectKey.getObjectKey(ior).isLocalKey() || containsALocalIor((ClusterComponent) ior.getProfile().getComponent(1111834883)));
    }

    private boolean containsALocalIor(ClusterComponent clusterComponent) {
        if (clusterComponent == null) {
            return false;
        }
        Iterator<IOR> it = clusterComponent.getIORs().iterator();
        while (it.hasNext()) {
            if (isLocal(it.next())) {
                return true;
            }
        }
        return false;
    }

    @Override // weblogic.iiop.IiopConfigurationDelegate
    public ServerChannel getServerChannel(AuthenticatedSubject authenticatedSubject, Protocol protocol, String str) throws IOException {
        if (protocol == null) {
            return null;
        }
        if (!inAdminState(authenticatedSubject)) {
            return ServerChannelManager.findOutboundServerChannel(protocol, str);
        }
        if (ProtocolManager.getDefaultAdminProtocol().toByte() != protocol.toByte()) {
            throw new IOException(String.format("Attempted to use %S as the admin protocol, but only %S is supported.", protocol, ProtocolManager.getDefaultAdminProtocol()));
        }
        return ServerChannelManager.findOutboundServerChannel(ProtocolHandlerAdmin.PROTOCOL_ADMIN, str);
    }

    private static boolean inAdminState(AuthenticatedSubject authenticatedSubject) {
        return KernelStatus.isServer() && authenticatedSubject.getQOS() == 103 && RmiClientSecurityFacade.getCurrentSubject(authenticatedSubject) == authenticatedSubject;
    }

    @Override // weblogic.iiop.IiopConfigurationDelegate
    public ServerChannel getLocalServerChannel(Protocol protocol) {
        return ServerChannelManager.findLocalServerChannel(protocol);
    }
}
