package com.ibm.ws.security.auth;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ffdc.Manager;
import com.ibm.hats.util.Util;
import com.ibm.websphere.security.WSSecurityException;
import com.ibm.websphere.security.cred.WSCredential;
import com.ibm.ws.security.core.ContextManager;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.security.util.AccessController;
import com.ibm.wsspi.security.token.Token;
import java.security.GeneralSecurityException;
import java.security.Principal;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Hashtable;
import java.util.Set;
import javax.security.auth.AuthPermission;
import javax.security.auth.Subject;

/* loaded from: input_file:lib/admin/sas.jar:com/ibm/ws/security/auth/WSLoginHelperImpl.class */
public class WSLoginHelperImpl {
    private static Hashtable asynchSubjectCache = new Hashtable();
    private static final Class thisClass = WSLoginHelperImpl.class;
    private static final AuthPermission GET_SUBJECT_PERMISSION = new AuthPermission("getSubject");
    private static final PrivilegedExceptionAction getSubjectAction = new PrivilegedExceptionAction() { // from class: com.ibm.ws.security.auth.WSLoginHelperImpl.2
        @Override // java.security.PrivilegedExceptionAction
        public Object run() throws WSSecurityException, GeneralSecurityException {
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.entry(WSLoginHelperImpl.tc, "getSubjectAction.run()");
            }
            ContextManager contextManagerFactory = ContextManagerFactory.getInstance();
            Subject invocationSubject = contextManagerFactory.getInvocationSubject();
            Subject callerSubject = contextManagerFactory.getCallerSubject();
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                TraceComponent traceComponent = WSLoginHelperImpl.tc;
                Object[] objArr = new Object[2];
                objArr[0] = new Boolean(invocationSubject != null);
                objArr[1] = new Boolean(callerSubject != null);
                Tr.exit(traceComponent, "getSubjectAction.run()", objArr);
            }
            return new Subject[]{invocationSubject, callerSubject};
        }
    };
    private static final PrivilegedExceptionAction getNonForwardableSubjectAction = new PrivilegedExceptionAction() { // from class: com.ibm.ws.security.auth.WSLoginHelperImpl.3
        @Override // java.security.PrivilegedExceptionAction
        public Object run() throws WSSecurityException, GeneralSecurityException {
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.entry(WSLoginHelperImpl.tc, "getNonForwardableSubjectAction.run()");
            }
            Subject subject = null;
            Subject subject2 = null;
            ContextManager contextManagerFactory = ContextManagerFactory.getInstance();
            Subject invocationSubject = contextManagerFactory.getInvocationSubject();
            if (invocationSubject != null) {
                subject = createNonForwardableSubjectFromSubject(invocationSubject);
            }
            Subject callerSubject = contextManagerFactory.getCallerSubject();
            if (callerSubject != null) {
                subject2 = createNonForwardableSubjectFromSubject(callerSubject);
            }
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.exit(WSLoginHelperImpl.tc, "getSubjectAction.run()");
            }
            return new Subject[]{subject, subject2};
        }

        private Subject createNonForwardableSubjectFromSubject(Subject subject) throws WSSecurityException, GeneralSecurityException {
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.entry(WSLoginHelperImpl.tc, "createNonForwardableSubjectFromSubject");
            }
            String property = ContextManagerFactory.getInstance().getProperty("com.ibm.ws.security.createTokenSubjectForAsynchLogin", "false");
            if (property != null && (property.equalsIgnoreCase(Util.YES) || property.equalsIgnoreCase("true"))) {
                if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                    Tr.exit(WSLoginHelperImpl.tc, "createNonForwardableSubjectFromSubject (createTokenSubjectForAsynchLogin=true)");
                }
                return subject;
            }
            Subject subject2 = new Subject();
            Set<Object> publicCredentials = subject.getPublicCredentials();
            if (publicCredentials != null && publicCredentials.size() > 0) {
                if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                    Tr.debug(WSLoginHelperImpl.tc, "Got some public credentials to iterate through.");
                }
                for (Object obj : publicCredentials) {
                    if (obj != null && !(obj instanceof Token)) {
                        if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                            Tr.debug(WSLoginHelperImpl.tc, "public credentials:" + obj);
                        }
                        WSCredentialImpl wSCredentialImpl = obj instanceof WSCredentialImpl ? (WSCredentialImpl) obj : null;
                        if (wSCredentialImpl == null || !wSCredentialImpl.isForwardable()) {
                            subject2.getPublicCredentials().add(obj);
                        } else {
                            Hashtable table = wSCredentialImpl.getTable();
                            WSCredentialImpl wSCredentialImpl2 = new WSCredentialImpl((WSCredential) new WSCredentialImpl(wSCredentialImpl.getRealmName(), wSCredentialImpl.getSecurityName(), wSCredentialImpl.getUniqueSecurityName(), wSCredentialImpl.getPrimaryGroupId(), wSCredentialImpl.getAccessId(), wSCredentialImpl.getRoles(), wSCredentialImpl.getGroupIds()), wSCredentialImpl.getOID(), new byte[0], false, 0L);
                            wSCredentialImpl2.setTable(table);
                            subject2.getPublicCredentials().add(wSCredentialImpl2);
                        }
                    }
                }
            }
            Set<Object> privateCredentials = subject.getPrivateCredentials();
            if (privateCredentials != null && privateCredentials.size() > 0) {
                if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                    Tr.debug(WSLoginHelperImpl.tc, "Got some private credentials to iterate through.");
                }
                for (Object obj2 : privateCredentials) {
                    if (obj2 != null && !(obj2 instanceof Token)) {
                        if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                            Tr.debug(WSLoginHelperImpl.tc, "private credentials:" + obj2);
                        }
                        WSCredentialImpl wSCredentialImpl3 = obj2 instanceof WSCredentialImpl ? (WSCredentialImpl) obj2 : null;
                        if (wSCredentialImpl3 == null || !wSCredentialImpl3.isForwardable()) {
                            subject2.getPrivateCredentials().add(obj2);
                        } else {
                            Hashtable table2 = wSCredentialImpl3.getTable();
                            WSCredentialImpl wSCredentialImpl4 = new WSCredentialImpl((WSCredential) new WSCredentialImpl(wSCredentialImpl3.getRealmName(), wSCredentialImpl3.getSecurityName(), wSCredentialImpl3.getUniqueSecurityName(), wSCredentialImpl3.getPrimaryGroupId(), wSCredentialImpl3.getAccessId(), wSCredentialImpl3.getRoles(), wSCredentialImpl3.getGroupIds()), wSCredentialImpl3.getOID(), new byte[0], false, 0L);
                            wSCredentialImpl4.setTable(table2);
                            subject2.getPrivateCredentials().add(wSCredentialImpl4);
                        }
                    }
                }
            }
            Set<Principal> principals = subject.getPrincipals();
            if (principals != null && principals.size() > 0) {
                if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                    Tr.debug(WSLoginHelperImpl.tc, "Got some principals to iterate through.");
                }
                for (Principal principal : principals) {
                    if (principal != null) {
                        if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                            Tr.debug(WSLoginHelperImpl.tc, "principal:" + principal);
                        }
                        subject2.getPrincipals().add(principal);
                    }
                }
            }
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.exit(WSLoginHelperImpl.tc, "createNonForwardableSubjectFromSubject");
            }
            return subject2;
        }
    };
    private static final PrivilegedExceptionAction getSerializableSubjectAction = new PrivilegedExceptionAction() { // from class: com.ibm.ws.security.auth.WSLoginHelperImpl.4
        @Override // java.security.PrivilegedExceptionAction
        public Object run() throws WSSecurityException, GeneralSecurityException {
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.entry(WSLoginHelperImpl.tc, "getSerializableSubjectAction.run()");
            }
            Subject subject = null;
            Subject subject2 = null;
            ContextManager contextManagerFactory = ContextManagerFactory.getInstance();
            WSCredential invocationCredential = contextManagerFactory.getInvocationCredential();
            if (invocationCredential != null) {
                subject = createSubjectFromWSCredential(invocationCredential);
            } else if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                Tr.debug(WSLoginHelperImpl.tc, "Invocation credential is null.");
            }
            WSCredential[] callerCredentials = contextManagerFactory.getCallerCredentials();
            if (callerCredentials != null && callerCredentials[0] != null) {
                subject2 = createSubjectFromWSCredential(invocationCredential);
            } else if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                Tr.debug(WSLoginHelperImpl.tc, "Caller credential is null.");
            }
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.exit(WSLoginHelperImpl.tc, "getSerializableSubjectAction.run()");
            }
            return new Subject[]{subject, subject2};
        }

        private Subject createSubjectFromWSCredential(WSCredential wSCredential) throws WSSecurityException, GeneralSecurityException {
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.entry(WSLoginHelperImpl.tc, "getSerializableSubjectAction.createSubjectFromWSCredential()");
            }
            Subject subject = null;
            if (wSCredential != null) {
                subject = new Subject();
                subject.getPrincipals().add(ContextManagerFactory.getInstance().createPrincipal(wSCredential));
            } else if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                Tr.debug(WSLoginHelperImpl.tc, "credential is null, null Subject is returned");
            }
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.exit(WSLoginHelperImpl.tc, "getSerializableSubjectAction.createSubjectFromWSCredential()");
            }
            return subject;
        }
    };
    private static final PrivilegedExceptionAction getUnauthSubjectAction = new PrivilegedExceptionAction() { // from class: com.ibm.ws.security.auth.WSLoginHelperImpl.5
        @Override // java.security.PrivilegedExceptionAction
        public Object run() throws GeneralSecurityException {
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.entry(WSLoginHelperImpl.tc, "getUnauthSubjectAction.run()");
            }
            Subject subject = null;
            ContextManager contextManagerFactory = ContextManagerFactory.getInstance();
            WSCredential unauthenticatedCredential = contextManagerFactory.getUnauthenticatedCredential();
            if (unauthenticatedCredential != null) {
                subject = new Subject();
                subject.getPrincipals().add(contextManagerFactory.createPrincipal(unauthenticatedCredential));
                subject.getPublicCredentials().add(unauthenticatedCredential);
            } else if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                Tr.debug(WSLoginHelperImpl.tc, "No unauthenticated credential, null Subject is returned");
            }
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.exit(WSLoginHelperImpl.tc, "getUnauthSubjectAction.run()");
            }
            return subject;
        }
    };
    private static final PrivilegedExceptionAction getSerializableUnauthSubjectAction = new PrivilegedExceptionAction() { // from class: com.ibm.ws.security.auth.WSLoginHelperImpl.6
        @Override // java.security.PrivilegedExceptionAction
        public Object run() throws GeneralSecurityException {
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.entry(WSLoginHelperImpl.tc, "getSerializableUnauthSubjectAction.run()");
            }
            Subject subject = null;
            ContextManager contextManagerFactory = ContextManagerFactory.getInstance();
            WSCredential unauthenticatedCredential = contextManagerFactory.getUnauthenticatedCredential();
            if (unauthenticatedCredential != null) {
                subject = new Subject();
                subject.getPrincipals().add(contextManagerFactory.createPrincipal(unauthenticatedCredential));
            } else if (WSLoginHelperImpl.tc.isDebugEnabled()) {
                Tr.debug(WSLoginHelperImpl.tc, "No unauthenticated credential, null Subject is returned");
            }
            if (WSLoginHelperImpl.tc.isEntryEnabled()) {
                Tr.exit(WSLoginHelperImpl.tc, "getSerializableUnauthSubjectAction.run()");
            }
            return subject;
        }
    };
    private static final TraceComponent tc = Tr.register(WSLoginHelperImpl.class, (String) null, "com.ibm.ejs.resources.security");

    public static WSCredential authenticate(String str, String str2, String str3) throws WSSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "authenticate(username = \"" + str + "\", realmname = \"" + str2 + "\", password = \"XXXXXXXX\")");
        }
        disableAuthRetryForThread();
        WSCredential wSCredential = null;
        try {
            ContextManager contextManagerFactory = ContextManagerFactory.getInstance();
            if (contextManagerFactory.isCellSecurityEnabled()) {
                wSCredential = contextManagerFactory.authenticate(str2, str, str3);
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Security is disabled, no authentication is performed, null credential will be returned");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "authenticate(username, realmname, password)");
            }
            return wSCredential;
        } finally {
            enableAuthRetryForThread();
        }
    }

    public static WSCredential validate(byte[] bArr) throws WSSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validate(credToken)");
        }
        disableAuthRetryForThread();
        WSCredential wSCredential = null;
        try {
            ContextManager contextManagerFactory = ContextManagerFactory.getInstance();
            if (contextManagerFactory.isCellSecurityEnabled()) {
                wSCredential = contextManagerFactory.authenticate(getDefaultRealmName(), bArr);
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Security is disabled, no validation is performed, null credential will be returned");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "validate(credToken)");
            }
            return wSCredential;
        } finally {
            enableAuthRetryForThread();
        }
    }

    public static Subject getSubject() throws WSSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSubject()");
        }
        Subject[] subjects = getSubjects();
        if (subjects != null && subjects[0] != null) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getSubject()");
            }
            return subjects[0];
        }
        if (!tc.isEntryEnabled()) {
            return null;
        }
        Tr.exit(tc, "getSubject() - null Subject returned.");
        return null;
    }

    public static Subject[] getSubjects() throws WSSecurityException {
        Subject[] subjectArr;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSubject()");
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(GET_SUBJECT_PERMISSION);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Java 2 Security Permission Check passed");
            }
        }
        if (ContextManagerFactory.getInstance().isCellSecurityEnabled()) {
            try {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Getting invocation and caller subjects from thread.");
                }
                subjectArr = (Subject[]) AccessController.doPrivileged(getSubjectAction);
            } catch (PrivilegedActionException e) {
                Exception exception = e.getException();
                Manager.Ffdc.log(exception, thisClass, "com.ibm.ws.security.auth.WSLoginHelperImpl.getSubject", "245");
                if (exception instanceof WSSecurityException) {
                    throw ((WSSecurityException) exception);
                }
                throw new WSSecurityException(exception.getMessage(), exception);
            }
        } else {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Security is disabled, null subject will be returned");
            }
            subjectArr = new Subject[0];
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSubject()", new Integer(subjectArr.length));
        }
        return subjectArr;
    }

    public static Subject getNonForwardableSubject() throws WSSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getNonForwardableSubjects()");
        }
        Subject[] nonForwardableSubjects = getNonForwardableSubjects();
        if (nonForwardableSubjects != null && nonForwardableSubjects[0] != null) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getNonForwardableSubject()");
            }
            return nonForwardableSubjects[0];
        }
        if (!tc.isEntryEnabled()) {
            return null;
        }
        Tr.exit(tc, "getNonForwardableSubject() - null Subject returned.");
        return null;
    }

    public static Subject[] getNonForwardableSubjects() throws WSSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getNonForwardableSubjects()");
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(GET_SUBJECT_PERMISSION);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Java 2 Security Permission Check passed");
            }
        }
        Subject[] subjectArr = null;
        if (ContextManagerFactory.getInstance().isCellSecurityEnabled()) {
            try {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Getting the subject from credential on the Current Thread of Execution");
                }
                subjectArr = (Subject[]) AccessController.doPrivileged(getNonForwardableSubjectAction);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Got the subject from credential on the Current Thread of Execution");
                }
            } catch (PrivilegedActionException e) {
                Exception exception = e.getException();
                Manager.Ffdc.log(exception, thisClass, "com.ibm.ws.security.auth.WSLoginHelperImpl.getNonForwardableSubject", "245");
                if (exception instanceof WSSecurityException) {
                    throw ((WSSecurityException) exception);
                }
                throw new WSSecurityException(exception.getMessage(), exception);
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Security is disabled, null subject will be returned");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getNonForwardableSubject()");
        }
        return subjectArr;
    }

    public static Subject getSerializableSubject() throws WSSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSerializableSubject()");
        }
        Subject[] serializableSubjects = getSerializableSubjects();
        if (serializableSubjects != null && serializableSubjects[0] != null) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getSerializableSubject()");
            }
            return serializableSubjects[0];
        }
        if (!tc.isEntryEnabled()) {
            return null;
        }
        Tr.exit(tc, "getSerializableSubject() - null Subject returned.");
        return null;
    }

    public static Subject[] getSerializableSubjects() throws WSSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSerializableSubjects()");
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(GET_SUBJECT_PERMISSION);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Java 2 Security Permission Check passed");
            }
        }
        Subject[] subjectArr = null;
        if (ContextManagerFactory.getInstance().isCellSecurityEnabled()) {
            try {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Getting the serializable subject from credential on the current thread of execution");
                }
                subjectArr = (Subject[]) AccessController.doPrivileged(getSerializableSubjectAction);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Got the serializable subject from credential on the current thread of execution");
                }
            } catch (PrivilegedActionException e) {
                Exception exception = e.getException();
                Manager.Ffdc.log(exception, thisClass, "com.ibm.ws.security.auth.WSLoginHelperImpl.getSerializableSubject", "245");
                if (exception instanceof WSSecurityException) {
                    throw ((WSSecurityException) exception);
                }
                throw new WSSecurityException(exception.getMessage(), exception);
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Security is disabled, null subject will be returned");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSerializableSubjects()");
        }
        return subjectArr;
    }

    public static Subject getUnauthenticatedSubject() throws WSSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getUnauthenticatedSubjecy()");
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(GET_SUBJECT_PERMISSION);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Java 2 Security Permission Check passed");
            }
        }
        Subject subject = null;
        if (ContextManagerFactory.getInstance().isCellSecurityEnabled()) {
            try {
                subject = (Subject) AccessController.doPrivileged(getUnauthSubjectAction);
            } catch (PrivilegedActionException e) {
                Exception exception = e.getException();
                Manager.Ffdc.log(exception, thisClass, "com.ibm.ws.security.auth.WSLoginHelperImpl.getUnauthenticatedSubject", "431");
                if (exception instanceof WSSecurityException) {
                    throw ((WSSecurityException) exception);
                }
                throw new WSSecurityException(exception.getMessage(), exception);
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Security is disabled, null subject will be returned");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getUnauthenticatedSubjecy()");
        }
        return subject;
    }

    public static Subject getSerializableUnauthSubject() throws WSSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSerializableUnauthSubject()");
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(GET_SUBJECT_PERMISSION);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Java 2 Security Permission Check passed");
            }
        }
        Subject subject = null;
        if (ContextManagerFactory.getInstance().isCellSecurityEnabled()) {
            try {
                subject = (Subject) AccessController.doPrivileged(getSerializableUnauthSubjectAction);
            } catch (PrivilegedActionException e) {
                Exception exception = e.getException();
                Manager.Ffdc.log(exception, thisClass, "com.ibm.ws.security.auth.WSLoginHelperImpl.getUnauthenticatedSubject", "485");
                if (exception instanceof WSSecurityException) {
                    throw ((WSSecurityException) exception);
                }
                throw new WSSecurityException(exception.getMessage(), exception);
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Security is disabled, null subject will be returned");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSerializableUnauthSubject()");
        }
        return subject;
    }

    public static Subject restoreSerializedSubject(Subject subject, WSCredential wSCredential) throws SerialDeserialSubjectException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "restoreSerializedSubject()");
        }
        Subject[] restoreSerializedSubjects = restoreSerializedSubjects(new Subject[]{subject}, SubjectHelper.createSubjectFromWSCredential(wSCredential));
        if (restoreSerializedSubjects != null && restoreSerializedSubjects[0] != null) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "restoreSerializedSubject()");
            }
            return restoreSerializedSubjects[0];
        }
        if (!tc.isEntryEnabled()) {
            return null;
        }
        Tr.entry(tc, "restoreSerializedSubject() - null Subject returned.");
        return null;
    }

    public static Subject[] restoreSerializedSubjects(Subject[] subjectArr, Subject subject) throws SerialDeserialSubjectException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "restoreSerializedSubjects()");
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(GET_SUBJECT_PERMISSION);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Java 2 Security Permission Check passed");
            }
        }
        if (subjectArr == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Passed in Subject array is null");
            }
            throw new SerialDeserialSubjectException("Passed in Subject array is null");
        }
        for (int i = 0; i < subjectArr.length; i++) {
            if (subjectArr[i] != null && tc.isDebugEnabled()) {
                Tr.debug(tc, "Subject[" + i + "] in passed in subject array is not null.");
            }
        }
        if (subject == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Privileged subject is not null.");
            }
            throw new SerialDeserialSubjectException("Privileged subject is null.");
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Privileged subject is not null.");
        }
        Subject[] subjectArr2 = new Subject[subjectArr.length];
        for (int i2 = 0; i2 < subjectArr.length; i2++) {
            if (subjectArr[i2] != null) {
                subjectArr2[i2] = deserializeSubject(subjectArr[i2], subject);
            } else {
                subjectArr2[i2] = null;
            }
        }
        return subjectArr2;
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:18:0x00cc
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    private static javax.security.auth.Subject deserializeSubject(javax.security.auth.Subject r7, javax.security.auth.Subject r8) throws com.ibm.ws.security.auth.SerialDeserialSubjectException {
        /*
            Method dump skipped, instructions count: 302
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.security.auth.WSLoginHelperImpl.deserializeSubject(javax.security.auth.Subject, javax.security.auth.Subject):javax.security.auth.Subject");
    }

    public static WSCredential refresh(String str, String str2, String str3) throws WSSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "refresh(username = \"" + str + "\", realmname = \"" + str2 + "\", password = \"XXXXXXXX\")");
        }
        disableAuthRetryForThread();
        WSCredential wSCredential = null;
        try {
            ContextManager contextManagerFactory = ContextManagerFactory.getInstance();
            if (contextManagerFactory.isCellSecurityEnabled()) {
                wSCredential = contextManagerFactory.authenticate(str2, str, str3);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "returned from login");
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Security is disabled, credential is not refreshed, null credential will be returned");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "refresh(username, realmname, password)");
            }
            return wSCredential;
        } finally {
            enableAuthRetryForThread();
        }
    }

    public static String getDefaultRealmName() {
        return ContextManagerFactory.getInstance().getDefaultRealm();
    }

    private WSLoginHelperImpl() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "WSLoginHelperImpl()");
        }
        Tr.error(tc, "security.jaas.NoWSLoginHelperImpl");
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "WSLoginHelperImpl()");
        }
    }

    private static void disableAuthRetryForThread() {
        ContextManagerFactory.getInstance().put("wssecurity.disableauthretry", new Boolean(true));
    }

    private static void enableAuthRetryForThread() {
        ContextManagerFactory.getInstance().put("wssecurity.disableauthretry", new Boolean(false));
    }
}
