package com.ibm.ws.security.admintask.audit.policy;

import com.ibm.ejs.ras.ManagerAdmin;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.AdminCommand;
import com.ibm.websphere.management.cmdframework.CommandException;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandMgr;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.CommandResult;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.TaskCommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand;
import com.ibm.websphere.management.cmdframework.provider.TaskCommandResultImpl;
import com.ibm.websphere.management.configservice.ConfigDataId;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceFactory;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.management.configservice.SystemAttributes;
import com.ibm.websphere.management.exception.ConfigServiceException;
import com.ibm.websphere.models.config.rolebasedauthz.AuthorizationTableExt;
import com.ibm.websphere.models.config.rolebasedauthz.RoleAssignmentExt;
import com.ibm.websphere.models.config.rolebasedauthz.UserExt;
import com.ibm.websphere.models.config.rolebasedauthz.impl.RolebasedauthzFactoryImpl;
import com.ibm.websphere.models.config.security.Security;
import com.ibm.websphere.models.config.security.UserRegistry;
import com.ibm.websphere.ras.RasMessage;
import com.ibm.websphere.security.ProviderFailureException;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.management.application.AppUtils;
import com.ibm.ws.management.configservice.WorkspaceHelper;
import com.ibm.ws.security.audit.AuditServiceImpl;
import com.ibm.ws.security.audit.utils.DataHelper;
import com.ibm.ws.security.common.util.AuditConstants;
import com.ibm.ws.security.config.AuditConfig;
import com.ibm.ws.security.config.SecurityObjectLocator;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.security.profiletask.MessageFormatHelper;
import com.ibm.ws.security.role.PluggableAuthorizationTableProxy;
import com.ibm.ws.sm.workspace.RepositoryContext;
import com.ibm.ws.sm.workspace.WorkSpace;
import com.ibm.ws.sm.workspace.WorkSpaceException;
import com.ibm.wsspi.security.audit.AuditOutcome;
import com.ibm.wsspi.security.audit.AuditService;
import com.ibm.wsspi.security.audit.ContextHandler;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Locale;
import java.util.ResourceBundle;
import java.util.concurrent.ConcurrentHashMap;
import javax.management.Attribute;
import javax.management.AttributeList;
import javax.management.ObjectName;
import org.eclipse.emf.common.util.URI;
import org.eclipse.emf.ecore.resource.Resource;

/* loaded from: input_file:com.ibm.ws.admin.client_7.0.0.jar:com/ibm/ws/security/admintask/audit/policy/ModifyAuditPolicy.class */
public class ModifyAuditPolicy extends AbstractTaskCommand {
    private Boolean auditEnabled;
    private String auditPolicy;
    private String auditorId;
    private String auditorPwd;
    private Boolean sign;
    private Boolean encrypt;
    private Boolean batching;
    private Boolean verbose;
    private String keystoreRef;
    private String encryptionCertRef;
    private boolean retrievedEnabledSetting;
    private boolean retrievedEncryptSetting;
    private boolean found;
    private ConcurrentHashMap auditOutcome;
    private static String BUNDLE_NAME = "com.ibm.ejs.resources.security";
    private static ResourceBundle resBundle = ResourceBundle.getBundle(BUNDLE_NAME, Locale.getDefault());
    private static TraceComponent tc = Tr.register(ModifyAuditPolicy.class, ManagerAdmin.audit, "com.ibm.ws.security.admintask.audit.policy");
    private static AuditService auditService = null;

    public ModifyAuditPolicy(TaskCommandMetadata taskCommandMetadata) throws CommandNotFoundException {
        super(taskCommandMetadata);
        this.auditEnabled = new Boolean(false);
        this.auditPolicy = null;
        this.auditorId = null;
        this.auditorPwd = null;
        this.sign = new Boolean(false);
        this.encrypt = new Boolean(false);
        this.batching = new Boolean(false);
        this.verbose = new Boolean(false);
        this.keystoreRef = null;
        this.encryptionCertRef = null;
        this.retrievedEnabledSetting = false;
        this.retrievedEncryptSetting = false;
        this.found = false;
        this.auditOutcome = new ConcurrentHashMap();
    }

    public ModifyAuditPolicy(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        super(commandData);
        this.auditEnabled = new Boolean(false);
        this.auditPolicy = null;
        this.auditorId = null;
        this.auditorPwd = null;
        this.sign = new Boolean(false);
        this.encrypt = new Boolean(false);
        this.batching = new Boolean(false);
        this.verbose = new Boolean(false);
        this.keystoreRef = null;
        this.encryptionCertRef = null;
        this.retrievedEnabledSetting = false;
        this.retrievedEncryptSetting = false;
        this.found = false;
        this.auditOutcome = new ConcurrentHashMap();
    }

    private String getMsg(ResourceBundle resourceBundle, String str, Object[] objArr) {
        return MessageFormatHelper.getFormattedMessage(resourceBundle, str, objArr);
    }

    private AuthorizationTableExt getAuthTable(Session session, String str, WorkSpace workSpace) throws WorkSpaceException, Exception {
        r12 = null;
        RepositoryContext findContext = AppUtils.findContext("cells", str, null, null, workSpace, true);
        findContext.extract("audit-authz.xml", false);
        Resource createResource = findContext.getResourceSet().createResource(URI.createURI("audit-authz.xml"));
        createResource.load(new HashMap());
        for (AuthorizationTableExt authorizationTableExt : createResource.getContents()) {
            if (authorizationTableExt.getContext().equals("domain")) {
                break;
            }
        }
        return authorizationTableExt;
    }

    public boolean validAction(String str) {
        return str.equals("WARN") || str.equals("NOWARN") || str.equals("FATAL");
    }

    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand, com.ibm.websphere.management.cmdframework.provider.AbstractAdminCommand, com.ibm.websphere.management.cmdframework.AdminCommand
    public void validate() throws CommandValidationException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validate");
        }
        super.validate();
        TaskCommandResultImpl taskCommandResultImpl = (TaskCommandResultImpl) getTaskCommandResult();
        if (!taskCommandResultImpl.isSuccessful()) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "validate");
                return;
            }
            return;
        }
        ConfigService configService = ConfigServiceFactory.getConfigService();
        Session configSession = getConfigSession();
        try {
            ObjectName objectName = configService.queryConfigObjects(configSession, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, RasMessage.AUDIT), null)[0];
            if (objectName == null) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.NoAuditXML", null));
            }
            ObjectName objectName2 = configService.queryConfigObjects(configSession, null, ConfigServiceHelper.createObjectName((AttributeList) configService.getAttribute(configSession, objectName, AuditConfig.AUDIT_POLICY)), null)[0];
            this.retrievedEnabledSetting = ((Boolean) configService.getAttribute(configSession, objectName2, AuditConfig.ENABLED)).booleanValue();
            this.retrievedEncryptSetting = ((Boolean) configService.getAttribute(configSession, objectName2, "encrypt")).booleanValue();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "retrieved enabled setting: " + this.retrievedEnabledSetting);
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "retrieved encrypt setting: " + this.retrievedEncryptSetting);
            }
            this.auditEnabled = (Boolean) getParameter(AuditConfig.ENABLED);
            if (this.auditEnabled == null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "auditEnabled == null");
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "auditEnabled != null: " + this.auditEnabled);
            }
            this.auditPolicy = (String) getParameter(AuditConfig.AUDIT_POLICY);
            if (this.auditPolicy != null && this.auditPolicy.length() > 0 && !validAction(this.auditPolicy)) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.InvalidActionType", null));
            }
            this.auditorId = (String) getParameter(AuditConfig.AUDITOR_ID);
            if (((this.auditEnabled != null && this.auditEnabled.booleanValue()) || (this.auditEnabled == null && this.retrievedEnabledSetting)) && this.auditorId != null && this.auditorId.length() == 0) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.CannotRemoveAuditorId", null));
            }
            try {
                ConfigServiceHelper.createObjectName((ConfigDataId) null, RasMessage.AUDIT);
                ObjectName objectName3 = configService.resolve(configSession, "Cell=")[0];
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "cell = " + objectName3.toString());
                }
                String substring = objectName3.toString().substring(objectName3.toString().indexOf(SystemAttributes._WEBSPHERE_CONFIG_DATA_DISPLAY_NAME));
                String substring2 = substring.substring(0, substring.indexOf(","));
                String substring3 = substring2.substring(substring2.indexOf("=") + 1);
                WorkSpace workspace = WorkspaceHelper.getWorkspace(configSession);
                if (tc.isDebugEnabled() && this.auditorId != null) {
                    Tr.debug(tc, "auditorId: " + this.auditorId + " auditorId.length() = " + this.auditorId.length() + " auditEnabled: " + this.auditEnabled);
                }
                if ((this.auditorId == null || this.auditorId.length() != 0 || this.auditEnabled.booleanValue()) && this.auditorId != null) {
                    PluggableAuthorizationTableProxy authorizationTableProxy = PluggableAuthorizationTableProxy.getAuthorizationTableProxy();
                    if (authorizationTableProxy == null || !authorizationTableProxy.isSAFAuthorizationEnabled()) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "SAF NOT enabled");
                        }
                        new RolebasedauthzFactoryImpl();
                        boolean z = false;
                        try {
                            AuthorizationTableExt authTable = getAuthTable(configSession, substring3, workspace);
                            if (authTable != null) {
                                for (RoleAssignmentExt roleAssignmentExt : authTable.getAuthorizations()) {
                                    if (roleAssignmentExt != null && roleAssignmentExt.getRole().getRoleName().equals("auditor")) {
                                        Iterator it = roleAssignmentExt.getUsers().iterator();
                                        while (it.hasNext()) {
                                            if (((UserExt) it.next()).getName().equals(this.auditorId)) {
                                                if (tc.isDebugEnabled()) {
                                                    Tr.debug(tc, "found user " + this.auditorId + " in audit-authz.xml");
                                                }
                                                z = true;
                                            }
                                        }
                                    }
                                }
                                if (!z) {
                                    boolean z2 = false;
                                    HashMap hashMap = new HashMap();
                                    String str = null;
                                    AdminCommand createCommand = CommandMgr.getCommandMgr().createCommand("listAuditGroupIDsOfAuthorizationGroup");
                                    createCommand.setConfigSession(configSession);
                                    createCommand.execute();
                                    CommandResult commandResult = createCommand.getCommandResult();
                                    if (commandResult.isSuccessful() && commandResult.getResult() != null) {
                                        hashMap = (HashMap) commandResult.getResult();
                                    }
                                    if (!hashMap.isEmpty()) {
                                        Iterator it2 = hashMap.values().iterator();
                                        while (it2.hasNext()) {
                                            Iterator it3 = ((ArrayList) it2.next()).iterator();
                                            while (it3.hasNext()) {
                                                if (((String) it3.next()).equals("PRIMARYADMINID")) {
                                                    try {
                                                        ObjectName createObjectName = ConfigServiceHelper.createObjectName((ConfigDataId) null, "Security");
                                                        ObjectName objectName4 = configService.resolve(configSession, "Cell=")[0];
                                                        if (tc.isDebugEnabled()) {
                                                            Tr.debug(tc, "cell = " + objectName4.toString());
                                                        }
                                                        ObjectName objectName5 = objectName4 != null ? configService.queryConfigObjects(configSession, objectName4, createObjectName, null)[0] : null;
                                                        String substring4 = objectName4.toString().substring(objectName4.toString().indexOf(SystemAttributes._WEBSPHERE_CONFIG_DATA_DISPLAY_NAME));
                                                        String substring5 = substring4.substring(0, substring4.indexOf(","));
                                                        UserRegistry activeUserRegistry = ((Security) AppUtils.findContext("cells", substring5.substring(substring5.indexOf("=") + 1), null, null, workspace, true).getResourceSet().getResource(URI.createURI("security.xml"), true).getContents().get(0)).getActiveUserRegistry();
                                                        if (activeUserRegistry != null) {
                                                            str = new String(activeUserRegistry.getPrimaryAdminId());
                                                        }
                                                    } catch (Throwable th) {
                                                        taskCommandResultImpl.setException(new CommandException(th.getMessage()));
                                                    }
                                                }
                                            }
                                        }
                                    }
                                    if (str != null && str.equals(this.auditorId)) {
                                        z2 = true;
                                    }
                                    if (!z2) {
                                        throw new CommandValidationException(getMsg(resBundle, "security.audit.auditorId.change.error", null));
                                    }
                                }
                            }
                        } catch (WorkSpaceException e) {
                            e.printStackTrace();
                            throw new CommandValidationException(getMsg(resBundle, "security.audit.auditorId.change.ws.error", null));
                        } catch (Exception e2) {
                            throw new CommandValidationException(e2.getMessage());
                        }
                    } else if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "z with SAF enabled");
                    }
                }
                this.auditorPwd = (String) getParameter(AuditConfig.AUDITOR_PASSWORD);
                if (((this.auditEnabled != null && this.auditEnabled.booleanValue()) || (this.auditEnabled == null && this.retrievedEnabledSetting)) && this.auditorPwd != null && this.auditorPwd.length() == 0) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.CannotRemoveAuditorPwd", null));
                }
                this.sign = (Boolean) getParameter("sign");
                this.encrypt = (Boolean) getParameter("encrypt");
                this.verbose = (Boolean) getParameter(AuditConfig.VERBOSE);
                this.encryptionCertRef = (String) getParameter("encryptionCert");
                if (tc.isDebugEnabled()) {
                    if (this.auditEnabled != null) {
                        Tr.debug(tc, "auditEnabled: " + this.auditEnabled.toString());
                    }
                    if (this.auditPolicy != null && this.auditPolicy.length() != 0) {
                        Tr.debug(tc, "auditPolicy: " + this.auditPolicy);
                    }
                    if (this.auditorId != null && this.auditorId.length() != 0) {
                        Tr.debug(tc, "auditorId: " + this.auditorId);
                    }
                    if (this.auditorPwd != null && this.auditorPwd.length() != 0) {
                        Tr.debug(tc, "auditorPwd: ******");
                    }
                    if (this.sign != null) {
                        Tr.debug(tc, "sign: " + this.sign.toString());
                    }
                    if (this.encrypt != null) {
                        Tr.debug(tc, "encrypt: " + this.encrypt.toString());
                    }
                    if (this.verbose != null) {
                        Tr.debug(tc, "verbose: " + this.verbose.toString());
                    }
                    if (this.encryptionCertRef != null) {
                        Tr.debug(tc, "encryptionCertRef: " + this.encryptionCertRef);
                    }
                }
                if (this.auditEnabled == null && this.auditPolicy == null && this.auditorId == null && this.auditorPwd == null && this.sign == null && this.encrypt == null && this.verbose == null && this.encryptionCertRef == null) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.MissingModifyParms", null));
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "validate");
                }
            } catch (Throwable th2) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.FailAccesstoSecWS", null));
            }
        } catch (Exception e3) {
            FFDCFilter.processException(e3, "com.ibm.ws.security.admintask.audit.policy.ModifyAuditPolicy.validation", "%");
            if (tc.isEntryEnabled()) {
                Tr.debug(tc, "Error getting configuration: ", e3.getMessage());
            }
            String msg = getMsg(resBundle, "security.admintask.ConfigurationError", null);
            if (e3.getMessage() != null) {
                msg = msg.concat(": ").concat(e3.getMessage());
            }
            throw new CommandValidationException(msg);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand
    public void afterStepsExecuted() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "afterStepsExecuted");
        }
        super.afterStepsExecuted();
        TaskCommandResultImpl taskCommandResultImpl = (TaskCommandResultImpl) getTaskCommandResult();
        if (!taskCommandResultImpl.isSuccessful()) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "afterStepsExecuted");
                return;
            }
            return;
        }
        ConfigService configService = ConfigServiceFactory.getConfigService();
        Session configSession = getConfigSession();
        try {
            ObjectName objectName = configService.queryConfigObjects(configSession, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, RasMessage.AUDIT), null)[0];
            if (objectName == null) {
                String msg = getMsg(resBundle, "security.admintask.NoAuditXML", null);
                taskCommandResultImpl.addWarnings(msg);
                taskCommandResultImpl.setResult(new Boolean(false));
                taskCommandResultImpl.setException(new CommandException(msg));
                return;
            }
            AttributeList attributeList = (AttributeList) configService.getAttribute(configSession, objectName, AuditConfig.AUDIT_POLICY);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "policyAttrs: " + attributeList.toString());
            }
            ObjectName objectName2 = configService.queryConfigObjects(configSession, null, ConfigServiceHelper.createObjectName(attributeList), null)[0];
            AttributeList attributeList2 = new AttributeList();
            if (this.auditEnabled != null) {
                ContextHandler contextHandler = null;
                if (auditService == null) {
                    auditService = ContextManagerFactory.getInstance().getAuditService();
                }
                if (auditService != null) {
                    contextHandler = ((AuditServiceImpl) auditService).getContextHandler();
                    if (contextHandler == null) {
                        auditService.processAuditFailure("security.audit.service.context.error", null);
                        taskCommandResultImpl.addWarnings("security.audit.service.context.error");
                        taskCommandResultImpl.setResult(new Boolean(false));
                        taskCommandResultImpl.setException(new CommandException("security.audit.service.context.error"));
                        return;
                    }
                }
                if (auditService != null && auditService.isEventRequired("SECURITY_MGMT_AUDIT", "SUCCESS")) {
                    if (contextHandler != null) {
                        String type = SecurityObjectLocator.getSecurityConfig().getActiveUserRegistry().getType();
                        contextHandler.buildContextObject("SESSION_CONTEXT", DataHelper.buildSessionData(null, null, null, null));
                        contextHandler.buildContextObject("ACCESS_CONTEXT", this.auditEnabled.booleanValue() ? DataHelper.buildAccessData(AuditConstants.WAS_SERVER, "enable", null, null, "authzSuccess", AuditConstants.AUDIT_SUBSYSTEM, "process", new Long(0L), null, null, null, null) : DataHelper.buildAccessData(AuditConstants.WAS_SERVER, AuditConstants.DISABLE, null, null, "authzSuccess", AuditConstants.AUDIT_SUBSYSTEM, "process", new Long(0L), null, null, null, null));
                        contextHandler.buildContextObject("EVENT_CONTEXT", DataHelper.buildEventData(auditService.getLastTrailId(), auditService.getEventTrailIds(), new Date(), new Long(0L).longValue()));
                        contextHandler.buildContextObject("PROPAGATION_CONTEXT", DataHelper.buildPropagationData(auditService.getFirstCaller(), auditService.getCallerList()));
                        contextHandler.buildContextObject("PROCESS_CONTEXT", DataHelper.buildProcessData(auditService.getDomain(), ContextManagerFactory.getInstance().getDefaultRealm()));
                        contextHandler.buildContextObject("REGISTRY_CONTEXT", DataHelper.buildRegistryData(DataHelper.convertRegistryInfoType(type)));
                        if (this.auditEnabled.booleanValue()) {
                            DataHelper.buildMgmtData(AuditConstants.SUB_SYSTEM, "enable", null);
                        } else {
                            DataHelper.buildMgmtData(AuditConstants.SUB_SYSTEM, AuditConstants.DISABLE, null);
                        }
                        if (this.auditEnabled.booleanValue()) {
                            this.auditOutcome = DataHelper.buildOutcomeData(AuditOutcome.SUCCESSFUL, new Integer(0), new Integer(0), "SUCCESS", 84L);
                        } else {
                            this.auditOutcome = DataHelper.buildOutcomeData(AuditOutcome.SUCCESSFUL, new Integer(0), new Integer(0), "SUCCESS", 88L);
                        }
                    }
                    try {
                        auditService.sendEvent("SECURITY_MGMT_AUDIT", this.auditOutcome);
                    } catch (ProviderFailureException e) {
                        Tr.error(tc, "security.audit.service.sendevent.error", new Object[]{e});
                        auditService.processAuditFailure("security.audit.service.sendevent.error", e);
                    }
                }
                attributeList2.add(new Attribute(AuditConfig.ENABLED, this.auditEnabled));
            }
            if (((AttributeList) configService.getAttribute(configSession, objectName, "auditNotificationMonitor")) == null && this.auditPolicy != null && (this.auditPolicy.equals("WARN") || this.auditPolicy.equals("FATAL"))) {
                String msg2 = getMsg(resBundle, "security.admintask.NotificationMonitorNotConfigured", null);
                taskCommandResultImpl.addWarnings(msg2);
                taskCommandResultImpl.setResult(new Boolean(false));
                taskCommandResultImpl.setException(new CommandException(msg2));
                return;
            }
            if (this.auditPolicy != null) {
                attributeList2.add(new Attribute(AuditConfig.AUDIT_POLICY, this.auditPolicy));
            }
            if (this.auditorId != null) {
                attributeList2.add(new Attribute(AuditConfig.AUDITOR_ID, this.auditorId));
            }
            if (this.auditorPwd != null) {
                attributeList2.add(new Attribute(AuditConfig.AUDITOR_PASSWORD, this.auditorPwd));
            }
            if (this.sign != null) {
                attributeList2.add(new Attribute("sign", this.sign));
            }
            if (this.encrypt != null) {
                attributeList2.add(new Attribute("encrypt", this.encrypt));
            }
            if (this.verbose != null) {
                attributeList2.add(new Attribute(AuditConfig.VERBOSE, this.verbose));
            }
            if (this.encryptionCertRef != null && this.encryptionCertRef.length() == 0) {
                if ((this.encrypt != null && this.encrypt.booleanValue()) || (this.encrypt == null && this.retrievedEncryptSetting)) {
                    String msg3 = getMsg(resBundle, "security.admintask.CannotDeleteEncryptionCert", null);
                    taskCommandResultImpl.addWarnings(msg3);
                    taskCommandResultImpl.setResult(new Boolean(false));
                    taskCommandResultImpl.setException(new CommandException(msg3));
                    return;
                }
                this.found = true;
                attributeList2.add(new Attribute("encryptionCert", null));
            }
            if (this.encryptionCertRef != null && this.encryptionCertRef.length() != 0) {
                ArrayList arrayList = (ArrayList) configService.getAttribute(configSession, objectName, "certificates");
                int i = 0;
                while (true) {
                    if (i >= arrayList.size()) {
                        break;
                    }
                    AttributeList attributeList3 = (AttributeList) arrayList.get(i);
                    Iterator it = attributeList3.iterator();
                    while (it.hasNext()) {
                        Attribute attribute = (Attribute) it.next();
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "certAttrs name: " + attribute.getName());
                        }
                        if (attribute.getValue() != null) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "certAttrs value: " + attribute.getValue().toString());
                            }
                        } else if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "certAttrs value: null");
                        }
                    }
                    String obj = ConfigServiceHelper.getAttributeValue(attributeList3, SystemAttributes._WEBSPHERE_CONFIG_DATA_ID).toString();
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "cert = " + obj);
                    }
                    if (obj.split("#")[1].equals(this.encryptionCertRef)) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "found matching encryption cert");
                        }
                        this.found = true;
                        ObjectName createObjectName = ConfigServiceHelper.createObjectName(attributeList3);
                        if (createObjectName != null && tc.isDebugEnabled()) {
                            Tr.debug(tc, "cert: " + createObjectName.toString());
                        }
                        attributeList2.add(new Attribute("encryptionCert", createObjectName));
                    } else {
                        i++;
                    }
                }
            }
            if (!this.found && this.encryptionCertRef != null) {
                String msg4 = getMsg(resBundle, "security.admintask.InvalidCertRef", null);
                taskCommandResultImpl.addWarnings(msg4);
                taskCommandResultImpl.setResult(new Boolean(false));
                taskCommandResultImpl.setException(new CommandException(msg4));
                return;
            }
            if (attributeList2 == null) {
                String concat = getMsg(resBundle, "security.admintask.CreateObjFailure", null).concat(": AuditServiceProvider");
                taskCommandResultImpl.addWarnings(concat);
                taskCommandResultImpl.setResult(new Boolean(false));
                taskCommandResultImpl.setException(new CommandException(concat));
                return;
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "settings: " + attributeList2.toString());
            }
            configService.setAttributes(configSession, objectName2, attributeList2);
            taskCommandResultImpl.setResult(new Boolean(true));
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "afterStepsExecuted");
            }
        } catch (ConfigServiceException e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.admintask.audit.policy.ModifyAuditPolicy.afterStepsExecuted", "154");
            if (tc.isEntryEnabled()) {
                Tr.debug(tc, "Error getting configuration: ", e2.getMessage());
            }
            String msg5 = getMsg(resBundle, "security.admintask.ConfigurationError", null);
            if (e2.getMessage() != null) {
                msg5 = msg5.concat(": ").concat(e2.getMessage());
            }
            taskCommandResultImpl.addWarnings(msg5);
            taskCommandResultImpl.setResult(new Boolean(false));
            taskCommandResultImpl.setException(new CommandException(msg5));
        } catch (Exception e3) {
            FFDCFilter.processException(e3, "com.ibm.ws.security.admintask.audit.policy.ModifyAuditPolicy.afterStepsExecuted", "154");
            if (tc.isEntryEnabled()) {
                Tr.debug(tc, "Error getting configuration: ", e3.getMessage());
            }
            String msg6 = getMsg(resBundle, "security.admintask.ConfigurationError", null);
            if (e3.getMessage() != null) {
                msg6 = msg6.concat(": ").concat(e3.getMessage());
            }
            taskCommandResultImpl.addWarnings(msg6);
            taskCommandResultImpl.setResult(new Boolean(false));
            taskCommandResultImpl.setException(new CommandException(msg6));
        }
    }
}
