package com.ibm.ws.security.registry.ldap;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.security.CustomRegistryException;
import com.ibm.websphere.security.auth.AuthenticationFailedException;
import com.ibm.websphere.security.auth.AuthenticationNotSupportedException;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.ws.security.registry.RegistryErrorException;
import com.ibm.ws.security.util.ConfigUtils;
import com.ibm.wsspi.management.agent.AdminSubsystemExtensionHandler;
import com.tivoli.mts.PDPrincipal;
import java.io.File;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Properties;

/* loaded from: input_file:wasJars/securityimpl.jar:com/ibm/ws/security/registry/ldap/TAMLdapRegistryImpl.class */
public class TAMLdapRegistryImpl extends LdapRegistryImpl {
    private static URL propURL = null;
    private static TraceComponent tc = Tr.register(TAMLdapRegistryImpl.class, (String) null, "com.ibm.ejs.resources.security");

    @Override // com.ibm.ws.security.registry.ldap.LdapRegistryImpl, com.ibm.websphere.security.UserRegistry
    public void initialize(Properties properties) throws CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, AdminSubsystemExtensionHandler.INITIALIZE);
        }
        super.initialize(properties);
        String str = null;
        if (properties != null) {
            str = (String) properties.get(CommonConstants.TAM_PROP_URL);
        }
        if (str != null) {
            try {
                if (str.length() > 0) {
                    if (str.startsWith("$")) {
                        str = ConfigUtils.expandString(str);
                    }
                    propURL = new File(str).toURL();
                    if (tc.isDebugEnabled() && propURL != null) {
                        Tr.debug(tc, "URL is: " + propURL);
                    }
                }
            } catch (MalformedURLException e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.registry.ldap.LdapRegistryImpl.authenticate", "55", this);
                Tr.error(tc, "security.registry.ldap.initerror", new Object[]{e});
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, AdminSubsystemExtensionHandler.INITIALIZE);
                }
                throw new CustomRegistryException(e.toString(), e);
            }
        }
        Tr.audit(tc, "security.registry.TAM.initialize");
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, AdminSubsystemExtensionHandler.INITIALIZE);
        }
    }

    @Override // com.ibm.ws.security.registry.ldap.LdapRegistryImpl
    protected String authenticate(String str, String str2) throws AuthenticationFailedException, AuthenticationNotSupportedException, RegistryErrorException, CustomRegistryException {
        LdapRegistryImpl.escapeChar(str, '*');
        try {
            long currentTimeMillis = System.currentTimeMillis();
            new PDPrincipal(str, str2.toCharArray(), propURL);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Authenticated the user: " + str + " using AM");
                Tr.debug(tc, new StringBuffer("Time elapsed to open/close DirContext: ").append(System.currentTimeMillis() - currentTimeMillis).toString());
            }
            return str;
        } catch (IllegalArgumentException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.registry.ldap.TAMLdapRegistryImpl.authenticate", "117", this);
            Tr.error(tc, "security.authn.error", new Object[]{str, e});
            throw new AuthenticationFailedException(e.getMessage(), e);
        } catch (IllegalStateException e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.registry.ldap.TAMLdapRegistryImpl.authenticate", "122", this);
            Tr.error(tc, "security.authn.error", new Object[]{str, e2});
            throw new AuthenticationFailedException(e2.getMessage(), e2);
        } catch (NullPointerException e3) {
            FFDCFilter.processException(e3, "com.ibm.ws.security.registry.ldap.TAMLdapRegistryImpl.authenticate", "111", this);
            Tr.error(tc, "security.authn.error", new Object[]{str, e3});
            throw new AuthenticationFailedException(e3.getMessage(), e3);
        }
    }

    @Override // com.ibm.ws.security.registry.ldap.LdapRegistryImpl, com.ibm.websphere.security.UserRegistry
    public boolean isValidUser(String str) throws CustomRegistryException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isValidUser", str);
        }
        try {
            new PDPrincipal(str, propURL);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Verified the user: " + str + " using AM");
            }
            if (!tc.isEntryEnabled()) {
                return true;
            }
            Tr.exit(tc, "isValidUser", str);
            return true;
        } catch (IllegalArgumentException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.registry.ldap.TAMLdapRegistryImpl.isValidUser", "146", this);
            Tr.error(tc, "security.registry.isvaliduser.error", new Object[]{str, e});
            throw new CustomRegistryException(e.getMessage(), e);
        } catch (IllegalStateException e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.registry.ldap.TAMLdapRegistryImpl.isValidUser", "151", this);
            Tr.error(tc, "security.registry.isvaliduser.error", new Object[]{str, e2});
            throw new CustomRegistryException(e2.getMessage(), e2);
        } catch (NullPointerException e3) {
            FFDCFilter.processException(e3, "com.ibm.ws.security.registry.ldap.TAMLdapRegistryImpl.isValidUser", "141", this);
            Tr.error(tc, "security.registry.isvaliduser.error", new Object[]{str, e3});
            throw new CustomRegistryException(e3.getMessage(), e3);
        }
    }
}
