package com.ibm.ws.security.admintask.securityDomain;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.InvalidParameterNameException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.TaskCommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand;
import com.ibm.websphere.management.cmdframework.provider.TaskCommandResultImpl;
import com.ibm.websphere.management.configservice.ConfigDataId;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.ws.security.config.AuthMechanismConfig;
import com.ibm.ws.security.config.SingleSignonConfig;
import com.ibm.ws.security.jaspi.commands.AdminConstants;
import com.ibm.ws.security.profiletask.MessageFormatHelper;
import com.ibm.ws.security.spnego.Constants;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.Locale;
import java.util.ResourceBundle;
import javax.management.Attribute;
import javax.management.AttributeList;
import javax.management.ObjectName;
import javax.management.QueryExp;
import org.eclipse.jst.j2ee.internal.xml.EjbDeploymentDescriptorXmlMapperI;

/* loaded from: input_file:wasJars/securityimpl.jar:com/ibm/ws/security/admintask/securityDomain/ConfigureLTPAAuthMechanism.class */
public class ConfigureLTPAAuthMechanism extends AbstractTaskCommand {
    private static String BUNDLE_NAME = AdminConstants.MSG_BUNDLE_NAME;
    private static ResourceBundle resBundle = ResourceBundle.getBundle(BUNDLE_NAME, Locale.getDefault());
    private static TraceComponent tc = Tr.register((Class<?>) ConfigureLTPAAuthMechanism.class, "ConfigureLTPAAuthMechanism", "com.ibm.ws.security.admintask.securityDomain");
    private ObjectName secObj;
    private ObjectName globalSecObj;
    private ConfigService configService;
    private Session session;
    private String secDomain;
    private Boolean enable;
    private String interceptor;
    private String customProps;
    private Boolean requiresSSL;
    private String domainName;
    private Boolean interoperable;
    private Boolean attributePropagation;
    private String timeout;

    public ConfigureLTPAAuthMechanism(TaskCommandMetadata taskCommandMetadata) throws CommandNotFoundException {
        super(taskCommandMetadata);
        this.secDomain = null;
        this.enable = null;
        this.interceptor = null;
        this.customProps = null;
        this.requiresSSL = null;
        this.domainName = null;
        this.interoperable = null;
        this.attributePropagation = null;
        this.timeout = null;
    }

    public ConfigureLTPAAuthMechanism(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        super(commandData);
        this.secDomain = null;
        this.enable = null;
        this.interceptor = null;
        this.customProps = null;
        this.requiresSSL = null;
        this.domainName = null;
        this.interoperable = null;
        this.attributePropagation = null;
        this.timeout = null;
    }

    private String getMsg(ResourceBundle resourceBundle, String str, Object[] objArr) {
        return MessageFormatHelper.getFormattedMessage(resourceBundle, str, objArr);
    }

    public void deleteProperty(ObjectName objectName, String str) throws Exception {
        ArrayList arrayList = (ArrayList) ConfigServiceHelper.getAttributeValue(this.configService.getAttributes(this.session, objectName, new String[]{"properties"}, true), "properties");
        for (int i = 0; i < arrayList.size(); i++) {
            AttributeList attributeList = (AttributeList) arrayList.get(i);
            if (((String) ConfigServiceHelper.getAttributeValue(attributeList, "name")).equals(str)) {
                this.configService.deleteConfigData(this.session, this.configService.queryConfigObjects(this.session, objectName, ConfigServiceHelper.createObjectName(attributeList), (QueryExp) null)[0]);
            }
        }
    }

    public Attribute getProperty(ObjectName objectName, String str) throws Exception {
        ArrayList arrayList = (ArrayList) ConfigServiceHelper.getAttributeValue(this.configService.getAttributes(this.session, objectName, new String[]{"properties"}, true), "properties");
        for (int i = 0; i < arrayList.size(); i++) {
            AttributeList attributeList = (AttributeList) arrayList.get(i);
            if (((String) ConfigServiceHelper.getAttributeValue(attributeList, "name")).equals(str)) {
                return new Attribute(str, (String) ConfigServiceHelper.getAttributeValue(attributeList, "value"));
            }
        }
        return null;
    }

    public void setProperty(ObjectName objectName, String str, Object obj) throws Exception {
        ArrayList arrayList = (ArrayList) ConfigServiceHelper.getAttributeValue(this.configService.getAttributes(this.session, objectName, new String[]{"properties"}, true), "properties");
        for (int i = 0; i < arrayList.size(); i++) {
            AttributeList attributeList = (AttributeList) arrayList.get(i);
            if (((String) ConfigServiceHelper.getAttributeValue(attributeList, "name")).equals(str)) {
                ObjectName objectName2 = this.configService.queryConfigObjects(this.session, objectName, ConfigServiceHelper.createObjectName(attributeList), (QueryExp) null)[0];
                AttributeList attributeList2 = new AttributeList();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, obj.toString());
                }
                attributeList2.add(new Attribute("value", obj));
                this.configService.setAttributes(this.session, objectName2, attributeList2);
                return;
            }
        }
        AttributeList attributeList3 = new AttributeList();
        attributeList3.add(new Attribute("name", str));
        attributeList3.add(new Attribute("value", obj));
        attributeList3.add(new Attribute("required", new Boolean(false)));
        this.configService.createConfigData(this.session, objectName, "properties", (String) null, attributeList3);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Added property " + str + ".");
        }
    }

    private AttributeList getAuthMechanism(String str, boolean z) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getAuthMechanism: " + str);
        }
        ArrayList arrayList = (ArrayList) ConfigServiceHelper.getAttributeValue(this.configService.getAttributes(this.session, this.secObj, new String[]{"authMechanisms"}, true), "authMechanisms");
        ArrayList arrayList2 = new ArrayList();
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            AttributeList attributeList = (AttributeList) it.next();
            String str2 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "_Websphere_Config_Data_Type");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Found auth mechanism of type " + str2);
            }
            if (str2.equals("LTPA")) {
                return attributeList;
            }
        }
        if (this.secObj == this.globalSecObj) {
            throw new CommandValidationException(getMsg(resBundle, "security.admintask.noTrustAssociation.SECJ7730E", null));
        }
        if (z) {
            ArrayList arrayList3 = (ArrayList) ConfigServiceHelper.getAttributeValue(this.configService.getAttributes(this.session, this.globalSecObj, new String[]{"authMechanisms"}, true), "authMechanisms");
            AttributeList attributeList2 = new AttributeList();
            Iterator it2 = arrayList3.iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                attributeList2 = (AttributeList) it2.next();
                String str3 = (String) ConfigServiceHelper.getAttributeValue(attributeList2, "_Websphere_Config_Data_Type");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Found auth mechanism of type " + str3);
                }
                if (str3.equals("LTPA")) {
                    Iterator it3 = attributeList2.iterator();
                    while (it3.hasNext()) {
                        String name = ((Attribute) it3.next()).getName();
                        if (!name.equals(str) && (name.equals("singleSignon") || name.equals(AuthMechanismConfig.KEY_SET_GROUP) || name.equals("trustAssociation"))) {
                            it3.remove();
                        }
                    }
                } else {
                    it2.remove();
                }
            }
            arrayList2.add(attributeList2);
            AttributeList attributeList3 = new AttributeList();
            attributeList3.add(new Attribute("authMechanisms", arrayList2));
            this.configService.setAttributes(this.session, this.secObj, attributeList3);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getAuthMechanism");
        }
        return getAuthMechanism();
    }

    private AttributeList getAuthMechanism() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getAuthMechanism");
        }
        ArrayList arrayList = (ArrayList) ConfigServiceHelper.getAttributeValue(this.configService.getAttributes(this.session, this.secObj, new String[]{"authMechanisms"}, true), "authMechanisms");
        AttributeList attributeList = new AttributeList();
        Iterator it = arrayList.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            AttributeList attributeList2 = (AttributeList) it.next();
            String str = (String) ConfigServiceHelper.getAttributeValue(attributeList2, "_Websphere_Config_Data_Type");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Found auth mechanism of type " + str);
            }
            if (str.equals("LTPA")) {
                attributeList = attributeList2;
                break;
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getAuthMechanism");
        }
        return attributeList;
    }

    private AttributeList getSingleSignon() throws Exception {
        AttributeList authMechanism = getAuthMechanism("singleSignon", true);
        AttributeList attributeList = (AttributeList) ConfigServiceHelper.getAttributeValue(authMechanism, "singleSignon");
        ObjectName objectName = this.configService.queryConfigObjects(this.session, this.secObj, ConfigServiceHelper.createObjectName(authMechanism), (QueryExp) null)[0];
        if (attributeList == null) {
            if (this.secObj == this.globalSecObj) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.noSingleSignon.SECJ7728E", null));
            }
            ObjectName objectName2 = this.secObj;
            this.secObj = this.globalSecObj;
            AttributeList singleSignon = getSingleSignon();
            this.secObj = objectName2;
            this.configService.createConfigData(this.session, objectName, "singleSignon", (String) null, singleSignon);
            attributeList = (AttributeList) ConfigServiceHelper.getAttributeValue(getAuthMechanism(null, true), "singleSignon");
        }
        if (attributeList == null) {
            throw new CommandValidationException(getMsg(resBundle, "security.admintask.noSingleSignon.SECJ7728E", null));
        }
        return attributeList;
    }

    private ObjectName getTrustAssociation() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getTrustAssociation");
        }
        AttributeList authMechanism = getAuthMechanism("LTPA", true);
        AttributeList attributeList = (AttributeList) ConfigServiceHelper.getAttributeValue(authMechanism, "trustAssociation");
        ObjectName createTrustAssociation = attributeList == null ? createTrustAssociation(authMechanism) : this.configService.queryConfigObjects(this.session, this.secObj, ConfigServiceHelper.createObjectName(attributeList), (QueryExp) null)[0];
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getTrustAssociation");
        }
        return createTrustAssociation;
    }

    public AttributeList getSingleSignonTask() throws Exception {
        AttributeList attributeList;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSingleSignonEntry");
        }
        try {
            Iterator it = ((ArrayList) ConfigServiceHelper.getAttributeValue(this.configService.getAttributes(this.session, this.secObj, new String[]{"authMechanisms"}, true), "authMechanisms")).iterator();
            while (it.hasNext()) {
                AttributeList attributeList2 = (AttributeList) it.next();
                ObjectName objectName = this.configService.queryConfigObjects(this.session, this.secObj, ConfigServiceHelper.createObjectName(attributeList2), (QueryExp) null)[0];
                String str = (String) ConfigServiceHelper.getAttributeValue(attributeList2, "_Websphere_Config_Data_Type");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Found auth mechanism of type " + str);
                }
                if (str.equals("LTPA") && (attributeList = (AttributeList) ConfigServiceHelper.getAttributeValue(attributeList2, "singleSignon")) != null) {
                    Attribute property = getProperty(this.secObj, "com.ibm.ws.security.ssoInteropModeEnabled");
                    if (property != null) {
                        attributeList.add(property);
                    }
                    Attribute property2 = getProperty(this.secObj, "com.ibm.ws.security.webInboundPropagationEnabled");
                    if (property2 != null) {
                        attributeList.add(property2);
                    }
                    if (tc.isEntryEnabled()) {
                        Tr.exit(tc, "getSingleSignonEntry");
                    }
                    return attributeList;
                }
            }
            throw new CommandValidationException(getMsg(resBundle, "security.admintask.noSingleSignon.SECJ7728E", null));
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getSingleSignonEntry");
            }
            throw th;
        }
    }

    public void configureSingleSignon() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "configureSingleSignonEntry");
        }
        try {
            ObjectName objectName = this.configService.queryConfigObjects(this.session, this.secObj, ConfigServiceHelper.createObjectName(getSingleSignon()), (QueryExp) null)[0];
            if (this.enable != null) {
                AttributeList attributeList = new AttributeList();
                attributeList.add(new Attribute("enabled", this.enable));
                this.configService.setAttributes(this.session, objectName, attributeList);
            }
            if (this.requiresSSL != null) {
                AttributeList attributeList2 = new AttributeList();
                attributeList2.add(new Attribute(SingleSignonConfig.REQUIRES_SSL, this.requiresSSL));
                this.configService.setAttributes(this.session, objectName, attributeList2);
            }
            if (this.domainName != null) {
                AttributeList attributeList3 = new AttributeList();
                attributeList3.add(new Attribute(SingleSignonConfig.DOMAIN_NAME, this.domainName));
                this.configService.setAttributes(this.session, objectName, attributeList3);
            }
            if (this.interoperable != null) {
                setProperty(this.secObj, "com.ibm.ws.security.ssoInteropModeEnabled", this.interoperable.toString());
            }
            if (this.attributePropagation != null) {
                setProperty(this.secObj, "com.ibm.ws.security.webInboundPropagationEnabled", this.attributePropagation.toString());
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "configureSingleSignonEntry");
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "configureSingleSignonEntry");
            }
            throw th;
        }
    }

    public ArrayList listInterceptors() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "listInterceptorsEntry");
        }
        try {
            AttributeList attributeList = new AttributeList();
            ArrayList arrayList = new ArrayList();
            Iterator it = ((ArrayList) ConfigServiceHelper.getAttributeValue(this.configService.getAttributes(this.session, this.secObj, new String[]{"authMechanisms"}, true), "authMechanisms")).iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                AttributeList attributeList2 = (AttributeList) it.next();
                ObjectName objectName = this.configService.queryConfigObjects(this.session, this.secObj, ConfigServiceHelper.createObjectName(attributeList2), (QueryExp) null)[0];
                String str = (String) ConfigServiceHelper.getAttributeValue(attributeList2, "_Websphere_Config_Data_Type");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Found auth mechanism of type " + str);
                }
                if (str.equals("LTPA")) {
                    attributeList = (AttributeList) ConfigServiceHelper.getAttributeValue(attributeList2, "trustAssociation");
                    break;
                }
            }
            if (attributeList != null && attributeList.size() > 0) {
                arrayList = (ArrayList) ConfigServiceHelper.getAttributeValue(this.configService.getAttributes(this.session, this.configService.queryConfigObjects(this.session, this.secObj, ConfigServiceHelper.createObjectName(attributeList), (QueryExp) null)[0], new String[]{EjbDeploymentDescriptorXmlMapperI.INTERCEPTORS}, true), EjbDeploymentDescriptorXmlMapperI.INTERCEPTORS);
            }
            ArrayList arrayList2 = arrayList;
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "listInterceptorsEntry");
            }
            return arrayList2;
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "listInterceptorsEntry");
            }
            throw th;
        }
    }

    public AttributeList getTrustAssociationInfo() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getTrustAssociationInfo");
        }
        try {
            AttributeList attributeList = new AttributeList();
            Iterator it = ((ArrayList) ConfigServiceHelper.getAttributeValue(this.configService.getAttributes(this.session, this.secObj, new String[]{"authMechanisms"}, true), "authMechanisms")).iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                AttributeList attributeList2 = (AttributeList) it.next();
                String str = (String) ConfigServiceHelper.getAttributeValue(attributeList2, "_Websphere_Config_Data_Type");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Found auth mechanism of type " + str);
                }
                if (str.equals("LTPA")) {
                    attributeList = (AttributeList) ConfigServiceHelper.getAttributeValue(attributeList2, "trustAssociation");
                    break;
                }
            }
            AttributeList attributeList3 = attributeList;
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getTrustAssociationInfo");
            }
            return attributeList3;
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getTrustAssociationInfo");
            }
            throw th;
        }
    }

    public void unconfigureInterceptor() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "unconfigureInterceptorEntry");
        }
        try {
            ObjectName trustAssociation = getTrustAssociation();
            ArrayList arrayList = (ArrayList) ConfigServiceHelper.getAttributeValue(this.configService.getAttributes(this.session, trustAssociation, new String[]{EjbDeploymentDescriptorXmlMapperI.INTERCEPTORS}, true), EjbDeploymentDescriptorXmlMapperI.INTERCEPTORS);
            boolean z = true;
            for (int i = 0; i < arrayList.size(); i++) {
                AttributeList attributeList = (AttributeList) arrayList.get(i);
                if (((String) ConfigServiceHelper.getAttributeValue(attributeList, "interceptorClassName")).equals(this.interceptor)) {
                    this.configService.deleteConfigData(this.session, this.configService.queryConfigObjects(this.session, trustAssociation, ConfigServiceHelper.createObjectName(attributeList), (QueryExp) null)[0]);
                    z = false;
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Interceptor " + this.interceptor + " is removed.");
                    }
                }
            }
            if (z) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.noInterceptor.SECJ7731E", null));
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "unconfigureInterceptorEntry");
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "unconfigureInterceptorEntry");
            }
            throw th;
        }
    }

    public void configureTrustAssociation() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "configureTrustAssociationEntry");
        }
        try {
            ObjectName trustAssociation = getTrustAssociation();
            if (this.enable != null) {
                AttributeList attributeList = new AttributeList();
                attributeList.add(new Attribute("enabled", this.enable));
                this.configService.setAttributes(this.session, trustAssociation, attributeList);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Set trust association enabled to " + this.enable.toString() + ".");
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "configureTrustAssociationEntry");
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "configureTrustAssociationEntry");
            }
            throw th;
        }
    }

    public void unconfigureTrustAssociation() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "unconfigureTrustAssociation");
        }
        try {
            Iterator it = ((ArrayList) ConfigServiceHelper.getAttributeValue(this.configService.getAttributes(this.session, this.secObj, new String[]{"authMechanisms"}, true), "authMechanisms")).iterator();
            while (it.hasNext()) {
                AttributeList attributeList = (AttributeList) it.next();
                String str = (String) ConfigServiceHelper.getAttributeValue(attributeList, "_Websphere_Config_Data_Type");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Found auth mechanism of type " + str);
                }
                if (str.equals("LTPA")) {
                    AttributeList attributeList2 = (AttributeList) ConfigServiceHelper.getAttributeValue(attributeList, "trustAssociation");
                    if (attributeList2 != null) {
                        this.configService.deleteConfigData(this.session, ConfigServiceHelper.createObjectName(attributeList2));
                    }
                    if (tc.isEntryEnabled()) {
                        Tr.exit(tc, "unconfigureTrustAssociation");
                        return;
                    }
                    return;
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "unconfigureTrustAssociation");
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "unconfigureTrustAssociation");
            }
            throw th;
        }
    }

    public void configureInterceptor() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "configureTrustAssociationEntry");
        }
        try {
            ObjectName trustAssociation = getTrustAssociation();
            if (this.interceptor != null) {
                ArrayList arrayList = (ArrayList) ConfigServiceHelper.getAttributeValue(this.configService.getAttributes(this.session, trustAssociation, new String[]{EjbDeploymentDescriptorXmlMapperI.INTERCEPTORS}, true), EjbDeploymentDescriptorXmlMapperI.INTERCEPTORS);
                boolean z = true;
                for (int i = 0; i < arrayList.size(); i++) {
                    AttributeList attributeList = (AttributeList) arrayList.get(i);
                    if (((String) ConfigServiceHelper.getAttributeValue(attributeList, "interceptorClassName")).equals(this.interceptor)) {
                        z = false;
                        if (this.customProps != null) {
                            SecConfigTaskHelper.addCustomEntries(this.session, this.configService, this.configService.queryConfigObjects(this.session, trustAssociation, ConfigServiceHelper.createObjectName(attributeList), (QueryExp) null)[0], this.customProps, Constants.CONFIG_ID_TAI_PROPS);
                        }
                    }
                }
                if (z) {
                    AttributeList attributeList2 = new AttributeList();
                    attributeList2.add(new Attribute("interceptorClassName", this.interceptor));
                    ObjectName createConfigData = this.configService.createConfigData(this.session, trustAssociation, EjbDeploymentDescriptorXmlMapperI.INTERCEPTORS, (String) null, attributeList2);
                    if (this.customProps != null) {
                        SecConfigTaskHelper.addCustomEntries(this.session, this.configService, createConfigData, this.customProps, Constants.CONFIG_ID_TAI_PROPS);
                    }
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Added interceptor " + this.interceptor + ".");
                    }
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "configureTrustAssociationEntry");
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "configureTrustAssociationEntry");
            }
            throw th;
        }
    }

    public void setLTPATimeout() throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setLTPATimeout");
        }
        boolean z = false;
        AttributeList attributeList = new AttributeList();
        AttributeList authMechanism = (this.timeout == null || this.timeout.length() <= 0) ? getAuthMechanism("LTPA", false) : getAuthMechanism("LTPA", true);
        if (this.timeout != null && authMechanism != null && !authMechanism.isEmpty()) {
            ObjectName objectName = this.configService.queryConfigObjects(this.session, this.secObj, ConfigServiceHelper.createObjectName(authMechanism), (QueryExp) null)[0];
            if (this.secObj == this.globalSecObj) {
                z = true;
            }
            if (z && this.timeout.equals("")) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.timeout.SECJ7765E", new Object[]{5}));
            }
            if (this.timeout.equals("")) {
                attributeList.add(new Attribute("timeout", (Object) null));
            } else {
                try {
                    Long l = new Long(this.timeout);
                    if (l.longValue() < 5) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.timeout.SECJ7765E", new Object[]{5}));
                    }
                    attributeList.add(new Attribute("timeout", l));
                } catch (NumberFormatException e) {
                    throw new CommandValidationException(getMsg(resBundle, "security.admintask.timeout.SECJ7765E", new Object[]{5}));
                }
            }
            this.configService.setAttributes(this.session, objectName, attributeList);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setLTPATimeout");
        }
    }

    public String getLTPATimeout() throws Exception {
        Long l;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getLTPATimeout");
        }
        AttributeList authMechanism = getAuthMechanism();
        String str = "";
        if (!authMechanism.isEmpty() && (l = (Long) ConfigServiceHelper.getAttributeValue(authMechanism, "timeout")) != null && l.longValue() != 0) {
            str = l.toString();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getLTPATimeout");
        }
        return str;
    }

    private ObjectName createTrustAssociation(AttributeList attributeList) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createTrustAssociation");
        }
        ObjectName objectName = null;
        ObjectName[] queryConfigObjects = this.configService.queryConfigObjects(this.session, this.secObj, ConfigServiceHelper.createObjectName((ConfigDataId) null, "AuthMechanism"), (QueryExp) null);
        for (int i = 0; i < queryConfigObjects.length; i++) {
            objectName = queryConfigObjects[i];
            if (((String) ConfigServiceHelper.getAttributeValue(this.configService.getAttributes(this.session, objectName, (String[]) null, true), "_Websphere_Config_Data_Type")).equals("LTPA")) {
                break;
            }
        }
        ArrayList arrayList = (ArrayList) ConfigServiceHelper.getAttributeValue(this.configService.getAttributes(this.session, this.globalSecObj, new String[]{"authMechanisms"}, true), "authMechanisms");
        new AttributeList();
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            AttributeList attributeList2 = (AttributeList) it.next();
            String str = (String) ConfigServiceHelper.getAttributeValue(attributeList2, "_Websphere_Config_Data_Type");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Found auth mechanism of type " + str);
            }
            if (str.equals("LTPA")) {
                AttributeList attributeList3 = new AttributeList();
                AttributeList attributeList4 = (AttributeList) ConfigServiceHelper.getAttributeValue(attributeList2, "trustAssociation");
                attributeList4.iterator();
                Boolean bool = (Boolean) ConfigServiceHelper.getAttributeValue(attributeList4, "enabled");
                if (bool != null) {
                    attributeList3.add(new Attribute("enabled", bool));
                }
                ArrayList arrayList2 = (ArrayList) ConfigServiceHelper.getAttributeValue(attributeList4, EjbDeploymentDescriptorXmlMapperI.INTERCEPTORS);
                ObjectName createConfigData = this.configService.createConfigData(this.session, objectName, "trustAssociation", (String) null, attributeList3);
                AttributeList attributeList5 = new AttributeList();
                attributeList5.add(new Attribute(EjbDeploymentDescriptorXmlMapperI.INTERCEPTORS, arrayList2));
                this.configService.setAttributes(this.session, createConfigData, attributeList5);
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "createTrustAssociation");
                }
                return createConfigData;
            }
        }
        if (!tc.isEntryEnabled()) {
            return null;
        }
        Tr.exit(tc, "createTrustAssociation");
        return null;
    }

    protected void afterStepsExecuted() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "afterStepsExecuted");
        }
        super.afterStepsExecuted();
        TaskCommandResultImpl taskCommandResult = getTaskCommandResult();
        if (!taskCommandResult.isSuccessful()) {
            if (tc.isDebugEnabled()) {
                Tr.exit(tc, "afterStepsExecuted");
                return;
            }
            return;
        }
        String name = getName();
        try {
            try {
                this.configService = getConfigService();
                this.session = getConfigSession();
                try {
                    this.secDomain = (String) getParameter("securityDomainName");
                } catch (InvalidParameterNameException e) {
                }
                try {
                    this.enable = (Boolean) getParameter("enable");
                } catch (InvalidParameterNameException e2) {
                }
                try {
                    this.interceptor = (String) getParameter("interceptor");
                } catch (InvalidParameterNameException e3) {
                }
                try {
                    this.customProps = (String) getParameter(CommonConstants.CUSTOM_PROPERTIES);
                } catch (InvalidParameterNameException e4) {
                }
                try {
                    this.requiresSSL = (Boolean) getParameter(SingleSignonConfig.REQUIRES_SSL);
                } catch (InvalidParameterNameException e5) {
                }
                try {
                    this.domainName = (String) getParameter(SingleSignonConfig.DOMAIN_NAME);
                } catch (InvalidParameterNameException e6) {
                }
                try {
                    this.interoperable = (Boolean) getParameter("interoperable");
                } catch (InvalidParameterNameException e7) {
                }
                try {
                    this.attributePropagation = (Boolean) getParameter("attributePropagation");
                } catch (InvalidParameterNameException e8) {
                }
                try {
                    this.timeout = (String) getParameter("timeout");
                } catch (InvalidParameterNameException e9) {
                }
                this.globalSecObj = SecConfigTaskHelper.getSecurityObjectName(this.session, this.configService);
                if (this.secDomain == null) {
                    this.secObj = this.globalSecObj;
                } else {
                    if ((name.equals("configureTrustAssociation") || name.equals("unconfigureInterceptor") || name.equals("configureInterceptor") || name.equals("unconfigureTrustAssociation") || name.equals("setLTPATimeout")) && this.secDomain.equals(CommonConstants.GLOBALSECURITY_DOMAIN)) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.unableToRunCommand.SECJ7810E", new Object[]{name, this.secDomain}));
                    }
                    this.secObj = SecConfigTaskHelper.getSecDomain(this.session, this.configService, this.secDomain);
                    if (this.secObj == null) {
                        throw new CommandValidationException(getMsg(resBundle, "security.admintask.config.does.not.exist.SECJ7702E", new Object[]{this.secDomain}));
                    }
                }
                if (name.equals("configureTrustAssociation")) {
                    configureTrustAssociation();
                }
                if (name.equals("unconfigureInterceptor")) {
                    unconfigureInterceptor();
                }
                if (name.equals("configureInterceptor")) {
                    configureInterceptor();
                }
                if (name.equals("listInterceptors")) {
                    taskCommandResult.setResult(listInterceptors());
                }
                if (name.equals("getTrustAssociationInfo")) {
                    taskCommandResult.setResult(getTrustAssociationInfo());
                }
                if (name.equals("unconfigureTrustAssociation")) {
                    unconfigureTrustAssociation();
                }
                if (name.equals("configureSingleSignon")) {
                    configureSingleSignon();
                }
                if (name.equals("getSingleSignon")) {
                    taskCommandResult.setResult(getSingleSignonTask());
                }
                if (name.equals("setLTPATimeout")) {
                    setLTPATimeout();
                }
                if (name.equals("getLTPATimeout")) {
                    taskCommandResult.setResult(getLTPATimeout());
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "afterStepsExecuted");
                }
            } catch (Throwable th) {
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "afterStepsExecuted");
                }
                throw th;
            }
        } catch (Exception e10) {
            FFDCFilter.processException(e10, "com.ibm.ws.security.commands.securityDomain.ConfigureLTPAAuthMechanism", "206");
            Tr.debug(tc, "exception caught", e10);
            taskCommandResult.setException(new CommandValidationException(e10, e10.getMessage()));
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "afterStepsExecuted");
            }
        }
    }
}
