package com.ibm.ws.security.config;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ras.RASFormatter;
import com.ibm.websphere.management.AdminContext;
import com.ibm.websphere.models.config.security.SecurityPackage;
import com.ibm.websphere.security.CustomRegistryException;
import com.ibm.websphere.security.UserRegistry;
import com.ibm.ws.bootstrap.ExtClassLoader;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.ws.security.core.SecurityContext;
import com.ibm.ws.security.jaspi.commands.AdminConstants;
import com.ibm.ws.security.util.ConfigUtils;
import com.ibm.ws.security.util.Constants;
import com.ibm.ws.util.PlatformHelper;
import com.ibm.ws.util.PlatformHelperFactory;
import java.net.InetAddress;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.LinkedList;
import java.util.List;
import java.util.Properties;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.rmi.PortableRemoteObject;
import org.apache.commons.httpclient.cookie.CookiePolicy;

/* loaded from: input_file:wasJars/securityconfigimpl.jar:com/ibm/ws/security/config/UserRegistryConfigImpl.class */
public class UserRegistryConfigImpl extends GenericConfigHelperImpl implements UserRegistryConfig {
    private static final String SEARCH_FILTER = "searchFilter";
    private static final String HOSTS = "hosts";
    private static TraceComponent tc = Tr.register((Class<?>) UserRegistryConfigImpl.class, "SecurityConfig", AdminConstants.MSG_BUNDLE_NAME);
    private String realm = null;
    private boolean firstTimeRealm = true;
    private SearchFilterConfig sfc = null;
    private List<HostConfig> hosts = null;
    private Properties props = null;
    private String type = null;
    private UserRegistry registryStub = null;
    private boolean registryStubInitialized = false;
    private UserRegistry registryImpl = null;
    private boolean registryImplInitialized = false;

    private void commonConstructor(SecurityConfigObject securityConfigObject, GenericConfigHelperImpl genericConfigHelperImpl, String str) {
        super.initialize(securityConfigObject, genericConfigHelperImpl, str);
        initialize_defaults();
        addXMLAttributes();
    }

    UserRegistryConfigImpl() {
        commonConstructor(null, null, "UnitTestConstructor");
    }

    public UserRegistryConfigImpl(SecurityConfigObject securityConfigObject, GenericConfigHelperImpl genericConfigHelperImpl, String str) {
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "ctor " + str, new Object[]{securityConfigObject, genericConfigHelperImpl});
        }
        commonConstructor(securityConfigObject, genericConfigHelperImpl, str);
        initialization();
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "ctor " + this.cacheKey, this);
        }
    }

    private void initialize_defaults() {
        this.defaults.put(UserRegistryConfig.SERVER_ID, null);
        this.defaults.put(UserRegistryConfig.SERVER_PASSWORD, null);
        this.defaults.put("realm", null);
        this.defaults.put("useRegistryServerId", Boolean.FALSE);
        this.defaults.put(UserRegistryConfig.PRIMARY_ADMIN_ID, null);
        this.defaults.put("registryClassName", null);
        this.defaults.put(UserRegistryConfig.CUSTOM_REGISTRY_CLASS_NAME, null);
        this.defaults.put("ignoreCase", Boolean.FALSE);
        this.defaults.put("type", "IBM_DIRECTORY_SERVER");
        this.defaults.put("sslEnabled", Boolean.FALSE);
        this.defaults.put("sslConfig", null);
        this.defaults.put(UserRegistryConfig.BASE_DN, null);
        this.defaults.put(UserRegistryConfig.BIND_DN, null);
        this.defaults.put(UserRegistryConfig.BIND_PASSWORD, null);
        this.defaults.put(UserRegistryConfig.SEARCH_TIMEOUT, 0L);
        this.defaults.put(UserRegistryConfig.REUSE_CONNECTION, Boolean.FALSE);
        this.defaults.put("com.ibm.websphere.security.registry.UseTAM", Boolean.FALSE);
    }

    private void addXMLAttributes() {
        this.xmlAttributes.add(UserRegistryConfig.SERVER_ID);
        this.xmlAttributes.add(UserRegistryConfig.SERVER_PASSWORD);
        this.xmlAttributes.add("realm");
        this.xmlAttributes.add("useRegistryServerId");
        this.xmlAttributes.add(UserRegistryConfig.PRIMARY_ADMIN_ID);
        this.xmlAttributes.add("ignoreCase");
        this.xmlAttributes.add("registryClassName");
        this.xmlAttributes.add(UserRegistryConfig.CUSTOM_REGISTRY_CLASS_NAME);
        this.xmlAttributes.add("type");
        this.xmlAttributes.add("sslEnabled");
        this.xmlAttributes.add("sslConfig");
        this.xmlAttributes.add(UserRegistryConfig.BASE_DN);
        this.xmlAttributes.add(UserRegistryConfig.BIND_DN);
        this.xmlAttributes.add(UserRegistryConfig.BIND_PASSWORD);
        this.xmlAttributes.add(UserRegistryConfig.SEARCH_TIMEOUT);
        this.xmlAttributes.add(UserRegistryConfig.REUSE_CONNECTION);
    }

    private void initialization() {
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "initialization " + this.cacheKey);
        }
        if (this.sco.isDomainConfig() && !SecurityObjectLocator.getSecurityConfigManager().isAdminAgent()) {
            setBoolean("useRegistryServerId", SecurityObjectLocator.getSecurityConfig("security").getActiveUserRegistry().getBoolean("useRegistryServerId"));
        }
        String property = getProperty("com.ibm.websphere.security.registry.UseTAM");
        if (property != null) {
            setBoolean("com.ibm.websphere.security.registry.UseTAM", Boolean.valueOf(property));
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Using Tivoli Access Manager");
            }
        }
        if (getType().equals("LOCALOS") && PlatformHelperFactory.getPlatformHelper().isZOS()) {
            String string = getString(UserRegistryConfig.SERVER_ID);
            String decodedString = getDecodedString(UserRegistryConfig.SERVER_PASSWORD);
            String str = (string == null || string.length() == 0) ? null : string;
            String str2 = (decodedString == null || decodedString.length() == 0) ? null : decodedString;
            if (str == null || str2 == null || !getBoolean("useRegistryServerId")) {
                setString(UserRegistryConfig.SERVER_ID, System.getProperty("user.name"));
                setString(UserRegistryConfig.SERVER_PASSWORD, "");
            }
        }
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "initialization " + this.cacheKey);
        }
    }

    @Override // com.ibm.ws.security.config.UserRegistryConfig
    public String getType() {
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "getType " + this.cacheKey);
        }
        if (this.type != null) {
            if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
                Tr.exit(tc, "getType " + this.cacheKey, this.type);
            }
            return this.type;
        }
        if (this.sco.instanceOf(SecurityPackage.eNS_URI, "LDAPUserRegistry")) {
            this.type = "LDAP";
        } else if (this.sco.instanceOf(SecurityPackage.eNS_URI, "LocalOSUserRegistry")) {
            this.type = "LOCALOS";
        } else if (this.sco.instanceOf(SecurityPackage.eNS_URI, "CustomUserRegistry")) {
            this.type = "CUSTOM";
        } else if (this.sco.instanceOf(SecurityPackage.eNS_URI, "WIMUserRegistry")) {
            this.type = "WIMUserRegistry";
        } else {
            Tr.error(tc, "Unable to determine the correct type for this authMechanism");
        }
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "getType " + this.cacheKey, this.type);
        }
        return this.type;
    }

    private String buildLDAPURL(String str, String str2, Integer num, Properties properties) {
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "buildLDAPURL " + this.cacheKey, new Object[]{str, str2, num, properties});
        }
        String str3 = null;
        if (num != null && num.intValue() > 0) {
            str3 = num.toString();
        }
        if (str2 != null && !str2.equals("")) {
            properties.put("com.ibm.ssl.remoteHost", str2);
        }
        if (str3 != null && !str3.equals("")) {
            properties.put("com.ibm.ssl.remotePort", str3);
        }
        StringBuffer stringBuffer = new StringBuffer();
        if (str2 != null && str2.startsWith("ldap://")) {
            str2 = str2.substring("ldap://".length());
        }
        if (ConfigUtils.isIPv6Addr(str2)) {
            str2 = ConfigUtils.formatIPv6Addr(str2);
        }
        stringBuffer.append("ldap://").append(str2);
        if (str3 != null && str3.length() > 0) {
            stringBuffer.append(":" + str3);
        }
        boolean z = false;
        String str4 = (String) properties.get("com.ibm.websphere.security.registry.ldap.singleLDAP");
        if (str4 != null && str4.equalsIgnoreCase("true")) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "com.ibm.websphere.security.registry.ldap.singleLDAP property is set to true");
            }
            z = true;
        }
        if (!z && str2 != null && str2.length() > 0) {
            try {
                InetAddress[] allByName = InetAddress.getAllByName(str2);
                if (allByName != null && allByName.length > 1) {
                    StringBuffer stringBuffer2 = new StringBuffer(str2);
                    stringBuffer2.append(" has multiple IP addresses of ");
                    for (InetAddress inetAddress : allByName) {
                        String hostAddress = inetAddress.getHostAddress();
                        if (ConfigUtils.isIPv6Addr(hostAddress)) {
                            hostAddress = ConfigUtils.formatIPv6Addr(hostAddress);
                        }
                        stringBuffer2.append(RASFormatter.DEFAULT_SEPARATOR).append(hostAddress).append(",");
                        stringBuffer.append(" ldap://").append(hostAddress);
                        if (str3 != null && str3.length() > 0) {
                            stringBuffer.append(":" + str3);
                        }
                    }
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, stringBuffer2.toString());
                    }
                }
            } catch (Exception e) {
                if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Could not resolve IP address(es) of LDAP host name: " + str2);
                }
            }
        }
        if (stringBuffer != null && stringBuffer.length() > 0) {
            if (str == "") {
                str = stringBuffer.toString();
            } else {
                String stringBuffer3 = stringBuffer.toString();
                if (str.indexOf(stringBuffer3) == -1) {
                    str = str + RASFormatter.DEFAULT_SEPARATOR + stringBuffer3;
                }
            }
        }
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "buildLDAPURL " + this.cacheKey, str);
        }
        return str;
    }

    private Properties setupLDAPProperties() {
        String string;
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "setupLDAPProperties " + this.cacheKey);
        }
        this.props = this.sco.getProperties();
        if (this.props == null) {
            this.props = new Properties();
        }
        String unexpandedString = getUnexpandedString(UserRegistryConfig.SERVER_ID);
        try {
            unexpandedString = ConfigUtils.expandHost((SecurityConfig) this.parent, unexpandedString, null);
        } catch (Exception e) {
        }
        if (unexpandedString == null || unexpandedString.length() <= 0) {
            this.props.put("LDAP.server.id", "");
        } else {
            this.props.put("LDAP.server.id", ConfigUtils.variableMapExpand(unexpandedString));
        }
        String str = null;
        String decodedString = getDecodedString(UserRegistryConfig.SERVER_PASSWORD);
        if (decodedString != null && decodedString.length() > 0) {
            try {
                str = new String(decodedString.getBytes("UTF-8"), "UTF-8");
            } catch (Exception e2) {
            }
        }
        if (str != null) {
            this.props.put("LDAP.server.pwd", ConfigUtils.variableMapExpand(str));
        } else {
            this.props.put("LDAP.server.pwd", "");
        }
        String string2 = getString("realm");
        if (string2 == null || string2.length() <= 0) {
            this.props.put("LDAP.server.realm", "");
        } else {
            this.props.put("LDAP.server.realm", ConfigUtils.variableMapExpand(string2));
        }
        SearchFilterConfig searchFilter = getSearchFilter();
        if (searchFilter != null) {
            String type = ((SecurityConfig) this.parent).getActiveAuthMechanism(true).getType();
            String string3 = searchFilter.getString(SearchFilterConfig.USER_FILTER);
            String string4 = searchFilter.getString("krbUserFilter");
            if (!type.equalsIgnoreCase(AuthMechanismConfig.TYPE_KERBEROS) || string4 == null || string4.length() == 0) {
                if (string3 != null && string3.length() != 0) {
                    this.props.put("user.filter", string3);
                }
            } else if (string3 == null || string3.length() == 0) {
                this.props.put("user.filter", string4);
            } else {
                this.props.put("user.filter", "(|" + string4 + string3 + ")");
            }
            if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                Tr.debug(tc, "userFilter: " + this.props.get("user.filter"));
            }
            String string5 = searchFilter.getString(SearchFilterConfig.GROUP_FILTER);
            if (string5 != null) {
                this.props.put("group.filter", string5);
            }
            String string6 = searchFilter.getString(SearchFilterConfig.GROUP_ID_MAP);
            if (string6 != null) {
                this.props.put("group.idmap", string6);
            }
            String string7 = searchFilter.getString(SearchFilterConfig.USER_ID_MAP);
            if (string7 != null) {
                this.props.put("user.idmap", string7);
            }
            String string8 = searchFilter.getString(SearchFilterConfig.GROUP_MEMBER_ID_MAP);
            if (string8 != null) {
                this.props.put("groupmember.idmap", string8);
            }
            this.props.put(CommonConstants.LDAP_SEARCH_TIME_LIMIT, String.valueOf(getLong(UserRegistryConfig.SEARCH_TIMEOUT)));
            this.props.put(CommonConstants.LDAP_REUSE_CONN, String.valueOf(getBoolean(UserRegistryConfig.REUSE_CONNECTION)));
            String unexpandedString2 = searchFilter.getUnexpandedString(SearchFilterConfig.CERTIFICATE_FILTER);
            String string9 = searchFilter.getString(SearchFilterConfig.CERTIFICATE_MAP_MODE);
            if (string9.equals("EXACT_DN")) {
                this.props.put("certificate.map.mode", "exactDNMode");
                this.props.put("certificate.map.filter", "");
            } else if (string9.equals("CERTIFICATE_FILTER")) {
                this.props.put("certificate.map.mode", "filterDescriptorMode");
                if (unexpandedString2 != null) {
                    this.props.put("certificate.map.filter", unexpandedString2);
                }
            }
        }
        String str2 = "";
        List<HostConfig> hosts = getHosts();
        if (hosts != null && hosts.size() > 0) {
            for (int i = 0; i < hosts.size(); i++) {
                HostConfig hostConfig = hosts.get(i);
                str2 = buildLDAPURL(str2, ConfigUtils.variableMapExpand(hostConfig.getString("host")), Integer.valueOf(hostConfig.getInteger("port")), this.props);
            }
            this.props.put("java.naming.provider.url", str2);
        }
        String string10 = getString(UserRegistryConfig.BASE_DN);
        if (string10 != null && string10.length() > 0) {
            this.props.put("ldap.basedn", ConfigUtils.variableMapExpand(string10));
        }
        String string11 = getString(UserRegistryConfig.BIND_DN);
        if (string11 != null && string11.length() > 0) {
            this.props.put("java.naming.security.principal", ConfigUtils.variableMapExpand(string11));
        }
        String decodedString2 = getDecodedString(UserRegistryConfig.BIND_PASSWORD);
        String str3 = null;
        if (decodedString2 != null && decodedString2.length() > 0) {
            try {
                str3 = new String(decodedString2.getBytes("UTF-8"), "UTF-8");
            } catch (Exception e3) {
            }
        }
        if (str3 != null && str3.length() > 0) {
            this.props.put("java.naming.security.credentials", ConfigUtils.variableMapExpand(str3));
        }
        String string12 = getString("type");
        if (string12 != null) {
            if (string12.equals("IBM_DIRECTORY_SERVER")) {
                this.props.put("dirType", "ibm_dir_server");
            } else if (string12.equals("IPLANET")) {
                this.props.put("dirType", "iplanet");
            } else if (string12.equals("NETSCAPE")) {
                this.props.put("dirType", CookiePolicy.NETSCAPE);
            } else if (string12.equals("DOMINO502")) {
                this.props.put("dirType", "domino50");
            } else if (string12.equals("SECUREWAY")) {
                this.props.put("dirType", "secureway");
            } else if (string12.equals("ACTIVE_DIRECTORY")) {
                this.props.put("dirType", "actived");
            } else if (string12.equals("NDS")) {
                this.props.put("dirType", "edirectory");
            } else if (string12.equals("CUSTOM")) {
                this.props.put("dirType", "custom");
            }
        }
        Boolean valueOf = Boolean.valueOf(getBoolean("sslEnabled"));
        this.props.put("sslEnabled", valueOf);
        if (valueOf.booleanValue() && (string = getString("sslConfig")) != null) {
            this.props.put(CommonConstants.LDAP_SSL_ALIAS, string);
        }
        this.props.put("CustUserRegImplClass", CommonConstants.LDAP_REG_IMPL_CLASS);
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "setupLDAPProperties " + this.cacheKey, this.props);
        }
        return this.props;
    }

    private synchronized void do_getProperties() {
        if (this.props == null) {
            if (getType() == "LDAP") {
                this.props = setupLDAPProperties();
            } else if (getType() == "WIMUserRegistry") {
                this.props = this.sco.getProperties();
                String string = getString("registryClassName");
                if (string != null) {
                    if (this.props == null) {
                        this.props = new Properties();
                    }
                    this.props.put("CustUserRegImplClass", string);
                }
            } else if (getType() == "CUSTOM") {
                this.props = this.sco.getProperties();
                String string2 = getString(UserRegistryConfig.CUSTOM_REGISTRY_CLASS_NAME);
                if (string2 != null) {
                    if (this.props == null) {
                        this.props = new Properties();
                    }
                    this.props.put("CustUserRegImplClass", string2);
                }
            } else {
                this.props = this.sco.getProperties();
            }
            if (this.props == null) {
                this.props = new Properties();
            }
            if (getSCO().isDomainConfig()) {
                setUseRegistryForDomain(super.getString("realm"), this.props);
                return;
            }
            this.props.put("WAS_UseRegistryRealm", "true");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Set WAS_USEREGISTRYREALM to true for global.");
            }
        }
    }

    protected void setUseRegistryForDomain(String str, Properties properties) {
        Boolean valueOf = Boolean.valueOf(getBoolean(CommonConstants.USE_REGISTRY_REALM));
        if (valueOf != null && str != null) {
            properties.put("WAS_UseRegistryRealm", valueOf.toString());
            properties.put("WAS_Realm", str);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Set WAS_USEREGISTRYREALM to " + valueOf + " and WAS_REALM to " + str + " for the domain");
        }
    }

    @Override // com.ibm.ws.security.config.UserRegistryConfig
    public Properties getProperties() {
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "getProperties " + this.cacheKey);
        }
        if (this.props == null) {
            do_getProperties();
        }
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "getProperties " + this.cacheKey, this.props);
        }
        return this.props;
    }

    @Override // com.ibm.ws.security.config.UserRegistryConfig
    public String getProperty(String str) {
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "getProperty " + str + RASFormatter.DEFAULT_SEPARATOR + this.cacheKey);
        }
        String str2 = null;
        if (this.props == null) {
            getProperties();
        }
        if (this.props != null) {
            str2 = this.props.getProperty(str);
        }
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "getProperty " + this.cacheKey, str2);
        }
        return str2;
    }

    private synchronized void do_getSearchFilter() {
        if (this.sfc == null) {
            this.sfc = new SearchFilterConfigImpl(this.sco.getObject(SEARCH_FILTER), this, this.cacheKey);
        }
    }

    public SearchFilterConfig getSearchFilter() {
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "getSearchFilter " + this.cacheKey);
        }
        if (this.sfc == null) {
            do_getSearchFilter();
        }
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "getSearchFilter " + this.cacheKey, this.sfc);
        }
        return this.sfc;
    }

    private synchronized void do_getHosts() {
        if (this.hosts == null) {
            SecurityConfigObjectList objectList = this.sco.getObjectList(HOSTS);
            int size = objectList.size();
            this.hosts = new LinkedList();
            for (int i = 0; i < size; i++) {
                this.hosts.add(new HostConfigImpl(objectList.get(i), this, this.cacheKey));
            }
        }
    }

    public List<HostConfig> getHosts() {
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "getHosts " + this.cacheKey);
        }
        if (this.hosts == null) {
            do_getHosts();
        }
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "getHosts " + this.cacheKey, this.hosts);
        }
        return this.hosts;
    }

    @Override // com.ibm.ws.security.config.UserRegistryConfig
    public String getPrincipalName() {
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "getPrincipalName " + this.cacheKey);
        }
        String string = getString("realm");
        String string2 = getString(UserRegistryConfig.SERVER_ID);
        if ((string == null || string2 == null) && tc.isDebugEnabled()) {
            Tr.debug(tc, "realmName or loginUserId is NULL, realmName=" + string + " loginUserId=" + string2);
        }
        if (string2 == null) {
            string2 = "";
        }
        String str = string + "/" + string2;
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "getPrincipalName " + this.cacheKey, str);
        }
        return str;
    }

    @Override // com.ibm.ws.security.config.UserRegistryConfig
    public Object getUserRegistryStub() {
        Object obj;
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "getUserRegistryStub " + this.cacheKey);
        }
        PlatformHelper platformHelper = PlatformHelperFactory.getPlatformHelper();
        if (platformHelper.isZOS() && platformHelper.isServantJvm()) {
            if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                Tr.debug(tc, "getUserRegistryStub in zOS servant, returning impl");
            }
            obj = getUserRegistryImpl();
        } else {
            if (!this.registryStubInitialized) {
                createRegistryObjects();
            }
            obj = this.registryStub;
        }
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "getUserRegistryStub " + this.cacheKey, obj);
        }
        return obj;
    }

    @Override // com.ibm.ws.security.config.UserRegistryConfig
    public Object getUserRegistryImpl() {
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "getUserRegistryImpl " + this.cacheKey);
        }
        if (!this.registryImplInitialized) {
            createRegistryObjects();
        }
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "getUserRegistryImpl " + this.cacheKey, this.registryImpl);
        }
        return this.registryImpl;
    }

    private synchronized void createRegistryObjects() {
        if (this.registryImplInitialized) {
            return;
        }
        try {
            do_createRegistryObjects();
        } catch (Exception e) {
            if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                Tr.debug(tc, "getUserRegistryImpl unexpected exception calling createRegistryObjects", e);
            }
        }
    }

    /* JADX WARN: Finally extract failed */
    private void do_createRegistryObjects() throws CustomRegistryException, NamingException, Exception {
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "createRegistryObjects " + this.cacheKey);
        }
        String property = ((SecurityConfig) this.parent).getProperty("WAS_UseRemoteRegistry");
        if (property != null && (property.equalsIgnoreCase("node") || property.equalsIgnoreCase("cell"))) {
            if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
                Tr.exit(tc, "createRegistryObjects (remote)");
                return;
            }
            return;
        }
        if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
            Tr.debug(tc, "createRegistryObjects creating user registry");
        }
        Properties expandProps = ConfigUtils.expandProps(getProperties());
        expandProps.put("com.ibm.ws.security.userregistry.initialization", "startup");
        boolean z = false;
        try {
            try {
                try {
                    if (getSCO().isDomainConfig()) {
                        z = SecurityObjectLocator.pushAppContext("");
                        expandProps.put("security.domain.type", "admin_and_app");
                    } else {
                        expandProps.put("security.domain.type", "administration");
                    }
                    this.registryImpl = (UserRegistry) Class.forName("com.ibm.ws.security.auth.ContextManagerImpl").getMethod("getNewRegistryImpl", (Class[]) null).invoke((Class[]) null, (Object[]) null);
                    if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                        Tr.debug(tc, "createRegistryObjects got registryImpl", this.registryImpl);
                    }
                    this.registryImpl.initialize(expandProps);
                    this.registryImplInitialized = true;
                    if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                        Tr.debug(tc, "createRegistryObjects initialized registry for realm: " + this.registryImpl.getRealm());
                    }
                    if (z) {
                        SecurityObjectLocator.popContext();
                    }
                    String str = null;
                    if (getSCO().isDomainConfig()) {
                        PlatformHelper platformHelper = PlatformHelperFactory.getPlatformHelper();
                        AdminData adminData = SecurityObjectLocator.getAdminData();
                        if (adminData != null) {
                            str = adminData.getServerType();
                        }
                        if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                            Tr.debug(tc, "Server type: " + str);
                        }
                        if ((platformHelper.isZOS() && platformHelper.isServantJvm()) || "SECUREPROXY".equals(str)) {
                            if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
                                Tr.exit(tc, "createRegistryObjects in SR or proxy server, Using Local version of userRegistryImpl");
                                return;
                            }
                            return;
                        }
                        if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                            Tr.debug(tc, "createRegistryObjects not in the  SR or proxy server, getting the InitialContext ");
                        }
                        try {
                            final InitialContext initialContext = new InitialContext();
                            if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                                Tr.debug(tc, "createRegistryObjects have the InitialContext, now rebind");
                            }
                            try {
                                String peek = AdminContext.peek();
                                String str2 = peek != null ? "UserRegistry-" + peek : Constants.USER_REGISTRY;
                                final String str3 = str2;
                                try {
                                    SecurityContext.runAsSystem(new PrivilegedExceptionAction<Object>() { // from class: com.ibm.ws.security.config.UserRegistryConfigImpl.1
                                        @Override // java.security.PrivilegedExceptionAction
                                        public Object run() throws Exception {
                                            initialContext.rebind(str3, UserRegistryConfigImpl.this.registryImpl);
                                            return null;
                                        }
                                    });
                                    if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                                        Tr.debug(tc, "createRegistryObjects bound registry " + this.registryImpl + " to name " + str2);
                                    }
                                    try {
                                        this.registryStub = (UserRegistry) PortableRemoteObject.narrow(initialContext.lookup(str2), UserRegistry.class);
                                        this.registryStubInitialized = true;
                                        if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                                            Tr.debug(tc, "createRegistryObjects narrow returned stub " + this.registryStub);
                                        }
                                    } catch (Exception e) {
                                        FFDCFilter.processException(e, "com.ibm.ws.security.server.SecurityServerImpl.getUserRegistry", "793", this);
                                        if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                                            Tr.debug(tc, "createRegistryObjects exception looking up or narrowing registry");
                                        }
                                        Tr.error(tc, "security.secsrv.find.registry", new Object[]{e});
                                        throw e;
                                    }
                                } catch (PrivilegedActionException e2) {
                                    Exception exception = e2.getException();
                                    FFDCFilter.processException(exception, "com.ibm.ws.security.server.SecurityServerImpl.getUserRegistry", "732", this);
                                    throw exception;
                                }
                            } catch (NamingException e3) {
                                FFDCFilter.processException((Throwable) e3, "com.ibm.ws.security.server.SecurityServerImpl.getUserRegistry", "773", (Object) this);
                                if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                                    Tr.debug(tc, "createRegistryObjects Error binding User Registry");
                                }
                                Tr.error(tc, "security.secsrv.bind.registry", new Object[]{e3});
                                throw e3;
                            }
                        } catch (NamingException e4) {
                            FFDCFilter.processException((Throwable) e4, "com.ibm.ws.security.server.SecurityServerImpl.getUserRegistry", "751", (Object) this);
                            if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                                Tr.debug(tc, "createRegistryObjects Failed to get initial Naming Context");
                            }
                            Tr.error(tc, "security.secsrv.get.initCtx", new Object[]{e4});
                            throw e4;
                        }
                    }
                    if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
                        Tr.exit(tc, "createRegistryObjects" + this.cacheKey);
                    }
                } catch (CustomRegistryException e5) {
                    FFDCFilter.processException(e5, "com.ibm.ws.security.server.SecurityServerImpl.getUserRegistry", "709", this);
                    if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                        Tr.debug(tc, "createRegistryObjects error creating User Registry");
                    }
                    Tr.error(tc, "security.secsrv.create.registry", new Object[]{e5});
                    throw e5;
                }
            } catch (Exception e6) {
                FFDCFilter.processException(e6, "com.ibm.ws.security.server.SecurityServerImpl.getUserRegistry", "719", this);
                if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                    Tr.debug(tc, "createRegistryObjects error creating User Registry");
                }
                Tr.error(tc, "security.secsrv.create.registry", new Object[]{e6});
                throw e6;
            }
        } catch (Throwable th) {
            if (z) {
                SecurityObjectLocator.popContext();
            }
            throw th;
        }
    }

    @Override // com.ibm.ws.security.config.GenericConfigHelperImpl, com.ibm.ws.security.config.GenericConfigHelper
    public String getString(String str) {
        String str2;
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "getString() key=" + str + RASFormatter.DEFAULT_SEPARATOR + this.cacheKey);
        }
        if (str == "realm" || str.equals("realm")) {
            if (SecurityConfigGlobals.enableVerbose && tc.isDebugEnabled()) {
                Tr.debug(tc, "key == UserRegistryConfig.REALM");
            }
            if (this.realm == null || this.realm.equals("")) {
                String string = super.getString(str);
                this.realm = string;
                str2 = string;
                if (this.realm == null || this.realm.length() == 0) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "getString() realm null in config, getting from registry", this.registryImpl);
                    }
                    if (this.firstTimeRealm) {
                        this.firstTimeRealm = false;
                        str2 = super.getString(str);
                    } else {
                        try {
                            if (this.registryImpl == null) {
                                str2 = getRealm();
                                if (str2 != null) {
                                    this.realm = str2;
                                    setString("realm", str2);
                                } else {
                                    str2 = "DEFAULT";
                                }
                            } else {
                                String realm = ((UserRegistry) getUserRegistryImpl()).getRealm();
                                this.realm = realm;
                                str2 = realm;
                                setString("realm", str2);
                            }
                        } catch (Exception e) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "getString() unexpected exception getting realm from registry", e);
                            }
                        }
                    }
                }
            } else {
                str2 = this.realm;
            }
        } else {
            str2 = super.getString(str);
        }
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "getString() key=" + str + RASFormatter.DEFAULT_SEPARATOR + this.cacheKey, str2);
        }
        return str2;
    }

    @Override // com.ibm.ws.security.config.UserRegistryConfig
    public String getRealmFromConfig() {
        String string = super.getString("realm");
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "getRealmFromConfig", string);
        }
        return string;
    }

    @Override // com.ibm.ws.security.config.UserRegistryConfig
    public void setUserRegistryStub(Object obj) {
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "setUserRegistryStub " + this.registryStub + RASFormatter.DEFAULT_SEPARATOR + this.cacheKey);
        }
        this.registryStub = (UserRegistry) obj;
    }

    protected String getRealm() {
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.entry(tc, "getRealm " + this.cacheKey);
        }
        String str = null;
        try {
            String property = getProperty("CustUserRegImplClass");
            if (property != null && !property.equals("")) {
                Object newInstance = Class.forName(property, true, ExtClassLoader.getInstance()).newInstance();
                if (newInstance instanceof UserRegistry) {
                    str = ((UserRegistry) newInstance).getRealm();
                }
            }
        } catch (Throwable th) {
        }
        if (SecurityConfigGlobals.enableVerbose && tc.isEntryEnabled()) {
            Tr.exit(tc, "getRealm " + this.cacheKey, str);
        }
        return str;
    }
}
