package com.ibm.ws.security.wim.adapter.ldap;

import com.ibm.as400.access.IFSFile;
import com.ibm.websphere.crypto.PasswordUtil;
import com.ibm.websphere.ras.ProtectedString;
import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.Trivial;
import com.ibm.websphere.security.wim.ConfigConstants;
import com.ibm.websphere.security.wim.ras.WIMMessageHelper;
import com.ibm.websphere.security.wim.ras.WIMMessageKey;
import com.ibm.websphere.security.wim.ras.WIMTraceHelper;
import com.ibm.websphere.ssl.Constants;
import com.ibm.ws.config.xml.internal.nester.Nester;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.wim.FactoryManager;
import com.ibm.ws.security.wim.env.ICacheUtil;
import com.ibm.ws.security.wim.env.IEncryptionUtil;
import com.ibm.ws.ssl.internal.LibertyConstants;
import com.ibm.wsspi.kernel.service.utils.SerializableProtectedString;
import com.ibm.wsspi.security.wim.exception.EntityAlreadyExistsException;
import com.ibm.wsspi.security.wim.exception.EntityHasDescendantsException;
import com.ibm.wsspi.security.wim.exception.EntityNotFoundException;
import com.ibm.wsspi.security.wim.exception.InvalidInitPropertyException;
import com.ibm.wsspi.security.wim.exception.MissingInitPropertyException;
import com.ibm.wsspi.security.wim.exception.OperationNotSupportedException;
import com.ibm.wsspi.security.wim.exception.WIMApplicationException;
import com.ibm.wsspi.security.wim.exception.WIMException;
import com.ibm.wsspi.security.wim.exception.WIMSystemException;
import com.ibm.wsspi.security.wim.model.IdentifierType;
import java.io.IOException;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.Vector;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.concurrent.atomic.AtomicLong;
import javax.naming.CommunicationException;
import javax.naming.ContextNotEmptyException;
import javax.naming.Name;
import javax.naming.NameAlreadyBoundException;
import javax.naming.NameNotFoundException;
import javax.naming.NameParser;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.ServiceUnavailableException;
import javax.naming.SizeLimitExceededException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.LdapContext;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.PagedResultsControl;
import javax.naming.ldap.PagedResultsResponseControl;
import org.eclipse.jdt.internal.compiler.ClassFile;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:wlp/lib/com.ibm.ws.security.wim.adapter.ldap_1.0.14.jar:com/ibm/ws/security/wim/adapter/ldap/LdapConnection.class */
public class LdapConnection {
    private static final String SERVER2 = "server";
    private static final String FAILOVER_SERVERS = "failoverServers";
    private static final String KEY_ID = "config.id";
    public static final String JNDI_CALL = "JNDI_CALL ";
    private LdapConfigManager iLdapConfigMgr;
    private int iAttrRangeStep;
    private static final String ATTR_RANGE_KEYWORD = ";range=";
    private static final String ATTR_RANGE_QUERY = ";range={0}-{1}";
    private static final String ATTR_RANGE_LAST_QUERY = ";range={0}-*";
    private static final int URLTYPE_SINGLE = 0;
    private static final int URLTYPE_SEQUENCE = 1;
    private static final String ENVKEY_ACTIVE_URL = "_ACTIVE_URL_";
    private static final String ENVKEY_URL_LIST = "_URL_LIST_";
    private static final String LDAP_DN = "distinguishedName";
    public static final String WAS_SSL_SOCKET_FACTORY = "com.ibm.ws.security.wim.adapter.ldap.SSLSocketFactory";
    static final long serialVersionUID = -8957611759628463598L;
    private static final TraceComponent tc = Tr.register(LdapConnection.class);
    private static final AtomicLong LDAP_STATS_TIMER = new AtomicLong(0);
    private static final AtomicInteger QUICK_LDAP_BIND = new AtomicInteger(0);
    private static int LDAP_CONNECT_TIMEOUT_TRACE = 1000;
    private String reposId = null;
    private final Object lock = new Object() { // from class: com.ibm.ws.security.wim.adapter.ldap.LdapConnection.1
        static final long serialVersionUID = 3219853865938305873L;
        private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(AnonymousClass1.class);
    };
    private boolean iSearchResultsCacheEnabled = true;
    private String iSearchResultsCacheName = "SearchResultsCache";
    private ICacheUtil iSearchResultsCache = null;
    private int iSearchResultsCacheSize = 2000;
    private long iSearchResultsCacheTimeOut = 600;
    private int iSearchResultSizeLmit = 2000;
    private boolean iAttrsCacheEnabled = true;
    private String iAttrsCacheName = "AttributesCache";
    private ICacheUtil iAttrsCache = null;
    private int iAttrsCacheSize = 4000;
    private long iAttrsCacheTimeOut = 1200;
    private int iAttrsSizeLmit = 2000;
    private String iServerTTLAttr = null;
    private int iCountLimit = 1000;
    private int iTimeLimit = 60000;
    private final long DEFAULT_TIMEOUT = 600000;
    private boolean iEnableContextPool = true;
    private List<DirContext> iContexts = null;
    private int iInitPoolSize = 1;
    private int iLiveContexts = 0;
    private int iMaxPoolSize = 1;
    private int iPrefPoolSize = 1;
    private long iPoolWaitTime = 3000;
    private long iPoolTimeOut = 0;
    private long iPoolCreateTimestamp = 0;
    private long iPoolCreateTimestampMillisec = 0;
    private Hashtable<String, Object> iEnvironment = null;
    private boolean iReturnToPrimary = false;
    private long iQueryInterval = 900;
    private long iLastQueryTime = System.currentTimeMillis() / 1000;
    private String iSSLAlias = null;
    private final Control[] iConnCtls = null;
    private int iPageSize = 0;
    private NameParser iNameParser = null;
    private boolean iWriteToSecondary = false;
    protected String iSSLFactory = null;
    private Hashtable<String, String[]> iEnityAttrIds = null;
    private String[] iAttrIds = null;
    private boolean ignoreDNCase = true;

    @Trivial
    private String getActiveURL() {
        return (String) this.iEnvironment.get(ENVKEY_ACTIVE_URL);
    }

    @Trivial
    private String getPrimaryURL() {
        return getEnvURLList().get(0);
    }

    @Trivial
    private List<String> getEnvURLList() {
        return (List) this.iEnvironment.get(ENVKEY_URL_LIST);
    }

    @Trivial
    private void setActiveURL(String str) {
        synchronized (this.lock) {
            this.iEnvironment.put(ENVKEY_ACTIVE_URL, str);
        }
    }

    @Trivial
    private String getNextURL(String str) {
        List<String> envURLList = getEnvURLList();
        return envURLList.get((getURLIndex(str, envURLList) + 1) % envURLList.size());
    }

    @Trivial
    private static String toKey(String str, String str2, SearchControls searchControls) {
        StringBuffer stringBuffer = new StringBuffer(str.length() + str2.length() + 100);
        stringBuffer.append(str);
        stringBuffer.append("|");
        stringBuffer.append(str2);
        stringBuffer.append("|");
        stringBuffer.append(searchControls.getSearchScope());
        stringBuffer.append("|");
        stringBuffer.append(searchControls.getCountLimit());
        stringBuffer.append("|");
        stringBuffer.append(searchControls.getTimeLimit());
        String[] returningAttributes = searchControls.getReturningAttributes();
        if (returningAttributes != null) {
            for (String str3 : returningAttributes) {
                stringBuffer.append("|");
                stringBuffer.append(str3);
            }
        }
        return stringBuffer.toString();
    }

    @Trivial
    private static String toKey(String str, String str2, Object[] objArr, SearchControls searchControls) {
        StringBuffer stringBuffer = new StringBuffer(str.length() + str2.length() + objArr.length + 200);
        stringBuffer.append(str);
        stringBuffer.append("|");
        stringBuffer.append(str2);
        String[] returningAttributes = searchControls.getReturningAttributes();
        for (Object obj : objArr) {
            stringBuffer.append("|");
            stringBuffer.append(obj);
        }
        if (returningAttributes != null) {
            for (String str3 : returningAttributes) {
                stringBuffer.append("|");
                stringBuffer.append(str3);
            }
        }
        return stringBuffer.toString();
    }

    public NameParser getNameParser() throws WIMException {
        if (this.iNameParser == null) {
            DirContext dirContext = getDirContext();
            try {
                try {
                    try {
                        this.iNameParser = dirContext.getNameParser("");
                    } catch (Throwable th) {
                        releaseDirContext(dirContext);
                        throw th;
                    }
                } catch (NamingException e) {
                    FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "498", this, new Object[0]);
                    if (!isConnectionException(e, "getNameParser()")) {
                        throw e;
                    }
                    dirContext = reCreateDirContext(dirContext, e.toString());
                    this.iNameParser = dirContext.getNameParser("");
                }
                releaseDirContext(dirContext);
            } catch (NamingException e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "505", this, new Object[0]);
                throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e2.toString(true))));
            }
        }
        return this.iNameParser;
    }

    public LdapConnection(LdapConfigManager ldapConfigManager) {
        this.iLdapConfigMgr = null;
        this.iLdapConfigMgr = ldapConfigManager;
    }

    public void initialize(Map<String, Object> map) throws WIMException {
        this.reposId = (String) map.get("config.id");
        initializeServers(map);
        initializeContextPool(map);
        this.iAttrsCacheName = this.reposId + "/" + this.iAttrsCacheName;
        this.iSearchResultsCacheName = this.reposId + "/" + this.iSearchResultsCacheName;
        try {
            createContextPool(this.iInitPoolSize, null);
        } catch (NamingException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "546", this, new Object[]{map});
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "initialize(DataObject) Can not create context pool: " + e.toString(true), new Object[0]);
            }
        }
        initializeCaches(map);
        this.ignoreDNCase = ((Boolean) map.get(ConfigConstants.CONFIG_IGNORE_CASE)).booleanValue();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Set ignoreDNCase as [" + this.ignoreDNCase + "]", new Object[0]);
        }
    }

    private void initializeCaches(Map<String, Object> map) {
        List<Map<String, Object>> nest = Nester.nest(ConfigConstants.CACHE_CONFIG, map);
        Map<String, Object> map2 = null;
        Map<String, Object> map3 = null;
        if (!nest.isEmpty()) {
            Map<String, List<Map<String, Object>>> nest2 = Nester.nest(nest.get(0), "attributesCache", "searchResultsCache");
            List<Map<String, Object>> list = nest2.get("attributesCache");
            if (!list.isEmpty()) {
                map2 = list.get(0);
            }
            List<Map<String, Object>> list2 = nest2.get("searchResultsCache");
            if (!list2.isEmpty()) {
                map3 = list2.get(0);
            }
            if (map2 != null) {
                this.iAttrsCacheEnabled = ((Boolean) map2.get("enabled")).booleanValue();
                if (this.iAttrsCacheEnabled) {
                    this.iAttrsCacheSize = ((Integer) map2.get("size")).intValue();
                    this.iAttrsCacheTimeOut = ((Long) map2.get("timeout")).longValue();
                    this.iAttrsSizeLmit = ((Integer) map2.get(ConfigConstants.CONFIG_PROP_ATTRIBUTE_SIZE_LIMIT)).intValue();
                    this.iServerTTLAttr = (String) map2.get(ConfigConstants.CONFIG_PROP_SERVER_TTL_ATTRIBUTE);
                    initializeRetrieveAttrIds();
                }
            }
            if (map3 != null) {
                this.iSearchResultsCacheEnabled = ((Boolean) map3.get("enabled")).booleanValue();
                if (this.iSearchResultsCacheEnabled) {
                    this.iSearchResultsCacheSize = ((Integer) map3.get("size")).intValue();
                    this.iSearchResultsCacheTimeOut = ((Long) map3.get("timeout")).longValue();
                    this.iSearchResultSizeLmit = ((Integer) map3.get(ConfigConstants.CONFIG_PROP_SEARCH_RESULTS_SIZE_LIMIT)).intValue();
                }
            }
        }
        if (this.iAttrsCacheEnabled) {
            createAttributesCache();
            if (this.iAttrsCache == null && tc.isDebugEnabled()) {
                Tr.debug(tc, "initializeCaches(DataObject) Attributes Cache: " + this.iAttrsCacheName + " is not available because cache is not available yet.", new Object[0]);
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "initializeCaches(DataObject) Attributes Cache: " + this.iAttrsCacheName + " is disabled.", new Object[0]);
        }
        if (!this.iSearchResultsCacheEnabled) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "initializeCaches(DataObject) Search Results Cache: " + this.iSearchResultsCacheName + " is disabled.", new Object[0]);
            }
        } else {
            createSearchResultsCache();
            if (this.iSearchResultsCache == null && tc.isDebugEnabled()) {
                Tr.debug(tc, "initializeCaches(DataObject) Search Results Cache: " + this.iSearchResultsCacheName + " is not available because cache is not available yet.", new Object[0]);
            }
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public void initializeRetrieveAttrIds() {
        this.iEnityAttrIds = new Hashtable<>();
        List ldapEntities = this.iLdapConfigMgr.getLdapEntities();
        HashSet hashSet = new HashSet();
        String[] strArr = new String[0];
        for (int i = 0; i < ldapEntities.size(); i++) {
            Set<String> attributes = ((LdapEntity) ldapEntities.get(i)).getAttributes();
            attributes.add("objectClass");
            String extId = ((LdapEntity) ldapEntities.get(i)).getExtId();
            if (!"distinguishedName".equalsIgnoreCase(extId)) {
                attributes.add(extId);
            }
            attributes.remove(LdapConstants.LDAP_ATTR_USER_PASSWORD);
            attributes.remove("unicodePwd");
            if (this.iServerTTLAttr != null) {
                attributes.add(this.iServerTTLAttr);
            }
            String membershipAttribute = this.iLdapConfigMgr.getMembershipAttribute();
            if (membershipAttribute != null) {
                attributes.add(membershipAttribute);
            }
            this.iEnityAttrIds.put(((LdapEntity) ldapEntities.get(i)).getName(), attributes.toArray(strArr));
            hashSet.addAll(attributes);
        }
        hashSet.add("objectClass");
        String[] memberAttributes = this.iLdapConfigMgr.getMemberAttributes();
        HashSet hashSet2 = new HashSet(hashSet);
        for (String str : memberAttributes) {
            hashSet2.add(str);
        }
        this.iAttrIds = (String[]) hashSet.toArray(strArr);
    }

    private void initializeContextPool(Map<String, Object> map) throws InvalidInitPropertyException {
        this.iEnableContextPool = true;
        List<Map<String, Object>> nest = Nester.nest("contextPool", map);
        Map<String, Object> map2 = null;
        if (!nest.isEmpty()) {
            map2 = nest.get(0);
        }
        boolean booleanValue = ((Boolean) map.get(ConfigConstants.CONFIG_REUSE_CONNECTION)).booleanValue();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Set reuseConnection as [" + booleanValue + "]", new Object[0]);
        }
        if (map2 != null) {
            this.iEnableContextPool = ((Boolean) map2.get("enabled")).booleanValue();
        }
        if (!booleanValue) {
            this.iEnableContextPool = false;
        }
        if (!this.iEnableContextPool) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "initializeContextPool(DataObject)\nContext Pool is disabled.", new Object[0]);
                return;
            }
            return;
        }
        if (map2 != null) {
            if (map2.get(ConfigConstants.CONFIG_PROP_INIT_POOL_SIZE) != null) {
                this.iInitPoolSize = ((Integer) map2.get(ConfigConstants.CONFIG_PROP_INIT_POOL_SIZE)).intValue();
            }
            if (map2.get(ConfigConstants.CONFIG_PROP_MAX_POOL_SIZE) != null) {
                this.iMaxPoolSize = ((Integer) map2.get(ConfigConstants.CONFIG_PROP_MAX_POOL_SIZE)).intValue();
            }
            if (map2.get(ConfigConstants.CONFIG_PROP_PREF_POOL_SIZE) != null) {
                this.iPrefPoolSize = ((Integer) map2.get(ConfigConstants.CONFIG_PROP_PREF_POOL_SIZE)).intValue();
            }
            if (this.iMaxPoolSize != 0 && this.iMaxPoolSize < this.iInitPoolSize) {
                throw new InvalidInitPropertyException(WIMMessageKey.INIT_POOL_SIZE_TOO_BIG, Tr.formatMessage(tc, WIMMessageKey.INIT_POOL_SIZE_TOO_BIG, WIMMessageHelper.generateMsgParms(Integer.valueOf(this.iInitPoolSize), Integer.valueOf(this.iMaxPoolSize))));
            }
            if (this.iMaxPoolSize != 0 && this.iPrefPoolSize != 0 && this.iMaxPoolSize < this.iPrefPoolSize) {
                throw new InvalidInitPropertyException(WIMMessageKey.PREF_POOL_SIZE_TOO_BIG, Tr.formatMessage(tc, WIMMessageKey.PREF_POOL_SIZE_TOO_BIG, WIMMessageHelper.generateMsgParms(Integer.valueOf(this.iInitPoolSize), Integer.valueOf(this.iMaxPoolSize))));
            }
            if (map2.get(ConfigConstants.CONFIG_PROP_POOL_TIME_OUT) != null) {
                this.iPoolTimeOut = ((Long) map2.get(ConfigConstants.CONFIG_PROP_POOL_TIME_OUT)).longValue();
            }
            if (map2.get(ConfigConstants.CONFIG_PROP_POOL_WAIT_TIME) != null) {
                this.iPoolWaitTime = ((Long) map2.get(ConfigConstants.CONFIG_PROP_POOL_WAIT_TIME)).longValue();
            }
        }
        if (tc.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("\nContext Pool is enabled: ").append("\n");
            stringBuffer.append("\tInitPoolSize: ").append(this.iInitPoolSize).append("\n");
            stringBuffer.append("\tMaxPoolSize: ").append(this.iMaxPoolSize).append("\n");
            stringBuffer.append("\tPrefPoolSize: ").append(this.iPrefPoolSize).append("\n");
            stringBuffer.append("\tPoolTimeOut: ").append(this.iPoolTimeOut).append("\n");
            stringBuffer.append("\tPoolWaitTime: ").append(this.iPoolWaitTime);
            Tr.debug(tc, "initializeContextPool(DataObject)" + stringBuffer.toString(), new Object[0]);
        }
    }

    private void initializeServers(Map<String, Object> map) throws WIMException {
        if (map.containsKey("searchTimeout")) {
            this.iTimeLimit = (int) Long.parseLong(String.valueOf(map.get("searchTimeout")));
        }
        if (map.containsKey(ConfigConstants.CONFIG_PROP_SEARCH_COUNT_LIMIT)) {
            this.iCountLimit = Integer.parseInt((String) map.get(ConfigConstants.CONFIG_PROP_SEARCH_COUNT_LIMIT));
        }
        if (map.containsKey(ConfigConstants.CONFIG_PROP_SEARCH_PAGE_SIZE)) {
            this.iPageSize = Integer.parseInt((String) map.get(ConfigConstants.CONFIG_PROP_SEARCH_PAGE_SIZE));
        } else if (this.iLdapConfigMgr.getLdapType().startsWith(LdapConstants.AD_LDAP_SERVER)) {
            this.iPageSize = 1000;
        }
        if (map.containsKey(ConfigConstants.CONFIG_PROP_ATTRIBUTE_RANGE_STEP)) {
            this.iAttrRangeStep = Integer.parseInt((String) map.get(ConfigConstants.CONFIG_PROP_ATTRIBUTE_RANGE_STEP));
        } else if (this.iLdapConfigMgr.getLdapType().equals(ConfigConstants.CONFIG_LDAP_AD2000) || this.iLdapConfigMgr.getLdapType().equals(ConfigConstants.CONFIG_LDAP_ADAM)) {
            this.iAttrRangeStep = 1000;
        } else if (this.iLdapConfigMgr.getLdapType().startsWith(ConfigConstants.CONFIG_LDAP_AD2003)) {
            this.iAttrRangeStep = ClassFile.INITIAL_HEADER_SIZE;
        } else if (this.iLdapConfigMgr.getLdapType().startsWith(LdapConstants.AD_LDAP_SERVER)) {
            this.iAttrRangeStep = 1000;
        }
        this.iWriteToSecondary = Boolean.getBoolean((String) map.get(ConfigConstants.CONFIG_PROP_ALLOW_WRITE_TO_SECONDARY_SERVERS));
        this.iReturnToPrimary = ((Boolean) map.get(ConfigConstants.CONFIG_PROP_RETURN_TO_PRIMARY_SERVER)).booleanValue();
        this.iQueryInterval = ((Integer) map.get(ConfigConstants.CONFIG_PROP_PRIMARY_SERVER_QUERY_TIME_INTERVAL)).intValue() * 60;
        initializeSSL(map);
        this.iEnvironment = initializeEnvironmentProperties(((Boolean) map.get(ConfigConstants.CONFIG_PROP_SSL_ENABLED)).booleanValue(), Nester.nest(FAILOVER_SERVERS, map), map);
    }

    private Hashtable<String, Object> initializeEnvironmentProperties(boolean z, List<Map<String, Object>> list, Map<String, Object> map) throws WIMApplicationException {
        String str;
        Hashtable<String, Object> hashtable = new Hashtable<>();
        hashtable.put("java.naming.factory.initial", LdapConstants.LDAP_SUN_SPI);
        if (z) {
            if (this.iSSLFactory != null) {
                hashtable.put(LdapConstants.LDAP_ENV_PROP_FACTORY_SOCKET, this.iSSLFactory);
            }
            hashtable.put("java.naming.security.protocol", "ssl");
            str = LdapConstants.LDAP_URL_SSL_PREFIX;
        } else {
            str = LdapConstants.LDAP_URL_PREFIX;
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(str + ((String) map.get("host")).trim() + ":" + ((Integer) map.get("port")).intValue());
        Iterator<Map<String, Object>> it = list.iterator();
        while (it.hasNext()) {
            for (Map<String, Object> map2 : Nester.nest("server", it.next())) {
                String str2 = (String) map2.get("host");
                if ((!str2.startsWith("[") || !str2.endsWith("]")) && LdapHelper.isIPv6Addr(str2)) {
                    str2 = LdapHelper.formatIPv6Addr(str2);
                }
                if (map2.get("port") != null) {
                    arrayList.add(str + str2.trim() + ":" + ((Integer) map2.get("port")).intValue());
                }
            }
        }
        if (arrayList != null && arrayList.size() > 0) {
            String str3 = (String) arrayList.get(0);
            hashtable.put(ENVKEY_URL_LIST, arrayList);
            hashtable.put(ENVKEY_ACTIVE_URL, str3);
            hashtable.put("java.naming.provider.url", str3);
        }
        String str4 = (String) map.get(ConfigConstants.CONFIG_PROP_BIND_DN);
        if (str4 != null && str4.length() > 0) {
            hashtable.put("java.naming.security.principal", str4);
            SerializableProtectedString serializableProtectedString = (SerializableProtectedString) map.get(ConfigConstants.CONFIG_PROP_BIND_PASSWORD);
            String passwordDecode = PasswordUtil.passwordDecode((serializableProtectedString == null ? "" : new String(serializableProtectedString.getChars())).trim());
            if (passwordDecode == null || passwordDecode.length() == 0) {
                throw new MissingInitPropertyException(WIMMessageKey.MISSING_INI_PROPERTY, Tr.formatMessage(tc, WIMMessageKey.MISSING_INI_PROPERTY, WIMMessageHelper.generateMsgParms(ConfigConstants.CONFIG_PROP_BIND_PASSWORD)));
            }
            hashtable.put("java.naming.security.credentials", new ProtectedString(passwordDecode.toCharArray()));
        }
        Long l = (Long) map.get(ConfigConstants.CONFIG_PROP_CONNECT_TIMEOUT);
        if (l != null) {
            hashtable.put(LdapConstants.LDAP_ENV_PROP_CONNECT_TIMEOUT, l.toString());
        } else {
            hashtable.put(LdapConstants.LDAP_ENV_PROP_CONNECT_TIMEOUT, 600000L);
        }
        String str5 = (String) map.get(ConfigConstants.CONFIG_PROP_REFERAL);
        hashtable.put("java.naming.referral", str5);
        String binaryAttributes = getBinaryAttributes();
        if (binaryAttributes != null && binaryAttributes.length() > 0) {
            hashtable.put(LdapConstants.LDAP_ENV_PROP_ATTRIBUTES_BINARY, binaryAttributes);
        }
        if (tc.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("\nLDAP Server(s): ").append(arrayList).append("\n");
            stringBuffer.append("\tBind DN: ").append(str4).append("\n");
            stringBuffer.append("\tReferal: ").append(str5).append("\n");
            Tr.debug(tc, "initializeEnvironmentProperties" + stringBuffer.toString(), new Object[0]);
        }
        return hashtable;
    }

    private void initializeSSL(Map<String, Object> map) {
        String str = (String) map.get(LibertyConstants.KEY_DEFAULT_REPERTOIRE);
        if (str == null) {
            initializeWIMSSL(map);
            return;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "initializeSSL(DataObject) Use WAS SSL Configuration.", new Object[0]);
        }
        this.iSSLAlias = str;
        this.iSSLFactory = WAS_SSL_SOCKET_FACTORY;
    }

    private void initializeWIMSSL(Map<String, Object> map) {
        String str = (String) map.get(ConfigConstants.CONFIG_PROP_SSL_KEY_STORE);
        String str2 = (String) map.get(ConfigConstants.CONFIG_PROP_SSL_TRUST_STORE);
        if (str == null && str2 == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "initializeWIMSSL(DataObject) Use default SSL settings.", new Object[0]);
                return;
            }
            return;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "initializeWIMSSL(DataObject) Use SSL system properties.", new Object[0]);
        }
        IEncryptionUtil encryptionUtil = FactoryManager.getEncryptionUtil();
        if (str != null) {
            System.setProperty(Constants.SYSTEM_SSLPROP_KEY_STORE, str);
            String str3 = (String) map.get(ConfigConstants.CONFIG_PROP_SSL_KEY_STORE_TYPE);
            if (str3 != null) {
                System.setProperty(Constants.SYSTEM_SSLPROP_KEY_STORE_TYPE, str3);
            }
            String str4 = (String) map.get(ConfigConstants.CONFIG_PROP_SSL_KEY_STORE_PASSOWRD);
            if (str4 != null) {
                System.setProperty(Constants.SYSTEM_SSLPROP_KEY_STORE_PASSWORD, encryptionUtil.decode(str4));
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "initializeWIMSSL(DataObject) javax.net.ssl.keyStore=" + str, new Object[0]);
            }
        }
        if (str2 != null) {
            System.setProperty(Constants.SYSTEM_SSLPROP_TRUST_STORE, str2);
            String str5 = (String) map.get(ConfigConstants.CONFIG_PROP_SSL_TRUST_STORE_TYPE);
            if (str5 != null) {
                System.setProperty(Constants.SYSTEM_SSLPROP_TRUST_STORE_TYPE, str5);
            }
            String str6 = (String) map.get(ConfigConstants.CONFIG_PROP_SSL_TRUST_STORE_PASSWORD);
            if (str6 != null) {
                System.setProperty(Constants.SYSTEM_SSLPROP_TRUST_STORE_PASSWORD, encryptionUtil.decode(str6));
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "initializeWIMSSL(DataObject) javax.net.ssl.trustStore=" + str2, new Object[0]);
            }
        }
    }

    private void createSearchResultsCache() {
        if (this.iSearchResultsCacheEnabled && FactoryManager.getCacheUtil().isCacheAvailable()) {
            this.iSearchResultsCache = FactoryManager.getCacheUtil().initialize(this.iSearchResultsCacheSize, this.iSearchResultsCacheSize, this.iSearchResultsCacheTimeOut);
            if (this.iSearchResultsCache == null || !tc.isDebugEnabled()) {
                return;
            }
            StringBuilder sb = new StringBuilder("createSearchResultsCache");
            sb.append(" \nSearch Results Cache: ").append(this.iSearchResultsCacheName).append(" is enabled:\n");
            sb.append("\tCacheSize: ").append(this.iSearchResultsCacheSize).append("\n");
            sb.append("\tCacheTimeOut: ").append(this.iSearchResultsCacheTimeOut).append("\n");
            Tr.debug(tc, sb.toString(), new Object[0]);
        }
    }

    private void createAttributesCache() {
        if (this.iAttrsCacheEnabled && FactoryManager.getCacheUtil().isCacheAvailable()) {
            this.iAttrsCache = FactoryManager.getCacheUtil().initialize(this.iAttrsCacheSize, this.iAttrsCacheSize, this.iAttrsCacheTimeOut);
            if (this.iAttrsCache == null || !tc.isDebugEnabled()) {
                return;
            }
            StringBuilder sb = new StringBuilder("createAttributesCache");
            sb.append(" \nAttributes Cache: ").append(this.iAttrsCacheName).append(" is enabled:\n");
            sb.append("\tCacheSize: ").append(this.iAttrsCacheSize).append("\n");
            sb.append("\tCacheTimeOut: ").append(this.iAttrsCacheTimeOut).append("\n");
            Tr.debug(tc, sb.toString(), new Object[0]);
        }
    }

    private ICacheUtil getSearchResultsCache() {
        if (this.iSearchResultsCache == null) {
            createSearchResultsCache();
        }
        return this.iSearchResultsCache;
    }

    private ICacheUtil getAttributesCache() {
        if (this.iAttrsCache == null) {
            createAttributesCache();
        }
        return this.iAttrsCache;
    }

    public void invalidateAttributes(String str, String str2, String str3) {
        if (getAttributesCache() != null) {
            if (str != null) {
                getAttributesCache().invalidate(toKey(str));
            }
            if (str2 != null) {
                getAttributesCache().invalidate(str2);
            }
            if (str3 != null) {
                getAttributesCache().invalidate(toKey(str3));
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "invalidateAttributes(String, String, String) " + this.iAttrsCacheName + " size: " + getAttributesCache().size(), new Object[0]);
            }
        }
    }

    public void invalidateNamesCache() {
        if (getSearchResultsCache() != null) {
            getSearchResultsCache().clear();
        }
    }

    public void invalidateAttributeCache() {
        if (getAttributesCache() != null) {
            getAttributesCache().clear();
        }
    }

    @Trivial
    private String toKey(String str) {
        return this.ignoreDNCase ? str.toLowerCase() : str;
    }

    @Trivial
    public boolean isIgnoreCase() {
        return this.ignoreDNCase;
    }

    public LdapEntry getEntityByIdentifier(IdentifierType identifierType, List<String> list, List<String> list2, boolean z, boolean z2) throws WIMException {
        return getEntityByIdentifier(identifierType.getExternalName(), identifierType.getExternalId(), identifierType.getUniqueName(), list, list2, z, z2);
    }

    public LdapEntry getEntityByIdentifier(String str, String str2, String str3, List<String> list, List<String> list2, boolean z, boolean z2) throws WIMException {
        Attributes attributesByUniqueName;
        String[] attributeNames = this.iLdapConfigMgr.getAttributeNames(list, list2, z, z2);
        if (str == null && !this.iLdapConfigMgr.needTranslateRDN()) {
            str = this.iLdapConfigMgr.switchToLdapNode(str3);
        }
        if (str != null) {
            attributesByUniqueName = checkAttributesCache(str, attributeNames);
        } else if (str2 != null) {
            if (this.iLdapConfigMgr.isAnyExtIdDN()) {
                str = LdapHelper.getValidDN(str2);
                if (str != null) {
                    attributesByUniqueName = checkAttributesCache(str, attributeNames);
                } else {
                    if (str3 == null) {
                        throw new EntityNotFoundException(WIMMessageKey.ENTITY_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(null)));
                    }
                    attributesByUniqueName = getAttributesByUniqueName(str3, attributeNames, list);
                    str = LdapHelper.getDNFromAttributes(attributesByUniqueName);
                }
            } else {
                attributesByUniqueName = getAttributesByUniqueName(str2, attributeNames, list);
                str = LdapHelper.getDNFromAttributes(attributesByUniqueName);
            }
        } else {
            if (str3 == null) {
                throw new EntityNotFoundException(WIMMessageKey.ENTITY_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(null)));
            }
            attributesByUniqueName = getAttributesByUniqueName(str3, attributeNames, list);
            str = LdapHelper.getDNFromAttributes(attributesByUniqueName);
        }
        String entityType = this.iLdapConfigMgr.getEntityType(attributesByUniqueName, str3, str, str2, list);
        String uniqueName = getUniqueName(str, entityType, attributesByUniqueName);
        if (str2 == null) {
            str2 = this.iLdapConfigMgr.getExtIdFromAttributes(str, entityType, attributesByUniqueName);
        }
        return new LdapEntry(str, str2, uniqueName, entityType, attributesByUniqueName);
    }

    private String getUniqueName(String str, String str2, Attributes attributes) throws WIMException {
        String str3 = null;
        String switchToNode = this.iLdapConfigMgr.switchToNode(str);
        if (this.iLdapConfigMgr.needTranslateRDN() && this.iLdapConfigMgr.needTranslateRDN(str2)) {
            if (str2 != null) {
                try {
                    LdapEntity ldapEntity = this.iLdapConfigMgr.getLdapEntity(str2);
                    if (ldapEntity != null) {
                        String[] rDNAttributes = LdapHelper.getRDNAttributes(switchToNode);
                        String[][] wIMRDNProperties = ldapEntity.getWIMRDNProperties();
                        String[][] wIMRDNAttributes = ldapEntity.getWIMRDNAttributes();
                        String[][] rDNAttributes2 = ldapEntity.getRDNAttributes();
                        Attribute[] attributeArr = new Attribute[wIMRDNProperties.length];
                        String[] strArr = new String[wIMRDNProperties.length];
                        for (int i = 0; i < rDNAttributes2.length; i++) {
                            String[] strArr2 = rDNAttributes2[i];
                            boolean z = true;
                            for (int i2 = 0; i2 < strArr2.length; i2++) {
                                if (!strArr2[i2].equalsIgnoreCase(rDNAttributes[i2])) {
                                    z = false;
                                }
                            }
                            if (z) {
                                String[] strArr3 = wIMRDNProperties[i];
                                String[] strArr4 = wIMRDNAttributes[i];
                                boolean z2 = false;
                                if (attributes == null) {
                                    z2 = true;
                                } else {
                                    int i3 = 0;
                                    while (true) {
                                        if (i3 >= strArr4.length) {
                                            break;
                                        }
                                        if (attributes.get(strArr4[i3]) == null) {
                                            z2 = true;
                                            break;
                                        }
                                        i3++;
                                    }
                                }
                                if (z2) {
                                    attributes = getAttributes(switchToNode, strArr4);
                                }
                                for (int i4 = 0; i4 < strArr4.length; i4++) {
                                    attributeArr[i4] = attributes.get(strArr4[i4]);
                                    if (attributeArr[i4] != null) {
                                        strArr[i4] = (String) attributeArr[i4].get();
                                    }
                                }
                                str3 = LdapHelper.replaceRDN(switchToNode, strArr3, strArr);
                            }
                        }
                    }
                } catch (NamingException e) {
                    FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "1253", this, new Object[]{switchToNode, str2, attributes});
                    throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e.toString(true))));
                }
            }
        }
        if (str3 == null) {
            str3 = switchToNode;
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "getUniqueName Translated uniqueName: " + str3, new Object[0]);
        }
        return str3;
    }

    @FFDCIgnore({NamingException.class, NameNotFoundException.class})
    private Attributes getAttributes(String str, String[] strArr) throws WIMException {
        Attributes attributes;
        if (this.iLdapConfigMgr.getUseEncodingInSearchExpression() != null) {
            str = LdapHelper.encodeAttribute(str, this.iLdapConfigMgr.getUseEncodingInSearchExpression());
        }
        if (this.iAttrRangeStep > 0) {
            attributes = getRangeAttributes(str, strArr);
        } else {
            DirContext dirContext = getDirContext();
            try {
                try {
                    try {
                        try {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "JNDI_CALL getAttributes", WIMMessageHelper.generateMsgParms(str, WIMTraceHelper.printObjectArray(strArr)));
                            }
                            attributes = strArr.length > 0 ? dirContext.getAttributes(new LdapName(str), strArr) : new BasicAttributes();
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "JNDI_CALL getAttributes", attributes.toString());
                            }
                        } catch (NamingException e) {
                            if (!isConnectionException(e, "getAttributes")) {
                                throw e;
                            }
                            dirContext = reCreateDirContext(dirContext, e.toString());
                            attributes = strArr.length > 0 ? dirContext.getAttributes(new LdapName(str), strArr) : new BasicAttributes();
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "JNDI_CALL getAttributes", attributes.toString());
                            }
                        }
                        releaseDirContext(dirContext);
                    } catch (NameNotFoundException e2) {
                        throw new EntityNotFoundException(WIMMessageKey.LDAP_ENTRY_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.LDAP_ENTRY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str, e2.toString(true))));
                    }
                } catch (NamingException e3) {
                    throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e3.toString(true))));
                }
            } catch (Throwable th) {
                releaseDirContext(dirContext);
                throw th;
            }
        }
        return attributes;
    }

    @FFDCIgnore({NameNotFoundException.class, NamingException.class})
    private Attributes getRangeAttributes(String str, String[] strArr) throws WIMException {
        Attributes attributes;
        DirContext dirContext = getDirContext();
        try {
            try {
                try {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "JNDI_CALL getRangeAttributes(String, String[])", WIMMessageHelper.generateMsgParms(str, WIMTraceHelper.printObjectArray(strArr)));
                    }
                    attributes = dirContext.getAttributes(new LdapName(str), strArr);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "JNDI_CALL getRangeAttributes(String, String[])", attributes.toString());
                    }
                } catch (NamingException e) {
                    if (!isConnectionException(e, "getRangeAttributes")) {
                        throw e;
                    }
                    dirContext = reCreateDirContext(dirContext, e.toString());
                    attributes = dirContext.getAttributes(new LdapName(str), strArr);
                }
                supportRangeAttributes(attributes, str, dirContext);
                releaseDirContext(dirContext);
                return attributes;
            } catch (NamingException e2) {
                throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e2.toString(true))));
            } catch (NameNotFoundException e3) {
                throw new EntityNotFoundException(WIMMessageKey.LDAP_ENTRY_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.LDAP_ENTRY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str, e3.toString(true))));
            }
        } catch (Throwable th) {
            releaseDirContext(dirContext);
            throw th;
        }
    }

    public Attributes checkAttributesCache(String str, String[] strArr) throws WIMException {
        Attributes attributes;
        if (getAttributesCache() != null) {
            String key = toKey(str);
            Object obj = getAttributesCache().get(key);
            if (obj == null || !(obj instanceof Attributes)) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "checkAttributesCache Miss cache: " + key, new Object[0]);
                }
                attributes = getAttributes(str, strArr);
                updateAttributesCache(key, attributes, (Attributes) null, strArr);
            } else {
                ArrayList arrayList = new ArrayList(strArr.length);
                Attributes attributes2 = (Attributes) obj;
                attributes = new BasicAttributes(true);
                for (int i = 0; i < strArr.length; i++) {
                    Attribute ingoreCaseAttribute = LdapHelper.getIngoreCaseAttribute(attributes2, strArr[i]);
                    if (ingoreCaseAttribute != null) {
                        attributes.put(ingoreCaseAttribute);
                    } else {
                        arrayList.add(strArr[i]);
                    }
                }
                if (arrayList.size() > 0) {
                    String[] strArr2 = (String[]) arrayList.toArray(new String[0]);
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "checkAttributesCache Miss cache: " + key + " " + WIMTraceHelper.printObjectArray(strArr2), new Object[0]);
                    }
                    Attributes attributes3 = getAttributes(str, strArr2);
                    addAttributes(attributes3, attributes);
                    updateAttributesCache(key, attributes3, attributes2, strArr2);
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "checkAttributesCache Hit cache: " + key, new Object[0]);
                }
            }
        } else {
            attributes = getAttributes(str, strArr);
        }
        return attributes;
    }

    @Trivial
    private void addAttributes(Attributes attributes, Attributes attributes2) {
        NamingEnumeration all = attributes.getAll();
        while (all.hasMoreElements()) {
            attributes2.put((Attribute) all.nextElement());
        }
    }

    private void updateAttributesCache(String str, String str2, Attributes attributes, String[] strArr) {
        getAttributesCache().put(str, str2, 1, this.iAttrsCacheTimeOut, 0, null);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "updateAttributesCache(key,dn,newAttrs) Update " + this.iAttrsCacheName + "(size: " + getAttributesCache().size() + ")\n" + str + ": " + str2, new Object[0]);
        }
        String key = toKey(str2);
        Object obj = getAttributesCache().get(key);
        Attributes attributes2 = null;
        if (obj != null && (obj instanceof Attributes)) {
            attributes2 = (Attributes) obj;
        }
        updateAttributesCache(key, attributes, attributes2, strArr);
    }

    private void updateAttributesCache(String str, Attributes attributes, Attributes attributes2, String[] strArr) {
        if (strArr == null) {
            updateAttributesCache(str, attributes, attributes2);
            return;
        }
        if (strArr.length > 0) {
            Attributes basicAttributes = attributes2 != null ? (Attributes) attributes2.clone() : new BasicAttributes(true);
            for (int i = 0; i < strArr.length; i++) {
                boolean z = false;
                NamingEnumeration all = attributes.getAll();
                while (true) {
                    if (!all.hasMoreElements()) {
                        break;
                    }
                    Attribute attribute = (Attribute) all.nextElement();
                    if (attribute.getID().equalsIgnoreCase(strArr[i])) {
                        z = true;
                        if (this.iAttrsSizeLmit <= 0 || attribute.size() <= this.iAttrsSizeLmit) {
                            basicAttributes.put(attribute);
                        }
                    } else {
                        int indexOf = attribute.getID().indexOf(IFSFile.pathSeparator);
                        if (indexOf > 0 && strArr[i].equalsIgnoreCase(attribute.getID().substring(0, indexOf))) {
                            z = true;
                            if (this.iAttrsSizeLmit <= 0 || attribute.size() <= this.iAttrsSizeLmit) {
                                basicAttributes.put(attribute);
                            }
                        }
                    }
                }
                if (!z) {
                    basicAttributes.put(new BasicAttribute(strArr[i], (Object) null));
                }
            }
            getAttributesCache().put(str, basicAttributes, 1, this.iAttrsCacheTimeOut, 0, null);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "updateAttributeCache Update " + this.iAttrsCacheName + "(size: " + getAttributesCache().size() + ")\n" + str + ": " + basicAttributes, new Object[0]);
            }
        }
    }

    private void updateAttributesCache(String str, Attributes attributes, Attributes attributes2) {
        if (attributes.size() > 0) {
            Attributes basicAttributes = attributes2 != null ? (Attributes) attributes2.clone() : new BasicAttributes(true);
            NamingEnumeration all = attributes.getAll();
            while (all.hasMoreElements()) {
                Attribute attribute = (Attribute) all.nextElement();
                if (this.iAttrsSizeLmit <= 0 || attribute.size() <= this.iAttrsSizeLmit) {
                    basicAttributes.put(attribute);
                }
            }
            getAttributesCache().put(str, basicAttributes, 1, this.iAttrsCacheTimeOut, 0, null);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "updateAttributeCache(key,missAttrs,cachedAttrs) Update " + this.iAttrsCacheName + "(size: " + getAttributesCache().size() + ")\n" + str + ": " + basicAttributes, new Object[0]);
            }
        }
    }

    public NamingEnumeration<SearchResult> search(String str, String str2, int i, String[] strArr) throws WIMException {
        return checkSearchCache(str, str2, null, new SearchControls(i, this.iCountLimit, this.iTimeLimit, strArr, false, false));
    }

    private NamingEnumeration<SearchResult> checkSearchCache(String str, String str2, Object[] objArr, SearchControls searchControls) throws WIMException {
        NamingEnumeration<SearchResult> search;
        if (getSearchResultsCache() != null) {
            String key = objArr == null ? toKey(str, str2, searchControls) : toKey(str, str2, objArr, searchControls);
            CachedNamingEnumeration cachedNamingEnumeration = (CachedNamingEnumeration) getSearchResultsCache().get(key);
            if (cachedNamingEnumeration == null) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "checkSearchCache Miss cache: " + key, new Object[0]);
                }
                search = updateSearchCache(str, key, search(str, str2, objArr, searchControls, null), searchControls.getReturningAttributes());
            } else {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "checkSearchCache Hit cache: " + key, new Object[0]);
                }
                search = (CachedNamingEnumeration) cachedNamingEnumeration.clone();
            }
        } else {
            search = search(str, str2, objArr, searchControls, null);
        }
        return search;
    }

    /* JADX WARN: Code restructure failed: missing block: B:32:0x0123, code lost:
    
        if (com.ibm.ws.security.wim.adapter.ldap.LdapConnection.tc.isDebugEnabled() == false) goto L31;
     */
    /* JADX WARN: Code restructure failed: missing block: B:33:0x0126, code lost:
    
        com.ibm.websphere.ras.Tr.debug(com.ibm.ws.security.wim.adapter.ldap.LdapConnection.tc, "updateSearchCache attribute cache updated with " + (r17 - 1) + " entries. skipping rest.", new java.lang.Object[0]);
     */
    @com.ibm.ws.ffdc.annotation.FFDCIgnore({javax.naming.NamingException.class})
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private javax.naming.NamingEnumeration<javax.naming.directory.SearchResult> updateSearchCache(java.lang.String r10, java.lang.String r11, javax.naming.NamingEnumeration<javax.naming.directory.SearchResult> r12, java.lang.String[] r13) throws com.ibm.wsspi.security.wim.exception.WIMSystemException {
        /*
            Method dump skipped, instructions count: 353
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.security.wim.adapter.ldap.LdapConnection.updateSearchCache(java.lang.String, java.lang.String, javax.naming.NamingEnumeration, java.lang.String[]):javax.naming.NamingEnumeration");
    }

    @FFDCIgnore({SizeLimitExceededException.class})
    private static int cloneSearchResults(NamingEnumeration<SearchResult> namingEnumeration, CachedNamingEnumeration cachedNamingEnumeration, CachedNamingEnumeration cachedNamingEnumeration2) throws WIMSystemException {
        int i = 0;
        while (namingEnumeration.hasMore()) {
            try {
                SearchResult searchResult = (SearchResult) namingEnumeration.nextElement();
                SearchResult searchResult2 = new SearchResult(searchResult.getName(), (String) null, (Object) null, (Attributes) searchResult.getAttributes().clone());
                cachedNamingEnumeration.add(searchResult);
                cachedNamingEnumeration2.add(searchResult2);
                i++;
            } catch (NamingException e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "1650", null, new Object[]{namingEnumeration, cachedNamingEnumeration, cachedNamingEnumeration2});
                throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e.toString(true))));
            } catch (SizeLimitExceededException e2) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "cloneSearchResults(NamingEnumeration, CachedNamingEnumeration, CachedNamingEnumeration) " + e2.toString(true), e2);
                }
            }
        }
        return i;
    }

    private NamingEnumeration<SearchResult> search(String str, String str2, Object[] objArr, SearchControls searchControls, Control[] controlArr) throws WIMException {
        NamingEnumeration search;
        NamingEnumeration<SearchResult> search2;
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "JNDI_CALL search(String, String, Object[], SearchControls)" + LdapHelper.printSearchControls(searchControls), new Object[0]);
        }
        if (this.iPageSize == 0) {
            DirContext dirContext = getDirContext();
            try {
                try {
                    try {
                        search2 = objArr == null ? dirContext.search(new LdapName(str), str2, searchControls) : dirContext.search(new LdapName(str), str2, objArr, searchControls);
                    } catch (NamingException e) {
                        FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "1680", this, new Object[]{str, str2, objArr, searchControls, controlArr});
                        if (!isConnectionException(e, "search(String, String, Object[], SearchControls)")) {
                            throw e;
                        }
                        dirContext = reCreateDirContext(dirContext, e.toString());
                        search2 = objArr == null ? dirContext.search(new LdapName(str), str2, searchControls) : dirContext.search(new LdapName(str), str2, objArr, searchControls);
                    }
                    releaseDirContext(dirContext);
                    return search2;
                } catch (Throwable th) {
                    releaseDirContext(dirContext);
                    throw th;
                }
            } catch (NamingException e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "1698", this, new Object[]{str, str2, objArr, searchControls, controlArr});
                throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e2.toString(true))));
            } catch (NameNotFoundException e3) {
                FFDCFilter.processException(e3, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "1691", this, new Object[]{str, str2, objArr, searchControls, controlArr});
                throw new EntityNotFoundException(WIMMessageKey.LDAP_ENTRY_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.LDAP_ENTRY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str, e3.toString(true))));
            }
        }
        LdapContext dirContext2 = getDirContext();
        try {
            try {
                try {
                    if (controlArr != null) {
                        dirContext2.setRequestControls(new Control[]{controlArr[0], new PagedResultsControl(this.iPageSize, false)});
                    } else {
                        dirContext2.setRequestControls(new Control[]{new PagedResultsControl(this.iPageSize, false)});
                    }
                    byte[] bArr = null;
                    int i = 1;
                    int i2 = 0;
                    CachedNamingEnumeration cachedNamingEnumeration = new CachedNamingEnumeration();
                    do {
                        try {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "search(String, String, Object[], SearchControls) Search page " + i, new Object[0]);
                            }
                            search = objArr == null ? dirContext2.search(new LdapName(str), str2, searchControls) : dirContext2.search(new LdapName(str), str2, objArr, searchControls);
                        } catch (NamingException e4) {
                            FFDCFilter.processException(e4, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "1734", this, new Object[]{str, str2, objArr, searchControls, controlArr});
                            if (!(e4 instanceof CommunicationException) && !(e4 instanceof ServiceUnavailableException)) {
                                throw e4;
                            }
                            dirContext2 = reCreateDirContext(dirContext2, e4.toString());
                            if (controlArr != null) {
                                dirContext2.setRequestControls(new Control[]{controlArr[0], new PagedResultsControl(this.iPageSize, false)});
                            } else {
                                dirContext2.setRequestControls(new Control[]{new PagedResultsControl(this.iPageSize, false)});
                            }
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "search(String, String, Object[], SearchControls) Search page " + i, new Object[0]);
                            }
                            search = objArr == null ? dirContext2.search(new LdapName(str), str2, searchControls) : dirContext2.search(new LdapName(str), str2, objArr, searchControls);
                        }
                        if (search != null) {
                            i++;
                            while (search.hasMoreElements()) {
                                cachedNamingEnumeration.add((SearchResult) search.nextElement());
                                i2++;
                            }
                            PagedResultsResponseControl[] responseControls = dirContext2.getResponseControls();
                            if (responseControls != null && responseControls.length > 0) {
                                bArr = responseControls[0].getCookie();
                                if (bArr != null && bArr.length > 0) {
                                    dirContext2.setRequestControls(new Control[]{new PagedResultsControl(this.iPageSize, bArr, false)});
                                }
                            }
                        }
                        if (bArr == null || bArr.length <= 0) {
                            break;
                        }
                    } while (i2 < searchControls.getCountLimit());
                    try {
                        dirContext2.setRequestControls((Control[]) null);
                    } catch (NamingException e5) {
                        FFDCFilter.processException(e5, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "1791", this, new Object[]{str, str2, objArr, searchControls, controlArr});
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "search(String, String, Object[], SearchControls)" + e5.toString(true), new Object[0]);
                        }
                    }
                    releaseDirContext(dirContext2);
                    return cachedNamingEnumeration;
                } catch (NamingException e6) {
                    FFDCFilter.processException(e6, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "1774", this, new Object[]{str, str2, objArr, searchControls, controlArr});
                    throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e6.toString(true))));
                }
            } catch (IOException e7) {
                FFDCFilter.processException(e7, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "1781", this, new Object[]{str, str2, objArr, searchControls, controlArr});
                throw new WIMSystemException(WIMMessageKey.GENERIC, Tr.formatMessage(tc, WIMMessageKey.GENERIC, WIMMessageHelper.generateMsgParms(e7.toString())));
            }
        } catch (Throwable th2) {
            try {
                dirContext2.setRequestControls((Control[]) null);
            } catch (NamingException e8) {
                FFDCFilter.processException(e8, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "1791", this, new Object[]{str, str2, objArr, searchControls, controlArr});
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "search(String, String, Object[], SearchControls)" + e8.toString(true), new Object[0]);
                }
            }
            releaseDirContext(dirContext2);
            throw th2;
        }
    }

    public Attributes getAttributesByUniqueName(String str, String[] strArr, List<String> list) throws WIMException {
        NamingEnumeration search;
        SearchResult searchResult;
        String str2 = null;
        Attributes attributes = null;
        String switchToLdapNode = this.iLdapConfigMgr.switchToLdapNode(str);
        boolean z = false;
        if (this.iLdapConfigMgr.needTranslateRDN()) {
            if (list == null || list.size() <= 0) {
                z = true;
            } else {
                int i = 0;
                while (true) {
                    if (i >= list.size()) {
                        break;
                    }
                    if (this.iLdapConfigMgr.needTranslateRDN(list.get(i))) {
                        z = true;
                        break;
                    }
                    i++;
                }
            }
        }
        if (!z) {
            Attributes checkAttributesCache = checkAttributesCache(switchToLdapNode, strArr);
            checkAttributesCache.put("distinguishedName", switchToLdapNode);
            return checkAttributesCache;
        }
        boolean z2 = false;
        Object obj = null;
        String key = toKey(switchToLdapNode);
        if (getAttributesCache() != null) {
            z2 = true;
            obj = getAttributesCache().get(key);
        }
        if (obj != null && (obj instanceof String)) {
            str2 = (String) obj;
            try {
                attributes = checkAttributesCache(str2, strArr);
                attributes.put("distinguishedName", str2);
                return attributes;
            } catch (EntityNotFoundException e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "1840", this, new Object[]{switchToLdapNode, strArr, list});
                getAttributesCache().invalidate(key);
            }
        }
        String ldapRDNFilter = this.iLdapConfigMgr.getLdapRDNFilter(null, LdapHelper.getRDN(switchToLdapNode));
        String parentDN = LdapHelper.getParentDN(switchToLdapNode);
        SearchControls searchControls = new SearchControls();
        searchControls.setTimeLimit(this.iTimeLimit);
        searchControls.setCountLimit(this.iCountLimit);
        searchControls.setSearchScope(1);
        searchControls.setReturningAttributes(strArr);
        searchControls.setReturningObjFlag(false);
        DirContext dirContext = getDirContext();
        try {
            try {
                try {
                    search = dirContext.search(parentDN, ldapRDNFilter, searchControls);
                } catch (NamingException e2) {
                    FFDCFilter.processException(e2, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "1861", this, new Object[]{switchToLdapNode, strArr, list});
                    if (!isConnectionException(e2, "getAttributesByUniqueName")) {
                        throw e2;
                    }
                    dirContext = reCreateDirContext(dirContext, e2.toString());
                    search = dirContext.search(parentDN, ldapRDNFilter, searchControls);
                }
                if (search.hasMoreElements() && (searchResult = (SearchResult) search.nextElement()) != null) {
                    str2 = LdapHelper.prepareDN(searchResult.getName(), parentDN);
                    attributes = searchResult.getAttributes();
                    if (this.iAttrRangeStep > 0) {
                        supportRangeAttributes(attributes, str2, dirContext);
                    }
                }
                releaseDirContext(dirContext);
                if (attributes == null) {
                    throw new EntityNotFoundException(WIMMessageKey.ENTITY_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(switchToLdapNode)));
                }
                if (z2) {
                    updateAttributesCache(key, str2, attributes, strArr);
                }
                attributes.put("distinguishedName", str2);
                return attributes;
            } catch (NamingException e3) {
                FFDCFilter.processException(e3, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "1886", this, new Object[]{switchToLdapNode, strArr, list});
                throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e3.toString(true))));
            } catch (NameNotFoundException e4) {
                FFDCFilter.processException(e4, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "1879", this, new Object[]{switchToLdapNode, strArr, list});
                throw new EntityNotFoundException(WIMMessageKey.ENTITY_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.ENTITY_NOT_FOUND, WIMMessageHelper.generateMsgParms(parentDN)));
            }
        } catch (Throwable th) {
            releaseDirContext(dirContext);
            throw th;
        }
    }

    public Map<String, LdapEntry> getDynamicGroups(String[] strArr, List<String> list, boolean z) throws WIMException {
        String name;
        HashMap hashMap = new HashMap();
        String[] attributeNames = this.iLdapConfigMgr.getAttributeNames(this.iLdapConfigMgr.getGroupTypes(), list, z, false);
        String[] dynamicMemberAttributes = this.iLdapConfigMgr.getDynamicMemberAttributes();
        String[] strArr2 = new String[attributeNames.length + dynamicMemberAttributes.length];
        System.arraycopy(attributeNames, 0, strArr2, 0, attributeNames.length);
        System.arraycopy(dynamicMemberAttributes, 0, strArr2, attributeNames.length, dynamicMemberAttributes.length);
        String dynamicGroupFilter = this.iLdapConfigMgr.getDynamicGroupFilter();
        for (String str : strArr) {
            NamingEnumeration<SearchResult> search = search(str, dynamicGroupFilter, 2, strArr2);
            while (search.hasMoreElements()) {
                SearchResult searchResult = (SearchResult) search.nextElement();
                if (searchResult != null && (name = searchResult.getName()) != null && name.trim().length() != 0) {
                    String prepareDN = LdapHelper.prepareDN(name, str);
                    Attributes attributes = searchResult.getAttributes();
                    LdapEntry ldapEntry = new LdapEntry(prepareDN, this.iLdapConfigMgr.getExtIdFromAttributes(prepareDN, "Group", attributes), getUniqueName(prepareDN, "Group", attributes), "Group", attributes);
                    hashMap.put(ldapEntry.getDN(), ldapEntry);
                }
            }
        }
        return hashMap;
    }

    public boolean isMemberInURLQuery(LdapURL[] ldapURLArr, String str) throws WIMException {
        SearchResult searchResult;
        boolean z = false;
        String[] strArr = new String[0];
        String rdn = LdapHelper.getRDN(str);
        if (ldapURLArr != null) {
            int i = 0;
            while (true) {
                if (i >= ldapURLArr.length) {
                    break;
                }
                LdapURL ldapURL = ldapURLArr[i];
                if (ldapURL.parsedOK()) {
                    String str2 = ldapURL.get_dn();
                    if (LdapHelper.isUnderBases(str, str2)) {
                        int i2 = ldapURL.get_searchScope();
                        String str3 = ldapURL.get_filter();
                        if (i2 != 2) {
                            NamingEnumeration<SearchResult> search = search(str2, str3 == null ? rdn : "(&(" + str3 + ")(" + rdn + "))", i2, strArr);
                            if (search.hasMoreElements() && (searchResult = (SearchResult) search.nextElement()) != null && str.equalsIgnoreCase(LdapHelper.prepareDN(searchResult.getName(), str2))) {
                                z = true;
                                break;
                            }
                        } else {
                            if (str3 == null) {
                                z = true;
                                break;
                            }
                            if (search(str, str3, 2, strArr).hasMoreElements()) {
                                z = true;
                                break;
                            }
                        }
                    } else {
                        continue;
                    }
                }
                i++;
            }
        }
        return z;
    }

    public Set<LdapEntry> searchEntities(String str, String str2, Object[] objArr, int i, List<String> list, List<String> list2, boolean z, boolean z2) throws WIMException {
        return searchEntities(str, str2, objArr, i, list, list2, z, z2, this.iCountLimit, this.iTimeLimit);
    }

    public NamingEnumeration<SearchResult> search(String str, String str2, int i, String[] strArr, int i2, int i3) throws WIMException {
        return checkSearchCache(str, str2, null, new SearchControls(i, i2, i3, strArr, false, false));
    }

    public NamingEnumeration<SearchResult> search(String str, String str2, Object[] objArr, int i, String[] strArr, int i2, int i3) throws WIMException {
        return checkSearchCache(str, str2, objArr, new SearchControls(i, i2, i3, strArr, false, false));
    }

    public Set<LdapEntry> searchEntities(String str, String str2, Object[] objArr, int i, List<String> list, List<String> list2, boolean z, boolean z2, int i2, int i3) throws WIMException {
        List<String> list3 = list2;
        if (list != null && list.size() > 0) {
            list3 = this.iLdapConfigMgr.getSupportedProperties(list.get(0), list2);
        }
        String[] attributeNames = this.iLdapConfigMgr.getAttributeNames(list, list3, z, z2);
        return populateResultSet(objArr == null ? search(str, str2, i, attributeNames, i2, i3) : search(str, str2, objArr, i, attributeNames, i2, i3), str, i, list, attributeNames);
    }

    @FFDCIgnore({SizeLimitExceededException.class})
    private Set<LdapEntry> populateResultSet(NamingEnumeration<SearchResult> namingEnumeration, String str, int i, List<String> list, String[] strArr) throws WIMException {
        HashSet hashSet = new HashSet();
        while (namingEnumeration.hasMore()) {
            try {
                SearchResult searchResult = (SearchResult) namingEnumeration.nextElement();
                if (searchResult != null) {
                    String prepareDN = LdapHelper.prepareDN(searchResult.getName(), str);
                    if (i == 0 || !str.equalsIgnoreCase(prepareDN)) {
                        Attributes attributes = searchResult.getAttributes();
                        if (this.iLdapConfigMgr.isRacf() && attributes.size() == 0) {
                            attributes = getAttributes(prepareDN, strArr);
                        }
                        String entityType = this.iLdapConfigMgr.getEntityType(attributes, null, prepareDN, null, list);
                        if (!this.iLdapConfigMgr.isRacf() || list.contains(entityType)) {
                            hashSet.add(new LdapEntry(prepareDN, this.iLdapConfigMgr.getExtIdFromAttributes(prepareDN, entityType, attributes), getUniqueName(prepareDN, entityType, attributes), entityType, attributes));
                        }
                    }
                }
            } catch (SizeLimitExceededException e) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "populateResultSet " + e.toString(true), new Object[0]);
                }
            } catch (NamingException e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "2079", this, new Object[]{namingEnumeration, str, Integer.valueOf(i), list, strArr});
                throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e2.toString(true))));
            }
        }
        return hashSet;
    }

    public List<String> getAncestorDNs(String str, int i) throws WIMException {
        if (str == null || str.trim().length() == 0) {
            return null;
        }
        try {
            Name parse = getNameParser().parse(str);
            int size = parse.size();
            ArrayList arrayList = new ArrayList();
            if (i == 0) {
                i = size;
            }
            for (int i2 = size - 1; i2 >= size - i; i2--) {
                parse.remove(i2);
                arrayList.add(parse.toString());
            }
            return arrayList;
        } catch (NamingException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "2109", this, new Object[]{str, Integer.valueOf(i)});
            throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e.toString(true))));
        }
    }

    @FFDCIgnore({NumberFormatException.class, NamingException.class})
    private void supportRangeAttributes(Attributes attributes, String str, DirContext dirContext) throws WIMException, NamingException {
        Attributes attributes2;
        NamingEnumeration all = attributes.getAll();
        while (all.hasMoreElements()) {
            Attribute attribute = (Attribute) all.nextElement();
            String id = attribute.getID();
            int indexOf = id.indexOf(ATTR_RANGE_KEYWORD);
            if (indexOf > -1) {
                String substring = id.substring(0, indexOf);
                BasicAttribute basicAttribute = new BasicAttribute(substring);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "supportRangeAttributes Range attriute retrieved: " + id, new Object[0]);
                }
                NamingEnumeration all2 = attribute.getAll();
                while (all2.hasMoreElements()) {
                    basicAttribute.add(all2.nextElement());
                }
                int i = this.iAttrRangeStep;
                try {
                    i = Integer.parseInt(id.substring(id.indexOf(45) + 1)) + 1;
                } catch (NumberFormatException e) {
                }
                int i2 = (i + this.iAttrRangeStep) - 1;
                boolean z = false;
                boolean z2 = false;
                do {
                    String str2 = !z2 ? substring + MessageFormat.format(ATTR_RANGE_QUERY, Integer.valueOf(i).toString(), Integer.valueOf(i2).toString()) : substring + MessageFormat.format(ATTR_RANGE_LAST_QUERY, Integer.valueOf(i).toString());
                    String[] strArr = {str2};
                    try {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "JNDI_CALL getAttributes(String, String[])", WIMMessageHelper.generateMsgParms(str, WIMTraceHelper.printObjectArray(strArr)));
                        }
                        attributes2 = dirContext.getAttributes(new LdapName(str), strArr);
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "JNDI_CALL getAttributes(String, String[])", attributes2.toString());
                        }
                    } catch (NamingException e2) {
                        if (!(e2 instanceof CommunicationException) && !(e2 instanceof ServiceUnavailableException)) {
                            throw e2;
                        }
                        dirContext = reCreateDirContext(dirContext, e2.toString());
                        attributes2 = dirContext.getAttributes(new LdapName(str), strArr);
                    }
                    Attribute attribute2 = attributes2.get(str2);
                    if (attribute2 == null) {
                        attribute2 = attributes2.get(substring + MessageFormat.format(ATTR_RANGE_LAST_QUERY, Integer.valueOf(i).toString()));
                        z2 = true;
                    }
                    if (attribute2 != null) {
                        NamingEnumeration all3 = attribute2.getAll();
                        while (all3.hasMoreElements()) {
                            basicAttribute.add(all3.nextElement());
                        }
                        if (z2) {
                            z = true;
                        } else {
                            i = i2 + 1;
                            i2 = (i + this.iAttrRangeStep) - 1;
                        }
                    } else {
                        z2 = true;
                    }
                } while (!z);
                attributes.put(basicAttribute);
                attributes.remove(id);
            }
        }
    }

    @FFDCIgnore({InterruptedException.class, NamingException.class})
    private DirContext getDirContext() throws WIMSystemException {
        DirContext dirContext = null;
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        if (!this.iEnableContextPool) {
            try {
                if (this.iReturnToPrimary && currentTimeMillis - this.iLastQueryTime > this.iQueryInterval) {
                    String primaryURL = getPrimaryURL();
                    if (!primaryURL.equalsIgnoreCase(getActiveURL())) {
                        Hashtable<?, ?> environment = getEnvironment(0, primaryURL);
                        try {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "getDirContext Ping primary server '" + primaryURL + "'...", new Object[0]);
                            }
                            dirContext = createDirContext(environment);
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "getDirContext Ping primary server '" + primaryURL + "': success", new Object[0]);
                            }
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, WIMMessageKey.CURRENT_LDAP_SERVER, WIMMessageHelper.generateMsgParms(getActiveURL()));
                            }
                        } catch (NamingException e) {
                            if (tc.isInfoEnabled()) {
                                Tr.info(tc, WIMMessageKey.CANNOT_CONNECT_LDAP_SERVER, WIMMessageHelper.generateMsgParms(primaryURL));
                            }
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "getDirContext Ping primary server '" + primaryURL + "': fail", new Object[0]);
                            }
                        }
                    }
                    this.iLastQueryTime = currentTimeMillis;
                }
                if (dirContext == null) {
                    dirContext = createDirContext(getEnvironment(1, getActiveURL()));
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, WIMMessageKey.CURRENT_LDAP_SERVER, WIMMessageHelper.generateMsgParms(getActiveURL()));
                    }
                }
                return dirContext;
            } catch (NamingException e2) {
                throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e2.toString(true))));
            }
        }
        do {
            synchronized (this.lock) {
                if (this.iContexts == null) {
                    try {
                        createContextPool(this.iInitPoolSize, null);
                    } catch (NamingException e3) {
                        throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e3.toString(true))));
                    }
                }
                if (this.iContexts.size() > 0) {
                    dirContext = this.iContexts.remove(this.iContexts.size() - 1);
                } else if (this.iLiveContexts < this.iMaxPoolSize || this.iMaxPoolSize == 0) {
                    this.iLiveContexts++;
                } else {
                    try {
                        this.lock.wait(this.iPoolWaitTime);
                    } catch (InterruptedException e4) {
                    }
                }
                DirContext dirContext2 = null;
                if (dirContext != null) {
                    if (this.iPoolTimeOut > 0 && currentTimeMillis - ((TimedDirContext) dirContext).getPoolTimestamp() > this.iPoolTimeOut) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "getDirContext ContextPool: context is time out.", new Object[0]);
                        }
                        dirContext2 = dirContext;
                        dirContext = null;
                    }
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "getDirContext ContextPool: no free context, create a new one...", new Object[0]);
                }
                if (dirContext == null) {
                    try {
                        dirContext = createDirContext(getEnvironment(1, getActiveURL()));
                    } catch (NamingException e5) {
                        this.iLiveContexts--;
                        throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e5.toString(true))));
                    }
                } else if (this.iReturnToPrimary && currentTimeMillis - this.iLastQueryTime > this.iQueryInterval) {
                    try {
                        String providerURL = getProviderURL(dirContext);
                        String primaryURL2 = getPrimaryURL();
                        if (!primaryURL2.equalsIgnoreCase(providerURL)) {
                            Hashtable<?, ?> environment2 = getEnvironment(0, primaryURL2);
                            boolean z = false;
                            try {
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "getDirContext Ping primary server '" + primaryURL2 + "'...", new Object[0]);
                                }
                                DirContext createDirContext = createDirContext(environment2);
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "getDirContext Ping primary server '" + primaryURL2 + "': success", new Object[0]);
                                }
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, WIMMessageKey.CURRENT_LDAP_SERVER, WIMMessageHelper.generateMsgParms(getActiveURL()));
                                }
                                z = true;
                                try {
                                    dirContext.close();
                                } catch (NamingException e6) {
                                    if (tc.isDebugEnabled()) {
                                        Tr.debug(tc, "getDirContext Can not close LDAP connection: " + e6.toString(true), new Object[0]);
                                    }
                                }
                                dirContext = createDirContext;
                            } catch (NamingException e7) {
                                if (tc.isInfoEnabled()) {
                                    Tr.info(tc, WIMMessageKey.CANNOT_CONNECT_LDAP_SERVER, WIMMessageHelper.generateMsgParms(primaryURL2));
                                }
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "getDirContext Ping primary server '" + primaryURL2 + "': fail", new Object[0]);
                                }
                            }
                            if (z) {
                                synchronized (this.lock) {
                                    if (!getActiveURL().equalsIgnoreCase(primaryURL2)) {
                                        createContextPool(this.iLiveContexts - 1, primaryURL2);
                                        ((TimedDirContext) dirContext).setCreateTimestamp(this.iPoolCreateTimestamp);
                                    }
                                }
                            }
                        }
                        this.iLastQueryTime = currentTimeMillis;
                    } catch (NamingException e8) {
                        throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e8.toString(true))));
                    }
                }
                if (dirContext2 != null) {
                    try {
                        dirContext2.close();
                    } catch (NamingException e9) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "getDirContext Can not close LDAP connection: " + e9.toString(true), new Object[0]);
                        }
                    }
                }
            }
        } while (dirContext == null);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "getDirContext ContextPool: total=" + this.iLiveContexts + ", poolSize=" + this.iContexts.size(), new Object[0]);
        }
        return dirContext;
    }

    public DirContext reCreateDirContext(DirContext dirContext, String str) throws WIMSystemException {
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "DirContext reCreateDirContext(String errorMessage) Communication exception occurs: " + str + " Creating a new connection.", new Object[0]);
        }
        try {
            TimedDirContext createDirContext = createDirContext(getEnvironment(1, getNextURL(getProviderURL(dirContext))));
            String providerURL = getProviderURL(createDirContext);
            synchronized (this.lock) {
                if (((TimedDirContext) dirContext).getCreateTimestamp() >= this.iPoolCreateTimestamp) {
                    createContextPool(this.iLiveContexts - 1, providerURL);
                    createDirContext.setCreateTimestamp(this.iPoolCreateTimestamp);
                }
            }
            dirContext.close();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, WIMMessageKey.CURRENT_LDAP_SERVER, WIMMessageHelper.generateMsgParms(getActiveURL()));
            }
            return createDirContext;
        } catch (NamingException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "2433", this, new Object[]{dirContext, str});
            throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e.toString(true))));
        }
    }

    /* JADX WARN: Finally extract failed */
    @FFDCIgnore({NamingException.class})
    public DirContext createDirContext(String str, byte[] bArr) throws NamingException {
        DirContext timedDirContext;
        String activeURL = getActiveURL();
        Hashtable<?, ?> environment = getEnvironment(0, activeURL);
        environment.put("java.naming.security.principal", str);
        environment.put("java.naming.security.credentials", bArr);
        Properties sSLPropertiesOnThread = FactoryManager.getSSLUtil().getSSLPropertiesOnThread();
        try {
            if (this.iSSLAlias != null) {
                try {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "createDirContext(String, byte[]) Use WAS SSL Configuration.", new Object[0]);
                    }
                    FactoryManager.getSSLUtil().setSSLAlias(this.iSSLAlias, environment);
                } catch (Exception e) {
                    FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "2468", this, new Object[]{str, bArr});
                    throw new NamingException(e.getMessage());
                }
            }
            Thread currentThread = Thread.currentThread();
            ClassLoader contextClassLoader = currentThread.getContextClassLoader();
            currentThread.setContextClassLoader(getClass().getClassLoader());
            try {
                try {
                    timedDirContext = new TimedDirContext(environment, getConnectionRequestControls());
                } catch (NamingException e2) {
                    if (!isConnectionException(e2, "createDirContext(String, byte[])")) {
                        throw e2;
                    }
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Encountered an exception while creating a context : " + e2.getMessage(), new Object[0]);
                    }
                    Hashtable<?, ?> environment2 = getEnvironment(1, getNextURL(activeURL));
                    environment2.put("java.naming.security.principal", str);
                    environment2.put("java.naming.security.credentials", bArr);
                    timedDirContext = new TimedDirContext(environment2, getConnectionRequestControls());
                    String providerURL = getProviderURL(timedDirContext);
                    long currentTimeMillis = System.currentTimeMillis();
                    synchronized (this.lock) {
                        if (currentTimeMillis > this.iPoolCreateTimestampMillisec) {
                            createContextPool(this.iLiveContexts, providerURL);
                            ((TimedDirContext) timedDirContext).setCreateTimestamp(this.iPoolCreateTimestamp);
                        }
                    }
                }
                DirContext dirContext = timedDirContext;
                currentThread.setContextClassLoader(contextClassLoader);
                FactoryManager.getSSLUtil().setSSLPropertiesOnThread(sSLPropertiesOnThread);
                return dirContext;
            } catch (Throwable th) {
                currentThread.setContextClassLoader(contextClassLoader);
                throw th;
            }
        } catch (Throwable th2) {
            FactoryManager.getSSLUtil().setSSLPropertiesOnThread(sSLPropertiesOnThread);
            throw th2;
        }
    }

    public DirContext createDirContext(Hashtable<?, ?> hashtable) throws NamingException {
        return createDirContext(hashtable, System.currentTimeMillis() / 1000);
    }

    /* JADX WARN: Finally extract failed */
    public DirContext createDirContext(Hashtable<?, ?> hashtable, long j) throws NamingException {
        if (hashtable.get("java.naming.security.credentials") instanceof ProtectedString) {
            ProtectedString protectedString = (ProtectedString) hashtable.get("java.naming.security.credentials");
            hashtable.put("java.naming.security.credentials", PasswordUtil.passwordDecode((protectedString == null ? "" : new String(protectedString.getChars())).trim()));
        }
        Properties sSLPropertiesOnThread = FactoryManager.getSSLUtil().getSSLPropertiesOnThread();
        try {
            if (this.iSSLAlias != null) {
                try {
                    FactoryManager.getSSLUtil().setSSLAlias(this.iSSLAlias, hashtable);
                } catch (Exception e) {
                    FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "2552", this, new Object[]{hashtable, Long.valueOf(j)});
                    throw new NamingException(e.getMessage());
                }
            }
            Thread currentThread = Thread.currentThread();
            ClassLoader contextClassLoader = currentThread.getContextClassLoader();
            currentThread.setContextClassLoader(getClass().getClassLoader());
            try {
                TimedDirContext timedDirContext = new TimedDirContext(hashtable, getConnectionRequestControls(), j);
                String providerURL = getProviderURL(timedDirContext);
                if (!this.iEnableContextPool && !providerURL.equalsIgnoreCase(getActiveURL())) {
                    setActiveURL(providerURL);
                }
                currentThread.setContextClassLoader(contextClassLoader);
                FactoryManager.getSSLUtil().setSSLPropertiesOnThread(sSLPropertiesOnThread);
                return timedDirContext;
            } catch (Throwable th) {
                currentThread.setContextClassLoader(contextClassLoader);
                throw th;
            }
        } catch (Throwable th2) {
            FactoryManager.getSSLUtil().setSSLPropertiesOnThread(sSLPropertiesOnThread);
            throw th2;
        }
    }

    private Hashtable<?, ?> getEnvironment(int i, String str) {
        Hashtable<?, ?> hashtable = new Hashtable<>(this.iEnvironment);
        List<String> list = (List) hashtable.remove(ENVKEY_URL_LIST);
        int size = list.size();
        int uRLIndex = getURLIndex(str, list);
        String str2 = null;
        int i2 = uRLIndex;
        while (i2 < uRLIndex + size) {
            str2 = i2 > uRLIndex ? str2 + " " + list.get(i2 % size) : list.get(i2 % size);
            if (i == 0) {
                break;
            }
            i2++;
        }
        hashtable.put("java.naming.provider.url", str2);
        hashtable.remove(ENVKEY_ACTIVE_URL);
        return hashtable;
    }

    private int getURLIndex(String str, List<String> list) {
        int i = 0;
        int size = list.size();
        if (str != null) {
            int i2 = 0;
            while (true) {
                if (i2 >= size) {
                    break;
                }
                if (list.get(i2).equalsIgnoreCase(str)) {
                    i = i2;
                    break;
                }
                i2++;
            }
        }
        return i;
    }

    @FFDCIgnore({NamingException.class})
    @Trivial
    private String getProviderURL(DirContext dirContext) {
        try {
            return (String) dirContext.getEnvironment().get("java.naming.provider.url");
        } catch (NamingException e) {
            if (!tc.isDebugEnabled()) {
                return "(null)";
            }
            Tr.debug(tc, "getProviderURL", e.toString(true));
            return "(null)";
        }
    }

    private Control[] getConnectionRequestControls() {
        return this.iConnCtls;
    }

    private void createContextPool(int i, String str) throws NamingException {
        if (str == null) {
            str = getPrimaryURL();
        }
        if (!this.iEnableContextPool) {
            setActiveURL(str);
            return;
        }
        long currentTimeMillis = System.currentTimeMillis();
        long j = currentTimeMillis / 1000;
        if (currentTimeMillis - this.iPoolCreateTimestampMillisec <= 1000) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "createContextPool Pool has already been purged within past second... skipping purge", new Object[0]);
                return;
            }
            return;
        }
        Vector vector = new Vector(i);
        Hashtable<?, ?> environment = getEnvironment(1, str);
        for (int i2 = 0; i2 < i; i2++) {
            try {
                DirContext createDirContext = createDirContext(environment, j);
                String providerURL = getProviderURL(createDirContext);
                if (!str.equalsIgnoreCase(providerURL)) {
                    environment = getEnvironment(1, providerURL);
                    str = providerURL;
                }
                vector.add(createDirContext);
            } catch (NamingException e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "2694", this, new Object[]{Integer.valueOf(i), str});
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "createContextPool Context Pool creation FAILED for " + Thread.currentThread() + ", iLiveContext=" + this.iLiveContexts, e);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "createContextPool Cleanup contexts in temp pool: " + vector.size(), new Object[0]);
                }
                for (int i3 = 0; i3 < vector.size(); i3++) {
                    try {
                        ((DirContext) vector.get(i3)).close();
                    } catch (Exception e2) {
                        FFDCFilter.processException(e2, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "2705", this, new Object[]{Integer.valueOf(i), str});
                    }
                }
                throw e;
            }
        }
        this.iLiveContexts += i;
        setActiveURL(str);
        List<DirContext> list = this.iContexts;
        this.iContexts = vector;
        this.iPoolCreateTimestamp = j;
        this.iPoolCreateTimestampMillisec = currentTimeMillis;
        closeContextPool(list);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "createContextPool Active Provider URL: " + getActiveURL(), new Object[0]);
            Tr.debug(tc, "createContextPool ContextPool: total=" + this.iLiveContexts + ", poolSize=" + this.iContexts.size(), new Object[0]);
        }
    }

    @FFDCIgnore({NamingException.class})
    private void closeContextPool(List<DirContext> list) {
        if (list != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "closeContextPool Context pool being closed by " + Thread.currentThread() + ", Context pool size=" + list.size(), new Object[0]);
            }
            for (int i = 0; i < list.size(); i++) {
                try {
                    list.get(i).close();
                    this.iLiveContexts--;
                } catch (NamingException e) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "closeContextPool Can not close LDAP connection: " + e.toString(true), new Object[0]);
                    }
                }
            }
        }
    }

    private boolean isConnectionException(NamingException namingException, String str) {
        return (namingException instanceof CommunicationException) || (namingException instanceof ServiceUnavailableException);
    }

    @FFDCIgnore({NamingException.class})
    public void releaseDirContext(DirContext dirContext) throws WIMException {
        if (!this.iEnableContextPool) {
            try {
                dirContext.close();
                return;
            } catch (NamingException e) {
                throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e.toString(true))));
            }
        }
        synchronized (this.lock) {
            if (this.iContexts.size() >= this.iPrefPoolSize || ((this.iMaxPoolSize != 0 && this.iLiveContexts > this.iMaxPoolSize) || ((TimedDirContext) dirContext).getCreateTimestamp() < this.iPoolCreateTimestamp || !getProviderURL(dirContext).equalsIgnoreCase(getActiveURL()))) {
                try {
                    dirContext.close();
                    this.iLiveContexts--;
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "releaseDirContext Context is discarded.", new Object[0]);
                    }
                } catch (NamingException e2) {
                    throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e2.toString(true))));
                }
            } else {
                if (this.iContexts == null || this.iContexts.size() <= 0 || !this.iContexts.contains(dirContext)) {
                    if (this.iContexts != null) {
                        this.iContexts.add(dirContext);
                    }
                    if (this.iPoolTimeOut > 0) {
                        ((TimedDirContext) dirContext).setPoolTimeStamp(System.currentTimeMillis() / 1000);
                    }
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "releaseDirContext Before Notifying the waiting threads and Context is back to pool.  ContextPool: total=" + this.iLiveContexts + ", poolSize=" + this.iContexts.size(), new Object[0]);
                    }
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "releaseDirContext Context already present in Context pool. No need to add it again to context pool.  ContextPool: total=" + this.iLiveContexts + ", poolSize=" + this.iContexts.size(), new Object[0]);
                }
                this.lock.notifyAll();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "releaseDirContext Context is back to pool.", new Object[0]);
                }
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "releaseDirContext ContextPool: total=" + this.iLiveContexts + ", poolSize=" + this.iContexts.size(), new Object[0]);
        }
    }

    public SearchResult searchByOperationalAttribute(String str, String str2, List<String> list, List<String> list2, String str3) throws WIMException {
        List<String> list3 = list2;
        if (list != null && list.size() > 0) {
            list3 = this.iLdapConfigMgr.getSupportedProperties(list.get(0), list2);
        }
        String[] attributeNames = this.iLdapConfigMgr.getAttributeNames(list, list3, false, false);
        String[] strArr = (String[]) Arrays.copyOf(attributeNames, attributeNames.length + 1);
        strArr[strArr.length - 1] = str3;
        NamingEnumeration<SearchResult> search = search(str, str2, 0, strArr, this.iCountLimit, this.iTimeLimit);
        if (search == null) {
            return null;
        }
        try {
            if (search.hasMore()) {
                return (SearchResult) search.next();
            }
            return null;
        } catch (NamingException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "2870", this, new Object[]{str, str2, list, list2, str3});
            throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e.toString(true))));
        }
    }

    private String getBinaryAttributes() {
        StringBuffer stringBuffer = new StringBuffer();
        Map attributes = this.iLdapConfigMgr.getAttributes();
        Iterator it = attributes.keySet().iterator();
        while (it.hasNext()) {
            LdapAttribute ldapAttribute = (LdapAttribute) attributes.get((String) it.next());
            if (LdapConstants.LDAP_ATTR_SYNTAX_OCTETSTRING.equalsIgnoreCase(ldapAttribute.getSyntax())) {
                stringBuffer.append(ldapAttribute.getName()).append(" ");
            }
        }
        return stringBuffer.toString().trim();
    }

    public void destroySubcontext(String str) throws WIMException {
        DirContext dirContext = getDirContext();
        try {
            try {
                try {
                    try {
                        try {
                            dirContext.destroySubcontext(new LdapName(str));
                        } catch (Throwable th) {
                            releaseDirContext(dirContext);
                            throw th;
                        }
                    } catch (NamingException e) {
                        FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "2922", this, new Object[]{str});
                        if (!isConnectionException(e, "destroySubcontext")) {
                            throw e;
                        }
                        dirContext = reCreateDirContext(dirContext, e.toString());
                        dirContext.destroySubcontext(new LdapName(str));
                    }
                    releaseDirContext(dirContext);
                } catch (NameNotFoundException e2) {
                    FFDCFilter.processException(e2, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "2933", this, new Object[]{str});
                    throw new EntityNotFoundException(WIMMessageKey.LDAP_ENTRY_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.LDAP_ENTRY_NOT_FOUND, WIMMessageHelper.generateMsgParms(str, e2.toString(true))));
                }
            } catch (NamingException e3) {
                FFDCFilter.processException(e3, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "2937", this, new Object[]{str});
                throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e3.toString(true))));
            }
        } catch (ContextNotEmptyException e4) {
            FFDCFilter.processException(e4, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "2929", this, new Object[]{str});
            throw new EntityHasDescendantsException(WIMMessageKey.ENTITY_HAS_DESCENDENTS, Tr.formatMessage(tc, WIMMessageKey.ENTITY_HAS_DESCENDENTS, WIMMessageHelper.generateMsgParms(str)));
        }
    }

    public void modifyAttributes(String str, ModificationItem[] modificationItemArr) throws NamingException, WIMException {
        DirContext dirContext = getDirContext();
        try {
            try {
                try {
                    try {
                        dirContext.modifyAttributes(new LdapName(str), modificationItemArr);
                    } catch (NamingException e) {
                        FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "2972", this, new Object[]{str, modificationItemArr});
                        throw e;
                    }
                } catch (Throwable th) {
                    releaseDirContext(dirContext);
                    throw th;
                }
            } catch (NamingException e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "2962", this, new Object[]{str, modificationItemArr});
                if (!isConnectionException(e2, "modifyAttributes(Name name, ModificationItem[] mods)")) {
                    throw e2;
                }
                dirContext = reCreateDirContext(dirContext, e2.toString());
                dirContext.modifyAttributes(new LdapName(str), modificationItemArr);
            }
            releaseDirContext(dirContext);
        } catch (NameNotFoundException e3) {
            FFDCFilter.processException(e3, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "2969", this, new Object[]{str, modificationItemArr});
            throw new EntityNotFoundException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e3.toString(true))));
        }
    }

    public void modifyAttributes(String str, int i, Attributes attributes) throws NamingException, WIMException {
        DirContext dirContext = getDirContext();
        checkWritePermission(dirContext);
        try {
            try {
                try {
                    try {
                        dirContext.modifyAttributes(new LdapName(str), i, attributes);
                    } catch (NamingException e) {
                        FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "2998", this, new Object[]{str, Integer.valueOf(i), attributes});
                        throw e;
                    }
                } catch (Throwable th) {
                    releaseDirContext(dirContext);
                    throw th;
                }
            } catch (NamingException e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "2988", this, new Object[]{str, Integer.valueOf(i), attributes});
                if (!isConnectionException(e2, "modifyAttributes(Name, int, Attributes)")) {
                    throw e2;
                }
                dirContext = reCreateDirContext(dirContext, e2.toString());
                dirContext.modifyAttributes(new LdapName(str), i, attributes);
            }
            releaseDirContext(dirContext);
        } catch (NameNotFoundException e3) {
            FFDCFilter.processException(e3, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "2995", this, new Object[]{str, Integer.valueOf(i), attributes});
            throw new EntityNotFoundException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e3.toString(true))));
        }
    }

    public DirContext createSubcontext(String str, Attributes attributes) throws WIMException {
        DirContext createSubcontext;
        DirContext dirContext = getDirContext();
        checkWritePermission(dirContext);
        try {
            try {
                try {
                    long currentTimeMillis = System.currentTimeMillis();
                    createSubcontext = dirContext.createSubcontext(new LdapName(str), attributes);
                    long currentTimeMillis2 = System.currentTimeMillis();
                    if (currentTimeMillis2 - currentTimeMillis <= LDAP_CONNECT_TIMEOUT_TRACE) {
                        handleBindStat(currentTimeMillis2 - currentTimeMillis);
                    } else if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "createSubcontext **LDAPConnect time: " + (currentTimeMillis2 - currentTimeMillis) + " ms, lock held " + Thread.holdsLock(this.lock) + ", principal=" + str, new Object[0]);
                    }
                } catch (NamingException e) {
                    FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "3025", this, new Object[]{str, attributes});
                    if (!isConnectionException(e, "createSubcontext")) {
                        throw e;
                    }
                    dirContext = reCreateDirContext(dirContext, e.toString());
                    long currentTimeMillis3 = System.currentTimeMillis();
                    createSubcontext = dirContext.createSubcontext(new LdapName(str), attributes);
                    long currentTimeMillis4 = System.currentTimeMillis();
                    if (currentTimeMillis4 - currentTimeMillis3 <= LDAP_CONNECT_TIMEOUT_TRACE) {
                        handleBindStat(currentTimeMillis4 - currentTimeMillis3);
                    } else if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "createSubcontext **LDAPConnect time: " + (currentTimeMillis4 - currentTimeMillis3) + " ms, lock held " + Thread.holdsLock(this.lock) + ", principal=" + str, new Object[0]);
                    }
                }
                releaseDirContext(dirContext);
                return createSubcontext;
            } catch (NameAlreadyBoundException e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "3041", this, new Object[]{str, attributes});
                throw new EntityAlreadyExistsException(WIMMessageKey.ENTITY_ALREADY_EXIST, Tr.formatMessage(tc, WIMMessageKey.ENTITY_ALREADY_EXIST, WIMMessageHelper.generateMsgParms(str)));
            } catch (NamingException e3) {
                FFDCFilter.processException(e3, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "3047", this, new Object[]{str, attributes});
                throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e3.toString(true))));
            } catch (NameNotFoundException e4) {
                FFDCFilter.processException(e4, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "3044", this, new Object[]{str, attributes});
                throw new EntityNotFoundException(WIMMessageKey.PARENT_NOT_FOUND, Tr.formatMessage(tc, WIMMessageKey.PARENT_NOT_FOUND, WIMMessageHelper.generateMsgParms(e4.toString(true))));
            }
        } catch (Throwable th) {
            releaseDirContext(dirContext);
            throw th;
        }
    }

    private void handleBindStat(long j) {
        if (j < LDAP_CONNECT_TIMEOUT_TRACE) {
            QUICK_LDAP_BIND.getAndIncrement();
        }
        long currentTimeMillis = System.currentTimeMillis();
        if (currentTimeMillis - LDAP_STATS_TIMER.get() <= 1800000 || currentTimeMillis - LDAP_STATS_TIMER.getAndSet(currentTimeMillis) <= 1800000 || !tc.isDebugEnabled()) {
            return;
        }
        Tr.debug(tc, "handleBindStat(long) **LDAPBindStat: " + QUICK_LDAP_BIND.get() + " binds took less then " + LDAP_CONNECT_TIMEOUT_TRACE + " ms", new Object[0]);
    }

    private void checkWritePermission(DirContext dirContext) throws OperationNotSupportedException {
        if (this.iWriteToSecondary) {
            return;
        }
        String providerURL = getProviderURL(dirContext);
        if (!getPrimaryURL().equalsIgnoreCase(providerURL)) {
            throw new OperationNotSupportedException(WIMMessageKey.WRITE_TO_SECONDARY_SERVERS_NOT_ALLOWED, Tr.formatMessage(tc, WIMMessageKey.WRITE_TO_SECONDARY_SERVERS_NOT_ALLOWED, WIMMessageHelper.generateMsgParms(providerURL)));
        }
    }

    public void rename(String str, String str2) throws WIMException {
        DirContext dirContext = getDirContext();
        checkWritePermission(dirContext);
        try {
            try {
                try {
                    dirContext.rename(str, str2);
                } catch (Throwable th) {
                    releaseDirContext(dirContext);
                    throw th;
                }
            } catch (NamingException e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "3105", this, new Object[]{str, str2});
                if (!isConnectionException(e, "rename")) {
                    throw e;
                }
                dirContext = reCreateDirContext(dirContext, e.toString());
                dirContext.rename(str, str2);
            }
            releaseDirContext(dirContext);
        } catch (NamingException e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.wim.adapter.ldap.LdapConnection", "3112", this, new Object[]{str, str2});
            throw new WIMSystemException(WIMMessageKey.NAMING_EXCEPTION, Tr.formatMessage(tc, WIMMessageKey.NAMING_EXCEPTION, WIMMessageHelper.generateMsgParms(e2.toString(true))));
        }
    }

    public int getSearchTimeout() {
        return this.iTimeLimit;
    }
}
