package net.sf.jguard.jee.listeners;

import java.security.Policy;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.login.Configuration;
import javax.servlet.ServletContext;
import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
import net.sf.jguard.core.CoreConstants;
import net.sf.jguard.core.authentication.configuration.JGuardConfiguration;
import net.sf.jguard.core.authorization.policy.AccessControllerUtils;
import net.sf.jguard.core.authorization.policy.MultipleAppPolicy;
import net.sf.jguard.core.authorization.policy.PolicyHelper;
import net.sf.jguard.ext.SecurityConstants;
import net.sf.jguard.ext.authentication.manager.AuthenticationHelper;
import net.sf.jguard.ext.authorization.AuthorizationHelper;
import net.sf.jguard.ext.authorization.manager.AuthorizationManager;
import net.sf.jguard.ext.java5.authentication.jmx.JMXHelper;
import net.sf.jguard.jee.authentication.http.HttpConstants;
import net.sf.jguard.jee.util.WebappUtil;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.xerces.impl.xs.SchemaSymbols;

/* loaded from: input_file:WEB-INF/lib/jguard-jee-1.0.3.jar:net/sf/jguard/jee/listeners/ContextListener.class */
public class ContextListener implements ServletContextListener {
    private static final Log logger;
    static Class class$net$sf$jguard$jee$listeners$ContextListener;

    public void contextDestroyed(ServletContextEvent servletContextEvent) {
        logger.debug(" context destroyed ");
        ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
        if (Policy.getPolicy() instanceof MultipleAppPolicy) {
            ((MultipleAppPolicy) Policy.getPolicy()).unregisterPermissionProvider(contextClassLoader);
        }
        servletContextEvent.getServletContext().removeAttribute(SecurityConstants.CAPTCHA_SERVICE);
        servletContextEvent.getServletContext().removeAttribute(HttpConstants.USERS_IN_SESSION);
    }

    public void contextInitialized(ServletContextEvent servletContextEvent) {
        logger.debug("#####  initializing ContextListener ... #####");
        ServletContext servletContext = servletContextEvent.getServletContext();
        servletContext.setAttribute(HttpConstants.USERS_IN_SESSION, new ArrayList());
        String webappHomePath = WebappUtil.getWebappHomePath(servletContext, "/");
        String servletContextName = servletContext.getServletContextName();
        servletContext.setAttribute(CoreConstants.APPLICATION_NAME, servletContextName);
        initAuthentication(servletContext, webappHomePath, servletContextName);
        Configuration configuration = (Configuration) servletContext.getAttribute(HttpConstants.JGUARD_CONFIGURATION);
        AccessControllerUtils initAuthorization = initAuthorization(servletContext, webappHomePath, servletContextName);
        String initParameter = servletContext.getInitParameter(SecurityConstants.ENABLE_JMX);
        if (initParameter != null && SchemaSymbols.ATTVAL_TRUE.equalsIgnoreCase(initParameter)) {
            HashMap hashMap = new HashMap();
            hashMap.put(SecurityConstants.MBEAN_SERVER_FOR_CONNECTOR, servletContext.getInitParameter(SecurityConstants.MBEAN_SERVER_FOR_CONNECTOR));
            hashMap.put(SecurityConstants.RMI_REGISTRY_HOST, servletContext.getInitParameter(SecurityConstants.RMI_REGISTRY_HOST));
            hashMap.put(SecurityConstants.RMI_REGISTRY_PORT, servletContext.getInitParameter(SecurityConstants.RMI_REGISTRY_PORT));
            hashMap.put(SecurityConstants.MBEAN_SERVER_FOR_CONNECTOR, servletContext.getInitParameter(SecurityConstants.MBEAN_SERVER_FOR_CONNECTOR));
            JMXHelper.enableJMXSecurity(servletContextName, hashMap, configuration, initAuthorization);
        }
        logger.debug("#####  ContextListener initialized  #####");
    }

    private AccessControllerUtils initAuthorization(ServletContext servletContext, String str, String str2) {
        String str3;
        MultipleAppPolicy multipleAppPolicy;
        AccessControllerUtils accessControllerUtils;
        Map loadConfiguration = AuthorizationHelper.loadConfiguration(servletContext.getInitParameter(HttpConstants.AUTHORIZATION_CONFIGURATION_LOCATION) != null ? WebappUtil.getWebappHomePath(servletContext, servletContext.getInitParameter(HttpConstants.AUTHORIZATION_CONFIGURATION_LOCATION)) : WebappUtil.getWebappHomePath(servletContext, HttpConstants.DEFAULT_AUTHORIZATION_CONFIGURATION_LOCATION), str);
        if (loadConfiguration.get(SecurityConstants.SCOPE) != null) {
            str3 = (String) loadConfiguration.get(SecurityConstants.SCOPE);
        } else {
            str3 = SecurityConstants.LOCAL_SCOPE;
            servletContext.setAttribute(SecurityConstants.AUTHORIZATION_SCOPE, str3);
        }
        logger.info(new StringBuffer().append(" authorization scope = ").append(str3).toString());
        AuthorizationManager initAuthorization = AuthorizationHelper.initAuthorization(loadConfiguration, str2);
        if (SecurityConstants.JVM_SCOPE.equalsIgnoreCase(str3)) {
            PolicyHelper.installPolicyOnJVM();
            multipleAppPolicy = (MultipleAppPolicy) Policy.getPolicy();
            multipleAppPolicy.registerPermissionProvider(Thread.currentThread().getContextClassLoader(), initAuthorization);
            accessControllerUtils = new AccessControllerUtils();
        } else {
            multipleAppPolicy = new MultipleAppPolicy();
            accessControllerUtils = new AccessControllerUtils(multipleAppPolicy);
        }
        multipleAppPolicy.registerPermissionProvider(Thread.currentThread().getContextClassLoader(), initAuthorization);
        servletContext.setAttribute(HttpConstants.AUTHZ_UTILS, accessControllerUtils);
        servletContext.setAttribute(SecurityConstants.AUTHORIZATION_MANAGER, initAuthorization);
        return accessControllerUtils;
    }

    private void initAuthentication(ServletContext servletContext, String str, String str2) {
        String str3;
        JGuardConfiguration jGuardConfiguration;
        Map loadConfiguration = AuthenticationHelper.loadConfiguration(servletContext.getInitParameter(HttpConstants.AUTHENTICATION_CONFIGURATION_LOCATION) != null ? WebappUtil.getWebappHomePath(servletContext, servletContext.getInitParameter(HttpConstants.AUTHENTICATION_CONFIGURATION_LOCATION)) : WebappUtil.getWebappHomePath(servletContext, HttpConstants.DEFAULT_AUTHENTICATION_CONFIGURATION_LOCATION), str);
        if (loadConfiguration.get(SecurityConstants.SCOPE) != null) {
            str3 = (String) loadConfiguration.get(SecurityConstants.SCOPE);
        } else {
            str3 = SecurityConstants.LOCAL_SCOPE;
            servletContext.setAttribute(SecurityConstants.AUTHENTICATION_SCOPE, str3);
        }
        logger.info(new StringBuffer().append(" authentication scope = ").append(str3).toString());
        logger.info(new StringBuffer().append(" authentication scope = ").append(str3).toString());
        if (SecurityConstants.JVM_SCOPE.equalsIgnoreCase(str3)) {
            jGuardConfiguration = (JGuardConfiguration) Configuration.getConfiguration();
        } else {
            jGuardConfiguration = new JGuardConfiguration();
            servletContext.setAttribute(HttpConstants.JGUARD_CONFIGURATION, jGuardConfiguration);
        }
        servletContext.setAttribute(SecurityConstants.AUTHENTICATION_MANAGER, AuthenticationHelper.initAuthentication(jGuardConfiguration, loadConfiguration, str2));
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$net$sf$jguard$jee$listeners$ContextListener == null) {
            cls = class$("net.sf.jguard.jee.listeners.ContextListener");
            class$net$sf$jguard$jee$listeners$ContextListener = cls;
        } else {
            cls = class$net$sf$jguard$jee$listeners$ContextListener;
        }
        logger = LogFactory.getLog(cls);
    }
}
