package net.sf.jlue.aop.support;

import java.lang.reflect.Method;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpServletRequest;
import net.sf.jlue.aop.MethodBeforeAdvice;
import net.sf.jlue.exception.AccessException;
import net.sf.jlue.security.ActionPrivileged;
import net.sf.jlue.security.UmAndPdCallbackHandler;
import net.sf.jlue.security.User;
import net.sf.jlue.security.UserPrincipal;
import net.sf.jlue.struts.BaseAction;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.struts.action.ActionMapping;

/* loaded from: input_file:net/sf/jlue/aop/support/SecurityAdvice.class */
public class SecurityAdvice implements MethodBeforeAdvice {
    private static final Log logger;
    static Class class$net$sf$jlue$aop$support$SecurityAdvice;
    static Class class$net$sf$jlue$security$UserPrincipal;

    @Override // net.sf.jlue.aop.MethodBeforeAdvice
    public Object before(Object obj, Method method, Object[] objArr) throws Throwable {
        Class cls;
        if (!(obj instanceof BaseAction)) {
            if (!logger.isDebugEnabled()) {
                return null;
            }
            logger.debug(new StringBuffer().append(obj.getClass().getName()).append(" dont a BaseAction and the SecurityAdvice has abandoned.").toString());
            return null;
        }
        ActionMapping actionMapping = (ActionMapping) objArr[0];
        if (logger.isDebugEnabled()) {
            logger.debug(new StringBuffer().append("The method(").append(method.getName()).append(") of ").append(obj.getClass().getName()).append(" has been intercepted.").toString());
        }
        UserPrincipal userPrincipal = (UserPrincipal) ((HttpServletRequest) objArr[2]).getSession().getAttribute(User.USER_PRINCIPAL);
        if (userPrincipal == null) {
            if (logger.isDebugEnabled()) {
                logger.debug(getMessage4SessionOverTime());
            }
            throw new AccessException(getMessage4SessionOverTime());
        }
        String[] roleNames = actionMapping.getRoleNames();
        try {
            LoginContext loginContext = new LoginContext(getJAASContext(), new UmAndPdCallbackHandler(userPrincipal.getId(), userPrincipal.getPassword()));
            loginContext.login();
            if (logger.isDebugEnabled()) {
                logger.debug("User authentication success.");
            }
            try {
                Subject subject = loginContext.getSubject();
                Subject.doAs(subject, new ActionPrivileged(subject, roleNames));
                if (logger.isDebugEnabled()) {
                    Log log = logger;
                    StringBuffer append = new StringBuffer().append("User authentication success.");
                    if (class$net$sf$jlue$security$UserPrincipal == null) {
                        cls = class$("net.sf.jlue.security.UserPrincipal");
                        class$net$sf$jlue$security$UserPrincipal = cls;
                    } else {
                        cls = class$net$sf$jlue$security$UserPrincipal;
                    }
                    log.debug(append.append(subject.getPrincipals(cls)).toString());
                }
                return null;
            } catch (Exception e) {
                if (logger.isDebugEnabled()) {
                    logger.debug(getMessage4AuthSuccess(), e);
                }
                throw new AccessException(getMessage4AuthSuccess());
            }
        } catch (LoginException e2) {
            if (logger.isDebugEnabled()) {
                logger.debug(getMessage4AuthFailed(), e2);
            }
            throw new AccessException(getMessage4AuthFailed());
        }
    }

    protected String getJAASContext() {
        return "jlue";
    }

    protected String getMessage4SessionOverTime() {
        return "You are not logged in,or session have been overtime.Please try again.";
    }

    protected String getMessage4AuthFailed() {
        return "Login failed,because user have been suspended or password have been modified";
    }

    protected String getMessage4AuthSuccess() {
        return "You are not authorized access to that information,please login with other users or content the system administrator.";
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$net$sf$jlue$aop$support$SecurityAdvice == null) {
            cls = class$("net.sf.jlue.aop.support.SecurityAdvice");
            class$net$sf$jlue$aop$support$SecurityAdvice = cls;
        } else {
            cls = class$net$sf$jlue$aop$support$SecurityAdvice;
        }
        logger = LogFactory.getLog(cls);
    }
}
