package weblogic.jms.common;

import java.io.IOException;
import java.rmi.Remote;
import javax.naming.NamingException;
import weblogic.jms.dispatcher.DispatcherAdapter;
import weblogic.jms.dispatcher.InvocableManagerDelegate;
import weblogic.jms.dispatcher.JMSDispatcher;
import weblogic.messaging.dispatcher.Dispatcher;
import weblogic.messaging.dispatcher.DispatcherProxy;
import weblogic.messaging.dispatcher.DispatcherRemote;
import weblogic.messaging.dispatcher.DispatcherWrapperState;
import weblogic.messaging.dispatcher.Request;
import weblogic.rmi.extensions.RemoteHelper;
import weblogic.rmi.extensions.server.RemoteDomainSecurityHelper;
import weblogic.rmi.spi.EndPoint;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.service.SecurityServiceManager;
import weblogic.security.subject.AbstractSubject;
import weblogic.security.subject.SubjectManager;

/* loaded from: input_file:weblogic/jms/common/ServerCrossDomainSecurityUtil.class */
public final class ServerCrossDomainSecurityUtil implements CrossDomainSecurityUtil {
    private final AbstractSubject anonymous = SubjectManager.getSubjectManager().getAnonymousSubject();

    @Override // weblogic.jms.common.CrossDomainSecurityUtil
    public AbstractSubject getSubjectFromListener(CDSListListener cDSListListener) throws NamingException, IOException {
        AbstractSubject abstractSubject = null;
        try {
            abstractSubject = cDSListListener.getForeignSubject();
        } catch (java.lang.IllegalStateException e) {
        }
        if (abstractSubject == null) {
            abstractSubject = cDSListListener.getSubject();
        }
        String providerURL = cDSListListener.getProviderURL();
        if (JMSDebug.JMSCrossDomainSecurity.isDebugEnabled()) {
            JMSDebug.JMSCrossDomainSecurity.debug("getSubjectFromListener() listener's url = " + providerURL + " listener's subject = " + abstractSubject + " isLocal  = " + cDSListListener.isLocal());
        }
        if (cDSListListener.isLocal() || providerURL == null || providerURL.trim().length() == 0) {
            if (abstractSubject == null) {
                abstractSubject = CrossDomainSecurityManager.getCurrentSubject();
            }
            if (JMSDebug.JMSCrossDomainSecurity.isDebugEnabled()) {
                JMSDebug.JMSCrossDomainSecurity.debug("getSubjectFromListener() final subject = " + abstractSubject);
            }
            return abstractSubject;
        }
        if (abstractSubject != null && isKernelIdentity((AuthenticatedSubject) abstractSubject) && isRemoteDomain(cDSListListener.getProviderURL())) {
            abstractSubject = getRemoteSubjectFromCM(cDSListListener.getProviderURL());
        }
        if (abstractSubject == null || isKernelIdentity((AuthenticatedSubject) abstractSubject)) {
            abstractSubject = this.anonymous;
        }
        if (JMSDebug.JMSCrossDomainSecurity.isDebugEnabled()) {
            JMSDebug.JMSCrossDomainSecurity.debug("Final subject for URL " + providerURL + " is " + abstractSubject);
        }
        return abstractSubject;
    }

    @Override // weblogic.jms.common.CrossDomainSecurityUtil
    public AbstractSubject getRemoteSubject(String str, AbstractSubject abstractSubject) {
        try {
            AbstractSubject remoteSubjectFromCM = getRemoteSubjectFromCM(str);
            if (remoteSubjectFromCM != null) {
                return remoteSubjectFromCM;
            }
            if (CrossDomainSecurityManager.getCrossDomainSecurityUtil().isRemoteDomain(str)) {
                return this.anonymous;
            }
            AbstractSubject currentSubject = abstractSubject != null ? abstractSubject : CrossDomainSecurityManager.getCurrentSubject();
            if (currentSubject == null || isKernelIdentity((AuthenticatedSubject) currentSubject)) {
                currentSubject = this.anonymous;
            }
            return currentSubject;
        } catch (NamingException e) {
            return this.anonymous;
        } catch (IOException e2) {
            return this.anonymous;
        }
    }

    private AbstractSubject getRemoteSubjectFromCM(String str) throws IOException, NamingException {
        if (str == null || str.trim().length() == 0) {
            return null;
        }
        return RemoteDomainSecurityHelper.getSubject(str);
    }

    @Override // weblogic.jms.common.CrossDomainSecurityUtil
    public AbstractSubject getRemoteSubject(JMSDispatcher jMSDispatcher) throws JMSException {
        return getRemoteSubject(jMSDispatcher, CrossDomainSecurityManager.getCurrentSubject(), false);
    }

    @Override // weblogic.jms.common.CrossDomainSecurityUtil
    public AbstractSubject getRemoteSubject(JMSDispatcher jMSDispatcher, AbstractSubject abstractSubject, boolean z) throws JMSException {
        AbstractSubject currentSubject = CrossDomainSecurityManager.getCurrentSubject();
        if (JMSDebug.JMSCrossDomainSecurity.isDebugEnabled()) {
            JMSDebug.JMSCrossDomainSecurity.debug("getRemoteSubject from dispatcher: isLocal = " + jMSDispatcher.isLocal() + " currentSubject = " + currentSubject + " suggestedSubject = " + abstractSubject + " dispatcher " + jMSDispatcher + " suggestedSubjectGoodForRemoteDomain = " + z);
        }
        if (jMSDispatcher.isLocal()) {
            return abstractSubject != null ? abstractSubject : currentSubject;
        }
        Dispatcher delegate = ((DispatcherAdapter) jMSDispatcher).getDelegate();
        Remote remote = RemoteHelper.getRemote(delegate);
        if (JMSDebug.JMSCrossDomainSecurity.isDebugEnabled()) {
            JMSDebug.JMSCrossDomainSecurity.debug("Remote = " + remote);
        }
        if (remote == null || !((remote instanceof DispatcherProxy) || (delegate instanceof DispatcherWrapperState))) {
            return abstractSubject != null ? abstractSubject : currentSubject;
        }
        AbstractSubject abstractSubject2 = null;
        if (remote instanceof DispatcherProxy) {
            if (abstractSubject != null && (z || !RemoteDomainSecurityHelper.isRemoteDomain(((DispatcherProxy) remote).getRJVM()))) {
                abstractSubject2 = abstractSubject;
            }
            if (abstractSubject2 == null || isKernelIdentity((AuthenticatedSubject) abstractSubject2)) {
                try {
                    abstractSubject2 = RemoteDomainSecurityHelper.getSubject((EndPoint) ((DispatcherProxy) remote).getRJVM());
                } catch (IOException e) {
                    throw new JMSException(e);
                }
            }
        } else {
            abstractSubject2 = abstractSubject;
        }
        if (abstractSubject2 == null || isKernelIdentity((AuthenticatedSubject) abstractSubject2)) {
            abstractSubject2 = this.anonymous;
        }
        if (JMSDebug.JMSCrossDomainSecurity.isDebugEnabled()) {
            JMSDebug.JMSCrossDomainSecurity.debug("final subject = " + abstractSubject2);
        }
        return abstractSubject2;
    }

    private void checkRole(DispatcherProxy dispatcherProxy, Request request) throws JMSException {
        int methodId;
        if (JMSDebug.JMSCrossDomainSecurity.isDebugEnabled() && ((methodId = request.getMethodId()) == 18455 || methodId == 18711 || methodId == 18967 || methodId == 4 || methodId == 15616)) {
            String str = null;
            switch (request.getMethodId()) {
                case 4:
                    str = "JMSSessionRequest:";
                    break;
                case InvocableManagerDelegate.JMS_PUSH_MESSAGE /* 15616 */:
                    str = "JMSPushMessageRequest:";
                    break;
                case InvocableManagerDelegate.DD_MEMBERSHIP_REQUEST /* 18455 */:
                    str = "DDMembershipRequest:";
                    break;
                case InvocableManagerDelegate.DD_MEMBERSHIP_PUSH_REQUEST /* 18711 */:
                    str = "DDMembershipPushRequest:";
                    break;
                case InvocableManagerDelegate.DD_MEMBERSHIP_CANCEL_REQUEST /* 18967 */:
                    str = "DDMembershipCancalRequest:";
                    break;
            }
            if (JMSDebug.JMSCrossDomainSecurity.isDebugEnabled()) {
                JMSDebug.JMSCrossDomainSecurity.debug("Processing " + str + " dispatcherProxy = " + dispatcherProxy + " isCollocatd = " + request.isCollocated());
            }
        }
        AbstractSubject currentSubject = CrossDomainSecurityManager.getCurrentSubject();
        int acceptRemoteDomainCall = RemoteDomainSecurityHelper.acceptRemoteDomainCall(dispatcherProxy.getRJVM().getHostID(), (AuthenticatedSubject) currentSubject);
        if (JMSDebug.JMSCrossDomainSecurity.isDebugEnabled() && JMSDebug.JMSCrossDomainSecurity.isDebugEnabled()) {
            JMSDebug.JMSCrossDomainSecurity.debug("Verifying subject = " + currentSubject + " acceptRemoteDomainCall()= " + acceptRemoteDomainCall);
        }
        if (acceptRemoteDomainCall == 1) {
            throw new JMSException("User <" + currentSubject + "> does not have permission for cross-domain communication");
        }
    }

    @Override // weblogic.jms.common.CrossDomainSecurityUtil
    public void checkRole(JMSDispatcher jMSDispatcher, Request request) throws JMSException {
        DispatcherProxy dispatcherProxy = getDispatcherProxy(jMSDispatcher);
        if (dispatcherProxy == null) {
            return;
        }
        checkRole(dispatcherProxy, request);
    }

    @Override // weblogic.jms.common.CrossDomainSecurityUtil
    public void checkRole(DispatcherRemote dispatcherRemote, Request request) throws JMSException {
        if (request.isCollocated() || !(dispatcherRemote instanceof DispatcherProxy)) {
            return;
        }
        checkRole((DispatcherProxy) dispatcherRemote, request);
    }

    @Override // weblogic.jms.common.CrossDomainSecurityUtil
    public boolean isRemoteDomain(String str) throws IOException {
        return RemoteDomainSecurityHelper.isRemoteDomain(str);
    }

    @Override // weblogic.jms.common.CrossDomainSecurityUtil
    public boolean isRemoteDomain(JMSDispatcher jMSDispatcher) throws IOException {
        DispatcherProxy dispatcherProxy = getDispatcherProxy(jMSDispatcher);
        if (dispatcherProxy == null) {
            return false;
        }
        return RemoteDomainSecurityHelper.isRemoteDomain(dispatcherProxy.getRJVM());
    }

    private DispatcherProxy getDispatcherProxy(JMSDispatcher jMSDispatcher) {
        if (jMSDispatcher.isLocal()) {
            return null;
        }
        Remote remote = RemoteHelper.getRemote(((DispatcherAdapter) jMSDispatcher).getDelegate());
        if (remote instanceof DispatcherProxy) {
            return (DispatcherProxy) remote;
        }
        return null;
    }

    @Override // weblogic.jms.common.CrossDomainSecurityUtil
    public boolean isKernelIdentity(AbstractSubject abstractSubject) {
        if (abstractSubject instanceof AuthenticatedSubject) {
            return SecurityServiceManager.isKernelIdentity((AuthenticatedSubject) abstractSubject) || SecurityServiceManager.isServerIdentity((AuthenticatedSubject) abstractSubject);
        }
        return false;
    }

    @Override // weblogic.jms.common.CrossDomainSecurityUtil
    public boolean ifRemoteSubjectExists(String str) {
        AuthenticatedSubject authenticatedSubject = null;
        if (str != null) {
            try {
                if (str.trim().length() > 0) {
                    authenticatedSubject = RemoteDomainSecurityHelper.getSubject(str);
                }
            } catch (Exception e) {
            }
        }
        return authenticatedSubject != null;
    }
}
