package com.ibm.ws.security.web;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.security.cred.WSCredential;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.auth.SubjectHelper;
import com.ibm.ws.security.auth.j2c.WSLoginLocalOSExtensionFactory;
import com.ibm.ws.security.auth.kerberos.Krb5Utils;
import com.ibm.ws.security.config.AuthMechanismConfig;
import com.ibm.ws.security.config.SecurityConfig;
import com.ibm.ws.security.config.SecurityObjectLocator;
import com.ibm.ws.security.config.SingleSignonConfig;
import com.ibm.ws.security.config.UserRegistryConfig;
import com.ibm.ws.security.core.ContextManagerFactory;
import com.ibm.ws.security.jaspi.commands.AdminConstants;
import com.ibm.ws.security.util.AccessController;
import com.ibm.ws.security.util.Base64Coder;
import com.ibm.ws.security.util.ByteArray;
import com.ibm.ws.security.util.Constants;
import com.ibm.ws.security.util.StringUtil;
import com.ibm.wsspi.security.token.SingleSignonToken;
import com.ibm.wsspi.webcontainer.servlet.IExtendedResponse;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.ListIterator;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.security.auth.Subject;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.emf.common.util.EList;
import org.eclipse.jst.j2ee.common.EnvEntry;
import org.eclipse.jst.j2ee.webapplication.FormLoginConfig;
import org.eclipse.jst.j2ee.webapplication.LoginConfig;
import org.eclipse.jst.j2ee.webapplication.WebApp;

/* loaded from: input_file:wasJars/securityimpl.jar:com/ibm/ws/security/web/WebAttributes.class */
public class WebAttributes {
    public static final String LOCALOS = "LOCALOS";
    public static final String LTPA = "LTPA";
    public static final String UNSUPPORTED = "UNSUPPORTED";
    private static Cookie cookieAttrs;
    private static boolean secureSSO;
    private static final String SSO_COOKIE_SUFFIX = "Token";
    String[] ltpaCookieNames;
    private static boolean isSecurityEnabled;
    private static String authMechanism;
    private static final char CERTIFICATE_FLAG = 'C';
    private static final char COOKIE_FLAG = 'K';
    private static final char AUTHORIZATION_FLAG = 'A';
    private boolean isProtected;
    private String realm;
    private String challengeType;
    private boolean useSSL;
    private boolean defaultToBasic;
    private String pluginCfg;
    private String loginURL;
    private String reloginURL;
    private String webAppName;
    private boolean _applicationSyncToOSThreadEnabled;
    private static SecurityConfig security;
    private static final TraceComponent tc = Tr.register(WebAttributes.class, "Security", AdminConstants.MSG_BUNDLE_NAME);
    private static final TraceComponent zOS_tc = Tr.register("WebAttributes.class", "Security", "com.ibm.ejs.resources.ws390Messages");
    private static Object lockObject = new Object();
    private static boolean setSSODomain = true;
    private static String loginCookieName = null;
    private static String cookieSuffix = null;
    private static boolean setHttpOnlyFlag = false;
    private static String[] ssoDomainList = null;
    private static boolean useURLDomain = false;
    private static HashMap cookieStringCache = new HashMap(20);
    private static int MAX_COOKIE_STRING_ENTRIES = 100;

    public WebAttributes() {
        this.isProtected = true;
        this.realm = null;
        this.useSSL = false;
        this.defaultToBasic = false;
        this.loginURL = null;
        this.reloginURL = null;
        this.webAppName = null;
        this.isProtected = false;
    }

    protected WebAttributes(SecurityConfig securityConfig) {
        this.isProtected = true;
        this.realm = null;
        this.useSSL = false;
        this.defaultToBasic = false;
        this.loginURL = null;
        this.reloginURL = null;
        this.webAppName = null;
        security = securityConfig;
        cookieAttrs = new Cookie(security.getLTPA2CookieName(), null);
    }

    public WebAttributes(WebApp webApp) throws RuntimeException {
        this.isProtected = true;
        this.realm = null;
        this.useSSL = false;
        this.defaultToBasic = false;
        this.loginURL = null;
        this.reloginURL = null;
        this.webAppName = null;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "WebAttributes");
        }
        security = SecurityObjectLocator.getSecurityConfig();
        this.ltpaCookieNames = new String[2];
        this.ltpaCookieNames[0] = security.getLTPACookieName();
        this.ltpaCookieNames[1] = security.getLTPA2CookieName();
        initializeConfig();
        setHttpOnlyFlag = security.getPropertyBool(SecurityConfig.ADD_HTTPONLY_ATTRIBUTE_TO_COOKIES, setHttpOnlyFlag);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "setHttpOnlyFlag =  " + setHttpOnlyFlag);
        }
        if (security.getBoolean("com.ibm.wsspi.security.web.failOverToBasicAuth")) {
            this.defaultToBasic = true;
        }
        this._applicationSyncToOSThreadEnabled = getApplicationSyncToOSThread(webApp);
        try {
            this.webAppName = webApp.getDisplayName();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Webattrs for webApp =  " + this.webAppName);
            }
            LoginConfig loginConfig = webApp.getLoginConfig();
            if (loginConfig != null) {
                this.realm = loginConfig.getRealmName();
                int value = loginConfig.getAuthMethod().getValue();
                if (value == 1) {
                    this.challengeType = "BASIC";
                } else if (value == 4) {
                    this.challengeType = "CLIENT_CERT";
                } else if (value == 3) {
                    this.challengeType = "FORM";
                    FormLoginConfig formLoginConfig = loginConfig.getFormLoginConfig();
                    if (formLoginConfig != null) {
                        this.loginURL = formLoginConfig.getFormLoginPage();
                        this.reloginURL = formLoginConfig.getFormErrorPage();
                    }
                } else if (value == 2) {
                    this.challengeType = "DIGEST";
                } else {
                    this.challengeType = "BASIC";
                }
            } else {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Login Config is not available for webApp " + this.webAppName + " Assuming Basic Authentication");
                }
                this.challengeType = "BASIC";
            }
            if (this.realm == null || this.realm.length() == 0) {
                SecurityConfig securityConfig = SecurityObjectLocator.getSecurityConfig();
                String property = securityConfig.getProperty("com.ibm.websphere.security.displayRealm");
                if (property == null || !property.equalsIgnoreCase("true")) {
                    this.realm = "Default Realm";
                } else if (AuthMechanismConfig.TYPE_KERBEROS.equals(securityConfig.getActiveAuthMechanism().getType())) {
                    this.realm = Krb5Utils.getKrb5Realm();
                } else {
                    UserRegistryConfig activeUserRegistry = securityConfig.getActiveUserRegistry(false);
                    if (activeUserRegistry != null) {
                        this.realm = activeUserRegistry.getString("realm");
                    }
                }
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "realm is " + this.realm);
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "use SSL is " + new Boolean(this.useSSL));
            }
            this.isProtected = !this.challengeType.equals("none");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "challenge type is " + this.challengeType);
            }
            StringBuffer stringBuffer = new StringBuffer(3);
            if (this.challengeType.equals("CLIENT_CERT")) {
                stringBuffer.append('C');
            }
            if (isSSOEnabled()) {
                stringBuffer.append('K');
            }
            if (this.defaultToBasic || this.challengeType.equals("BASIC")) {
                stringBuffer.append('A');
            }
            this.pluginCfg = stringBuffer.toString();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "LTPA cookie names =  " + this.ltpaCookieNames[0] + ", " + this.ltpaCookieNames[1]);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "WebAttributes");
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.web.WebAttributes.WebAttributes", "276", this);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "WebAttributes", e);
            }
            Tr.error(tc, "security.webatts.exception", new Object[]{this.webAppName, e});
            throw new RuntimeException(e.getMessage());
        }
    }

    public boolean isProtected() {
        return this.isProtected;
    }

    public String getRealm() {
        return this.realm;
    }

    public String getChallengeType() {
        return this.challengeType;
    }

    public String getAuthMechanism() {
        return security.getActiveAuthMechanism().getType();
    }

    public boolean isSSLEnabled() {
        return this.useSSL;
    }

    public boolean isSSOEnabled() {
        SingleSignonConfig singleSignon = security.getActiveAuthMechanism().getSingleSignon();
        if (singleSignon == null) {
            return false;
        }
        return singleSignon.getBoolean("enabled");
    }

    private static Iterator getSingleSignonTokensFromSubject(final Subject subject) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSingleSignonTokensFromSubject");
        }
        try {
            new ArrayList();
            if (subject == null) {
                if (!tc.isEntryEnabled()) {
                    return null;
                }
                Tr.exit(tc, "getSingleSignonTokensFromSubject: (null)");
                return null;
            }
            HashSet hashSet = new HashSet();
            try {
                Set set = (Set) AccessController.doPrivileged(new PrivilegedAction() { // from class: com.ibm.ws.security.web.WebAttributes.1
                    @Override // java.security.PrivilegedAction
                    public Object run() {
                        return subject.getPrivateCredentials(SingleSignonToken.class);
                    }
                });
                if (set != null && set.size() > 0) {
                    hashSet.addAll(set);
                }
                Set publicCredentials = subject.getPublicCredentials(SingleSignonToken.class);
                if (publicCredentials != null && publicCredentials.size() > 0) {
                    hashSet.addAll(publicCredentials);
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "getSingleSignonTokensFromSubject");
                }
                return hashSet.iterator();
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.WebAttributes.getSingleSignonToken", "374");
                if (!tc.isEntryEnabled()) {
                    return null;
                }
                Tr.exit(tc, "getSingleSignonTokensFromSubject", new Object[]{e});
                return null;
            }
        } catch (Exception e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.WebAttributes.getDefaultSingleSignonToken", "385");
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "getSingleSignonTokensFromSubject", new Object[]{e2});
            return null;
        }
    }

    private static void addCookieToList(HttpServletRequest httpServletRequest, String str, byte[] bArr, ArrayList arrayList, boolean z) {
        if (bArr != null || z) {
            String str2 = "";
            if (!z) {
                str2 = (String) cookieStringCache.get(new ByteArray(bArr));
                if (str2 == null) {
                    str2 = Base64Coder.base64Encode(StringUtil.toString(bArr));
                    synchronized (cookieStringCache) {
                        if (cookieStringCache.size() > MAX_COOKIE_STRING_ENTRIES) {
                            cookieStringCache.clear();
                        }
                        if (str2 != null) {
                            cookieStringCache.put(new ByteArray(bArr), str2);
                        }
                    }
                }
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Setting SSO cookie with name: " + str + " logout " + z + ", value: " + str2);
            }
            Cookie cookie = new Cookie(str, str2);
            if (cookie != null) {
                copyIntoStatic(cookie, httpServletRequest);
                if (z) {
                    cookie.setMaxAge(0);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Cookie value: " + cookie.getValue());
                }
                arrayList.add(cookie);
            }
        }
    }

    public void createLogoutCookies(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        createLogoutCookiesStatic(httpServletRequest, httpServletResponse);
    }

    public static void createLogoutCookiesStatic(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        createLogoutCookiesStatic(httpServletRequest, httpServletResponse, false);
    }

    public void createLogoutCookies(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z) {
        createLogoutCookiesStatic(httpServletRequest, httpServletResponse, z);
    }

    public static void createLogoutCookiesStatic(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createLogoutCookiesStatic");
        }
        if (z) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Remove LTPA cookie(s) from the response if any");
            }
            boolean propertyBool = security.getPropertyBool("com.ibm.ws.security.ssoInteropModeEnabled");
            try {
                ((IExtendedResponse) httpServletResponse).removeCookie(Constants.LTPA_V2_COOKIENAME);
                if (propertyBool) {
                    ((IExtendedResponse) httpServletResponse).removeCookie("LtpaToken");
                }
            } catch (Throwable th) {
                FFDCFilter.processException(th, "com.ibm.ws.security.web.WebAttributes.createLogoutCookiesStatic", "469");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Exception removing cookie from response.", new Object[]{th});
                }
            }
        }
        Cookie[] cookies = httpServletRequest.getCookies();
        String[] allLTPACookieNamesStatic = getAllLTPACookieNamesStatic();
        ArrayList arrayList = new ArrayList();
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                for (int i = 0; i < allLTPACookieNamesStatic.length; i++) {
                    try {
                        if (cookie.getName().equals(allLTPACookieNamesStatic[i])) {
                            addCookieToList(httpServletRequest, allLTPACookieNamesStatic[i], null, arrayList, true);
                        }
                    } catch (Throwable th2) {
                        FFDCFilter.processException(th2, "com.ibm.ws.security.web.WebAttributes.createLogoutCookiesStatic", "496");
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Exception creating logout cookie.", new Object[]{th2});
                        }
                    }
                }
            }
            for (Cookie cookie2 : (Cookie[]) arrayList.toArray(new Cookie[0])) {
                try {
                    httpServletResponse.addCookie(cookie2);
                } catch (Throwable th3) {
                    FFDCFilter.processException(th3, "com.ibm.ws.security.web.WebAttributes.createLogoutCookiesStatic", "509");
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Exception adding logout cookie to response.", new Object[]{th3});
                    }
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "createLogoutCookiesStatic");
        }
    }

    public static void addCookiesToResponse(List list, HttpServletResponse httpServletResponse) {
        if (list != null) {
            ListIterator listIterator = list.listIterator();
            while (listIterator.hasNext()) {
                Cookie cookie = (Cookie) listIterator.next();
                if (cookie != null) {
                    if (setHttpOnlyFlag) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Setting httpOnly cookie");
                        }
                        cookie.setHttpOnly(true);
                    }
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Setting cookie into response.");
                    }
                    printSecuredCookie(cookie);
                    httpServletResponse.addCookie(cookie);
                }
            }
        }
    }

    private static void printSecuredCookie(Cookie cookie) {
        if (tc.isDebugEnabled()) {
            if (cookie.getSecure()) {
                Tr.debug(tc, "Cookie is secure. It will be sent only over https protocol");
            } else {
                Tr.debug(tc, "Cookie will be sent over both http and https protocol");
            }
        }
    }

    public static ArrayList createCookies(HttpServletRequest httpServletRequest, Subject subject) {
        return createCookiesStatic(httpServletRequest, subject);
    }

    public static ArrayList createCookiesStatic(HttpServletRequest httpServletRequest, Subject subject) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createCookiesStatic");
        }
        ArrayList arrayList = new ArrayList();
        WSCredential wSCredentialFromSubject = SubjectHelper.getWSCredentialFromSubject(subject);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Propagation enabled, adding new cookie.");
        }
        Iterator singleSignonTokensFromSubject = getSingleSignonTokensFromSubject(subject);
        if (singleSignonTokensFromSubject != null) {
            while (singleSignonTokensFromSubject.hasNext()) {
                SingleSignonToken singleSignonToken = (SingleSignonToken) singleSignonTokensFromSubject.next();
                if (singleSignonToken != null) {
                    byte[] bytes = singleSignonToken.getBytes();
                    String name = singleSignonToken.getName();
                    if (name.equals(security.getLTPA2CookieName())) {
                    }
                    addCookieToList(httpServletRequest, name, bytes, arrayList, false);
                }
            }
        }
        if (security.getPropertyBool("com.ibm.ws.security.ssoInteropModeEnabled") || arrayList.size() == 0) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Adding old cookie.");
            }
            byte[] bArr = null;
            String lTPACookieNameStatic = getLTPACookieNameStatic();
            if (wSCredentialFromSubject != null) {
                try {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Getting interop token from default SSO token previously found.");
                    }
                    bArr = wSCredentialFromSubject.getCredentialToken();
                } catch (Exception e) {
                    FFDCFilter.processException(e, "com.ibm.ws.security.web.WebAttributes.createCookiesStatic", "619");
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Exception getting WSCredential token.", new Object[]{e});
                    }
                }
                addCookieToList(httpServletRequest, lTPACookieNameStatic, bArr, arrayList, false);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "createCookiesStatic: returning " + arrayList.size() + " cookie(s) to add to response.");
        }
        return arrayList;
    }

    public boolean isSecureSSO() {
        return secureSSO;
    }

    public boolean isDefaultToBasic() {
        return this.defaultToBasic;
    }

    public String getLTPACookieName() {
        return security.getLTPACookieName();
    }

    public static String getLTPACookieNameStatic() {
        return security.getLTPACookieName();
    }

    public String getPreferredLTPACookieName() {
        return security.getLTPA2CookieName();
    }

    public String[] getAllLTPACookieNames() {
        return this.ltpaCookieNames;
    }

    public static String[] getAllLTPACookieNamesStatic() {
        return new String[]{security.getLTPACookieName(), security.getLTPA2CookieName()};
    }

    public String getLoginCookieName() {
        return loginCookieName;
    }

    public String getCookieSuffix() {
        return cookieSuffix;
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer(256);
        stringBuffer.append("webAppName[" + this.webAppName + "]");
        stringBuffer.append("\nisProtected[" + isProtected() + "]");
        stringBuffer.append("\nrealm[" + getRealm() + "]");
        stringBuffer.append("\nchallengeType[" + getChallengeType() + "]");
        stringBuffer.append("\nauthMechanism[" + getAuthMechanism() + "]");
        stringBuffer.append("\nSSLEnabled[" + isSSLEnabled() + "]");
        stringBuffer.append("\nSSOEnabled[" + isSSOEnabled() + "]");
        stringBuffer.append("\nsecureSSO[" + isSecureSSO() + "]");
        stringBuffer.append("\ndefaultToBasic[" + isDefaultToBasic() + "]");
        stringBuffer.append("\nLTPACookieName[" + getLTPACookieName() + "]");
        stringBuffer.append("\nloginCookieName[" + getLoginCookieName() + "]");
        stringBuffer.append("\nCookieSuffix[" + getCookieSuffix() + "]");
        return stringBuffer.toString();
    }

    public String getLoginURL() {
        return this.loginURL;
    }

    public String getReloginURL() {
        return this.reloginURL;
    }

    public String getWebAppName() {
        return this.webAppName;
    }

    public void copyInto(Cookie cookie, HttpServletRequest httpServletRequest) {
        copyIntoStatic(cookie, httpServletRequest);
    }

    public static void copyIntoStatic(Cookie cookie, HttpServletRequest httpServletRequest) {
        if (setSSODomain) {
            if (getSSODomain(httpServletRequest).length() > 0) {
                cookie.setDomain(getSSODomain(httpServletRequest));
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SSO domain setting is disabled ");
        }
        cookie.setMaxAge(cookieAttrs.getMaxAge());
        cookie.setPath(cookieAttrs.getPath());
        cookie.setSecure(cookieAttrs.getSecure());
    }

    private static void initializeConfig() throws RuntimeException {
        synchronized (lockObject) {
            if (tc.isEntryEnabled()) {
                Tr.entry(tc, "initializeConfig");
            }
            try {
                isSecurityEnabled = security.getBoolean("enabled");
                if (security.getActiveAuthMechanism().getBoolean(AuthMechanismConfig.FORWARDABLE_CRED)) {
                    SingleSignonConfig singleSignon = security.getActiveAuthMechanism().getSingleSignon();
                    boolean z = false;
                    if (singleSignon != null) {
                        z = singleSignon.getBoolean("enabled");
                    }
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "SSO is " + z);
                    }
                    if (z) {
                        String string = singleSignon.getString(SingleSignonConfig.DOMAIN_NAME);
                        if (string == null) {
                            string = "";
                        }
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "SSO Domain is " + string);
                        }
                        cookieAttrs = new Cookie(security.getLTPA2CookieName(), null);
                        setSSODomainList(string);
                        secureSSO = singleSignon.getBoolean(SingleSignonConfig.REQUIRES_SSL);
                        cookieAttrs.setSecure(secureSSO);
                        setSSODomain = singleSignon.getBoolean("security.ltpa.setSSODomain");
                        if (string.length() < 1) {
                            setSSODomain = false;
                        }
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "SSO is secure " + secureSSO);
                        }
                        cookieAttrs.setPath("/");
                        cookieAttrs.setMaxAge(-1);
                    }
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "initializeConfig");
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.web.WebAttributes.initializeConfig", "827");
                Tr.warning(tc, "security.web.config.initerror", new Object[]{e});
                throw new RuntimeException(e.getMessage());
            }
        }
    }

    private static void setSSODomainList(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setSSODomainList");
        }
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "Raw List: '" + str + "'");
        }
        if (str != null && ssoDomainList == null) {
            StringTokenizer stringTokenizer = new StringTokenizer(str, " ;,|");
            Vector vector = new Vector();
            while (stringTokenizer.hasMoreTokens()) {
                String trim = stringTokenizer.nextToken().trim();
                if (trim.equalsIgnoreCase("UseDomainFromURL")) {
                    useURLDomain = true;
                } else if (trim.length() > 0) {
                    if (trim.charAt(0) != '.') {
                        trim = "." + trim;
                    }
                    vector.add(trim);
                    if (tc.isEntryEnabled()) {
                        Tr.debug(tc, "Adding domain '" + trim + "'");
                    }
                }
            }
            ssoDomainList = (String[]) vector.toArray(new String[0]);
        }
        if (tc.isEntryEnabled()) {
            traceSSODomainParameters();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setSSODomainList");
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:33:0x0113, code lost:
    
        r10 = com.ibm.ws.security.web.WebAttributes.ssoDomainList[r14];
        r8 = true;
     */
    /* JADX WARN: Code restructure failed: missing block: B:34:0x0122, code lost:
    
        if (com.ibm.ws.security.web.WebAttributes.tc.isEntryEnabled() == false) goto L36;
     */
    /* JADX WARN: Code restructure failed: missing block: B:35:0x0125, code lost:
    
        com.ibm.ejs.ras.Tr.debug(com.ibm.ws.security.web.WebAttributes.tc, "Domain match found: '" + r10 + "'");
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.lang.String getSSODomain(javax.servlet.http.HttpServletRequest r7) {
        /*
            Method dump skipped, instructions count: 439
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.security.web.WebAttributes.getSSODomain(javax.servlet.http.HttpServletRequest):java.lang.String");
    }

    private static void traceSSODomainParameters() {
        if (ssoDomainList == null || ssoDomainList.length == 0) {
            Tr.debug(tc, "SSO Domain List is empty");
        } else {
            StringBuffer stringBuffer = new StringBuffer("SSO Domain List: ");
            for (int i = 0; i < ssoDomainList.length; i++) {
                stringBuffer.append(ssoDomainList[i]);
                if (i < ssoDomainList.length - 1) {
                    stringBuffer.append(":");
                }
            }
            Tr.debug(tc, stringBuffer.toString());
        }
        if (useURLDomain) {
            Tr.debug(tc, "Domain of host in URL will be used for SSO if a parent domain is not found in the list above.");
        } else {
            Tr.debug(tc, "SSO Domain will be set to an empty string if a parent domain is not found in the list above.");
        }
    }

    private boolean getApplicationSyncToOSThread(WebApp webApp) {
        boolean z = false;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "WebAttributes.getApplicationSyncToOSThread: application = " + webApp.getDisplayName());
        }
        EList envEntries = webApp.getEnvEntries();
        EnvEntry[] envEntryArr = (EnvEntry[]) envEntries.toArray(new EnvEntry[envEntries.size()]);
        if (envEntryArr != null) {
            for (int i = 0; i < envEntryArr.length; i++) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "WebAttributes.getApplicationSyncToOSThread: application(" + webApp.getDisplayName() + ") environment entry: " + envEntryArr[i].getName() + " = " + envEntryArr[i].getValue());
                }
                if (envEntryArr[i].getName().equals("com.ibm.websphere.security.SyncToOSThread")) {
                    z = Boolean.valueOf(envEntryArr[i].getValue()).booleanValue();
                }
            }
        }
        if (z) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "WebAttributes.getApplicationSyncToOSThread: application = " + webApp.getDisplayName() + " has requested SyncToOSThread");
            }
            if (!ContextManagerFactory.getInstance().getPlatformHelper().isZOS()) {
                z = false;
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "WebAttributes.getApplicationSyncToOSThread: SyncToOSThread setting is ignored.");
                }
            } else if (!WSLoginLocalOSExtensionFactory.getInstance().isApplicationSyncToOSThreadEnabled()) {
                Tr.warning(zOS_tc, "BBOJ0084", webApp.getDisplayName());
                z = false;
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, "WebAttributes.getApplicationSyncToOSThread: SyncToOSThread is enabled in this server");
            }
        } else if (tc.isDebugEnabled()) {
            Tr.debug(tc, "WebAttributes.getApplicationSyncToOSThread: application = " + webApp.getDisplayName() + " has not requested SyncToOSThread");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "WebAttributes.getApplicationSyncToOSThread: rc = " + z);
        }
        return z;
    }

    public boolean isApplicationSyncToOSThreadEnabled() {
        return this._applicationSyncToOSThreadEnabled;
    }
}
