package com.sun.enterprise.security;

import com.sun.enterprise.admin.servermgmt.pe.PEFileLayout;
import com.sun.enterprise.security.audit.AuditManager;
import com.sun.enterprise.security.auth.realm.RealmsManager;
import com.sun.enterprise.security.authorize.PolicyContextHandlerImpl;
import com.sun.enterprise.security.common.Util;
import com.sun.enterprise.security.jmac.config.GFAuthConfigFactory;
import com.sun.enterprise.security.ssl.SSLUtils;
import com.sun.logging.LogDomains;
import java.io.IOException;
import java.security.Security;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.message.config.AuthConfigFactory;
import javax.security.jacc.PolicyContext;
import javax.security.jacc.PolicyContextException;
import javax.security.jacc.PolicyContextHandler;
import org.glassfish.api.Startup;
import org.glassfish.api.event.EventListener;
import org.glassfish.api.event.EventTypes;
import org.glassfish.api.event.Events;
import org.glassfish.external.probe.provider.PluginPoint;
import org.glassfish.external.probe.provider.StatsProviderManager;
import org.glassfish.internal.api.ServerContext;
import org.jvnet.hk2.annotations.Inject;
import org.jvnet.hk2.annotations.Scoped;
import org.jvnet.hk2.annotations.Service;
import org.jvnet.hk2.component.Habitat;
import org.jvnet.hk2.component.PostConstruct;
import org.jvnet.hk2.component.PreDestroy;
import org.jvnet.hk2.component.Singleton;
import org.jvnet.hk2.config.ConfigListener;

@Service
@Scoped(Singleton.class)
/* loaded from: input_file:com/sun/enterprise/security/SecurityLifecycle.class */
public class SecurityLifecycle implements PostConstruct, PreDestroy {

    @Inject
    private ServerContext sc;

    @Inject
    private PolicyLoader policyLoader;

    @Inject
    private SecurityServicesUtil secServUtil;

    @Inject
    private Util util;

    @Inject
    private SSLUtils sslUtils;

    @Inject
    private SecurityConfigListener configListener;

    @Inject(name = "MessageSecurityConfigListener", optional = true)
    private ConfigListener msgSecurityConfigListener;

    @Inject
    private Habitat habitat;

    @Inject
    private RealmsManager realmsManager;
    private EventListener listener = null;
    private static final String SYS_PROP_LOGIN_CONF = "java.security.auth.login.config";
    private static final String SYS_PROP_JAVA_SEC_POLICY = "java.security.policy";
    private static WebSecurityDeployerStatsProvider webStatsProvider = null;
    private static final Logger _logger = LogDomains.getLogger(SecurityLifecycle.class, LogDomains.SECURITY_LOGGER);

    /* loaded from: input_file:com/sun/enterprise/security/SecurityLifecycle$AuditServerShutdownListener.class */
    public class AuditServerShutdownListener implements EventListener {
        public AuditServerShutdownListener() {
        }

        @Override // org.glassfish.api.event.EventListener
        public void event(EventListener.Event event) {
            if (EventTypes.SERVER_SHUTDOWN.equals(event.type())) {
                SecurityLifecycle.this.secServUtil.getAuditManager().serverShutdown();
            }
        }
    }

    public SecurityLifecycle() {
        try {
            if (Util.isEmbeddedServer()) {
                if (System.getProperty(SYS_PROP_LOGIN_CONF) == null) {
                    System.setProperty(SYS_PROP_LOGIN_CONF, Util.writeConfigFileToTempDir(PEFileLayout.LOGIN_CONF).getAbsolutePath());
                }
                if (System.getProperty(SYS_PROP_JAVA_SEC_POLICY) == null) {
                    System.setProperty(SYS_PROP_JAVA_SEC_POLICY, Util.writeConfigFileToTempDir(PEFileLayout.POLICY_FILE).getAbsolutePath());
                }
            }
            java.lang.SecurityManager securityManager = System.getSecurityManager();
            if (securityManager != null && !J2EESecurityManager.class.equals(securityManager.getClass())) {
                try {
                    System.setSecurityManager(new J2EESecurityManager());
                } catch (SecurityException e) {
                    _logger.log(Level.WARNING, "security.secmgr.could.not.override");
                }
            }
            if (_logger.isLoggable(Level.INFO)) {
                if (securityManager != null) {
                    _logger.info("security.secmgron");
                } else {
                    _logger.info("security.secmgroff");
                }
            }
        } catch (Exception e2) {
            _logger.log(Level.SEVERE, "java_security.init_securitylifecycle_fail", (Throwable) e2);
            throw new RuntimeException(e2.toString(), e2);
        }
    }

    public void onInitialization() {
        try {
            if (_logger.isLoggable(Level.INFO)) {
                _logger.log(Level.INFO, "sec.service.startup.enter");
            }
            webStatsProvider = new WebSecurityDeployerStatsProvider();
            StatsProviderManager.register("security", PluginPoint.SERVER, "security/web", webStatsProvider);
            initializeJMAC();
            this.policyLoader.loadPolicy();
            this.realmsManager.createRealms();
            AuditManager auditManager = this.secServUtil.getAuditManager();
            auditManager.loadAuditModules();
            auditManager.serverStarted();
            if (_logger.isLoggable(Level.INFO)) {
                _logger.log(Level.INFO, "sec.service.startup.exit");
            }
        } catch (Exception e) {
            throw new SecurityLifecycleException(e);
        }
    }

    private void initializeJMAC() throws IOException {
        if (Security.getProperty(AuthConfigFactory.DEFAULT_FACTORY_SECURITY_PROPERTY) == null) {
            Security.setProperty(AuthConfigFactory.DEFAULT_FACTORY_SECURITY_PROPERTY, GFAuthConfigFactory.class.getName());
        }
    }

    private void registerPolicyHandlers() throws PolicyContextException {
        PolicyContextHandler policyContextHandlerImpl = PolicyContextHandlerImpl.getInstance();
        PolicyContext.registerHandler(PolicyContextHandlerImpl.ENTERPRISE_BEAN, policyContextHandlerImpl, true);
        PolicyContext.registerHandler(PolicyContextHandlerImpl.SUBJECT, policyContextHandlerImpl, true);
        PolicyContext.registerHandler(PolicyContextHandlerImpl.EJB_ARGUMENTS, policyContextHandlerImpl, true);
        PolicyContext.registerHandler(PolicyContextHandlerImpl.HTTP_SERVLET_REQUEST, policyContextHandlerImpl, true);
        PolicyContext.registerHandler(PolicyContextHandlerImpl.REUSE, policyContextHandlerImpl, true);
    }

    public Startup.Lifecycle getLifecycle() {
        return Startup.Lifecycle.START;
    }

    @Override // org.jvnet.hk2.component.PostConstruct
    public void postConstruct() {
        onInitialization();
        this.listener = new AuditServerShutdownListener();
        ((Events) this.habitat.getByContract(Events.class)).register(this.listener);
    }

    @Override // org.jvnet.hk2.component.PreDestroy
    public void preDestroy() {
    }
}
