package com.ibm.ws.security.authorization.jacc.internal;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.authorization.jacc.JaccService;
import com.ibm.ws.security.authorization.jacc.MethodInfo;
import com.ibm.ws.security.authorization.jacc.RoleInfo;
import com.ibm.ws.security.authorization.jacc.common.PolicyConfigurationManager;
import com.ibm.ws.security.authorization.jacc.ejb.EJBSecurityPropagator;
import com.ibm.ws.security.authorization.jacc.ejb.EJBSecurityValidator;
import com.ibm.ws.security.authorization.jacc.ejb.EJBService;
import com.ibm.ws.security.authorization.jacc.web.ServletService;
import com.ibm.ws.security.authorization.jacc.web.WebSecurityPropagator;
import com.ibm.ws.security.authorization.jacc.web.WebSecurityValidator;
import com.ibm.wsspi.kernel.service.location.WsLocationAdmin;
import com.ibm.wsspi.kernel.service.utils.AtomicServiceReference;
import com.ibm.wsspi.security.authorization.jacc.ProviderService;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.AccessController;
import java.security.Policy;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.StringTokenizer;
import javax.security.auth.Subject;
import javax.security.jacc.EJBMethodPermission;
import javax.security.jacc.EJBRoleRefPermission;
import javax.security.jacc.PolicyConfigurationFactory;
import javax.security.jacc.PolicyContext;
import javax.security.jacc.WebResourcePermission;
import javax.security.jacc.WebRoleRefPermission;
import javax.security.jacc.WebUserDataPermission;
import org.osgi.framework.ServiceReference;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Modified;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferenceCardinality;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.osgi.service.component.annotations.ReferencePolicyOption;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@Component(service = {JaccService.class}, name = "com.ibm.ws.security.authorization.jacc", configurationPolicy = ConfigurationPolicy.IGNORE, property = {"service.vendor=IBM"})
@TraceOptions
/* loaded from: input_file:com/ibm/ws/security/authorization/jacc/internal/JaccServiceImpl.class */
public class JaccServiceImpl implements JaccService {
    private static final TraceComponent tc = Tr.register(JaccServiceImpl.class, "Security.Authorization", "com.ibm.ws.security.authorization.jacc.internal.resources.JaccAuthorizationMessages");
    private static final String JACC_FACTORY = "javax.security.jacc.PolicyConfigurationFactory.provider";
    private static final String JACC_FACTORY_EE9 = "jakarta.security.jacc.PolicyConfigurationFactory.provider";
    private static final String JACC_POLICY_PROVIDER = "javax.security.jacc.policy.provider";
    private static final String JACC_POLICY_PROVIDER_EE9 = "jakarta.security.jacc.policy.provider";
    private static final String JACC_EJB_METHOD_ARGUMENT = "RequestMethodArgumentsRequired";
    static final String KEY_JACC_PROVIDER_SERVICE = "jaccProviderService";
    private static final String KEY_SERVLET_SERVICE = "servletService";
    private static final String KEY_EJB_SERVICE = "ejbService";
    static final long serialVersionUID = -214489704147969468L;
    private final String KEY_LOCATION_ADMIN = "locationAdmin";
    private final AtomicServiceReference<ProviderService> jaccProviderService = new AtomicServiceReference<>(KEY_JACC_PROVIDER_SERVICE);
    private final AtomicServiceReference<WsLocationAdmin> locationAdminRef = new AtomicServiceReference<>("locationAdmin");
    private final AtomicServiceReference<ServletService> servletServiceRef = new AtomicServiceReference<>(KEY_SERVLET_SERVICE);
    private final AtomicServiceReference<EJBService> ejbServiceRef = new AtomicServiceReference<>(KEY_EJB_SERVICE);
    private String policyName = null;
    private String factoryName = null;
    private String originalSystemPolicyName = null;
    private String originalSystemFactoryName = null;
    private PolicyConfigurationFactory pcf = null;

    @Reference(service = ProviderService.class, policy = ReferencePolicy.DYNAMIC, name = KEY_JACC_PROVIDER_SERVICE)
    protected void setJaccProviderService(ServiceReference<ProviderService> serviceReference) {
        this.jaccProviderService.setReference(serviceReference);
        initializeSystemProperties(serviceReference);
    }

    protected void unsetJaccProviderService(ServiceReference<ProviderService> serviceReference) {
        this.jaccProviderService.unsetReference(serviceReference);
        restoreSystemProperties();
    }

    @Reference(service = WsLocationAdmin.class, name = "locationAdmin")
    protected void setLocationAdmin(ServiceReference<WsLocationAdmin> serviceReference) {
        this.locationAdminRef.setReference(serviceReference);
    }

    protected void unsetLocationAdmin(ServiceReference<WsLocationAdmin> serviceReference) {
        this.locationAdminRef.unsetReference(serviceReference);
    }

    @Reference(service = ServletService.class, name = KEY_SERVLET_SERVICE, cardinality = ReferenceCardinality.OPTIONAL, policy = ReferencePolicy.DYNAMIC, policyOption = ReferencePolicyOption.GREEDY)
    protected void setServletService(ServiceReference<ServletService> serviceReference) {
        this.servletServiceRef.setReference(serviceReference);
    }

    protected void unsetServletService(ServiceReference<ServletService> serviceReference) {
        this.servletServiceRef.unsetReference(serviceReference);
    }

    @Reference(service = EJBService.class, name = KEY_EJB_SERVICE, cardinality = ReferenceCardinality.OPTIONAL, policy = ReferencePolicy.DYNAMIC, policyOption = ReferencePolicyOption.GREEDY)
    protected void setEJBService(ServiceReference<EJBService> serviceReference) {
        this.ejbServiceRef.setReference(serviceReference);
    }

    protected void unsetEJBService(ServiceReference<EJBService> serviceReference) {
        this.ejbServiceRef.unsetReference(serviceReference);
    }

    @Activate
    protected void activate(ComponentContext componentContext) {
        Tr.info(tc, "JACC_SERVICE_STARTING", new Object[]{this.policyName, this.factoryName});
        this.jaccProviderService.activate(componentContext);
        this.locationAdminRef.activate(componentContext);
        this.servletServiceRef.activate(componentContext);
        this.ejbServiceRef.activate(componentContext);
        if (loadClasses()) {
            Tr.info(tc, "JACC_SERVICE_STARTED", new Object[]{this.policyName, this.factoryName});
        } else {
            Tr.info(tc, "JACC_SERVICE_START_FAILURE", new Object[]{this.policyName, this.factoryName});
        }
    }

    @Modified
    protected void modify(Map<String, Object> map) {
    }

    @Deactivate
    protected void deactivate(ComponentContext componentContext) {
        this.locationAdminRef.deactivate(componentContext);
        this.jaccProviderService.deactivate(componentContext);
        this.servletServiceRef.deactivate(componentContext);
        this.ejbServiceRef.deactivate(componentContext);
        Tr.info(tc, "JACC_SERVICE_STOPPED", new Object[]{this.policyName});
    }

    private void initializeSystemProperties(ServiceReference<ProviderService> serviceReference) {
        Object property;
        Object property2;
        Object property3 = serviceReference.getProperty(JACC_POLICY_PROVIDER);
        if (property3 != null && (property3 instanceof String)) {
            this.policyName = (String) property3;
        }
        if (this.policyName == null && (property2 = serviceReference.getProperty(JACC_POLICY_PROVIDER_EE9)) != null && (property2 instanceof String)) {
            this.policyName = (String) property2;
        }
        Object property4 = serviceReference.getProperty(JACC_FACTORY);
        if (property4 != null && (property4 instanceof String)) {
            this.factoryName = (String) property4;
        }
        if (this.factoryName == null && (property = serviceReference.getProperty(JACC_FACTORY_EE9)) != null && (property instanceof String)) {
            this.factoryName = (String) property;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Meta data : policyName : " + this.policyName + " factoryName : " + this.factoryName, new Object[0]);
        }
        this.originalSystemPolicyName = null;
        this.originalSystemFactoryName = null;
        AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: com.ibm.ws.security.authorization.jacc.internal.JaccServiceImpl.1
            static final long serialVersionUID = 2431098583473543278L;
            private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("com.ibm.ws.security.authorization.jacc.internal.JaccServiceImpl$1", AnonymousClass1.class, "Security.Authorization", "com.ibm.ws.security.authorization.jacc.internal.resources.JaccAuthorizationMessages");

            @Override // java.security.PrivilegedAction
            public Object run() {
                String property5 = System.getProperty(JaccServiceImpl.JACC_POLICY_PROVIDER);
                if (property5 == null) {
                    property5 = System.getProperty(JaccServiceImpl.JACC_POLICY_PROVIDER_EE9);
                }
                String property6 = System.getProperty(JaccServiceImpl.JACC_FACTORY);
                if (property6 == null) {
                    property6 = System.getProperty(JaccServiceImpl.JACC_FACTORY_EE9);
                }
                if (JaccServiceImpl.tc.isDebugEnabled()) {
                    Tr.debug(JaccServiceImpl.tc, "System properties : policyName : " + property5 + " factoryName : " + property6, new Object[0]);
                }
                if (property5 == null) {
                    if (JaccServiceImpl.this.policyName != null) {
                        System.setProperty(JaccServiceImpl.JACC_POLICY_PROVIDER, JaccServiceImpl.this.policyName);
                        System.setProperty(JaccServiceImpl.JACC_POLICY_PROVIDER_EE9, JaccServiceImpl.this.policyName);
                    } else if (JaccServiceImpl.this.policyName == null) {
                        Tr.error(JaccServiceImpl.tc, "JACC_POLICY_IS_NOT_SET", new Object[0]);
                        return null;
                    }
                } else if (JaccServiceImpl.this.policyName == null) {
                    JaccServiceImpl.this.policyName = property5;
                } else if (!property5.equals(JaccServiceImpl.this.policyName)) {
                    Tr.warning(JaccServiceImpl.tc, "JACC_INCONSISTENT_POLICY_CLASS", new Object[]{property5, JaccServiceImpl.this.policyName});
                    System.setProperty(JaccServiceImpl.JACC_POLICY_PROVIDER, JaccServiceImpl.this.policyName);
                    System.setProperty(JaccServiceImpl.JACC_POLICY_PROVIDER_EE9, JaccServiceImpl.this.policyName);
                    JaccServiceImpl.this.originalSystemPolicyName = property5;
                }
                if (property6 == null) {
                    if (JaccServiceImpl.this.factoryName != null) {
                        System.setProperty(JaccServiceImpl.JACC_FACTORY, JaccServiceImpl.this.factoryName);
                        System.setProperty(JaccServiceImpl.JACC_FACTORY_EE9, JaccServiceImpl.this.factoryName);
                        return null;
                    }
                    if (JaccServiceImpl.this.factoryName != null) {
                        return null;
                    }
                    Tr.error(JaccServiceImpl.tc, "JACC_FACTORY_IS_NOT_SET", new Object[0]);
                    return null;
                }
                if (JaccServiceImpl.this.factoryName == null) {
                    JaccServiceImpl.this.factoryName = property6;
                    return null;
                }
                if (property6.equals(JaccServiceImpl.this.factoryName)) {
                    return null;
                }
                Tr.warning(JaccServiceImpl.tc, "JACC_INCONSISTENT_FACTORY_CLASS", new Object[]{property6, JaccServiceImpl.this.factoryName});
                System.setProperty(JaccServiceImpl.JACC_FACTORY, JaccServiceImpl.this.factoryName);
                System.setProperty(JaccServiceImpl.JACC_FACTORY_EE9, JaccServiceImpl.this.factoryName);
                JaccServiceImpl.this.originalSystemFactoryName = property6;
                return null;
            }
        });
    }

    private void restoreSystemProperties() {
        AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: com.ibm.ws.security.authorization.jacc.internal.JaccServiceImpl.2
            static final long serialVersionUID = 7358156773317009418L;
            private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("com.ibm.ws.security.authorization.jacc.internal.JaccServiceImpl$2", AnonymousClass2.class, "Security.Authorization", "com.ibm.ws.security.authorization.jacc.internal.resources.JaccAuthorizationMessages");

            @Override // java.security.PrivilegedAction
            public Object run() {
                if (JaccServiceImpl.this.originalSystemPolicyName != null) {
                    System.setProperty(JaccServiceImpl.JACC_POLICY_PROVIDER, JaccServiceImpl.this.originalSystemPolicyName);
                    System.setProperty(JaccServiceImpl.JACC_POLICY_PROVIDER_EE9, JaccServiceImpl.this.originalSystemPolicyName);
                    if (JaccServiceImpl.tc.isDebugEnabled()) {
                        Tr.debug(JaccServiceImpl.tc, "PolicyName system property is restored by : " + JaccServiceImpl.this.originalSystemPolicyName, new Object[0]);
                    }
                }
                if (JaccServiceImpl.this.originalSystemFactoryName == null) {
                    return null;
                }
                System.setProperty(JaccServiceImpl.JACC_FACTORY, JaccServiceImpl.this.originalSystemFactoryName);
                System.setProperty(JaccServiceImpl.JACC_FACTORY_EE9, JaccServiceImpl.this.originalSystemFactoryName);
                if (!JaccServiceImpl.tc.isDebugEnabled()) {
                    return null;
                }
                Tr.debug(JaccServiceImpl.tc, "PolicyName system property is restored by : " + JaccServiceImpl.this.originalSystemFactoryName, new Object[0]);
                return null;
            }
        });
    }

    public boolean loadClasses() {
        return ((Boolean) AccessController.doPrivileged(new PrivilegedAction<Boolean>() { // from class: com.ibm.ws.security.authorization.jacc.internal.JaccServiceImpl.3
            static final long serialVersionUID = -8089309323925755790L;
            private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("com.ibm.ws.security.authorization.jacc.internal.JaccServiceImpl$3", AnonymousClass3.class, "Security.Authorization", "com.ibm.ws.security.authorization.jacc.internal.resources.JaccAuthorizationMessages");

            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Boolean run() {
                Policy policy = ((ProviderService) JaccServiceImpl.this.jaccProviderService.getService()).getPolicy();
                if (JaccServiceImpl.tc.isDebugEnabled()) {
                    Tr.debug(JaccServiceImpl.tc, "policy object" + policy, new Object[0]);
                }
                if (policy == null) {
                    Tr.error(JaccServiceImpl.tc, "JACC_POLICY_INSTANTIATION_FAILURE", new Object[]{JaccServiceImpl.this.policyName, new Exception("Policy object is null.")});
                    return Boolean.FALSE;
                }
                try {
                    Policy.setPolicy(policy);
                    policy.refresh();
                    JaccServiceImpl.this.pcf = ((ProviderService) JaccServiceImpl.this.jaccProviderService.getService()).getPolicyConfigFactory();
                    if (JaccServiceImpl.this.pcf == null) {
                        Tr.error(JaccServiceImpl.tc, "JACC_FACTORY_INSTANTIATION_FAILURE", new Object[]{JaccServiceImpl.this.factoryName});
                        return Boolean.FALSE;
                    }
                    if (JaccServiceImpl.tc.isDebugEnabled()) {
                        Tr.debug(JaccServiceImpl.tc, "factory object : " + JaccServiceImpl.this.pcf, new Object[0]);
                    }
                    PolicyConfigurationManager.initialize(policy, JaccServiceImpl.this.pcf);
                    return Boolean.TRUE;
                } catch (ClassCastException e) {
                    FFDCFilter.processException(e, "com.ibm.ws.security.authorization.jacc.internal.JaccServiceImpl$3", "281", this, new Object[0]);
                    Tr.error(JaccServiceImpl.tc, "JACC_POLICY_INSTANTIATION_FAILURE", new Object[]{JaccServiceImpl.this.policyName, e});
                    return Boolean.FALSE;
                }
            }
        })).booleanValue();
    }

    @Override // com.ibm.ws.security.authorization.jacc.JaccService
    public void propagateWebConstraints(String str, String str2, Object obj) {
        WebSecurityPropagator wsp = getWsp((ServletService) this.servletServiceRef.getService());
        if (wsp != null) {
            propagateWebConstraints(wsp, str, str2, obj);
        } else {
            Tr.error(tc, "JACC_NO_WEB_PLUGIN", new Object[0]);
        }
    }

    protected void propagateWebConstraints(WebSecurityPropagator webSecurityPropagator, String str, String str2, Object obj) {
        webSecurityPropagator.propagateWebConstraints(this.pcf, getContextId(str, str2), obj);
    }

    @Override // com.ibm.ws.security.authorization.jacc.JaccService
    public boolean isSSLRequired(String str, String str2, String str3, String str4, Object obj) {
        return !checkDataConstraints(str, str2, str3, str4, obj, null);
    }

    @Override // com.ibm.ws.security.authorization.jacc.JaccService
    public boolean isAccessExcluded(String str, String str2, String str3, String str4, Object obj) {
        return !checkDataConstraints(str, str2, str3, str4, obj, "CONFIDENTIAL");
    }

    protected boolean checkDataConstraints(String str, String str2, String str3, String str4, Object obj, String str5) {
        boolean z = false;
        WebSecurityValidator wsv = getWsv((ServletService) this.servletServiceRef.getService());
        if (wsv != null) {
            z = checkDataConstraints(wsv, str, str2, str3, str4, obj, str5);
        } else {
            Tr.error(tc, "JACC_NO_WEB_PLUGIN", new Object[0]);
        }
        return z;
    }

    protected boolean checkDataConstraints(WebSecurityValidator webSecurityValidator, String str, String str2, String str3, String str4, Object obj, String str5) {
        return webSecurityValidator.checkDataConstraints(getContextId(str, str2), obj, new WebUserDataPermission(substituteAsterisk(str3), new String[]{str4}, str5));
    }

    @Override // com.ibm.ws.security.authorization.jacc.JaccService
    public boolean isAuthorized(String str, String str2, String str3, String str4, Object obj, Subject subject) {
        boolean z = false;
        WebSecurityValidator wsv = getWsv((ServletService) this.servletServiceRef.getService());
        if (wsv != null) {
            z = isAuthorized(wsv, str, str2, str3, str4, obj, subject);
        } else {
            Tr.error(tc, "JACC_NO_WEB_PLUGIN", new Object[0]);
        }
        return z;
    }

    protected boolean isAuthorized(WebSecurityValidator webSecurityValidator, String str, String str2, String str3, String str4, Object obj, Subject subject) {
        return webSecurityValidator.checkResourceConstraints(getContextId(str, str2), obj, new WebResourcePermission(substituteAsterisk(str3), new String[]{str4}), subject);
    }

    @Override // com.ibm.ws.security.authorization.jacc.JaccService
    public boolean isSubjectInRole(String str, String str2, String str3, String str4, Object obj, Subject subject) {
        boolean z = false;
        WebSecurityValidator wsv = getWsv((ServletService) this.servletServiceRef.getService());
        if (wsv != null) {
            z = isSubjectInRole(wsv, str, str2, str3, str4, obj, subject);
        } else {
            Tr.error(tc, "JACC_NO_WEB_PLUGIN", new Object[0]);
        }
        return z;
    }

    protected boolean isSubjectInRole(WebSecurityValidator webSecurityValidator, String str, String str2, String str3, String str4, Object obj, Subject subject) {
        return webSecurityValidator.checkResourceConstraints(getContextId(str, str2), obj, new WebRoleRefPermission(str3, str4), subject);
    }

    @Override // com.ibm.ws.security.authorization.jacc.JaccService
    public void propagateEJBRoles(String str, String str2, String str3, Map<String, String> map, Map<RoleInfo, List<MethodInfo>> map2) {
        EJBSecurityPropagator esp = getEsp((EJBService) this.ejbServiceRef.getService());
        if (esp != null) {
            propagateEJBRoles(esp, str, str2, str3, map, map2);
        } else {
            Tr.error(tc, "JACC_NO_EJB_PLUGIN", new Object[0]);
        }
    }

    protected void propagateEJBRoles(EJBSecurityPropagator eJBSecurityPropagator, String str, String str2, String str3, Map<String, String> map, Map<RoleInfo, List<MethodInfo>> map2) {
        PolicyConfigurationManager.setEJBSecurityPropagator(eJBSecurityPropagator);
        eJBSecurityPropagator.propagateEJBRoles(getContextId(str, str2), str, str3, map, map2);
    }

    @Override // com.ibm.ws.security.authorization.jacc.JaccService
    public boolean isAuthorized(String str, String str2, String str3, String str4, String str5, String str6, List<Object> list, Object obj, Subject subject) {
        EJBSecurityValidator esv = getEsv((EJBService) this.ejbServiceRef.getService());
        if (esv != null) {
            return isAuthorized(esv, str, str2, str3, str4, str5, str6, list, obj, subject);
        }
        Tr.error(tc, "JACC_NO_EJB_PLUGIN", new Object[0]);
        return false;
    }

    protected boolean isAuthorized(EJBSecurityValidator eJBSecurityValidator, String str, String str2, String str3, String str4, String str5, String str6, List<Object> list, Object obj, Subject subject) {
        return eJBSecurityValidator.checkResourceConstraints(getContextId(str, str2), list, obj, new EJBMethodPermission(str3, str4, str5, convertMethodSignature(str6)), subject);
    }

    @Override // com.ibm.ws.security.authorization.jacc.JaccService
    public boolean isSubjectInRole(String str, String str2, String str3, String str4, List<Object> list, String str5, Object obj, Subject subject) {
        EJBSecurityValidator esv = getEsv((EJBService) this.ejbServiceRef.getService());
        if (esv != null) {
            return isSubjectInRole(esv, str, str2, str3, str4, list, str5, obj, subject);
        }
        Tr.error(tc, "JACC_NO_EJB_PLUGIN", new Object[0]);
        return false;
    }

    protected boolean isSubjectInRole(EJBSecurityValidator eJBSecurityValidator, String str, String str2, String str3, String str4, List<Object> list, String str5, Object obj, Subject subject) {
        return eJBSecurityValidator.checkResourceConstraints(getContextId(str, str2), list, obj, new EJBRoleRefPermission(str3, str5), subject);
    }

    @Override // com.ibm.ws.security.authorization.jacc.JaccService
    public boolean areRequestMethodArgumentsRequired() {
        boolean z = false;
        ServiceReference reference = this.jaccProviderService.getReference();
        if (reference != null) {
            Object property = reference.getProperty(JACC_EJB_METHOD_ARGUMENT);
            if ((property instanceof String) && "true".equalsIgnoreCase((String) property)) {
                z = true;
            }
        }
        return z;
    }

    private String getContextId(String str, String str2) {
        StringBuffer stringBuffer = new StringBuffer();
        WsLocationAdmin wsLocationAdmin = (WsLocationAdmin) this.locationAdminRef.getService();
        stringBuffer.append(getHostName()).append("#").append(wsLocationAdmin.resolveString("${wlp.user.dir}").replace('\\', '/')).append("#").append(wsLocationAdmin.getServerName()).append("#");
        stringBuffer.append(str).append("#").append(str2);
        return stringBuffer.toString();
    }

    private String[] convertMethodSignature(String str) {
        int indexOf;
        String substring;
        ArrayList arrayList = new ArrayList();
        if (str != null && str.length() > 0 && (indexOf = str.indexOf(":")) != -1 && (substring = str.substring(indexOf + 1)) != null && substring.length() > 0) {
            StringTokenizer stringTokenizer = new StringTokenizer(substring, ",");
            while (stringTokenizer.hasMoreTokens()) {
                arrayList.add(stringTokenizer.nextToken());
            }
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    private String substituteAsterisk(String str) {
        if (str != null && str.endsWith("/*")) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "The URI ends with \"/*\" which is substituted by \"/|\"", new Object[0]);
            }
            str = str.substring(0, str.lastIndexOf("*")) + "|";
        }
        return str;
    }

    private String getHostName() {
        return (String) AccessController.doPrivileged(new PrivilegedAction<String>() { // from class: com.ibm.ws.security.authorization.jacc.internal.JaccServiceImpl.4
            static final long serialVersionUID = 293057512371295250L;
            private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("com.ibm.ws.security.authorization.jacc.internal.JaccServiceImpl$4", AnonymousClass4.class, "Security.Authorization", "com.ibm.ws.security.authorization.jacc.internal.resources.JaccAuthorizationMessages");

            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public String run() {
                try {
                    return InetAddress.getLocalHost().getCanonicalHostName().toLowerCase();
                } catch (UnknownHostException e) {
                    FFDCFilter.processException(e, "com.ibm.ws.security.authorization.jacc.internal.JaccServiceImpl$4", "521", this, new Object[0]);
                    return "localhost";
                }
            }
        });
    }

    protected EJBSecurityPropagator getEsp(EJBService eJBService) {
        if (eJBService != null) {
            return eJBService.getPropagator();
        }
        return null;
    }

    protected EJBSecurityValidator getEsv(EJBService eJBService) {
        if (eJBService != null) {
            return eJBService.getValidator();
        }
        return null;
    }

    protected WebSecurityPropagator getWsp(ServletService servletService) {
        if (servletService != null) {
            return servletService.getPropagator();
        }
        return null;
    }

    protected WebSecurityValidator getWsv(ServletService servletService) {
        if (servletService != null) {
            return servletService.getValidator();
        }
        return null;
    }

    @Override // com.ibm.ws.security.authorization.jacc.JaccService
    public void resetPolicyContextHandlerInfo() {
        try {
            AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() { // from class: com.ibm.ws.security.authorization.jacc.internal.JaccServiceImpl.5
                static final long serialVersionUID = 1637712516438418420L;
                private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("com.ibm.ws.security.authorization.jacc.internal.JaccServiceImpl$5", AnonymousClass5.class, "Security.Authorization", "com.ibm.ws.security.authorization.jacc.internal.resources.JaccAuthorizationMessages");

                @Override // java.security.PrivilegedExceptionAction
                public Object run() {
                    PolicyContext.setHandlerData((Object) null);
                    return null;
                }
            });
        } catch (PrivilegedActionException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.authorization.jacc.internal.JaccServiceImpl", "572", this, new Object[0]);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception when resetting setHandlerData. Ignoring.. " + e.getException(), new Object[0]);
            }
        }
    }
}
