package oracle.security.jazn.spi.ldap;

import java.security.AccessController;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Set;
import javax.naming.CommunicationException;
import javax.naming.NameAlreadyBoundException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.NoPermissionException;
import javax.naming.directory.Attribute;
import javax.naming.directory.AttributeInUseException;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import oracle.ldap.util.Guid;
import oracle.security.jazn.JAZNConfig;
import oracle.security.jazn.JAZNException;
import oracle.security.jazn.JAZNNamingException;
import oracle.security.jazn.JAZNObjectExistsException;
import oracle.security.jazn.JAZNObjectNotFoundException;
import oracle.security.jazn.action.GetJAZNConfigPropertyAction;
import oracle.security.jazn.policy.AdminPermission;
import oracle.security.jazn.policy.Grantee;
import oracle.security.jazn.policy.JAZNPolicy;
import oracle.security.jazn.policy.RoleAdminPermission;
import oracle.security.jazn.realm.InitRealmInfo;
import oracle.security.jazn.realm.Realm;
import oracle.security.jazn.realm.RealmManager;
import oracle.security.jazn.realm.RealmPermission;
import oracle.security.jazn.realm.RealmRole;
import oracle.security.jazn.realm.RoleManager;
import oracle.security.jazn.util.Dbg;
import oracle.security.jazn.util.DbgWriter;
import oracle.security.jazn.util.Env;
import oracle.security.jazn.util.Misc;
import oracle.security.jazn.util.Resources;

/* loaded from: input_file:oracle/security/jazn/spi/ldap/LDAPRealmManager.class */
public class LDAPRealmManager extends RealmManager {
    private JAZNConfig _config;
    private static boolean _isCacheEnabled;
    private CacheManager _cacheMgr;
    private String _version;
    private static LDAPRealmManager _realmMgr = null;
    private static String ALL_REALMS = "ALLREALMS";

    private LDAPRealmManager() {
        this(null);
    }

    private LDAPRealmManager(JAZNConfig jAZNConfig) {
        this._version = null;
        if (jAZNConfig == null) {
            this._config = JAZNConfig.getJAZNConfig();
        } else {
            this._config = jAZNConfig;
        }
        _isCacheEnabled = getJAZNProperty(Env.LDAP_CACHE_REALM_ENABLE, Env.LDAP_CACHE_ENABLE_DEFAULT).equals("true");
        if (_isCacheEnabled) {
            this._cacheMgr = CacheManager.getCacheManager();
            this._cacheMgr.registerComponentCache(Env.LDAP_REALM);
        }
    }

    JAZNConfig getJAZNConfig() {
        return this._config;
    }

    public static RealmManager getRealmManager() {
        if (_realmMgr == null) {
            _realmMgr = new LDAPRealmManager();
        }
        return _realmMgr;
    }

    public static RealmManager getRealmManager(JAZNConfig jAZNConfig) {
        return jAZNConfig == null ? getRealmManager() : new LDAPRealmManager(jAZNConfig);
    }

    @Override // oracle.security.jazn.realm.RealmManager
    public Set getRealms() throws JAZNException {
        Object obj;
        if (isCacheEnabled() && (obj = this._cacheMgr.get(Env.LDAP_REALM, ALL_REALMS)) != null && (obj instanceof Set)) {
            if (Dbg.PERF) {
                DbgWriter.writeln(new StringBuffer().append("getrealm - get all realms from cache ").append(obj).toString());
            }
            return (Set) obj;
        }
        Set set = getrealms(null);
        if (isCacheEnabled()) {
            this._cacheMgr.put(Env.LDAP_REALM, ALL_REALMS, set);
            if (Dbg.PERF) {
                DbgWriter.writeln("getrealm - put all realms to cache ");
            }
        }
        return set;
    }

    @Override // oracle.security.jazn.realm.RealmManager
    public Realm getRealm(String str) throws JAZNException {
        Object obj;
        if (isCacheEnabled() && str != null && (obj = this._cacheMgr.get(Env.LDAP_REALM, str)) != null && (obj instanceof Realm)) {
            if (Dbg.PERF) {
                DbgWriter.writeln(new StringBuffer().append("getrealm - get realm from cache ").append(obj).toString());
            }
            return (Realm) obj;
        }
        Set set = getrealms(str);
        if (set.isEmpty()) {
            return null;
        }
        Object next = set.iterator().next();
        if (next instanceof Realm) {
            return (Realm) next;
        }
        return null;
    }

    @Override // oracle.security.jazn.realm.RealmManager
    public Realm createRealm(String str, InitRealmInfo initRealmInfo) throws JAZNException {
        if (isCacheEnabled()) {
            throw new UnsupportedOperationException();
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(new RealmPermission(str, "createRealm"));
        }
        String realmType = initRealmInfo.getRealmType();
        Class userMgrImplClass = initRealmInfo.getUserMgrImplClass();
        Class roleMgrImplClass = initRealmInfo.getRoleMgrImplClass();
        String adminUser = initRealmInfo.getAdminUser();
        String adminRole = initRealmInfo.getAdminRole();
        Hashtable attributes = initRealmInfo.getAttributes();
        String str2 = null;
        String str3 = (String) attributes.get(Realm.LDAPProperty.USERS_SEARCHBASE);
        String str4 = (String) attributes.get(Realm.LDAPProperty.USERS_NAME_ATTR);
        String str5 = (String) attributes.get(Realm.LDAPProperty.USERS_OBJ_CLASS);
        boolean z = true;
        String str6 = (String) attributes.get(Realm.LDAPProperty.ROLES_SEARCHBASE);
        String str7 = (String) attributes.get(Realm.LDAPProperty.ROLES_NAME_ATTR);
        String str8 = (String) attributes.get(Realm.LDAPProperty.ROLES_OBJ_CLASS);
        String str9 = (String) attributes.get(Realm.LDAPProperty.ROLES_MEMBER_ATTR);
        if (str == null || adminRole == null || userMgrImplClass == null || roleMgrImplClass == null) {
            throw new IllegalArgumentException(Misc.getResourceBundle().getString(Resources.Key.REALM_CREATE_INVALID_ARGUMENT));
        }
        if (realmType.equals(InitRealmInfo.RealmType.SUBSCRIBER_REALM)) {
            str2 = (String) attributes.get(Realm.LDAPProperty.SUBSCRIBER_DN);
            if (str2 == null) {
                throw new IllegalArgumentException(Misc.getResourceBundle().getString(Resources.Key.INVALID_ARGUMENT));
            }
        } else if (realmType.equals(InitRealmInfo.RealmType.EXTERNAL_REALM)) {
            if (str3 == null || str6 == null) {
                throw new IllegalArgumentException(Misc.getResourceBundle().getString(Resources.Key.INVALID_ARGUMENT));
            }
        } else if (realmType.equals(InitRealmInfo.RealmType.APPLICATION_REALM)) {
            z = false;
            if (str3 == null) {
                throw new IllegalArgumentException(Misc.getResourceBundle().getString(Resources.Key.INVALID_ARGUMENT));
            }
        }
        BasicAttribute basicAttribute = new BasicAttribute(Env.OC);
        basicAttribute.add(Env.OC_TOP);
        basicAttribute.add(Env.OC_REALM);
        Attributes basicAttributes = new BasicAttributes();
        BasicAttribute basicAttribute2 = new BasicAttribute(Env.ATTR_CN, str);
        BasicAttribute basicAttribute3 = null;
        if (adminUser != null) {
            basicAttribute3 = new BasicAttribute(Env.ATTR_ADMIN, adminUser);
        }
        BasicAttribute basicAttribute4 = new BasicAttribute(Env.ATTR_ADMIN_ROLE, adminRole);
        if (initRealmInfo.getRealmType().equals(InitRealmInfo.RealmType.SUBSCRIBER_REALM)) {
            basicAttributes.put(new BasicAttribute(Env.ATTR_SUBSCRIBER_DN, str2));
        }
        addCustomizedProperty(attributes, basicAttributes);
        basicAttributes.put(basicAttribute);
        basicAttributes.put(basicAttribute2);
        if (basicAttribute3 != null) {
            basicAttributes.put(basicAttribute3);
        }
        basicAttributes.put(basicAttribute4);
        BasicAttribute basicAttribute5 = new BasicAttribute(Env.OC);
        basicAttribute5.add(Env.OC_TOP);
        basicAttribute5.add(Env.OC_ROLE_MGR);
        BasicAttribute basicAttribute6 = new BasicAttribute(Env.ATTR_CN, Env.ENTRY_ROLE_MGR);
        Attributes basicAttributes2 = new BasicAttributes();
        basicAttributes2.put(basicAttribute5);
        basicAttributes2.put(basicAttribute6);
        basicAttributes2.put(new BasicAttribute(Env.ATTR_IS_EXTERNAL, z ? "true" : "false"));
        if (str7 != null) {
            basicAttributes2.put(new BasicAttribute(Env.ATTR_ROLE_NAMING_ATTR, str7));
        }
        if (str8 != null) {
            basicAttributes2.put(new BasicAttribute(Env.ATTR_ROLE_MGR_CLS, str8));
        }
        if (str6 != null) {
            basicAttributes2.put(new BasicAttribute(Env.ATTR_ROLE_SEARCH_BASE, str6));
        }
        if (str9 != null) {
            basicAttributes2.put(new BasicAttribute(Env.ATTR_ROLE_MEMBER_ATTR, str9));
        }
        basicAttributes2.put(new BasicAttribute(Env.ATTR_JAVACLASS, roleMgrImplClass.getName()));
        Attributes basicAttributes3 = new BasicAttributes();
        BasicAttribute basicAttribute7 = new BasicAttribute(Env.OC);
        basicAttribute7.add(Env.OC_TOP);
        basicAttribute7.add(Env.OC_USER_MGR);
        basicAttributes3.put(basicAttribute7);
        basicAttributes3.put(new BasicAttribute(Env.ATTR_CN, Env.ENTRY_USER_MGR));
        basicAttributes3.put(new BasicAttribute(Env.ATTR_IS_EXTERNAL, 1 != 0 ? "true" : "false"));
        if (str4 != null) {
            basicAttributes3.put(new BasicAttribute(Env.ATTR_USER_NAMING_ATTR, str4));
        }
        if (str5 != null) {
            basicAttributes3.put(new BasicAttribute(Env.ATTR_USER_MGR_CLS, str5));
        }
        if (str3 != null) {
            basicAttributes3.put(new BasicAttribute(Env.ATTR_USER_SEARCH_BASE, str3));
        }
        basicAttributes3.put(new BasicAttribute(Env.ATTR_JAVACLASS, userMgrImplClass.getName()));
        Attributes basicAttributes4 = new BasicAttributes();
        BasicAttribute basicAttribute8 = new BasicAttribute(Env.OC);
        basicAttribute8.add(Env.OC_TOP);
        basicAttribute8.add(Env.OC_ORCL_CONTAINER);
        basicAttributes4.put(basicAttribute8);
        basicAttributes4.put(new BasicAttribute(Env.ATTR_CN, Env.ENTRY_POLICY));
        Attributes basicAttributes5 = new BasicAttributes();
        basicAttributes5.put(basicAttribute8);
        basicAttributes5.put(new BasicAttribute(Env.ATTR_CN, Env.ENTRY_PERMISSIONS));
        Attributes basicAttributes6 = new BasicAttributes();
        basicAttributes6.put(basicAttribute8);
        basicAttributes6.put(new BasicAttribute(Env.ATTR_CN, Env.ENTRY_GRANTEES));
        try {
            String siteJAZNCtxDN = LDAPContext.getSiteJAZNCtxDN(getJAZNConfig());
            String stringBuffer = new StringBuffer().append(Env.ATTR_CN).append("=").append(str).append(",").append(Env.ATTR_CN).append("=").append(Env.ENTRY_REALMS).append(",").append(siteJAZNCtxDN).toString();
            String str10 = null;
            String str11 = null;
            boolean z2 = false;
            if (realmType.equals(InitRealmInfo.RealmType.SUBSCRIBER_REALM)) {
                Attributes attributes2 = LDAPUtil.getLDAPUtil(getJAZNConfig()).getAttributes(new StringBuffer().append(Env.ENTRY_COMMON).append(",cn=").append(Env.ENTRY_SERVICES).append(",").append(Env.ENTRY_ORACLE_CONTEXT).append(",").append(str2).toString(), new String[]{Env.ATTR_COMMON_NICK_NAME, Env.ATTR_COMMON_USER_SEARCHBASE, Env.ATTR_COMMON_GROUP_SEARCHBASE});
                if (attributes2 == null) {
                    throw new IllegalArgumentException(Misc.getResourceBundle().getString(Resources.Key.INVALID_ARGUMENT));
                }
                Attribute attribute = attributes2.get(Env.ATTR_COMMON_NICK_NAME);
                if (attribute != null) {
                    str4 = (String) attribute.getAll().nextElement();
                }
                Attribute attribute2 = attributes2.get(Env.ATTR_COMMON_USER_SEARCHBASE);
                if (attribute2 == null) {
                    throw new IllegalArgumentException(new StringBuffer().append(Misc.getResourceBundle().getString(Resources.Key.INVALID_ARGUMENT)).append("SUBSCRIBER_DN").toString());
                }
                str3 = (String) attribute2.getAll().nextElement();
                Attribute attribute3 = attributes2.get(Env.ATTR_COMMON_GROUP_SEARCHBASE);
                if (attribute3 == null) {
                    throw new IllegalArgumentException(new StringBuffer().append(Misc.getResourceBundle().getString(Resources.Key.INVALID_ARGUMENT)).append("SUBSCRIBER_DN").toString());
                }
                str6 = (String) attribute3.getAll().nextElement();
            } else {
                BasicAttribute basicAttribute9 = new BasicAttribute(Env.ATTR_ACI);
                basicAttribute9.add("access to attr=(userPassword) filter=(objectclass=inetorgperson) by group=\"cn=authenticationServices,cn=Groups,cn=OracleContext\" (compare) by * (none)");
                try {
                    LDAPUtil.getLDAPUtil(getJAZNConfig()).modifyAttributes(str3, new ModificationItem[]{new ModificationItem(1, basicAttribute9)});
                } catch (NoPermissionException e) {
                    if (Dbg.LOG) {
                        e.printStackTrace();
                    }
                    throw new NamingException(new StringBuffer().append("LDAP user has insufficient privilege for modifying orclaci at the user searchbase. Please correct it. ").append(e.toString()).toString());
                } catch (AttributeInUseException e2) {
                }
            }
            if (1 != 0 && adminUser != null) {
                SearchControls searchControls = new SearchControls();
                searchControls.setSearchScope(2);
                if (str4 == null) {
                    str4 = "cn";
                }
                String stringBuffer2 = new StringBuffer().append("(").append(str4).append("=").append(adminUser).append(")").toString();
                if (str5 != null) {
                    stringBuffer2 = new StringBuffer().append("(&(objectclass=").append(str5).append(")").append(stringBuffer2).append(")").toString();
                }
                NamingEnumeration search = LDAPUtil.getLDAPUtil(getJAZNConfig()).search(str3, stringBuffer2, searchControls);
                if (search == null || !search.hasMore()) {
                    throw new IllegalArgumentException(Misc.getResourceBundle().getString(Resources.Key.REALM_USER_NOT_FOUND));
                }
                str10 = new StringBuffer().append(((SearchResult) search.next()).getName()).append(Env.LDAP_SEPARATOR).append(str3).toString();
            }
            if (z) {
                SearchControls searchControls2 = new SearchControls();
                searchControls2.setSearchScope(2);
                if (str7 == null) {
                    str7 = "cn";
                }
                String stringBuffer3 = new StringBuffer().append("(").append(str7).append("=").append(adminRole).append(")").toString();
                if (str8 == null) {
                    str8 = Env.OC_GROUP_OF_UNIQUE_NAMES;
                }
                NamingEnumeration search2 = LDAPUtil.getLDAPUtil(getJAZNConfig()).search(str6, new StringBuffer().append("(&(objectclass=").append(str8).append(")").append(stringBuffer3).append(")").toString(), searchControls2);
                if (search2 == null || !search2.hasMore()) {
                    throw new IllegalArgumentException(Misc.getResourceBundle().getString(Resources.Key.REALM_ROLE_NOT_FOUND));
                }
                str11 = new StringBuffer().append(((SearchResult) search2.next()).getName()).append(Env.LDAP_SEPARATOR).append(str6).toString();
            } else {
                z2 = true;
            }
            String str12 = null;
            if (realmType.equals(InitRealmInfo.RealmType.SUBSCRIBER_REALM)) {
                str12 = new StringBuffer().append("cn=").append(Env.ENTRY_JAZNCONTEXT).append(",cn=").append(Env.ENTRY_SERVICES).append(",").append(new StringBuffer().append(Env.ENTRY_ORACLE_CONTEXT).append(",").append(str2).toString()).toString();
                Attributes basicAttributes7 = new BasicAttributes();
                basicAttributes7.put(basicAttribute8);
                basicAttributes7.put(new BasicAttribute(Env.ATTR_CN, Env.ENTRY_JAZNCONTEXT));
                BasicAttribute basicAttribute10 = new BasicAttribute(Env.ATTR_ACI);
                String stringBuffer4 = new StringBuffer().append("cn=JAZNAdminGroup,cn=Groups,").append(siteJAZNCtxDN).toString();
                basicAttribute10.add(new StringBuffer().append("access to entry by group = \"").append(stringBuffer4).append("\" (browse, add, delete) by * (none)").toString());
                basicAttribute10.add(new StringBuffer().append("access to attr=(*) by group = \"").append(stringBuffer4).append("\" (search, read, write, compare) by *  (none)").toString());
                basicAttributes7.put(basicAttribute10);
                LDAPUtil.getLDAPUtil(getJAZNConfig()).createSubcontext(str12, basicAttributes7);
            }
            LDAPUtil.getLDAPUtil(getJAZNConfig()).createSubcontext(stringBuffer, basicAttributes);
            LDAPUtil.getLDAPUtil(getJAZNConfig()).createSubcontext(new StringBuffer().append(new StringBuffer().append(Env.ATTR_CN).append("=").append(Env.ENTRY_ROLE_MGR).append(Env.LDAP_SEPARATOR).toString()).append(realmType.equals(InitRealmInfo.RealmType.SUBSCRIBER_REALM) ? str12 : stringBuffer).toString(), basicAttributes2);
            LDAPUtil.getLDAPUtil(getJAZNConfig()).createSubcontext(new StringBuffer().append(new StringBuffer().append(Env.ATTR_CN).append("=").append(Env.ENTRY_USER_MGR).append(Env.LDAP_SEPARATOR).toString()).append(realmType.equals(InitRealmInfo.RealmType.SUBSCRIBER_REALM) ? str12 : stringBuffer).toString(), basicAttributes3);
            String stringBuffer5 = new StringBuffer().append(new StringBuffer().append(Env.ATTR_CN).append("=").append(Env.ENTRY_POLICY).append(Env.LDAP_SEPARATOR).toString()).append(realmType.equals(InitRealmInfo.RealmType.SUBSCRIBER_REALM) ? str12 : stringBuffer).toString();
            LDAPUtil.getLDAPUtil(getJAZNConfig()).createSubcontext(stringBuffer5, basicAttributes4);
            LDAPUtil.getLDAPUtil(getJAZNConfig()).createSubcontext(new StringBuffer().append(Env.ATTR_CN).append("=").append(Env.ENTRY_PERMISSIONS).append(Env.LDAP_SEPARATOR).append(stringBuffer5).toString(), basicAttributes5);
            LDAPUtil.getLDAPUtil(getJAZNConfig()).createSubcontext(new StringBuffer().append(Env.ATTR_CN).append("=").append(Env.ENTRY_GRANTEES).append(Env.LDAP_SEPARATOR).append(stringBuffer5).toString(), basicAttributes6);
            LDAPRealmImpl lDAPRealmImpl = new LDAPRealmImpl(getJAZNConfig(), str, null, adminUser, adminRole, str2, null, attributes);
            LDAPRealmUser lDAPRealmUser = null;
            if (adminUser != null) {
                lDAPRealmUser = new LDAPRealmUser(getJAZNConfig(), adminUser, str10, lDAPRealmImpl);
            }
            RealmRole realmRole = null;
            if (z2) {
                RoleManager roleManager = lDAPRealmImpl.getRoleManager();
                if (roleManager != null) {
                    realmRole = roleManager.createRole(adminRole);
                    if (lDAPRealmUser != null) {
                        roleManager.grantRole(lDAPRealmUser, realmRole);
                    }
                }
                str11 = ((LDAPRealmRole) realmRole).getDN();
            } else {
                realmRole = new LDAPRealmRole(getJAZNConfig(), adminRole, str11, lDAPRealmImpl);
            }
            BasicAttribute basicAttribute11 = new BasicAttribute(Env.ATTR_ACI);
            String stringBuffer6 = new StringBuffer().append("access to entry by group = \"").append(str11).append("\" (browse, add, delete) by * (none)").toString();
            String stringBuffer7 = new StringBuffer().append("access to attr=(*) by group = \"").append(str11).append("\" (search, read, write, compare) by * (none)").toString();
            basicAttribute11.add(stringBuffer6);
            basicAttribute11.add(stringBuffer7);
            LDAPUtil.getLDAPUtil(getJAZNConfig()).modifyAttributes(stringBuffer, new ModificationItem[]{new ModificationItem(1, basicAttribute11)});
            grantAdminPrivileges(realmRole, !z);
            new LDAPRealmPolicy(getJAZNConfig(), lDAPRealmImpl);
            return lDAPRealmImpl;
        } catch (NamingException e3) {
            if (Dbg.LOG) {
                e3.printStackTrace();
            }
            throw new JAZNNamingException(new StringBuffer().append(Misc.getResourceBundle().getString(Resources.Key.REALM_CREATE_FAILED)).append(" ").append(e3.toString()).toString(), e3);
        } catch (NameAlreadyBoundException e4) {
            if (Dbg.LOG) {
                e4.printStackTrace();
            }
            throw new JAZNObjectExistsException(Misc.getResourceBundle().getString(Resources.Key.REALM_EXISTS), e4);
        } catch (CommunicationException e5) {
            if (Dbg.LOG) {
                e5.printStackTrace();
            }
            throw new JAZNNamingException(Misc.getResourceBundle().getString(Resources.Key.COMMUNICATION_FAILED), e5);
        } catch (JAZNException e6) {
            if (Dbg.LOG) {
                e6.printStackTrace();
            }
            throw new JAZNException(Misc.getResourceBundle().getString(Resources.Key.REALM_CREATE_FAILED), e6);
        }
    }

    @Override // oracle.security.jazn.realm.RealmManager
    public void dropRealm(String str) throws JAZNException {
        if (isCacheEnabled()) {
            throw new UnsupportedOperationException();
        }
        try {
            Realm realm = getRealm(str);
            if (realm == null) {
                throw new JAZNObjectNotFoundException(Misc.getResourceBundle().getString(Resources.Key.REALM_NOT_EXISTS), null);
            }
            dropRealm(realm);
        } catch (JAZNException e) {
            throw e;
        }
    }

    @Override // oracle.security.jazn.realm.RealmManager
    public void dropRealm(Realm realm) throws JAZNException {
        try {
            if (isCacheEnabled()) {
                throw new UnsupportedOperationException();
            }
            SecurityManager securityManager = System.getSecurityManager();
            if (securityManager != null) {
                securityManager.checkPermission(new RealmPermission(realm.getName(), "dropRealm"));
            }
            String realmDN = ((LDAPRealmImpl) realm).getRealmDN();
            String subscriberJAZNCtx = ((LDAPRealmImpl) realm).getSubscriberJAZNCtx();
            if (subscriberJAZNCtx != null) {
                LDAPUtil.getLDAPUtil(getJAZNConfig()).bulkDelete(subscriberJAZNCtx);
            }
            LDAPUtil.getLDAPUtil(getJAZNConfig()).bulkDelete(realmDN);
        } catch (JAZNException e) {
            if (Dbg.LOG) {
                e.printStackTrace();
            }
            throw new JAZNException(Misc.getResourceBundle().getString(Resources.Key.REALM_DELETE_FAILED), e);
        } catch (NamingException e2) {
            if (Dbg.LOG) {
                e2.printStackTrace();
            }
            throw new JAZNNamingException(Misc.getResourceBundle().getString(Resources.Key.REALM_DELETE_FAILED), e2);
        }
    }

    public Realm getDefaultSubscriberRealm() throws JAZNException {
        String str = null;
        String str2 = null;
        String str3 = null;
        try {
            Attributes attributes = LDAPUtil.getLDAPUtil(getJAZNConfig()).getAttributes("cn=common,cn=products,cn=oraclecontext", new String[]{"orcldefaultsubscriber", "orclsubscribernicknameattribute"});
            if (attributes != null) {
                Attribute attribute = attributes.get("orcldefaultsubscriber");
                if (attribute != null) {
                    str2 = (String) attribute.get();
                }
                Attribute attribute2 = attributes.get("orclsubscribernicknameattribute");
                if (attribute2 != null) {
                    str3 = (String) attribute2.get();
                }
                if (str2 != null && str3 != null) {
                    str = LDAPUtil.extractName(str2, str3);
                }
            }
            if (str != null) {
                return getRealm(str);
            }
            return null;
        } catch (CommunicationException e) {
            if (Dbg.LOG) {
                e.printStackTrace();
            }
            throw new JAZNNamingException(Misc.getResourceBundle().getString(Resources.Key.COMMUNICATION_FAILED), e);
        } catch (Exception e2) {
            if (Dbg.LOG) {
                System.out.println("JAZN-LDAP: Exception getting default subscriber name");
            }
            if (Dbg.LOG) {
                e2.printStackTrace();
            }
            throw new JAZNException(Misc.getResourceBundle().getString(Resources.Key.REALM_GET_FAILED), e2);
        }
    }

    private Set getrealms(String str) throws JAZNException {
        Object obj;
        HashSet hashSet = new HashSet();
        try {
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(1);
            searchControls.setReturningAttributes(LDAPRealmImpl.getLDAPAttributes());
            String stringBuffer = new StringBuffer().append("(").append(Env.OC).append("=").append(Env.OC_REALM).append(")").toString();
            NamingEnumeration search = LDAPUtil.getLDAPUtil(getJAZNConfig()).search(new StringBuffer().append(Env.ATTR_CN).append("=").append(Env.ENTRY_REALMS).append(",").append(LDAPContext.getSiteJAZNCtxDN(getJAZNConfig())).toString(), str != null ? new StringBuffer().append("(&").append(stringBuffer).append("(").append(Env.ATTR_CN).append("=").append(str).append("))").toString() : stringBuffer, searchControls);
            while (search != null) {
                if (!search.hasMore()) {
                    break;
                }
                SearchResult searchResult = (SearchResult) search.next();
                Hashtable hashtable = new Hashtable();
                String str2 = null;
                String str3 = null;
                String str4 = null;
                String str5 = null;
                String name = searchResult.getName();
                Attributes attributes = searchResult.getAttributes();
                if (attributes != null) {
                    NamingEnumeration all = attributes.getAll();
                    while (all.hasMoreElements()) {
                        Attribute attribute = (Attribute) all.next();
                        String id = attribute.getID();
                        if (id.equalsIgnoreCase(Env.ATTR_PROPERTY)) {
                            extractProperties(attribute, hashtable);
                        } else if (id.equalsIgnoreCase(Env.ATTR_SUBSCRIBER_DN)) {
                            str2 = (String) attribute.get();
                        } else if (id.equalsIgnoreCase(Env.ATTR_ADMIN)) {
                            str3 = (String) attribute.get();
                        } else if (id.equalsIgnoreCase(Env.ATTR_ID)) {
                            str4 = (String) attribute.get();
                        } else if (id.equalsIgnoreCase(Env.ATTR_ADMIN_ROLE)) {
                            str5 = (String) attribute.get();
                        }
                    }
                }
                String extractName = LDAPUtil.extractName(name, new String(Env.ATTR_CN));
                Guid guid = new Guid(str4);
                Object obj2 = null;
                if (isCacheEnabled() && (obj = this._cacheMgr.get(Env.LDAP_REALM, extractName)) != null && (obj instanceof LDAPRealmImpl)) {
                    if (Dbg.PERF) {
                        DbgWriter.writeln(new StringBuffer().append("got realm object from cache ").append(obj).toString());
                    }
                    obj2 = obj;
                }
                if (obj2 == null) {
                    obj2 = new LDAPRealmImpl(getJAZNConfig(), extractName, guid, str3, str5, str2, null, hashtable);
                    if (isCacheEnabled()) {
                        if (Dbg.PERF) {
                            DbgWriter.writeln(new StringBuffer().append("put realm object to cache ").append(obj2).toString());
                        }
                        this._cacheMgr.put(Env.LDAP_REALM, extractName, obj2);
                    }
                }
                hashSet.add(obj2);
            }
            return hashSet;
        } catch (JAZNException e) {
            if (Dbg.LOG) {
                e.printStackTrace();
            }
            throw e;
        } catch (CommunicationException e2) {
            if (Dbg.LOG) {
                e2.printStackTrace();
            }
            throw new JAZNNamingException(Misc.getResourceBundle().getString(Resources.Key.COMMUNICATION_FAILED), e2);
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
            throw new JAZNException(Misc.getResourceBundle().getString(Resources.Key.REALM_GET_FAILED), th);
        }
    }

    private void grantAdminPrivileges(RealmRole realmRole, boolean z) throws JAZNException {
        try {
            JAZNPolicy policy = getJAZNConfig().getPolicy();
            if (policy == null) {
                throw new JAZNException(Misc.getResourceBundle().getString(Resources.Key.POLICY_INIT_FAIL));
            }
            String name = realmRole.getRealm().getName();
            Grantee grantee = new Grantee(realmRole);
            RealmPermission realmPermission = new RealmPermission(name, "createRealm");
            RealmPermission realmPermission2 = new RealmPermission(name, "dropRealm");
            RealmPermission realmPermission3 = new RealmPermission(name, "modifyRealmMetaData");
            policy.grant(grantee, realmPermission);
            policy.grant(grantee, realmPermission2);
            policy.grant(grantee, realmPermission3);
            policy.grant(grantee, new AdminPermission(realmPermission));
            policy.grant(grantee, new AdminPermission(realmPermission2));
            policy.grant(grantee, new AdminPermission(realmPermission3));
            if (z) {
                RealmPermission realmPermission4 = new RealmPermission(name, "createRole");
                RealmPermission realmPermission5 = new RealmPermission(name, "dropRole");
                policy.grant(grantee, new AdminPermission(realmPermission4));
                policy.grant(grantee, new AdminPermission(realmPermission5));
                RoleAdminPermission roleAdminPermission = new RoleAdminPermission(new StringBuffer().append(name).append("/*").toString());
                policy.grant(grantee, roleAdminPermission);
                policy.grant(grantee, new AdminPermission(roleAdminPermission));
            }
        } catch (JAZNException e) {
            throw e;
        }
    }

    private void addCustomizedProperty(Hashtable hashtable, Attributes attributes) {
        BasicAttribute basicAttribute = null;
        Enumeration keys = hashtable.keys();
        while (keys.hasMoreElements()) {
            String str = (String) keys.nextElement();
            if (!str.startsWith("jazn.realm")) {
                if (basicAttribute == null) {
                    basicAttribute = new BasicAttribute(Env.ATTR_PROPERTY);
                }
                basicAttribute.add(new StringBuffer().append(str).append("$").append((String) hashtable.get(str)).toString());
                attributes.put(basicAttribute);
            }
        }
    }

    private void extractProperties(Attribute attribute, Hashtable hashtable) throws NamingException {
        NamingEnumeration all = attribute.getAll();
        while (all.hasMoreElements()) {
            String str = (String) all.nextElement();
            int indexOf = str.indexOf(Env.REALM_SEPARATOR);
            hashtable.put(str.substring(0, indexOf), str.substring(indexOf + 1));
        }
    }

    protected final String getJAZNProperty(String str, String str2) {
        return (String) AccessController.doPrivileged(new GetJAZNConfigPropertyAction(this._config, str, str2));
    }

    protected final boolean isCacheEnabled() {
        return _isCacheEnabled;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public synchronized String getVersion() throws JAZNException {
        if (this._version == null) {
            try {
                this._version = (String) LDAPUtil.getLDAPUtil(this._config).getAttributes("cn=JAZN,cn=OracleSchemaVersion", new String[]{Env.ATTR_VERSION}).get(Env.ATTR_VERSION).get();
            } catch (Exception e) {
                if (Dbg.LOG) {
                    e.printStackTrace();
                }
                throw new JAZNException(Misc.getResourceBundle().getString(Resources.Key.OID_VERSION_NOT_FOUND), e);
            } catch (NamingException e2) {
                if (Dbg.LOG) {
                    e2.printStackTrace();
                }
                throw new JAZNNamingException(Misc.getResourceBundle().getString(Resources.Key.OID_VERSION_NOT_FOUND), e2);
            }
        }
        return this._version;
    }
}
