package org.fabric3.host.security;

import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.management.remote.JMXAuthenticator;
import javax.security.auth.Subject;
import org.fabric3.api.Role;
import org.osoa.sca.annotations.Reference;

/* loaded from: input_file:org/fabric3/host/security/DelegatingJmxAuthenticator.class */
public class DelegatingJmxAuthenticator implements JMXAuthenticator {
    private JmxSecurity security;
    private Set<Role> roles;
    private JMXAuthenticator delegate;

    public DelegatingJmxAuthenticator(JmxSecurity jmxSecurity, Set<Role> set) {
        this.security = jmxSecurity;
        this.roles = set;
    }

    @Reference(required = false)
    public void setAuthenticators(List<JMXAuthenticator> list) {
        this.delegate = list.get(0);
    }

    public Subject authenticate(Object obj) {
        if (this.delegate == null) {
            throw new SecurityException("Delegate JMXAuthenticator not configured");
        }
        Subject authenticate = this.delegate.authenticate(obj);
        if (JmxSecurity.AUTHENTICATION != this.security && !authorize(authenticate)) {
            throw new SecurityException("Access denied");
        }
        return authenticate;
    }

    private boolean authorize(Subject subject) {
        boolean z = false;
        Iterator<Role> it = this.roles.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (subject.getPrincipals().contains(it.next())) {
                z = true;
                break;
            }
        }
        return z;
    }
}
