package com.sun.enterprise.security.webservices;

import com.sun.enterprise.deployment.WebServiceEndpoint;
import com.sun.enterprise.security.SecurityContext;
import com.sun.enterprise.security.jauth.AuthException;
import com.sun.enterprise.security.jauth.ServerAuthContext;
import com.sun.enterprise.security.jmac.provider.ServerAuthConfig;
import com.sun.logging.LogDomains;
import com.sun.xml.rpc.spi.runtime.Implementor;
import com.sun.xml.rpc.spi.runtime.SOAPMessageContext;
import com.sun.xml.rpc.spi.runtime.SystemHandlerDelegate;
import com.sun.xml.rpc.spi.runtime.Tie;
import java.security.AccessControlContext;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;

/* loaded from: input_file:com/sun/enterprise/security/webservices/ServletSystemHandlerDelegate.class */
public class ServletSystemHandlerDelegate implements SystemHandlerDelegate {
    protected static final Logger _logger = LogDomains.getLogger(ServletSystemHandlerDelegate.class, "javax.enterprise.system.core.security");
    private static final String IMPLEMENTOR = "com.sun.xml.rpc.server.http.Implementor";
    private static final String SERVER_AUTH_CONTEXT = "com.sun.enterprise.security.jauth.ServerAuthContext";
    ServerAuthConfig config_;
    WebServiceEndpoint endpoint_;

    public ServletSystemHandlerDelegate(ServerAuthConfig serverAuthConfig, WebServiceEndpoint webServiceEndpoint) {
        this.config_ = serverAuthConfig;
        this.endpoint_ = webServiceEndpoint;
    }

    public boolean processRequest(final SOAPMessageContext sOAPMessageContext) {
        if (_logger.isLoggable(Level.FINE)) {
            _logger.fine("ws.processRequest");
        }
        Implementor implementor = (Implementor) sOAPMessageContext.getProperty(IMPLEMENTOR);
        final Tie tie = implementor.getTie();
        ServerAuthContext authContext = this.config_.getAuthContext(implementor.getTie(), sOAPMessageContext.getMessage());
        boolean z = true;
        try {
            if (authContext != null) {
                try {
                    z = WebServiceSecurity.validateRequest(sOAPMessageContext, authContext);
                    if (z) {
                        sOAPMessageContext.setProperty(SERVER_AUTH_CONTEXT, authContext);
                    }
                } catch (AuthException e) {
                    _logger.log(Level.SEVERE, "ws.error_validate_request", e);
                    throw new RuntimeException(e);
                }
            }
            if (z && System.getSecurityManager() != null) {
                z = false;
                try {
                    Subject.doAsPrivileged(SecurityContext.getCurrent().getSubject(), new PrivilegedExceptionAction() { // from class: com.sun.enterprise.security.webservices.ServletSystemHandlerDelegate.1
                        @Override // java.security.PrivilegedExceptionAction
                        public Object run() throws Exception {
                            tie.handle(sOAPMessageContext);
                            ServletSystemHandlerDelegate.this.processResponse(sOAPMessageContext);
                            return null;
                        }
                    }, (AccessControlContext) null);
                } catch (PrivilegedActionException e2) {
                    Throwable cause = e2.getCause();
                    if (cause instanceof AuthException) {
                        _logger.log(Level.SEVERE, "ws.error_secure_response", cause);
                    }
                    throw (cause instanceof RuntimeException ? (RuntimeException) cause : new RuntimeException(cause));
                }
            }
            return z;
        } finally {
            WebServiceSecurity.auditInvocation(sOAPMessageContext, this.endpoint_, z);
        }
    }

    public void processResponse(SOAPMessageContext sOAPMessageContext) {
        if (_logger.isLoggable(Level.FINE)) {
            _logger.fine("ws.processResponse");
        }
        ServerAuthContext serverAuthContext = (ServerAuthContext) sOAPMessageContext.getProperty(SERVER_AUTH_CONTEXT);
        if (serverAuthContext == null) {
            return;
        }
        try {
            WebServiceSecurity.secureResponse(sOAPMessageContext, serverAuthContext);
        } catch (AuthException e) {
            _logger.log(Level.SEVERE, "ws.error_secure_response", e);
            throw new RuntimeException(e);
        }
    }
}
