package com.sun.enterprise.security.auth.realm.certificate;

import com.sun.appserv.security.AppservRealm;
import com.sun.enterprise.security.SecurityContext;
import com.sun.enterprise.security.auth.login.DistinguishedPrincipalCredential;
import com.sun.enterprise.security.auth.realm.BadRealmException;
import com.sun.enterprise.security.auth.realm.IASRealm;
import com.sun.enterprise.security.auth.realm.InvalidOperationException;
import com.sun.enterprise.security.auth.realm.NoSuchRealmException;
import com.sun.enterprise.security.auth.realm.NoSuchUserException;
import java.security.Principal;
import java.util.Enumeration;
import java.util.Properties;
import java.util.Set;
import java.util.Vector;
import java.util.logging.Level;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import org.glassfish.security.common.Group;
import org.jvnet.hk2.annotations.Service;
import sun.security.x509.X500Name;

@Service
/* loaded from: input_file:com/sun/enterprise/security/auth/realm/certificate/CertificateRealm.class */
public final class CertificateRealm extends IASRealm {
    public static final String AUTH_TYPE = "certificate";
    private Vector<String> defaultGroups = new Vector<>();

    /* loaded from: input_file:com/sun/enterprise/security/auth/realm/certificate/CertificateRealm$AppContextCallback.class */
    public static final class AppContextCallback implements Callback {
        private String moduleID;

        public String getModuleID() {
            return this.moduleID;
        }

        public void setModuleID(String str) {
            this.moduleID = str;
        }
    }

    @Override // com.sun.enterprise.security.auth.realm.Realm
    protected void init(Properties properties) throws BadRealmException, NoSuchRealmException {
        super.init(properties);
        String[] addAssignGroups = addAssignGroups(null);
        if (addAssignGroups != null && addAssignGroups.length > 0) {
            for (String str : addAssignGroups) {
                this.defaultGroups.add(str);
            }
        }
        String property = properties.getProperty(AppservRealm.JAAS_CONTEXT_PARAM);
        if (property != null) {
            setProperty(AppservRealm.JAAS_CONTEXT_PARAM, property);
        }
    }

    @Override // com.sun.enterprise.security.auth.realm.Realm
    public String getAuthType() {
        return "certificate";
    }

    @Override // com.sun.enterprise.security.auth.realm.Realm
    public Enumeration getGroupNames(String str) throws NoSuchUserException, InvalidOperationException {
        return this.defaultGroups.elements();
    }

    public void authenticate(Subject subject, X500Name x500Name) {
        String name = x500Name.getName();
        if (_logger.isLoggable(Level.FINEST)) {
            _logger.finest("Certificate realm setting up security context for: " + name);
        }
        if (this.defaultGroups != null) {
            Set<Principal> principals = subject.getPrincipals();
            Enumeration<String> elements = this.defaultGroups.elements();
            while (elements.hasMoreElements()) {
                principals.add(new Group(elements.nextElement()));
            }
        }
        if (!subject.getPrincipals().isEmpty()) {
            subject.getPublicCredentials().add(new DistinguishedPrincipalCredential(x500Name));
        }
        SecurityContext.setCurrent(new SecurityContext(name, subject));
    }
}
