package com.sun.enterprise.security.ee.auth.login;

import com.sun.appserv.security.AppservPasswordLoginModule;
import com.sun.enterprise.security.ee.auth.realm.pam.PamRealm;
import java.util.Set;
import java.util.logging.Level;
import javax.security.auth.login.LoginException;
import org.jvnet.libpam.PAM;
import org.jvnet.libpam.PAMException;
import org.jvnet.libpam.UnixUser;

/* loaded from: input_file:com/sun/enterprise/security/ee/auth/login/PamLoginModule.class */
public class PamLoginModule extends AppservPasswordLoginModule {
    @Override // com.sun.appserv.security.AppservPasswordLoginModule
    protected void authenticateUser() throws LoginException {
        String[] strArr;
        if (this._username == null || this._username.length() == 0) {
            throw new LoginException("Invalid Username");
        }
        UnixUser authenticate = authenticate(this._username, this._password);
        if (authenticate == null) {
            throw new LoginException("Failed Pam Login for " + this._username);
        }
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "PAM login succeeded for: " + this._username);
        }
        Set<String> groups = authenticate.getGroups();
        if (groups != null) {
            strArr = new String[groups.size()];
            authenticate.getGroups().toArray(strArr);
        } else {
            strArr = new String[0];
        }
        commitUserAuthentication(strArr);
    }

    private UnixUser authenticate(String str, String str2) throws LoginException {
        UnixUser unixUser = null;
        if (!(this._currentRealm instanceof PamRealm)) {
            throw new LoginException("pamrealm.invalid_realm");
        }
        try {
            unixUser = new PAM(((PamRealm) this._currentRealm).getPamService()).authenticate(str, str2);
        } catch (PAMException e) {
            _logger.log(Level.SEVERE, "pam_exception_authenticate", (Throwable) e);
        }
        return unixUser;
    }
}
