package org.apache.commons.jelly.tags.jetty;

import java.io.IOException;
import java.io.StringReader;
import java.util.Iterator;
import org.apache.commons.jelly.JellyTagException;
import org.apache.commons.jelly.TagSupport;
import org.apache.commons.jelly.XMLOutput;
import org.mortbay.http.BasicAuthenticator;
import org.mortbay.http.ClientCertAuthenticator;
import org.mortbay.http.DigestAuthenticator;
import org.mortbay.http.SecurityConstraint;
import org.mortbay.http.handler.SecurityHandler;
import org.mortbay.jetty.servlet.FormAuthenticator;
import org.mortbay.util.Code;
import org.mortbay.xml.XmlParser;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;

/* loaded from: input_file:org/apache/commons/jelly/tags/jetty/SecurityHandlerTag.class */
public class SecurityHandlerTag extends TagSupport {
    private transient FormAuthenticator _formAuthenticator;
    private String _authenticationMethod;
    static Class class$org$apache$commons$jelly$tags$jetty$HttpContextTag;

    public void doTag(XMLOutput xMLOutput) throws JellyTagException {
        Class cls;
        if (class$org$apache$commons$jelly$tags$jetty$HttpContextTag == null) {
            cls = class$("org.apache.commons.jelly.tags.jetty.HttpContextTag");
            class$org$apache$commons$jelly$tags$jetty$HttpContextTag = cls;
        } else {
            cls = class$org$apache$commons$jelly$tags$jetty$HttpContextTag;
        }
        HttpContextTag httpContextTag = (HttpContextTag) findAncestorWithClass(cls);
        if (httpContextTag == null) {
            throw new JellyTagException("<securityHandler> tag must be enclosed inside a <httpContext> tag");
        }
        SecurityHandler securityHandler = new SecurityHandler();
        if (getauthenticationMethod() != null) {
            securityHandler.setAuthMethod(getauthenticationMethod());
        }
        httpContextTag.addHandler(securityHandler);
        try {
            Iterator it = new XmlParser(false).parse(new InputSource(new StringReader(getBodyText()))).iterator();
            while (it.hasNext()) {
                Object next = it.next();
                if (next instanceof XmlParser.Node) {
                    XmlParser.Node node = (XmlParser.Node) next;
                    String tag = node.getTag();
                    if ("security-constraint".equals(tag)) {
                        initSecurityConstraint(node, httpContextTag);
                    } else {
                        if (!"login-config".equals(tag)) {
                            throw new JellyTagException(new StringBuffer().append("Invalid element in <securityHandler> tag. Are you using the <constraints> tag?: ").append(node).toString());
                        }
                        initLoginConfig(node, httpContextTag);
                    }
                }
            }
        } catch (IOException e) {
            throw new JellyTagException(e);
        } catch (SAXException e2) {
            throw new JellyTagException(e2);
        }
    }

    protected void initSecurityConstraint(XmlParser.Node node, HttpContextTag httpContextTag) {
        SecurityConstraint securityConstraint = new SecurityConstraint();
        XmlParser.Node node2 = node.get("auth-constraint");
        if (node2 != null) {
            securityConstraint.setAuthenticate(true);
            Iterator it = node2.iterator("role-name");
            while (it.hasNext()) {
                securityConstraint.addRole(((XmlParser.Node) it.next()).toString(false, true));
            }
        }
        XmlParser.Node node3 = node.get("user-data-constraint");
        if (node3 != null) {
            String upperCase = node3.get("transport-guarantee").toString(false, true).toUpperCase();
            if (upperCase == null || upperCase.length() == 0 || "NONE".equals(upperCase)) {
                securityConstraint.setDataConstraint(0);
            } else if ("INTEGRAL".equals(upperCase)) {
                securityConstraint.setDataConstraint(1);
            } else if ("CONFIDENTIAL".equals(upperCase)) {
                securityConstraint.setDataConstraint(2);
            } else {
                Code.warning(new StringBuffer().append("Unknown user-data-constraint:").append(upperCase).toString());
                securityConstraint.setDataConstraint(2);
            }
        }
        Iterator it2 = node.iterator("web-resource-collection");
        while (it2.hasNext()) {
            XmlParser.Node node4 = (XmlParser.Node) it2.next();
            String string = node4.getString("web-resource-name", false, true);
            SecurityConstraint securityConstraint2 = (SecurityConstraint) securityConstraint.clone();
            securityConstraint2.setName(string);
            Iterator it3 = node4.iterator("http-method");
            while (it3.hasNext()) {
                securityConstraint2.addMethod(((XmlParser.Node) it3.next()).toString(false, true));
            }
            Iterator it4 = node4.iterator("url-pattern");
            while (it4.hasNext()) {
                httpContextTag.addSecurityConstraint(((XmlParser.Node) it4.next()).toString(false, true), securityConstraint2);
            }
        }
    }

    protected void initLoginConfig(XmlParser.Node node, HttpContextTag httpContextTag) {
        XmlParser.Node node2 = node.get("auth-method");
        if (node2 != null) {
            FormAuthenticator formAuthenticator = null;
            String node3 = node2.toString(false, true);
            if ("FORM".equals(node3)) {
                FormAuthenticator formAuthenticator2 = new FormAuthenticator();
                this._formAuthenticator = formAuthenticator2;
                formAuthenticator = formAuthenticator2;
            } else if ("BASIC".equals(node3)) {
                formAuthenticator = new BasicAuthenticator();
            } else if ("DIGEST".equals(node3)) {
                formAuthenticator = new DigestAuthenticator();
            } else if ("CLIENT-CERT".equals(node3)) {
                formAuthenticator = new ClientCertAuthenticator();
            } else {
                Code.warning(new StringBuffer().append("UNKNOWN AUTH METHOD: ").append(node3).toString());
            }
            httpContextTag.setAuthenticator(formAuthenticator);
        }
        XmlParser.Node node4 = node.get("realm-name");
        if (node4 != null) {
            httpContextTag.setRealmName(node4.toString(false, true));
        }
        XmlParser.Node node5 = node.get("form-login-config");
        if (node5 != null) {
            if (this._formAuthenticator == null) {
                Code.warning("FORM Authentication miss-configured");
                return;
            }
            XmlParser.Node node6 = node5.get("form-login-page");
            if (node6 != null) {
                this._formAuthenticator.setLoginPage(node6.toString(false, true));
            }
            XmlParser.Node node7 = node5.get("form-error-page");
            if (node7 != null) {
                this._formAuthenticator.setErrorPage(node7.toString(false, true));
            }
        }
    }

    public String getauthenticationMethod() {
        return this._authenticationMethod;
    }

    public void setauthenticationMethod(String str) {
        this._authenticationMethod = str;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }
}
