package org.ow2.jonas.web.tomcat6;

import java.io.IOException;
import java.security.Principal;
import javax.servlet.ServletException;
import javax.servlet.http.HttpSession;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.realm.GenericPrincipal;
import org.apache.catalina.valves.ValveBase;
import org.ow2.jonas.lib.security.context.SecurityContext;
import org.ow2.jonas.lib.security.context.SecurityCurrent;

/* loaded from: input_file:org/ow2/jonas/web/tomcat6/ResetAuthenticationValve.class */
public class ResetAuthenticationValve extends ValveBase {
    private static final SecurityContext UNAUTHENTICATED = new SecurityContext();

    public void invoke(Request request, Response response) throws IOException, ServletException {
        HttpSession session;
        Principal principal = request.getPrincipal();
        if (principal == null && (session = request.getSession(false)) != null) {
            principal = getContainer().getManager().findSession(session.getId()).getPrincipal();
        }
        if (principal != null && (principal instanceof GenericPrincipal)) {
            SecurityCurrent.getCurrent().setSecurityContext(new SecurityContext(principal.getName(), ((GenericPrincipal) principal).getRoles()));
        }
        try {
            getNext().invoke(request, response);
            SecurityCurrent.getCurrent().setSecurityContext(UNAUTHENTICATED);
        } catch (Throwable th) {
            SecurityCurrent.getCurrent().setSecurityContext(UNAUTHENTICATED);
            throw th;
        }
    }
}
