package com.ibm.ISecurityUtilityImpl;

import com.ibm.CORBA.iiop.DefaultPropertyManager;
import com.ibm.CORBA.iiop.ORB;
import com.ibm.ISecurityL13SupportImpl.SecurityLogger;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.ws.security.core.SecurityConfig;
import com.ibm.ws.security.util.AccessController;
import com.ibm.ws.security.util.Constants;
import com.ibm.ws.security.util.SASPropFile;
import java.security.Permission;
import java.security.PrivilegedAction;
import java.util.Enumeration;
import java.util.Properties;

/* loaded from: input_file:eclipse/plugins/com.ibm.websphere.v61_6.1.1/ws_runtime.jar:com/ibm/ISecurityUtilityImpl/SecurityPropertyManager.class */
public class SecurityPropertyManager extends DefaultPropertyManager {
    private static TraceComponent tc = Tr.register("SASRas", (String) null, "com.ibm.ISecurityL13SupportImpl.sec");
    ConfigURLProperties securityProps = null;
    private String[] propertyNames = {SecConstants.APP_INSTALL_ROOT, SecConstants.USER_INSTALL_ROOT, SecConstants.WAS_INSTALL_ROOT, SecConstants.WAS_PROPS_DIR, SecConstants.WAS_TEMP_DIR, SecConstants.WAS_ETC_DIR, "com.ibm.CORBA.BVTestPrincipalName", "com.ibm.CORBA.ConfigURL", "com.ibm.CORBA.DCEClientAssociationEnabled", "com.ibm.CORBA.DCEServerAssociationEnabled", "com.ibm.CORBA.IBMSecurityTagCompatibility", "com.ibm.CORBA.KerberosClientAssociationEnabled", "com.ibm.CORBA.KerberosServerAssociationEnabled", "com.ibm.CORBA.LTPAClientAssociationEnabled", "com.ibm.CORBA.LTPAServerAssociationEnabled", "com.ibm.CORBA.LocalOSClientAssociationEnabled", "com.ibm.CORBA.LocalOSServerAssociationEnabled", "com.ibm.CORBA.NotifyBrokenConnectionEnabled", "com.ibm.CORBA.SSLClientAuthentication", "com.ibm.CORBA.SSLClientKeyRing", SASPropFile.SSL_CLIENT_KEYRING_PASSWORD, "com.ibm.CORBA.SSLCredentialsTimeout", "com.ibm.CORBA.SSLKeyRing", "com.ibm.CORBA.SSLKeyRingFile", SASPropFile.SSL_KEYRING_PASSWORD, "com.ibm.CORBA.SSLPort", "com.ibm.CORBA.SSLServerKeyRing", SASPropFile.SSL_SERVER_KEYRING_PASSWORD, "com.ibm.CORBA.SSLTypeIClientAssociationEnabled", "com.ibm.CORBA.SSLTypeIIClientAssociationEnabled", "com.ibm.CORBA.SSLTypeIIServerAssociationEnabled", "com.ibm.CORBA.SSLTypeIServerAssociationEnabled", "com.ibm.CORBA.SSLV3SessionTimeout", SASPropFile.AUTHENTICATION_RETRY_COUNT, SASPropFile.AUTHENTICATION_RETRY_ENABLED, "com.ibm.CORBA.authenticationTarget", "com.ibm.CORBA.claimClientAuthenticationRequired", "com.ibm.CORBA.claimClientAuthenticationSupported", "com.ibm.CORBA.claimMessageConfidentialityRequired", "com.ibm.CORBA.claimMessageConfidentialitySupported", "com.ibm.CORBA.claimMessageIntegrityRequired", "com.ibm.CORBA.claimMessageIntegritySupported", "com.ibm.CORBA.claimMessageOutOfSequenceDetectionRequired", "com.ibm.CORBA.claimMessageOutOfSequenceDetectionSupported", "com.ibm.CORBA.claimMessageReplayDetectionRequired", "com.ibm.CORBA.claimMessageReplayDetectionSupported", "com.ibm.CORBA.claimServerAuthenticationRequired", "com.ibm.CORBA.claimServerAuthenticationSupported", "com.ibm.CORBA.delegateBasicAuth", Constants.DELEGATE_CREDENTIALS, CommonConstants.INTEROP_390_PROPERTY, "com.ibm.CORBA.keytabFileName", "com.ibm.CORBA.loginPassword", SASPropFile.SAS_LOGIN_SOURCE, SASPropFile.SAS_LOGIN_TIMEOUT, "com.ibm.CORBA.loginUserid", "com.ibm.CORBA.performClientAuthentication", "com.ibm.CORBA.performMessageConfidentiality", "com.ibm.CORBA.performMessageIntegrity", "com.ibm.CORBA.performMessageOutOfSequenceDetection", "com.ibm.CORBA.performMessageReplayDetection", "com.ibm.CORBA.performServerAuthentication", "com.ibm.CORBA.principalName", "com.ibm.CORBA.processIsServer", "com.ibm.CORBA.realmName", "com.ibm.CORBA.requestCredsExpiration", "com.ibm.CORBA.securityActivityOutputMode", "com.ibm.CORBA.securityCacheTimeout", "com.ibm.CORBA.securityDebug", "com.ibm.CORBA.securityEnabled", "com.ibm.CORBA.securityErrorsOutputMode", "com.ibm.CORBA.securityExceptionsOutputMode", SASPropFile.SECURITY_SERVER_HOST, SASPropFile.SECURITY_SERVER_PORT, "com.ibm.CORBA.securityTraceLevel", "com.ibm.CORBA.securityTraceOutput", "com.ibm.CORBA.securityTraceOutputMode", SASPropFile.SERVER_SECURITY_ENABLED_PROPERTY, "com.ibm.CORBA.sessionGCdiscardunused", "com.ibm.CORBA.sessionGCenabled", "com.ibm.CORBA.sessionGCinterval", "com.ibm.CORBA.standardClaimQOPModels", SASPropFile.SSL_ORB_CLIENT_QOP, "com.ibm.CORBA.useDefaultSubjectForThreads", SASPropFile.VALIDATE_BASIC_AUTH, "com.ibm.CORBA.verificationLevel", "com.ibm.CSI.CellNodeServer", "com.ibm.CSI.ClientCertSSLPort", "com.ibm.CSI.KerberosClientAssociationRequired", "com.ibm.CSI.KerberosClientAssociationSupported", "com.ibm.CSI.KerberosServerAssociationRequired", "com.ibm.CSI.KerberosServerAssociationSupported", "com.ibm.CSI.LTPAClientAssociationRequired", "com.ibm.CSI.LTPAClientAssociationSupported", "com.ibm.CSI.LTPAServerAssociationRequired", "com.ibm.CSI.LTPAServerAssociationSupported", "com.ibm.CSI.LocalOSClientAssociationRequired", "com.ibm.CSI.LocalOSClientAssociationSupported", "com.ibm.CSI.LocalOSServerAssociationRequired", "com.ibm.CSI.LocalOSServerAssociationSupported", "com.ibm.CSI.SSLPort", "com.ibm.CSI.SSLTypeIClientAssociationRequired", "com.ibm.CSI.SSLTypeIClientAssociationSupported", "com.ibm.CSI.SSLTypeIIClientAssociationRequired", "com.ibm.CSI.SSLTypeIIClientAssociationSupported", "com.ibm.CSI.SSLTypeIIServerAssociationRequired", "com.ibm.CSI.SSLTypeIIServerAssociationSupported", "com.ibm.CSI.SSLTypeIServerAssociationRequired", "com.ibm.CSI.SSLTypeIServerAssociationSupported", "com.ibm.CSI.WSSecurityContextActiveClass", "com.ibm.CSI.WSSecurityContextActiveOID", "com.ibm.CSI.WSSecurityContextCustomClass", "com.ibm.CSI.WSSecurityContextCustomOID", "com.ibm.CSI.activeUserRegistry", "com.ibm.CSI.authMechAuthAlias", "com.ibm.CSI.claimClientAuthenticationRequired", "com.ibm.CSI.claimClientAuthenticationSupported", "com.ibm.CSI.claimIdentityAssertionRequired", "com.ibm.CSI.claimIdentityAssertionSupported", "com.ibm.CSI.claimMessageConfidentialityRequired", "com.ibm.CSI.claimMessageConfidentialitySupported", "com.ibm.CSI.claimMessageIntegrityRequired", "com.ibm.CSI.claimMessageIntegritySupported", "com.ibm.CSI.claimMessageOutOfSequenceDetectionRequired", "com.ibm.CSI.claimMessageOutOfSequenceDetectionSupported", "com.ibm.CSI.claimMessageReplayDetectionRequired", "com.ibm.CSI.claimMessageReplayDetectionSupported", "com.ibm.CSI.claimServerAuthenticationRequired", "com.ibm.CSI.claimServerAuthenticationSupported", "com.ibm.CSI.claimStateful", "com.ibm.CSI.claimTLClientAuthenticationRequired", "com.ibm.CSI.claimTLClientAuthenticationSupported", "com.ibm.CSI.claimTransportAssocSSLTLSRequired", "com.ibm.CSI.claimTransportAssocSSLTLSSupported", "com.ibm.CSI.debugJAASCredWithStack", SASPropFile.CSI_PERFORM_CLIENT_AUTH_REQ, SASPropFile.CSI_PERFORM_CLIENT_AUTH_SUP, "com.ibm.CSI.performIdentityAssertionMechanism", "com.ibm.CSI.performIdentityAssertionName", "com.ibm.CSI.performIdentityAssertionRequired", "com.ibm.CSI.performIdentityAssertionSupported", "com.ibm.CSI.performIdentityAssertionType", SASPropFile.CSI_PERFORM_MESSAGE_CON_REQ, SASPropFile.CSI_PERFORM_MESSAGE_CON_SUP, SASPropFile.CSI_PERFORM_MESSAGE_INT_REQ, SASPropFile.CSI_PERFORM_MESSAGE_INT_SUP, "com.ibm.CSI.performMessageOutOfSequenceDetection", "com.ibm.CSI.performMessageReplayDetection", "com.ibm.CSI.performServerAuthenticationRequired", "com.ibm.CSI.performServerAuthenticationSupported", SASPropFile.CSI_PERFORM_STATEFUL, SASPropFile.CSI_PERFORM_TLC_CLIENT_AUTH_REQ, SASPropFile.CSI_PERFORM_TLC_CLIENT_AUTH_SUP, SASPropFile.CSI_PERFORM_TRANSPORT_REQ, SASPropFile.CSI_PERFORM_TRANSPORT_SUP, SASPropFile.CSI_PROTOCOL, "com.ibm.CSI.rmiInboundLoginConfig", "com.ibm.CSI.rmiInboundPropagationEnabled", "com.ibm.CSI.rmiOutboundLoginConfig", "com.ibm.CSI.rmiOutboundLoginEnabled", "com.ibm.CSI.rmiOutboundPropagationEnabled", "com.ibm.CSI.standardClaimQOPModels", "com.ibm.CSI.standardPerformQOPModels", "com.ibm.CSI.supportedTargetRealms", "com.ibm.CSI.trustedPrincipalList", "com.ibm.SOAP.loginPassword", "com.ibm.SOAP.loginUserid", "com.ibm.security.useFIPS", "com.ibm.ssl.clientAuthentication", "com.ibm.ssl.contextProvider", com.ibm.ws.ssl.core.Constants.SSLPROP_ALIAS, "com.ibm.ssl.csi.inbound.alias", "com.ibm.ssl.csi.outbound.alias", com.ibm.ws.ssl.core.Constants.SSLPROP_EXPIRED_WARNING, "com.ibm.ssl.enabledCipherSuites", "com.ibm.ssl.keyManager", "com.ibm.ssl.keyStore", "com.ibm.ssl.keyStoreClientAlias", "com.ibm.ssl.keyStorePassword", "com.ibm.ssl.keyStoreProvider", "com.ibm.ssl.keyStoreServerAlias", "com.ibm.ssl.keyStoreType", com.ibm.ws.ssl.core.Constants.SSLPROP_CUSTOM_KEY_MANAGER, "com.ibm.ssl.protocol", "com.ibm.ssl.securityLevel", "com.ibm.ssl.tokenLibraryFile", "com.ibm.ssl.tokenPassword", "com.ibm.ssl.tokenSlot", "com.ibm.ssl.tokenType", com.ibm.ws.ssl.core.Constants.SSLPROP_CUSTOM_TRUST_MANAGERS, "com.ibm.ssl.trustManager", "com.ibm.ssl.trustStore", "com.ibm.ssl.trustStorePassword", "com.ibm.ssl.trustStoreProvider", "com.ibm.ssl.trustStoreType", "com.ibm.ssl.sslType", com.ibm.ws.ssl.core.Constants.SSLPROP_VALIDATION_ENABLED, com.ibm.ws.ssl.core.Constants.SSLPROP_DYNAMIC_SELECTION_INFO, com.ibm.ws.ssl.core.Constants.SSLPROP_EXCHANGE_SIGNER_PROMPT, com.ibm.ws.ssl.core.Constants.SSLPROP_USE_INHERITABLE_THREAD_LOCAL, "com.ibm.websphere.security.authorizationTable", SecurityConfig.SUPPORT_LTPA, "com.ibm.websphere.security.suppressExceptionStack", "com.ibm.ws.security.jacc.dynamicModuleUpdates", SecurityConfig.PROPAGATION_EXCLUDE_LIST, "com.ibm.ws.security.ssoInteropModeEnabled", SecurityConfig.CHALLENGE_IF_CUSTOM_SUBJECT_NOT_FOUND, "com.ibm.ws.security.webInboundLoginConfig", "com.ibm.ws.security.webInboundPropagationEnabled", SecurityConfig.WEB_PROPAGATION_SERVER_TRANSPORT, SecurityConfig.ASSERT_LDAP_SHORT_NAME, SecurityConfig.INCLUDE_RUNAS_CHANGES_IN_CALLER_LIST, "security.enablePluggableAuthentication", "com.ibm.CORBA.securityTraceFilter", SecurityConfig.PROCESS_TYPE, SecurityConfig.INTERNAL_SERVER_ID, SecurityConfig.IS_USE_REGISTRY_SERVERID, "com.ibm.CSI.alternateIdentityAssertionPerformTrustedId", "com.ibm.CSI.alternateIdentityAssertionPerformTrustedPassword", "com.ibm.ws.security.CommTrace.ExcludeServiceContexts"};

    public static final void permissionCheck(String str, Permission permission) {
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage(str, new StringBuffer().append("Performing Java 2 Security Permission Check ...Expecting : ").append(permission.toString()).toString());
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager == null || permission == null) {
            return;
        }
        securityManager.checkPermission(permission);
    }

    public String[] getPropertyNames() {
        return this.propertyNames;
    }

    protected void setInitialProperties(Properties properties) {
        this.props = properties;
        AccessController.doPrivileged(new PrivilegedAction(this) { // from class: com.ibm.ISecurityUtilityImpl.SecurityPropertyManager.1
            private final SecurityPropertyManager this$0;

            {
                this.this$0 = this;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                this.this$0.loadConfigURL(this.this$0.orb);
                this.this$0.syncConfigURLPropertiesWithOrb(this.this$0.orb);
                return null;
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void loadConfigURL(ORB orb) {
        String property = orb.getProperty("com.ibm.CORBA.ConfigURL");
        if (property == null || property.equals("")) {
            property = System.getProperty("com.ibm.CORBA.ConfigURL");
        }
        this.securityProps = ConfigURLProperties.getInstance();
        this.securityProps.init(property, orb);
    }

    public void syncConfigURLPropertiesWithOrb(ORB orb) {
        String property;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "SecurityPropertyManager.syncConfigURLPropertiesWithOrb");
        }
        ConfigURLProperties configURLProperties = ConfigURLProperties.getInstance();
        Enumeration<?> propertyNames = configURLProperties.propertyNames();
        while (propertyNames.hasMoreElements()) {
            String str = (String) propertyNames.nextElement();
            String property2 = configURLProperties.getProperty(str);
            if (str != null && !str.equals("") && ((property = orb.getProperty(str)) == null || property.equals(""))) {
                setProperty(str, property2);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "SecurityPropertyManager.syncConfigURLPropertiesWithOrb");
        }
    }

    public void init(ORB orb) {
        super.init(orb);
    }

    protected boolean isPropertySettable(String str) {
        return true;
    }

    public boolean setProperty(String str, String str2) {
        permissionCheck("SecurityPropertyManager.setProperty", SecConstants.setAuthnProCfgPerm);
        return super.setProperty(str, str2);
    }

    public String getProperty(String str) {
        if (str != null && str.indexOf("Password") != -1) {
            permissionCheck("SecurityPropertyManager.getProperty", SecConstants.getAuthnProCfgPerm);
        }
        return super.getProperty(str);
    }
}
