package com.ibm.ISecurityUtilityImpl;

import com.ibm.CORBA.iiop.DefaultPropertyManager;
import com.ibm.CORBA.iiop.ORB;
import com.ibm.ISecurityL13SupportImpl.SecurityLogger;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.ws.security.util.AccessController;
import com.ibm.ws.security.util.Constants;
import com.ibm.ws.security.util.SASPropFile;
import com.ibm.ws.ssl.OrbSSLConfig;
import java.security.Permission;
import java.security.PrivilegedAction;
import java.util.Enumeration;
import java.util.Properties;

/* loaded from: input_file:lib/sas.jar:com/ibm/ISecurityUtilityImpl/SecurityPropertyManager.class */
public class SecurityPropertyManager extends DefaultPropertyManager {
    ConfigURLProperties securityProps = null;
    private String[] propertyNames = {SASPropFile.AUTHENTICATION_RETRY_ENABLED, "com.ibm.CORBA.SSLClientAuthentication", "com.ibm.CORBA.BVTestPrincipalName", "com.ibm.CORBA.NotifyBrokenConnectionEnabled", SASPropFile.AUTHENTICATION_RETRY_COUNT, "com.ibm.CORBA.useDefaultSubjectForThreads", SASPropFile.AUTHENTICATION_TARGET_PROPERTY, Constants.DELEGATE_CREDENTIALS, "com.ibm.CORBA.delegateBasicAuth", SASPropFile.VALIDATE_BASIC_AUTH, SASPropFile.SAS_LOGIN_SOURCE, SASPropFile.PRINCIPAL_NAME_PROPERTY, SASPropFile.LOGIN_USERID, SASPropFile.LOGIN_PASSWORD, "com.ibm.SOAP.loginUserid", "com.ibm.SOAP.loginPassword", SASPropFile.SECURITY_CACHE_TIMEOUT_PROPERTY, "com.ibm.CORBA.keytabFileName", CommonConstants.INTEROP_390_PROPERTY, SASPropFile.SAS_LOGIN_TIMEOUT, "com.ibm.CORBA.processIsServer", "com.ibm.CORBA.claimClientAuthenticationRequired", "com.ibm.CORBA.claimServerAuthenticationRequired", "com.ibm.CORBA.claimMessageReplayDetectionRequired", "com.ibm.CORBA.claimMessageOutOfSequenceDetectionRequired", "com.ibm.CORBA.claimMessageIntegrityRequired", "com.ibm.CORBA.claimMessageConfidentialityRequired", "com.ibm.CORBA.claimClientAuthenticationSupported", "com.ibm.CORBA.claimServerAuthenticationSupported", "com.ibm.CORBA.claimMessageReplayDetectionSupported", "com.ibm.CORBA.claimMessageOutOfSequenceDetectionSupported", "com.ibm.CORBA.claimMessageIntegritySupported", "com.ibm.CORBA.claimMessageConfidentialitySupported", OrbSSLConfig.ORB_SERVER_QOP, "com.ibm.CORBA.performClientAuthentication", "com.ibm.CORBA.performServerAuthentication", "com.ibm.CORBA.performMessageReplayDetection", "com.ibm.CORBA.performMessageOutOfSequenceDetection", "com.ibm.CORBA.performMessageIntegrity", "com.ibm.CORBA.performMessageConfidentiality", "com.ibm.CORBA.standardPerformQOPModels", "com.ibm.CORBA.requestCredsExpiration", "com.ibm.CORBA.securityBootStrapRepositoryPort", "com.ibm.CORBA.SSLCredentialsTimeout", "com.ibm.CORBA.SSLPort", "com.ibm.CORBA.verificationLevel", "com.ibm.CORBA.securityEnabled", SASPropFile.SECURITY_SERVER_HOST, SASPropFile.SECURITY_SERVER_PORT, SASPropFile.SERVER_SECURITY_ENABLED_PROPERTY, "com.ibm.CORBA.SSLClientKeyRing", SASPropFile.SSL_CLIENT_KEYRING_PASSWORD, "com.ibm.CORBA.SSLServerKeyRing", SASPropFile.SSL_SERVER_KEYRING_PASSWORD, "com.ibm.CORBA.SSLKeyRing", "com.ibm.CORBA.SSLKeyRingFile", SASPropFile.SSL_KEYRING_PASSWORD, "com.ibm.CORBA.SSLV3SessionTimeout", "com.ibm.CORBA.sessionGCenabled", "com.ibm.CORBA.sessionGCinterval", "com.ibm.CORBA.sessionGCdiscardunused", "com.ibm.CORBA.DCEClientAssociationEnabled", "com.ibm.CORBA.DCEServerAssociationEnabled", "com.ibm.CORBA.KerberosClientAssociationEnabled", "com.ibm.CORBA.KerberosServerAssociationEnabled", "com.ibm.CORBA.LocalOSClientAssociationEnabled", "com.ibm.CORBA.LocalOSServerAssociationEnabled", "com.ibm.CORBA.LTPAClientAssociationEnabled", "com.ibm.CORBA.LTPAServerAssociationEnabled", "com.ibm.CORBA.SSLTypeIClientAssociationEnabled", "com.ibm.CORBA.SSLTypeIServerAssociationEnabled", "com.ibm.CORBA.SSLTypeIIClientAssociationEnabled", "com.ibm.CORBA.SSLTypeIIServerAssociationEnabled", "com.ibm.CORBA.IBMSecurityTagCompatibility", com.ibm.ws.webservices.engine.components.net.SSLConfiguration.configURLProperty, SASPropFile.CELL_NODE_SERVER, SASPropFile.RMI_INBOUND_LOGIN_CONFIG, SASPropFile.RMI_INBOUND_PROPAGATION_ENABLED, SASPropFile.RMI_OUTBOUND_LOGIN_CONFIG, SASPropFile.RMI_OUTBOUND_PROPAGATION_ENABLED, SASPropFile.RMI_OUTBOUND_LOGIN_ENABLED, SASPropFile.SSO_INTEROP_MODE, SASPropFile.WEB_INBOUND_LOGIN_CONFIG, SASPropFile.WEB_INBOUND_PROPAGATION_ENABLED, "com.ibm.ws.security.webPropagationTransport", "com.ibm.ws.security.propagationExcludeList", "com.ibm.ws.security.jacc.dynamicModuleUpdates", "com.ibm.ws.security.includeRunAsChangesInCallerList", "com.ibm.ws.security.assertLDAPShortName", SASPropFile.SUPPORTED_TARGET_REALMS, "com.ibm.CSI.debugJAASCredWithStack", "com.ibm.CSI.authMechAuthAlias", "com.ibm.CSI.WSSecurityContextCustomClass", "com.ibm.CSI.WSSecurityContextCustomOID", "com.ibm.CSI.WSSecurityContextActiveClass", "com.ibm.CSI.WSSecurityContextActiveOID", "com.ibm.CSI.performIdentityAssertionRequired", "com.ibm.CSI.performIdentityAssertionSupported", "com.ibm.CSI.performIdentityAssertionName", "com.ibm.CSI.performIdentityAssertionType", "com.ibm.CSI.performIdentityAssertionMechanism", "com.ibm.CSI.claimIdentityAssertionRequired", "com.ibm.CSI.claimIdentityAssertionSupported", "com.ibm.CSI.claimStateful", SASPropFile.CSI_PERFORM_STATEFUL, SASPropFile.CSI_PROTOCOL, "com.ibm.CSI.SSLPort", "com.ibm.CSI.ClientCertSSLPort", "com.ibm.CORBA.realmName", "com.ibm.CORBA.securityDebug", "com.ibm.CORBA.securityTraceLevel", "com.ibm.CORBA.securityActivityOutputMode", "com.ibm.CORBA.securityErrorsOutputMode", "com.ibm.CORBA.securityExceptionsOutputMode", "com.ibm.CORBA.securityTraceOutputMode", "com.ibm.CORBA.securityTraceOutput", "com.ibm.CSI.claimTransportAssocSSLTLSRequired", "com.ibm.CSI.claimTransportAssocSSLTLSSupported", SASPropFile.CSI_PERFORM_TLC_CLIENT_AUTH_REQ, SASPropFile.CSI_PERFORM_TLC_CLIENT_AUTH_SUP, SASPropFile.CSI_PERFORM_TRANSPORT_REQ, SASPropFile.CSI_PERFORM_TRANSPORT_SUP, "com.ibm.CSI.claimTLClientAuthenticationRequired", "com.ibm.CSI.claimTLClientAuthenticationSupported", "com.ibm.CSI.claimClientAuthenticationRequired", "com.ibm.CSI.claimServerAuthenticationRequired", "com.ibm.CSI.claimMessageReplayDetectionRequired", "com.ibm.CSI.claimMessageOutOfSequenceDetectionRequired", "com.ibm.CSI.claimMessageIntegrityRequired", "com.ibm.CSI.claimMessageConfidentialityRequired", "com.ibm.CSI.claimClientAuthenticationSupported", "com.ibm.CSI.claimServerAuthenticationSupported", "com.ibm.CSI.claimMessageReplayDetectionSupported", "com.ibm.CSI.claimMessageOutOfSequenceDetectionSupported", "com.ibm.CSI.claimMessageIntegritySupported", "com.ibm.CSI.claimMessageConfidentialitySupported", "com.ibm.CSI.standardClaimQOPModels", SASPropFile.CSI_PERFORM_CLIENT_AUTH_SUP, SASPropFile.CSI_PERFORM_CLIENT_AUTH_REQ, "com.ibm.CSI.performServerAuthenticationSupported", "com.ibm.CSI.performServerAuthenticationRequired", "com.ibm.CSI.performMessageReplayDetection", "com.ibm.CSI.performMessageOutOfSequenceDetection", SASPropFile.CSI_PERFORM_MESSAGE_INT_SUP, SASPropFile.CSI_PERFORM_MESSAGE_INT_REQ, SASPropFile.CSI_PERFORM_MESSAGE_CON_SUP, SASPropFile.CSI_PERFORM_MESSAGE_CON_REQ, "com.ibm.CSI.standardPerformQOPModels", "com.ibm.CSI.SSLTypeIClientAssociationRequired", "com.ibm.CSI.SSLTypeIServerAssociationRequired", "com.ibm.CSI.SSLTypeIIClientAssociationRequired", "com.ibm.CSI.SSLTypeIIServerAssociationRequired", "com.ibm.CSI.KerberosClientAssociationRequired", "com.ibm.CSI.KerberosServerAssociationRequired", "com.ibm.CSI.LocalOSClientAssociationRequired", "com.ibm.CSI.LocalOSServerAssociationRequired", "com.ibm.CSI.LTPAClientAssociationRequired", "com.ibm.CSI.LTPAServerAssociationRequired", "com.ibm.CSI.SSLTypeIClientAssociationSupported", "com.ibm.CSI.SSLTypeIServerAssociationSupported", "com.ibm.CSI.SSLTypeIIClientAssociationSupported", "com.ibm.CSI.SSLTypeIIServerAssociationSupported", "com.ibm.CSI.KerberosClientAssociationSupported", "com.ibm.CSI.KerberosServerAssociationSupported", "com.ibm.CSI.LocalOSClientAssociationSupported", "com.ibm.CSI.LocalOSServerAssociationSupported", "com.ibm.CSI.LTPAClientAssociationSupported", "com.ibm.CSI.LTPAServerAssociationSupported", "com.ibm.CSI.trustedPrincipalList", "com.ibm.CSI.activeUserRegistry", "com.ibm.ssl.daysBeforeExpireWarning", "com.ibm.ssl.protocol", "com.ibm.ssl.securityLevel", "com.ibm.ssl.keyManager", "com.ibm.ssl.trustManager", "com.ibm.ssl.keyStoreType", "com.ibm.ssl.keyStoreProvider", "com.ibm.ssl.trustStoreType", "com.ibm.ssl.trustStoreProvider", "com.ibm.ssl.keyStore", "com.ibm.ssl.keyStorePassword", "com.ibm.ssl.trustStore", "com.ibm.ssl.trustStorePassword", "com.ibm.ssl.clientAuthentication", "com.ibm.ssl.enabledCipherSuites", "com.ibm.ssl.tokenSlot", "com.ibm.ssl.tokenType", "com.ibm.ssl.tokenLibraryFile", "com.ibm.ssl.tokenPassword", "com.ibm.ssl.contextProvider", "com.ibm.ssl.keyStoreServerAlias", "com.ibm.ssl.keyStoreClientAlias", "com.ibm.ssl.validationEnabled", "com.ibm.ssl.sas.outbound.tokenLibraryFile", "com.ibm.ssl.sas.outbound.tokenPassword", "com.ibm.ssl.sas.outbound.tokenType", "com.ibm.ssl.sas.outbound.tokenSlot", "com.ibm.ssl.sas.outbound.clientAuthentication", "com.ibm.ssl.sas.outbound.enabledCipherSuites", "com.ibm.ssl.sas.outbound.keyStore", "com.ibm.ssl.sas.outbound.keyManager", "com.ibm.ssl.sas.outbound.keyStorePassword", "com.ibm.ssl.sas.outbound.keyStoreProvider", "com.ibm.ssl.sas.outbound.keyStoreType", "com.ibm.ssl.sas.outbound.protocol", "com.ibm.ssl.sas.outbound.securityLevel", "com.ibm.ssl.sas.outbound.trustStore", "com.ibm.ssl.sas.outbound.trustManager", "com.ibm.ssl.sas.outbound.trustStorePassword", "com.ibm.ssl.sas.outbound.trustStoreProvider", "com.ibm.ssl.sas.outbound.trustStoreType", "com.ibm.ssl.sas.outbound.contextProvider", "com.ibm.ssl.sas.outbound.keyStoreServerAlias", "com.ibm.ssl.sas.outbound.keyStoreClientAlias", "com.ibm.ssl.sas.inbound.tokenLibraryFile", "com.ibm.ssl.sas.inbound.tokenPassword", "com.ibm.ssl.sas.inbound.tokenType", "com.ibm.ssl.sas.inbound.tokenSlot", "com.ibm.ssl.sas.inbound.clientAuthentication", "com.ibm.ssl.sas.inbound.enabledCipherSuites", "com.ibm.ssl.sas.inbound.keyStore", "com.ibm.ssl.sas.inbound.keyManager", "com.ibm.ssl.sas.inbound.keyStorePassword", "com.ibm.ssl.sas.inbound.keyStoreProvider", "com.ibm.ssl.sas.inbound.keyStoreType", "com.ibm.ssl.sas.inbound.protocol", "com.ibm.ssl.sas.inbound.securityLevel", "com.ibm.ssl.sas.inbound.trustStore", "com.ibm.ssl.sas.inbound.trustManager", "com.ibm.ssl.sas.inbound.trustStorePassword", "com.ibm.ssl.sas.inbound.trustStoreProvider", "com.ibm.ssl.sas.inbound.trustStoreType", "com.ibm.ssl.sas.inbound.contextProvider", "com.ibm.ssl.sas.inbound.keyStoreServerAlias", "com.ibm.ssl.sas.inbound.keyStoreClientAlias", "com.ibm.ssl.csi.outbound.tokenLibraryFile", "com.ibm.ssl.csi.outbound.tokenPassword", "com.ibm.ssl.csi.outbound.tokenType", "com.ibm.ssl.csi.outbound.tokenSlot", "com.ibm.ssl.csi.outbound.clientAuthentication", "com.ibm.ssl.csi.outbound.enabledCipherSuites", "com.ibm.ssl.csi.outbound.keyStore", "com.ibm.ssl.csi.outbound.keyManager", "com.ibm.ssl.csi.outbound.keyStorePassword", "com.ibm.ssl.csi.outbound.keyStoreProvider", "com.ibm.ssl.csi.outbound.keyStoreType", "com.ibm.ssl.csi.outbound.protocol", "com.ibm.ssl.csi.outbound.securityLevel", "com.ibm.ssl.csi.outbound.trustStore", "com.ibm.ssl.csi.outbound.trustManager", "com.ibm.ssl.csi.outbound.trustStorePassword", "com.ibm.ssl.csi.outbound.trustStoreProvider", "com.ibm.ssl.csi.outbound.trustStoreType", "com.ibm.ssl.csi.outbound.contextProvider", "com.ibm.ssl.csi.outbound.keyStoreServerAlias", "com.ibm.ssl.csi.outbound.keyStoreClientAlias", "com.ibm.ssl.csi.inbound.tokenLibraryFile", "com.ibm.ssl.csi.inbound.tokenPassword", "com.ibm.ssl.csi.inbound.tokenType", "com.ibm.ssl.csi.inbound.tokenSlot", "com.ibm.ssl.csi.inbound.clientAuthentication", "com.ibm.ssl.csi.inbound.enabledCipherSuites", "com.ibm.ssl.csi.inbound.keyStore", "com.ibm.ssl.csi.inbound.keyManager", "com.ibm.ssl.csi.inbound.keyStorePassword", "com.ibm.ssl.csi.inbound.keyStoreProvider", "com.ibm.ssl.csi.inbound.keyStoreType", "com.ibm.ssl.csi.inbound.protocol", "com.ibm.ssl.csi.inbound.securityLevel", "com.ibm.ssl.csi.inbound.trustStore", "com.ibm.ssl.csi.inbound.trustManager", "com.ibm.ssl.csi.inbound.trustStorePassword", "com.ibm.ssl.csi.inbound.trustStoreProvider", "com.ibm.ssl.csi.inbound.trustStoreType", "com.ibm.ssl.csi.inbound.contextProvider", "com.ibm.ssl.csi.inbound.keyStoreServerAlias", "com.ibm.ssl.csi.inbound.keyStoreClientAlias", CommonConstants.USE_FIPS, CommonConstants.PLUGGABLE_AUTHZN_PROPERTY, "com.ibm.websphere.security.krb.support_ltpa", CommonConstants.ENABLE_PLUGGABLE_AUTHENTICATION, CommonConstants.SUPPRESS_EXCEPTION_STACK, SecConstants.WAS_ETC_DIR, SecConstants.WAS_PROPS_DIR, SecConstants.WAS_INSTALL_ROOT, SecConstants.USER_INSTALL_ROOT, SecConstants.WAS_TEMP_DIR, SecConstants.APP_INSTALL_ROOT};

    public static final void permissionCheck(String str, Permission permission) {
        if (SecurityLogger.debugTraceEnabled) {
            SecurityLogger.debugMessage(str, new StringBuffer().append("Performing Java 2 Security Permission Check ...Expecting : ").append(permission.toString()).toString());
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager == null || permission == null) {
            return;
        }
        securityManager.checkPermission(permission);
    }

    public String[] getPropertyNames() {
        return this.propertyNames;
    }

    protected void setInitialProperties(Properties properties) {
        this.props = properties;
        AccessController.doPrivileged(new PrivilegedAction(this) { // from class: com.ibm.ISecurityUtilityImpl.SecurityPropertyManager.1
            private final SecurityPropertyManager this$0;

            {
                this.this$0 = this;
            }

            @Override // java.security.PrivilegedAction
            public Object run() {
                this.this$0.loadConfigURL(this.this$0.orb);
                this.this$0.syncConfigURLPropertiesWithOrb(this.this$0.orb);
                return null;
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void loadConfigURL(ORB orb) {
        String property = orb.getProperty(com.ibm.ws.webservices.engine.components.net.SSLConfiguration.configURLProperty);
        if (property == null || property.equals("")) {
            property = System.getProperty(com.ibm.ws.webservices.engine.components.net.SSLConfiguration.configURLProperty);
        }
        this.securityProps = ConfigURLProperties.getInstance();
        this.securityProps.init(property, orb);
    }

    public void syncConfigURLPropertiesWithOrb(ORB orb) {
        String property;
        ConfigURLProperties configURLProperties = ConfigURLProperties.getInstance();
        Enumeration<?> propertyNames = configURLProperties.propertyNames();
        while (propertyNames.hasMoreElements()) {
            String str = (String) propertyNames.nextElement();
            String property2 = configURLProperties.getProperty(str);
            if (str != null && !str.equals("") && ((property = orb.getProperty(str)) == null || property.equals(""))) {
                setProperty(str, property2);
            }
        }
    }

    public void init(ORB orb) {
        super.init(orb);
    }

    protected boolean isPropertySettable(String str) {
        return true;
    }

    public boolean setProperty(String str, String str2) {
        permissionCheck("SecurityPropertyManager.setProperty", SecConstants.setAuthnProCfgPerm);
        return super.setProperty(str, str2);
    }

    public String getProperty(String str) {
        if (str != null && str.indexOf("Password") != -1) {
            permissionCheck("SecurityPropertyManager.getProperty", SecConstants.getAuthnProCfgPerm);
        }
        return super.getProperty(str);
    }
}
