package org.josso.jb5.agent;

import java.security.Principal;
import javax.security.auth.Subject;
import javax.security.jacc.PolicyContext;
import javax.security.jacc.PolicyContextException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.jboss.web.tomcat.security.JBossWebRealm;

/* loaded from: input_file:org/josso/jb5/agent/JBossCatalinaRealm.class */
public class JBossCatalinaRealm extends JBossWebRealm {
    private static final Log logger = LogFactory.getLog(JBossCatalinaRealm.class);

    public boolean hasRole(Principal principal, String str) {
        boolean z = false;
        logger.debug("hasRole(" + principal + "," + str + ")");
        try {
        } catch (NullPointerException e) {
            if (logger.isDebugEnabled()) {
                logger.debug(e);
            }
            z = super.hasRole(principal, str);
        } catch (PolicyContextException e2) {
            logger.error(e2, e2);
        }
        if (!isSSODomain(JBossSecurityAssociationActions.getSecurityContext().getSecurityDomain())) {
            return super.hasRole(principal, str);
        }
        Subject subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");
        logger.debug("Authenticated Subject: " + subject);
        z = super.hasRole(CatalinaSSOUser.newInstance(this, subject), str);
        return z;
    }

    protected boolean isSSODomain(String str) {
        boolean equals = "josso".equals(str);
        if (logger.isDebugEnabled()) {
            logger.debug(" JBoss Security Domain [" + str + "] is" + (equals ? "" : " not") + " under SSO Control");
        }
        return equals;
    }
}
