package org.apache.axis.handlers;

import java.util.StringTokenizer;
import org.apache.axis.AxisFault;
import org.apache.axis.Handler;
import org.apache.axis.MessageContext;
import org.apache.axis.security.AuthenticatedUser;
import org.apache.axis.security.SecurityProvider;
import org.apache.log4j.Category;
import org.apache.xerces.validators.schema.SchemaSymbols;
import org.w3c.dom.Element;

/* loaded from: input_file:org/apache/axis/handlers/SimpleAuthorizationHandler.class */
public class SimpleAuthorizationHandler extends BasicHandler {
    static Category category;
    static Class class$org$apache$axis$handlers$SimpleAuthorizationHandler;

    @Override // org.apache.axis.handlers.BasicHandler, org.apache.axis.Handler
    public void invoke(MessageContext messageContext) throws AxisFault {
        category.debug("Enter: SimpleAuthorizationHandler::invoke");
        boolean z = false;
        String str = (String) getOption("allowByDefault");
        if (str != null && str.equalsIgnoreCase(SchemaSymbols.ATTVAL_TRUE)) {
            z = true;
        }
        AuthenticatedUser authenticatedUser = (AuthenticatedUser) messageContext.getProperty(MessageContext.AUTHUSER);
        if (authenticatedUser == null) {
            throw new AxisFault("Server.NoUser", "Need to specify a user for authorization!", (String) null, (Element[]) null);
        }
        String name = authenticatedUser.getName();
        Handler serviceHandler = messageContext.getServiceHandler();
        if (serviceHandler == null) {
            throw new AxisFault("No target service to authorize for!");
        }
        String name2 = serviceHandler.getName();
        String str2 = (String) serviceHandler.getOption("allowedRoles");
        if (str2 == null) {
            category.info(new StringBuffer().append("No roles specified for target service, ").append(z ? "allowing." : "disallowing.").toString());
            if (!z) {
                throw new AxisFault("Server.Unauthorized", new StringBuffer().append("User '").append(name).append("' not authorized to '").append(name2).append("'").toString(), (String) null, (Element[]) null);
            }
            category.debug("Exit: SimpleAuthorizationHandler::invoke");
            return;
        }
        SecurityProvider securityProvider = (SecurityProvider) messageContext.getProperty("securityProvider");
        if (securityProvider == null) {
            throw new AxisFault("No security provider in MessageContext!");
        }
        StringTokenizer stringTokenizer = new StringTokenizer(str2, ",");
        while (stringTokenizer.hasMoreTokens()) {
            if (securityProvider.userMatches(authenticatedUser, stringTokenizer.nextToken())) {
                category.info(new StringBuffer().append("User '").append(name).append("' authorized to: ").append(name2).toString());
                category.debug("Exit: SimpleAuthorizationHandler::invoke");
                return;
            }
        }
        throw new AxisFault("Server.Unauthorized", new StringBuffer().append("User '").append(name).append("' not authorized to '").append(name2).append("'").toString(), (String) null, (Element[]) null);
    }

    @Override // org.apache.axis.handlers.BasicHandler, org.apache.axis.Handler
    public void undo(MessageContext messageContext) {
        category.debug("Enter: SimpleAuthorizationHandler::undo");
        category.debug("Exit: SimpleAuthorizationHandler::undo");
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$apache$axis$handlers$SimpleAuthorizationHandler == null) {
            cls = class$("org.apache.axis.handlers.SimpleAuthorizationHandler");
            class$org$apache$axis$handlers$SimpleAuthorizationHandler = cls;
        } else {
            cls = class$org$apache$axis$handlers$SimpleAuthorizationHandler;
        }
        category = Category.getInstance(cls.getName());
    }
}
