package org.apache.jetspeed.login.filter;

import java.io.IOException;
import java.security.Principal;
import javax.security.auth.Subject;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.jetspeed.Jetspeed;
import org.apache.jetspeed.PortalReservedParameters;
import org.apache.jetspeed.administration.PortalAuthenticationConfiguration;
import org.apache.jetspeed.administration.PortalConfiguration;
import org.apache.jetspeed.administration.PortalConfigurationConstants;
import org.apache.jetspeed.audit.AuditActivity;
import org.apache.jetspeed.cache.UserContentCacheManager;
import org.apache.jetspeed.components.ComponentManager;
import org.apache.jetspeed.container.session.PortalSessionValidationFilter;
import org.apache.jetspeed.login.LoginConstants;
import org.apache.jetspeed.profiler.impl.JetspeedProfilerImpl;
import org.apache.jetspeed.security.AuthenticatedUser;
import org.apache.jetspeed.security.AuthenticatedUserImpl;
import org.apache.jetspeed.security.AuthenticationProvider;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserManager;

/* loaded from: input_file:tomcat-portal.zip:webapps/jetspeed/WEB-INF/lib/jetspeed-portal-2.3.1.jar:org/apache/jetspeed/login/filter/PortalFilter.class */
public class PortalFilter implements Filter {
    protected String guest = JetspeedProfilerImpl.DEFAULT_GUEST_PRINCIPAL_NAME;

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
        PortalConfiguration configuration = Jetspeed.getConfiguration();
        if (configuration != null) {
            this.guest = configuration.getString(PortalConfigurationConstants.USERS_DEFAULT_GUEST);
        }
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        Principal principal;
        if (servletRequest instanceof HttpServletRequest) {
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            String parameter = httpServletRequest.getParameter(LoginConstants.USERNAME);
            String parameter2 = httpServletRequest.getParameter(LoginConstants.PASSWORD);
            HttpSession validSession = PortalSessionValidationFilter.getValidSession(httpServletRequest);
            if (parameter != null) {
                ComponentManager componentManager = Jetspeed.getComponentManager();
                UserManager userManager = (UserManager) componentManager.lookupComponent("org.apache.jetspeed.security.UserManager");
                AuditActivity auditActivity = (AuditActivity) componentManager.lookupComponent("org.apache.jetspeed.audit.AuditActivity");
                AuthenticatedUser authenticatedUser = null;
                try {
                    authenticatedUser = ((AuthenticationProvider) componentManager.lookupComponent("org.apache.jetspeed.security.AuthenticationProvider")).authenticate(parameter, parameter2);
                } catch (SecurityException e) {
                    auditActivity.logUserActivity(parameter, httpServletRequest.getRemoteAddr(), AuditActivity.AUTHENTICATION_FAILURE, "PortalFilter");
                    httpServletRequest.getSession().setAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_INVALID_PASSWORD);
                }
                if (authenticatedUser != null) {
                    auditActivity.logUserActivity(parameter, httpServletRequest.getRemoteAddr(), AuditActivity.AUTHENTICATION_SUCCESS, "PortalFilter");
                    if (!((PortalAuthenticationConfiguration) componentManager.lookupComponent("org.apache.jetspeed.administration.PortalAuthenticationConfiguration")).isCreateNewSessionOnLogin() || validSession == null || validSession.isNew()) {
                        ((UserContentCacheManager) componentManager.lookupComponent("userContentCacheManager")).evictUserContentCache(parameter, httpServletRequest.getSession().getId());
                    } else {
                        httpServletRequest.getSession().invalidate();
                    }
                    if (authenticatedUser.getUser() == null) {
                        try {
                            User user = userManager.getUser(parameter);
                            if (user != null) {
                                authenticatedUser = new AuthenticatedUserImpl(user, authenticatedUser.getPublicCredentials(), authenticatedUser.getPrivateCredentials());
                            }
                        } catch (SecurityException e2) {
                            throw new ServletException(e2);
                        }
                    }
                    try {
                        Subject subject = userManager.getSubject(authenticatedUser);
                        servletRequest = wrapperRequest(httpServletRequest, subject, authenticatedUser.getUser());
                        httpServletRequest.getSession().removeAttribute(LoginConstants.ERRORCODE);
                        httpServletRequest.getSession(true).setAttribute(PortalReservedParameters.SESSION_KEY_SUBJECT, subject);
                    } catch (SecurityException e3) {
                        throw new ServletException(e3);
                    }
                } else {
                    auditActivity.logUserActivity(parameter, httpServletRequest.getRemoteAddr(), AuditActivity.AUTHENTICATION_FAILURE, "PortalFilter");
                    httpServletRequest.getSession().setAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_INVALID_PASSWORD);
                }
            } else {
                Subject subject2 = (Subject) httpServletRequest.getSession().getAttribute(PortalReservedParameters.SESSION_KEY_SUBJECT);
                if (subject2 != null && ((principal = SubjectHelper.getPrincipal(subject2, User.class)) == null || !principal.getName().equals(this.guest))) {
                    servletRequest = wrapperRequest(httpServletRequest, subject2, principal);
                }
            }
            servletRequest.setAttribute(PortalReservedParameters.PORTAL_FILTER_ATTRIBUTE, "true");
        }
        if (filterChain != null) {
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    private ServletRequest wrapperRequest(HttpServletRequest httpServletRequest, Subject subject, Principal principal) {
        return new PortalRequestWrapper(httpServletRequest, subject, principal);
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }
}
