package org.mortbay.jetty.plus.security;

import java.io.IOException;
import java.security.Principal;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Properties;
import javax.naming.InitialContext;
import javax.naming.NameNotFoundException;
import javax.naming.NamingException;
import javax.sql.DataSource;
import org.apache.log4j.Priority;
import org.mortbay.jetty.Request;
import org.mortbay.jetty.Server;
import org.mortbay.jetty.plus.naming.NamingEntryUtil;
import org.mortbay.jetty.security.HashUserRealm;
import org.mortbay.log.Log;

/* loaded from: input_file:org/mortbay/jetty/plus/security/DataSourceUserRealm.class */
public class DataSourceUserRealm extends HashUserRealm {
    private String _jndiName;
    private DataSource _datasource;
    private Server _server;
    private String _userTableName;
    private String _userTableKey;
    private String _userTableUserField;
    private String _userTablePasswordField;
    private String _roleTableName;
    private String _roleTableKey;
    private String _roleTableRoleField;
    private String _userRoleTableName;
    private String _userRoleTableUserKey;
    private String _userRoleTableRoleKey;
    private int _cacheMs;
    private long _lastHashPurge;
    private String _userSql;
    private String _roleSql;

    public DataSourceUserRealm(String str) {
        this._jndiName = "javax.sql.DataSource/default";
        this._userTableName = "users";
        this._userTableKey = "id";
        this._userTableUserField = "username";
        this._userTablePasswordField = "pwd";
        this._roleTableName = "roles";
        this._roleTableKey = "id";
        this._roleTableRoleField = "role";
        this._userRoleTableName = "user_roles";
        this._userRoleTableUserKey = "user_id";
        this._userRoleTableRoleKey = "role_id";
        this._cacheMs = Priority.WARN_INT;
        this._lastHashPurge = 0L;
        this._jndiName = str;
    }

    public DataSourceUserRealm() {
        this._jndiName = "javax.sql.DataSource/default";
        this._userTableName = "users";
        this._userTableKey = "id";
        this._userTableUserField = "username";
        this._userTablePasswordField = "pwd";
        this._roleTableName = "roles";
        this._roleTableKey = "id";
        this._roleTableRoleField = "role";
        this._userRoleTableName = "user_roles";
        this._userRoleTableUserKey = "user_id";
        this._userRoleTableRoleKey = "role_id";
        this._cacheMs = Priority.WARN_INT;
        this._lastHashPurge = 0L;
    }

    public void setServer(Server server) {
        this._server = server;
    }

    public Server getServer() {
        return this._server;
    }

    public void setUserTableName(String str) {
        this._userTableName = str;
    }

    public String getUserTableName() {
        return this._userTableName;
    }

    public String getUserTableKey() {
        return this._userTableKey;
    }

    public void setUserTableKey(String str) {
        this._userTableKey = str;
    }

    public String getUserTableUserField() {
        return this._userTableUserField;
    }

    public void setUserTableUserField(String str) {
        this._userTableUserField = str;
    }

    public String getUserTablePasswordField() {
        return this._userTablePasswordField;
    }

    public void setUserTablePasswordField(String str) {
        this._userTablePasswordField = str;
    }

    public String getRoleTableName() {
        return this._roleTableName;
    }

    public void setRoleTableName(String str) {
        this._roleTableName = str;
    }

    public String getRoleTableKey() {
        return this._roleTableKey;
    }

    public void setRoleTableKey(String str) {
        this._roleTableKey = str;
    }

    public String getRoleTableRoleField() {
        return this._roleTableRoleField;
    }

    public void setRoleTableRoleField(String str) {
        this._roleTableRoleField = str;
    }

    public String getUserRoleTableName() {
        return this._userRoleTableName;
    }

    public void setUserRoleTableName(String str) {
        this._userRoleTableName = str;
    }

    public String getUserRoleTableUserKey() {
        return this._userRoleTableUserKey;
    }

    public void setUserRoleTableUserKey(String str) {
        this._userRoleTableUserKey = str;
    }

    public String getUserRoleTableRoleKey() {
        return this._userRoleTableRoleKey;
    }

    public void setUserRoleTableRoleKey(String str) {
        this._userRoleTableRoleKey = str;
    }

    public void setCacheMs(int i) {
        this._cacheMs = i;
    }

    public int getCacheMs() {
        return this._cacheMs;
    }

    @Override // org.mortbay.jetty.security.HashUserRealm, org.mortbay.jetty.UserRealm
    public Principal authenticate(String str, Object obj, Request request) {
        synchronized (this) {
            long currentTimeMillis = System.currentTimeMillis();
            if (currentTimeMillis - this._lastHashPurge > this._cacheMs || this._cacheMs == 0) {
                this._users.clear();
                this._roles.clear();
                this._lastHashPurge = currentTimeMillis;
            }
            if (super.getPrincipal(str) == null) {
                loadUser(str);
                super.getPrincipal(str);
            }
        }
        return super.authenticate(str, obj, request);
    }

    @Override // org.mortbay.jetty.security.HashUserRealm, org.mortbay.jetty.UserRealm
    public synchronized boolean isUserInRole(Principal principal, String str) {
        if (super.getPrincipal(principal.getName()) == null) {
            loadUser(principal.getName());
        }
        return super.isUserInRole(principal, str);
    }

    @Override // org.mortbay.jetty.security.HashUserRealm
    protected void loadConfig() throws IOException {
        Properties properties = new Properties();
        properties.load(getConfigResource().getInputStream());
        this._jndiName = properties.getProperty("jndiname");
        setUserTableName(properties.getProperty("usertable"));
        setUserTableKey(properties.getProperty("usertablekey"));
        setUserTableUserField(properties.getProperty("usertableuserfield"));
        setUserTablePasswordField(properties.getProperty("usertablepasswordfield"));
        setRoleTableName(properties.getProperty("roletable"));
        setRoleTableKey(properties.getProperty("roletablekey"));
        setRoleTableRoleField(properties.getProperty("roletablerolefield"));
        setUserRoleTableName(properties.getProperty("userroletable"));
        setUserRoleTableUserKey(properties.getProperty("userroletableuserkey"));
        setUserRoleTableRoleKey(properties.getProperty("userroletablerolekey"));
        String property = properties.getProperty("cachetime");
        if (property != null) {
            setCacheMs(new Integer(property).intValue() * 1000);
        }
        if ((this._jndiName == null || this._cacheMs < 0) && Log.isDebugEnabled()) {
            Log.debug("UserRealm " + getName() + " has not been properly configured");
        }
    }

    private void loadUser(String str) {
        Connection connection = null;
        try {
            try {
                try {
                    initDb();
                    connection = getConnection();
                    PreparedStatement prepareStatement = connection.prepareStatement(this._userSql);
                    prepareStatement.setObject(1, str);
                    ResultSet executeQuery = prepareStatement.executeQuery();
                    if (executeQuery.next()) {
                        int i = executeQuery.getInt(this._userTableKey);
                        put(str, executeQuery.getString(this._userTablePasswordField));
                        prepareStatement.close();
                        PreparedStatement prepareStatement2 = connection.prepareStatement(this._roleSql);
                        prepareStatement2.setInt(1, i);
                        ResultSet executeQuery2 = prepareStatement2.executeQuery();
                        while (executeQuery2.next()) {
                            addUserToRole(str, executeQuery2.getString(this._roleTableRoleField));
                        }
                        prepareStatement2.close();
                    }
                    if (connection != null) {
                        try {
                            connection.close();
                        } catch (SQLException e) {
                            Log.warn("Problem closing connection", (Throwable) e);
                        } finally {
                        }
                    }
                } catch (NamingException e2) {
                    Log.warn("No datasource for " + this._jndiName, (Throwable) e2);
                    if (connection != null) {
                        try {
                            connection.close();
                        } catch (SQLException e3) {
                            Log.warn("Problem closing connection", (Throwable) e3);
                        } finally {
                        }
                    }
                }
            } catch (SQLException e4) {
                Log.warn("Problem loading user info for " + str, (Throwable) e4);
                if (connection != null) {
                    try {
                        connection.close();
                    } catch (SQLException e5) {
                        Log.warn("Problem closing connection", (Throwable) e5);
                    } finally {
                    }
                }
            }
        } catch (Throwable th) {
            try {
            } catch (SQLException e6) {
                Log.warn("Problem closing connection", (Throwable) e6);
            } finally {
            }
            if (connection != null) {
                connection.close();
            }
            throw th;
        }
    }

    private void initDb() throws NamingException {
        if (this._datasource != null) {
            return;
        }
        new InitialContext();
        try {
            this._datasource = (DataSource) NamingEntryUtil.lookup(this._server, this._jndiName);
        } catch (NameNotFoundException e) {
        }
        if (this._datasource == null) {
            this._datasource = (DataSource) NamingEntryUtil.lookup(null, this._jndiName);
        }
        this._userSql = "select " + this._userTableKey + "," + this._userTablePasswordField + " from " + this._userTableName + " where " + this._userTableUserField + " = ?";
        this._roleSql = "select r." + this._roleTableRoleField + " from " + this._roleTableName + " r, " + this._userRoleTableName + " u where u." + this._userRoleTableUserKey + " = ? and r." + this._roleTableKey + " = u." + this._userRoleTableRoleKey;
    }

    private Connection getConnection() throws NamingException, SQLException {
        initDb();
        return this._datasource.getConnection();
    }
}
