package net.sf.michaelo.tomcat.realm;

import java.security.Principal;
import org.apache.catalina.realm.UserDatabaseRealm;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.res.StringManager;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSName;

/* loaded from: input_file:net/sf/michaelo/tomcat/realm/GSSUserDatabaseRealm.class */
public class GSSUserDatabaseRealm extends UserDatabaseRealm implements GSSRealm {
    protected final Log logger = LogFactory.getLog(getClass());
    protected final StringManager sm = StringManager.getManager(getClass());
    protected static final String name = "GSSUserDatabaseRealm";

    protected String getName() {
        return name;
    }

    @Override // net.sf.michaelo.tomcat.realm.GSSRealm
    public Principal authenticate(GSSName gSSName, GSSCredential gSSCredential) {
        return getPrincipal(String.valueOf(gSSName), gSSCredential);
    }

    public Principal authenticate(GSSContext gSSContext, boolean z) {
        if (!gSSContext.isEstablished()) {
            this.logger.error(this.sm.getString("activeDirectoryRealm.securityContextNotEstablished"));
            return null;
        }
        GSSName gSSName = null;
        try {
            gSSName = gSSContext.getSrcName();
        } catch (GSSException e) {
            this.logger.error(this.sm.getString("activeDirectoryRealm.gssNameFailed"), e);
        }
        if (gSSName == null) {
            return null;
        }
        GSSCredential gSSCredential = null;
        if (z) {
            if (gSSContext.getCredDelegState()) {
                try {
                    gSSCredential = gSSContext.getDelegCred();
                } catch (GSSException e2) {
                    this.logger.warn(this.sm.getString("activeDirectoryRealm.delegatedCredentialFailed", new Object[]{gSSName}), e2);
                }
            } else if (this.logger.isDebugEnabled()) {
                this.logger.debug(this.sm.getString("activeDirectoryRealm.credentialNotDelegable", new Object[]{gSSName}));
            }
        }
        return getPrincipal(String.valueOf(gSSName), gSSCredential);
    }
}
