package org.springframework.security.web.jaasapi;

import java.io.IOException;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.springframework.security.authentication.jaas.JaasAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:spg-user-ui-war-3.0.14.war:WEB-INF/lib/spring-security-web-3.1.1.RELEASE.jar:org/springframework/security/web/jaasapi/JaasApiIntegrationFilter.class */
public class JaasApiIntegrationFilter extends GenericFilterBean {
    private boolean createEmptySubject;

    public final void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain) throws ServletException, IOException {
        Subject obtainSubject = obtainSubject(servletRequest);
        if (obtainSubject == null && this.createEmptySubject) {
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Subject returned was null and createEmtpySubject is true; creating new empty subject to run as.");
            }
            obtainSubject = new Subject();
        }
        if (obtainSubject == null) {
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Subject is null continue running with no Subject.");
            }
            filterChain.doFilter(servletRequest, servletResponse);
        } else {
            PrivilegedExceptionAction<Object> privilegedExceptionAction = new PrivilegedExceptionAction<Object>() { // from class: org.springframework.security.web.jaasapi.JaasApiIntegrationFilter.1
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws IOException, ServletException {
                    filterChain.doFilter(servletRequest, servletResponse);
                    return null;
                }
            };
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Running as Subject " + obtainSubject);
            }
            try {
                Subject.doAs(obtainSubject, privilegedExceptionAction);
            } catch (PrivilegedActionException e) {
                throw new ServletException(e.getMessage(), e);
            }
        }
    }

    protected Subject obtainSubject(ServletRequest servletRequest) {
        LoginContext loginContext;
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Attempting to obtainSubject using authentication : " + authentication);
        }
        if (authentication != null && authentication.isAuthenticated() && (authentication instanceof JaasAuthenticationToken) && (loginContext = ((JaasAuthenticationToken) authentication).getLoginContext()) != null) {
            return loginContext.getSubject();
        }
        return null;
    }

    public final void setCreateEmptySubject(boolean z) {
        this.createEmptySubject = z;
    }
}
