package com.ibm.isclite.servlet;

import com.ibm.isclite.common.util.ISCAppUtil;
import com.ibm.isclite.rest.providers.cms.util.CmsRestUtil;
import java.io.IOException;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:com/ibm/isclite/servlet/SessionFilter.class */
public class SessionFilter implements Filter {
    private FilterConfig filterConfig;
    private static String CLASSNAME = "SessionFilter";
    private static Logger logger = Logger.getLogger(SessionFilter.class.getName());

    public void init(FilterConfig filterConfig) throws ServletException {
        this.filterConfig = filterConfig;
    }

    public void destroy() {
        this.filterConfig = null;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (logger.isLoggable(Level.FINE)) {
            logger.entering(CLASSNAME, "doFilter");
        }
        if (servletRequest instanceof HttpServletRequest) {
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            if (httpServletRequest.getRequestURI().equals(ISCAppUtil.getContextRoot() + "/j_security_check")) {
                HttpSession session = httpServletRequest.getSession();
                String str = (String) session.getAttribute("com.ibm.isc.xlaunch.redirect.url");
                String parameter = httpServletRequest.getParameter("allowGetRequest");
                if (httpServletRequest.getMethod().equals(CmsRestUtil.X_METHOD_OVERRIDE_GET) && str == null && parameter == null) {
                    logger.logp(Level.FINE, CLASSNAME, "doFilter", "j_security_check cannot accept GET parameters");
                    session.invalidate();
                    return;
                }
                HashMap hashMap = new HashMap();
                if (session.getAttribute(com.ibm.isclite.runtime.Constants.USER_KEY) == null) {
                    Enumeration attributeNames = session.getAttributeNames();
                    while (attributeNames.hasMoreElements()) {
                        String str2 = (String) attributeNames.nextElement();
                        hashMap.put(str2, session.getAttribute(str2));
                    }
                    logger.logp(Level.FINE, CLASSNAME, "doFilter", "invalidating session created by login page=" + session.getId());
                    session.invalidate();
                }
                HttpSession session2 = httpServletRequest.getSession();
                if (session2.isNew()) {
                    logger.logp(Level.FINE, CLASSNAME, "doFilter", "creating a new session after authentication=" + session2.getId());
                    for (String str3 : hashMap.keySet()) {
                        session2.setAttribute(str3, hashMap.get(str3));
                    }
                }
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
        WASAuthenticationErrorHelper wASAuthenticationErrorHelper = new WASAuthenticationErrorHelper();
        if (wASAuthenticationErrorHelper.wasLoginFailure()) {
            ((HttpServletRequest) servletRequest).getSession().setAttribute("rootcause", wASAuthenticationErrorHelper.getRootCause().getLocalizedMessage());
        }
    }
}
