package org.jboss.as.web.security;

import java.io.IOException;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.catalina.Session;
import org.apache.catalina.authenticator.FormAuthenticator;
import org.apache.catalina.connector.Request;
import org.apache.catalina.deploy.LoginConfig;
import org.jboss.as.web.WebLogger;

/* loaded from: input_file:org/jboss/as/web/security/ExtendedFormAuthenticator.class */
public class ExtendedFormAuthenticator extends FormAuthenticator {
    public static final String LOGIN_EXCEPTION = "j_exception";
    public static final String DID_POPULATE = "did_populate";
    private boolean includePassword;

    public boolean isIncludePassword() {
        return this.includePassword;
    }

    public void setIncludePassword(boolean z) {
        this.includePassword = z;
    }

    public boolean authenticate(Request request, HttpServletResponse httpServletResponse, LoginConfig loginConfig) throws IOException {
        Boolean bool;
        boolean z = false;
        boolean authenticate = super.authenticate(request, httpServletResponse, loginConfig);
        Session sessionInternal = request.getSessionInternal(false);
        if (sessionInternal != null && (bool = (Boolean) sessionInternal.getNote(DID_POPULATE)) != null) {
            z = bool.booleanValue();
        }
        if (!authenticate && !z) {
            populateSession(request);
        }
        if (sessionInternal != null) {
            sessionInternal.removeNote(DID_POPULATE);
        }
        return authenticate;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void forwardToErrorPage(Request request, HttpServletResponse httpServletResponse, LoginConfig loginConfig) throws IOException {
        WebLogger.WEB_SECURITY_LOGGER.tracef("forwardToErrorPage", new Object[0]);
        populateSession(request);
        super.forwardToErrorPage(request, httpServletResponse, loginConfig);
        SecurityActions.clearAuthException();
    }

    protected void forwardToLoginPage(Request request, HttpServletResponse httpServletResponse, LoginConfig loginConfig) throws IOException {
        WebLogger.WEB_SECURITY_LOGGER.tracef("forwardToLoginPage", new Object[0]);
        populateSession(request);
        super.forwardToLoginPage(request, httpServletResponse, loginConfig);
    }

    protected void populateSession(Request request) {
        Session sessionInternal = request.getSessionInternal(false);
        if (sessionInternal == null) {
            WebLogger.WEB_SECURITY_LOGGER.tracef("No Session to store login parameters in", new Object[0]);
            return;
        }
        HttpSession session = sessionInternal.getSession();
        WebLogger.WEB_SECURITY_LOGGER.tracef("SessionID: " + session.getId(), new Object[0]);
        String parameter = request.getParameter("j_username");
        WebLogger.WEB_SECURITY_LOGGER.tracef("Setting j_username = " + parameter, new Object[0]);
        session.setAttribute("j_username", parameter);
        if (this.includePassword) {
            String parameter2 = request.getParameter("j_password");
            WebLogger.WEB_SECURITY_LOGGER.tracef("Setting j_password" + (parameter2 == null ? " = null" : " = --hidden--"), new Object[0]);
            session.setAttribute("j_password", parameter2);
        }
        Throwable authException = SecurityActions.getAuthException();
        WebLogger.WEB_SECURITY_LOGGER.tracef("Setting j_exception = " + authException, new Object[0]);
        session.setAttribute(LOGIN_EXCEPTION, authException);
        sessionInternal.setNote(DID_POPULATE, Boolean.TRUE);
    }
}
