package org.jboss.ejb.plugins;

import java.security.Principal;
import org.jboss.ejb.Container;
import org.jboss.invocation.Invocation;
import org.jboss.metadata.SecurityIdentityMetaData;
import org.jboss.security.SecurityAssociation;
import org.jboss.security.SimplePrincipal;

/* loaded from: input_file:org/jboss/ejb/plugins/RunAsSecurityInterceptor.class */
public class RunAsSecurityInterceptor extends AbstractInterceptor {
    protected Principal runAsRole;

    @Override // org.jboss.ejb.plugins.AbstractInterceptor, org.jboss.ejb.ContainerPlugin
    public void setContainer(Container container) {
        SecurityIdentityMetaData securityIdentityMetaData;
        super.setContainer(container);
        if (container == null || (securityIdentityMetaData = container.getBeanMetaData().getSecurityIdentityMetaData()) == null || securityIdentityMetaData.getUseCallerIdentity()) {
            return;
        }
        this.runAsRole = new SimplePrincipal(securityIdentityMetaData.getRunAsRoleName());
    }

    @Override // org.jboss.ejb.plugins.AbstractInterceptor
    public void start() throws Exception {
        super.start();
    }

    @Override // org.jboss.ejb.plugins.AbstractInterceptor, org.jboss.ejb.Interceptor
    public Object invokeHome(Invocation invocation) throws Exception {
        if (this.runAsRole != null) {
            SecurityAssociation.pushRunAsRole(this.runAsRole);
        }
        try {
            Object invokeHome = getNext().invokeHome(invocation);
            if (this.runAsRole != null) {
                SecurityAssociation.popRunAsRole();
            }
            return invokeHome;
        } catch (Throwable th) {
            if (this.runAsRole != null) {
                SecurityAssociation.popRunAsRole();
            }
            throw th;
        }
    }

    @Override // org.jboss.ejb.plugins.AbstractInterceptor, org.jboss.ejb.Interceptor
    public Object invoke(Invocation invocation) throws Exception {
        if (this.runAsRole != null) {
            SecurityAssociation.pushRunAsRole(this.runAsRole);
        }
        try {
            Object invoke = getNext().invoke(invocation);
            if (this.runAsRole != null) {
                SecurityAssociation.popRunAsRole();
            }
            return invoke;
        } catch (Throwable th) {
            if (this.runAsRole != null) {
                SecurityAssociation.popRunAsRole();
            }
            throw th;
        }
    }
}
