package nl.knowledgeplaza.securityfilter;

import java.security.Principal;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;

/* loaded from: input_file:WEB-INF/lib/KpSecurityFilter-1.30.jar:nl/knowledgeplaza/securityfilter/SecurityFilterCaptcha.class */
public class SecurityFilterCaptcha extends SecurityFilter {
    public static final String SOURCECODE_VERSION = "$Revision: 1.1 $";
    static Logger cLog4J = Logger.getLogger(SecurityFilterJDBC.class);
    private static String SESSIONATTRIBUTE_FIRSTLOGIN = "DDServlet.FirstLogin";
    private String iCaptchaRole = null;
    private String iCaptchaUser = null;
    private String iCaptchaPwd = null;

    @Override // nl.knowledgeplaza.securityfilter.SecurityFilter
    public void initialize() throws ServletException {
        super.initialize();
        this.iCaptchaRole = this.iConfigurationProperties.get2(this, "CaptchaRole");
        this.iCaptchaUser = this.iConfigurationProperties.get2(this, "CaptchaUser");
        this.iCaptchaPwd = this.iConfigurationProperties.get2(this, "CaptchaPwd");
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("CaptchaRole=" + this.iCaptchaRole);
        }
    }

    @Override // nl.knowledgeplaza.securityfilter.SecurityFilter
    public Principal authenticate(HttpServletRequest httpServletRequest, String str, String str2, String str3) throws ServletException {
        SecurityFilterPrincipal securityFilterPrincipal = null;
        HttpSession session = httpServletRequest.getSession();
        if (((String) session.getAttribute("SIMPLE_CAPCHA_SESSION_KEY")).equals(str2)) {
            if (cLog4J.isDebugEnabled()) {
                cLog4J.debug("Authenticating '" + str + "', password matches Captcha key, authenticated (for now)");
            }
            securityFilterPrincipal = new SecurityFilterPrincipal(this.iCaptchaUser, str3);
            session.setAttribute(SESSIONATTRIBUTE_FIRSTLOGIN, "done");
            session.setAttribute("cpassword", this.iCaptchaPwd);
            session.setAttribute("cuserrole", this.iCaptchaRole);
        } else {
            if (cLog4J.isInfoEnabled()) {
                cLog4J.info("Authenticating '" + str + "', incorrect password");
            }
            httpServletRequest.getSession().setAttribute(SecurityFilter.SESSIONATTRIBUTE_REASON, "Password doesn't match captcha key");
        }
        return securityFilterPrincipal;
    }
}
