geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jensde...@apache.org
Subject [3/7] incubator-geode git commit: GEM-164: move the security tests in gemfire-test module inside the com.gemstone.gemfire.security packages to the open side.
Date Mon, 21 Dec 2015 17:21:31 GMT
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/java/templates/security/CredentialGenerator.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/templates/security/CredentialGenerator.java b/gemfire-core/src/test/java/templates/security/CredentialGenerator.java
new file mode 100644
index 0000000..99d7e18
--- /dev/null
+++ b/gemfire-core/src/test/java/templates/security/CredentialGenerator.java
@@ -0,0 +1,343 @@
+
+package templates.security;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Properties;
+
+import com.gemstone.gemfire.security.AuthInitialize;
+import com.gemstone.gemfire.security.Authenticator;
+
+/**
+ * Encapsulates obtaining valid and invalid credentials. Implementations will be
+ * for different kinds of authentication schemes.
+ * 
+ * @author sumedh
+ * @since 5.5
+ */
+public abstract class CredentialGenerator {
+
+  /**
+   * Enumeration for various {@link CredentialGenerator} implementations.
+   * 
+   * The following schemes are supported as of now:
+   * <code>DummyAuthenticator</code>, <code>LdapUserAuthenticator</code>,
+   * <code>PKCSAuthenticator</code>. In addition SSL socket mode with mutual
+   * authentication is also supported.
+   * 
+   * To add a new authentication scheme the following needs to be done:
+   * <ul>
+   * <li>Add implementations for {@link AuthInitialize} and
+   * {@link Authenticator} classes for clients/peers.</li>
+   * <li>Add a new enumeration value for the scheme in this class. Notice the
+   * size of <code>VALUES</code> array and increase that if it is getting
+   * overflowed. Note the methods and fields for existing schemes and add for
+   * the new one in a similar manner.</li>
+   * <li>Add an implementation for {@link CredentialGenerator}.</li>
+   * <li>Modify the {@link CredentialGenerator.Factory#create} method to add
+   * creation of an instance of the new implementation for the
+   * <code>ClassCode</code> enumeration value.</li>
+   * </ul>
+   * All security dunit tests will automagically start testing the new
+   * implementation after this.
+   * 
+   * @author sumedh
+   * @since 5.5
+   */
+  public static final class ClassCode {
+
+    private static final byte ID_DUMMY = 1;
+
+    private static final byte ID_LDAP = 2;
+
+    private static final byte ID_PKCS = 3;
+
+    private static final byte ID_SSL = 4;
+
+    private static byte nextOrdinal = 0;
+
+    private static final ClassCode[] VALUES = new ClassCode[10];
+
+    private static final Map CodeNameMap = new HashMap();
+
+    public static final ClassCode DUMMY = new ClassCode(
+        "templates.security.DummyAuthenticator.create", ID_DUMMY);
+
+    public static final ClassCode LDAP = new ClassCode(
+        "templates.security.LdapUserAuthenticator.create", ID_LDAP);
+
+    public static final ClassCode PKCS = new ClassCode(
+        "templates.security.PKCSAuthenticator.create", ID_PKCS);
+
+    public static final ClassCode SSL = new ClassCode("SSL", ID_SSL);
+
+    /** The name of this class. */
+    private final String name;
+
+    /** byte used as ordinal to represent this class */
+    private final byte ordinal;
+
+    /**
+     * One of the following: ID_DUMMY, ID_LDAP, ID_PKCS
+     */
+    private final byte classType;
+
+    /** Creates a new instance of class code. */
+    private ClassCode(String name, byte classType) {
+      this.name = name;
+      this.classType = classType;
+      this.ordinal = nextOrdinal++;
+      VALUES[this.ordinal] = this;
+      CodeNameMap.put(name, this);
+    }
+
+    public boolean isDummy() {
+      return (this.classType == ID_DUMMY);
+    }
+
+    public boolean isLDAP() {
+      return (this.classType == ID_LDAP);
+    }
+
+    public boolean isPKCS() {
+      return (this.classType == ID_PKCS);
+    }
+
+    public boolean isSSL() {
+      return (this.classType == ID_SSL);
+    }
+
+    /**
+     * Returns the <code>ClassCode</code> represented by specified ordinal.
+     */
+    public static ClassCode fromOrdinal(byte ordinal) {
+      return VALUES[ordinal];
+    }
+
+    /**
+     * Returns the <code>ClassCode</code> represented by specified string.
+     */
+    public static ClassCode parse(String operationName) {
+      return (ClassCode)CodeNameMap.get(operationName);
+    }
+
+    /**
+     * Returns all the possible values.
+     */
+    public static List getAll() {
+      List codes = new ArrayList();
+      Iterator iter = CodeNameMap.values().iterator();
+      while (iter.hasNext()) {
+        codes.add(iter.next());
+      }
+      return codes;
+    }
+
+    /**
+     * Returns the ordinal for this operation code.
+     * 
+     * @return the ordinal of this operation.
+     */
+    public byte toOrdinal() {
+      return this.ordinal;
+    }
+
+    /**
+     * Returns a string representation for this operation.
+     * 
+     * @return the name of this operation.
+     */
+    final public String toString() {
+      return this.name;
+    }
+
+    /**
+     * Indicates whether other object is same as this one.
+     * 
+     * @return true if other object is same as this one.
+     */
+    @Override
+    final public boolean equals(final Object obj) {
+      if (obj == this) {
+        return true;
+      }
+      if (!(obj instanceof ClassCode)) {
+        return false;
+      }
+      final ClassCode other = (ClassCode)obj;
+      return (other.ordinal == this.ordinal);
+    }
+
+    /**
+     * Indicates whether other <code>ClassCode</code> is same as this one.
+     * 
+     * @return true if other <code>ClassCode</code> is same as this one.
+     */
+    final public boolean equals(final ClassCode opCode) {
+      return (opCode != null && opCode.ordinal == this.ordinal);
+    }
+
+    /**
+     * Returns a hash code value for this <code>ClassCode</code> which is the
+     * same as its ordinal.
+     * 
+     * @return the ordinal of this operation.
+     */
+    @Override
+    final public int hashCode() {
+      return this.ordinal;
+    }
+
+  }
+
+  /**
+   * A set of properties that should be added to the Gemfire system properties
+   * before using the authentication module.
+   */
+  private Properties sysProps = null;
+
+  /**
+   * A set of properties that should be added to the java system properties
+   * before using the authentication module.
+   */
+  protected Properties javaProps = null;
+
+  /**
+   * A factory method to create a new instance of an {@link CredentialGenerator}
+   * for the given {@link ClassCode}. Caller is supposed to invoke
+   * {@link CredentialGenerator#init} immediately after obtaining the instance.
+   * 
+   * @param classCode
+   *                the <code>ClassCode</code> of the
+   *                <code>CredentialGenerator</code> implementation
+   * 
+   * @return an instance of <code>CredentialGenerator</code> for the given
+   *         class code
+   */
+  public static CredentialGenerator create(ClassCode classCode) {
+    switch (classCode.classType) {
+      // Removing dummy one to reduce test run times
+      // case ClassCode.ID_DUMMY:
+      // return new DummyCredentialGenerator();
+      case ClassCode.ID_LDAP:
+        return new LdapUserCredentialGenerator();
+        // case ClassCode.ID_SSL:ΓΈ
+        // return new SSLCredentialGenerator();
+      case ClassCode.ID_PKCS:
+        return new PKCSCredentialGenerator();
+      default:
+        return null;
+    }
+  }
+
+  /**
+   * Initialize the credential generator.
+   * 
+   * @throws IllegalArgumentException
+   *                 when there is a problem during initialization
+   */
+  public void init() throws IllegalArgumentException {
+    this.sysProps = initialize();
+  }
+
+  /**
+   * Initialize the credential generator. This is provided separately from the
+   * {@link #init} method for convenience of implementations so that they do not
+   * need to store in {@link #sysProps}. The latter is convenient for the users
+   * who do not need to store these properties rather can obtain it later by
+   * invoking {@link #getSystemProperties}
+   * 
+   * Required to be implemented by concrete classes that implement this abstract
+   * class.
+   * 
+   * @return A set of extra properties that should be added to Gemfire system
+   *         properties when not null.
+   * 
+   * @throws IllegalArgumentException
+   *                 when there is a problem during initialization
+   */
+  protected abstract Properties initialize() throws IllegalArgumentException;
+
+  /**
+   * 
+   * @return A set of extra properties that should be added to Gemfire system
+   *         properties when not null.
+   */
+  public Properties getSystemProperties() {
+    return this.sysProps;
+  }
+
+  /**
+   * 
+   * @return A set of extra properties that should be added to Gemfire system
+   *         properties when not null.
+   */
+  public Properties getJavaProperties() {
+    return this.javaProps;
+  }
+
+  /**
+   * The {@link ClassCode} of this particular implementation.
+   * 
+   * @return the <code>ClassCode</code>
+   */
+  public abstract ClassCode classCode();
+
+  /**
+   * The name of the {@link AuthInitialize} factory function that should be used
+   * in conjunction with the credentials generated by this generator.
+   * 
+   * @return name of the <code>AuthInitialize</code> factory function
+   */
+  public abstract String getAuthInit();
+
+  /**
+   * The name of the {@link Authenticator} factory function that should be used
+   * in conjunction with the credentials generated by this generator.
+   * 
+   * @return name of the <code>Authenticator</code> factory function
+   */
+  public abstract String getAuthenticator();
+
+  /**
+   * Get a set of valid credentials generated using the given index.
+   */
+  public abstract Properties getValidCredentials(int index);
+
+  /**
+   * Get a set of valid credentials for the given {@link Principal}.
+   * 
+   * @return credentials for the given <code>Principal</code> or null if none
+   *         possible.
+   */
+  public abstract Properties getValidCredentials(Principal principal);
+
+  /**
+   * Get a set of invalid credentials generated using the given index.
+   */
+  public abstract Properties getInvalidCredentials(int index);
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/java/templates/security/DummyAuthzCredentialGenerator.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/templates/security/DummyAuthzCredentialGenerator.java b/gemfire-core/src/test/java/templates/security/DummyAuthzCredentialGenerator.java
new file mode 100644
index 0000000..5c27d60
--- /dev/null
+++ b/gemfire-core/src/test/java/templates/security/DummyAuthzCredentialGenerator.java
@@ -0,0 +1,142 @@
+
+package templates.security;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+import java.security.Principal;
+import java.util.HashSet;
+import java.util.Properties;
+import java.util.Set;
+
+import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
+
+public class DummyAuthzCredentialGenerator extends AuthzCredentialGenerator {
+
+  public static final byte READER_ROLE = 1;
+
+  public static final byte WRITER_ROLE = 2;
+
+  public static final byte ADMIN_ROLE = 3;
+
+  private static Set readerOpsSet;
+
+  private static Set writerOpsSet;
+
+  static {
+
+    readerOpsSet = new HashSet();
+    for (int index = 0; index < DummyAuthorization.READER_OPS.length; index++) {
+      readerOpsSet.add(DummyAuthorization.READER_OPS[index]);
+    }
+    writerOpsSet = new HashSet();
+    for (int index = 0; index < DummyAuthorization.WRITER_OPS.length; index++) {
+      writerOpsSet.add(DummyAuthorization.WRITER_OPS[index]);
+    }
+  }
+
+  public DummyAuthzCredentialGenerator() {
+  }
+
+  protected Properties init() throws IllegalArgumentException {
+
+    if (!this.cGen.classCode().isDummy()) {
+      throw new IllegalArgumentException(
+          "DummyAuthorization module only works with DummyAuthenticator");
+    }
+    return null;
+  }
+
+  public ClassCode classCode() {
+    return ClassCode.DUMMY;
+  }
+
+  public String getAuthorizationCallback() {
+    return "templates.security.DummyAuthorization.create";
+  }
+
+  public static byte getRequiredRole(OperationCode[] opCodes) {
+
+    byte roleType = ADMIN_ROLE;
+    boolean requiresReader = true;
+    boolean requiresWriter = true;
+
+    for (int opNum = 0; opNum < opCodes.length; opNum++) {
+      if (requiresReader && !readerOpsSet.contains(opCodes[opNum])) {
+        requiresReader = false;
+      }
+      if (requiresWriter && !writerOpsSet.contains(opCodes[opNum])) {
+        requiresWriter = false;
+      }
+    }
+    if (requiresReader) {
+      roleType = READER_ROLE;
+    }
+    else if (requiresWriter) {
+      roleType = WRITER_ROLE;
+    }
+    return roleType;
+  }
+
+  private Principal getPrincipal(byte roleType, int index) {
+
+    String[] admins = new String[] { "root", "admin", "administrator" };
+    switch (roleType) {
+      case READER_ROLE:
+        return new UsernamePrincipal("reader" + index);
+      case WRITER_ROLE:
+        return new UsernamePrincipal("writer" + index);
+      default:
+        return new UsernamePrincipal(admins[index % admins.length]);
+    }
+  }
+
+  protected Principal getAllowedPrincipal(OperationCode[] opCodes,
+      String[] regionNames, int index) {
+
+    byte roleType = getRequiredRole(opCodes);
+    return getPrincipal(roleType, index);
+  }
+
+  protected Principal getDisallowedPrincipal(OperationCode[] opCodes,
+      String[] regionNames, int index) {
+
+    byte roleType = getRequiredRole(opCodes);
+    byte disallowedRoleType;
+    switch (roleType) {
+      case READER_ROLE:
+        disallowedRoleType = WRITER_ROLE;
+        break;
+      case WRITER_ROLE:
+        disallowedRoleType = READER_ROLE;
+        break;
+      default:
+        disallowedRoleType = READER_ROLE;
+        break;
+    }
+    return getPrincipal(disallowedRoleType, index);
+  }
+
+  protected int getNumPrincipalTries(OperationCode[] opCodes,
+      String[] regionNames) {
+    return 5;
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/java/templates/security/DummyCredentialGenerator.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/templates/security/DummyCredentialGenerator.java b/gemfire-core/src/test/java/templates/security/DummyCredentialGenerator.java
new file mode 100644
index 0000000..af6c6eb
--- /dev/null
+++ b/gemfire-core/src/test/java/templates/security/DummyCredentialGenerator.java
@@ -0,0 +1,90 @@
+
+package templates.security;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+import java.security.Principal;
+import java.util.Properties;
+
+public class DummyCredentialGenerator extends CredentialGenerator {
+
+  public DummyCredentialGenerator() {
+  }
+
+  protected Properties initialize() throws IllegalArgumentException {
+    return null;
+  }
+
+  public ClassCode classCode() {
+    return ClassCode.DUMMY;
+  }
+
+  public String getAuthInit() {
+    return "templates.security.UserPasswordAuthInit.create";
+  }
+
+  public String getAuthenticator() {
+    return "templates.security.DummyAuthenticator.create";
+  }
+
+  public Properties getValidCredentials(int index) {
+
+    String[] validGroups = new String[] { "admin", "user", "reader", "writer" };
+    String[] admins = new String[] { "root", "admin", "administrator" };
+
+    Properties props = new Properties();
+    int groupNum = (index % validGroups.length);
+    String userName;
+    if (groupNum == 0) {
+      userName = admins[index % admins.length];
+    }
+    else {
+      userName = validGroups[groupNum] + (index / validGroups.length);
+    }
+    props.setProperty(UserPasswordAuthInit.USER_NAME, userName);
+    props.setProperty(UserPasswordAuthInit.PASSWORD, userName);
+    return props;
+  }
+
+  public Properties getValidCredentials(Principal principal) {
+
+    String userName = principal.getName();
+    if (DummyAuthenticator.testValidName(userName)) {
+      Properties props = new Properties();
+      props.setProperty(UserPasswordAuthInit.USER_NAME, userName);
+      props.setProperty(UserPasswordAuthInit.PASSWORD, userName);
+      return props;
+    }
+    else {
+      throw new IllegalArgumentException("Dummy: [" + userName
+          + "] is not a valid user");
+    }
+  }
+
+  public Properties getInvalidCredentials(int index) {
+
+    Properties props = new Properties();
+    props.setProperty(UserPasswordAuthInit.USER_NAME, "invalid" + index);
+    props.setProperty(UserPasswordAuthInit.PASSWORD, "none");
+    return props;
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/java/templates/security/LdapUserCredentialGenerator.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/templates/security/LdapUserCredentialGenerator.java b/gemfire-core/src/test/java/templates/security/LdapUserCredentialGenerator.java
new file mode 100644
index 0000000..816df63
--- /dev/null
+++ b/gemfire-core/src/test/java/templates/security/LdapUserCredentialGenerator.java
@@ -0,0 +1,158 @@
+
+package templates.security;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+import java.security.Principal;
+import java.util.Properties;
+
+import com.gemstone.gemfire.distributed.internal.DistributionConfig;
+import com.gemstone.gemfire.internal.cache.tier.sockets.HandShake;
+import com.gemstone.gemfire.util.test.TestUtil;
+
+import java.util.Random;
+
+public class LdapUserCredentialGenerator extends CredentialGenerator {
+
+  private static final String USER_PREFIX = "gemfire";
+
+  private static boolean enableServerAuthentication = false;
+
+  private boolean serverAuthEnabled = false;
+
+  private static final Random prng = new Random();
+
+  private static final String[] algos = new String[] { "", "DESede", "AES:128",
+      "Blowfish:128" };
+
+  public LdapUserCredentialGenerator() {
+    // Toggle server authentication enabled for each test
+    // This is done instead of running all the tests with both
+    // server auth enabled/disabled to reduce test run time.
+    enableServerAuthentication = !enableServerAuthentication;
+    serverAuthEnabled = enableServerAuthentication;
+  }
+
+  @Override
+  protected Properties initialize() throws IllegalArgumentException {
+
+    Properties extraProps = new Properties();
+    String ldapServer = System.getProperty("gf.ldap.server", "ldap");
+    String ldapBaseDN = System.getProperty("gf.ldap.basedn", "ou=ldapTesting,dc=pune,dc=gemstone,dc=com");
+    String ldapUseSSL = System.getProperty("gf.ldap.usessl");
+    extraProps.setProperty(LdapUserAuthenticator.LDAP_SERVER_NAME, ldapServer);
+    extraProps.setProperty(LdapUserAuthenticator.LDAP_BASEDN_NAME, ldapBaseDN);
+    if (ldapUseSSL != null && ldapUseSSL.length() > 0) {
+      extraProps.setProperty(LdapUserAuthenticator.LDAP_SSL_NAME, ldapUseSSL);
+    }
+    if (serverAuthEnabled) {
+      String keyStoreFile = TestUtil.getResourcePath(LdapUserCredentialGenerator.class, PKCSCredentialGenerator.keyStoreDir + "/gemfire1.keystore");
+      extraProps.setProperty(HandShake.PRIVATE_KEY_FILE_PROP, keyStoreFile);
+      extraProps.setProperty(HandShake.PRIVATE_KEY_ALIAS_PROP, "gemfire1");
+      extraProps.setProperty(HandShake.PRIVATE_KEY_PASSWD_PROP, "gemfire");
+    }
+    return extraProps;
+  }
+
+  @Override
+  public ClassCode classCode() {
+    return ClassCode.LDAP;
+  }
+
+  @Override
+  public String getAuthInit() {
+    return "templates.security.UserPasswordAuthInit.create";
+  }
+
+  @Override
+  public String getAuthenticator() {
+    return "templates.security.LdapUserAuthenticator.create";
+  }
+
+  @Override
+  public Properties getValidCredentials(int index) {
+
+    Properties props = new Properties();
+    props.setProperty(UserPasswordAuthInit.USER_NAME, USER_PREFIX
+        + ((index % 10) + 1));
+    props.setProperty(UserPasswordAuthInit.PASSWORD, USER_PREFIX
+        + ((index % 10) + 1));
+    props.setProperty(DistributionConfig.SECURITY_CLIENT_DHALGO_NAME,
+        algos[prng.nextInt(algos.length)]);
+    if (serverAuthEnabled) {
+      String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, PKCSCredentialGenerator.keyStoreDir + "/publickeyfile");
+      props.setProperty(HandShake.PUBLIC_KEY_FILE_PROP, keyStoreFile);
+      props.setProperty(HandShake.PUBLIC_KEY_PASSWD_PROP, "gemfire");
+    }
+    return props;
+  }
+
+  @Override
+  public Properties getValidCredentials(Principal principal) {
+
+    Properties props = null;
+    String userName = principal.getName();
+    if (userName != null && userName.startsWith(USER_PREFIX)) {
+      boolean isValid;
+      try {
+        int suffix = Integer.parseInt(userName.substring(USER_PREFIX.length()));
+        isValid = (suffix >= 1 && suffix <= 10);
+      }
+      catch (Exception ex) {
+        isValid = false;
+      }
+      if (isValid) {
+        props = new Properties();
+        props.setProperty(UserPasswordAuthInit.USER_NAME, userName);
+        props.setProperty(UserPasswordAuthInit.PASSWORD, userName);
+      }
+    }
+    if (props == null) {
+      throw new IllegalArgumentException("LDAP: [" + userName
+          + "] not a valid user");
+    }
+    props.setProperty(DistributionConfig.SECURITY_CLIENT_DHALGO_NAME,
+        algos[prng.nextInt(algos.length)]);
+    if (serverAuthEnabled) {
+      String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, PKCSCredentialGenerator.keyStoreDir + "/publickeyfile");
+      props.setProperty(HandShake.PUBLIC_KEY_FILE_PROP, keyStoreFile);
+      props.setProperty(HandShake.PUBLIC_KEY_PASSWD_PROP, "gemfire");
+    }
+    return props;
+  }
+
+  @Override
+  public Properties getInvalidCredentials(int index) {
+
+    Properties props = new Properties();
+    props.setProperty(UserPasswordAuthInit.USER_NAME, "invalid" + index);
+    props.setProperty(UserPasswordAuthInit.PASSWORD, "none");
+    props.setProperty(DistributionConfig.SECURITY_CLIENT_DHALGO_NAME,
+        algos[prng.nextInt(algos.length)]);
+    if (serverAuthEnabled) {
+      String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, PKCSCredentialGenerator.keyStoreDir + "/publickeyfile");
+      props.setProperty(HandShake.PUBLIC_KEY_FILE_PROP, keyStoreFile);
+      props.setProperty(HandShake.PUBLIC_KEY_PASSWD_PROP, "gemfire");
+    }
+    return props;
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/java/templates/security/PKCSCredentialGenerator.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/templates/security/PKCSCredentialGenerator.java b/gemfire-core/src/test/java/templates/security/PKCSCredentialGenerator.java
new file mode 100644
index 0000000..fa4bf04
--- /dev/null
+++ b/gemfire-core/src/test/java/templates/security/PKCSCredentialGenerator.java
@@ -0,0 +1,110 @@
+
+package templates.security;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+import java.security.Principal;
+import java.security.Provider;
+import java.security.Security;
+import java.util.Properties;
+
+import com.gemstone.gemfire.util.test.TestUtil;
+
+/**
+ * @author kneeraj
+ * 
+ */
+public class PKCSCredentialGenerator extends CredentialGenerator {
+
+  public static String keyStoreDir = getKeyStoreDir();
+
+  public static boolean usesIBMJSSE;
+
+  // Checks if the current JVM uses only IBM JSSE providers.
+  private static boolean usesIBMProviders() {
+    Provider[] providers = Security.getProviders();
+    for (int index = 0; index < providers.length; ++index) {
+      if (!providers[index].getName().toLowerCase().startsWith("ibm")) {
+        return false;
+      }
+    }
+    return true;
+  }
+
+  private static String getKeyStoreDir() {
+    usesIBMJSSE = usesIBMProviders();
+    if (usesIBMJSSE) {
+      return "/lib/keys/ibm";
+    }
+    else {
+      return "/lib/keys";
+    }
+  }
+
+  public ClassCode classCode() {
+    return ClassCode.PKCS;
+  }
+
+  public String getAuthInit() {
+    return "templates.security.PKCSAuthInit.create";
+  }
+
+  public String getAuthenticator() {
+    return "templates.security.PKCSAuthenticator.create";
+  }
+
+  public Properties getInvalidCredentials(int index) {
+    Properties props = new Properties();
+    String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, keyStoreDir + "/gemfire11.keystore");
+    props.setProperty(PKCSAuthInit.KEYSTORE_FILE_PATH, keyStoreFile);
+    props.setProperty(PKCSAuthInit.KEYSTORE_ALIAS, "gemfire11");
+    props.setProperty(PKCSAuthInit.KEYSTORE_PASSWORD, "gemfire");
+    return props;
+  }
+
+  public Properties getValidCredentials(int index) {
+    Properties props = new Properties();
+    int aliasnum = (index % 10) + 1;
+    String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, keyStoreDir + "/gemfire" + aliasnum + ".keystore");
+    props.setProperty(PKCSAuthInit.KEYSTORE_FILE_PATH, keyStoreFile);
+    props.setProperty(PKCSAuthInit.KEYSTORE_ALIAS, "gemfire" + aliasnum);
+    props.setProperty(PKCSAuthInit.KEYSTORE_PASSWORD, "gemfire");
+    return props;
+  }
+
+  public Properties getValidCredentials(Principal principal) {
+    Properties props = new Properties();
+    String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, keyStoreDir + principal.getName() + ".keystore");
+    props.setProperty(PKCSAuthInit.KEYSTORE_FILE_PATH, keyStoreFile);
+    props.setProperty(PKCSAuthInit.KEYSTORE_ALIAS, principal.getName());
+    props.setProperty(PKCSAuthInit.KEYSTORE_PASSWORD, "gemfire");
+    return props;
+  }
+
+  protected Properties initialize() throws IllegalArgumentException {
+    Properties props = new Properties();
+    String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, keyStoreDir + "/publickeyfile");
+    props.setProperty(PKCSAuthenticator.PUBLIC_KEY_FILE, keyStoreFile);
+    props.setProperty(PKCSAuthenticator.PUBLIC_KEYSTORE_PASSWORD, "gemfire");
+    return props;
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/java/templates/security/SSLCredentialGenerator.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/templates/security/SSLCredentialGenerator.java b/gemfire-core/src/test/java/templates/security/SSLCredentialGenerator.java
new file mode 100644
index 0000000..09367a2
--- /dev/null
+++ b/gemfire-core/src/test/java/templates/security/SSLCredentialGenerator.java
@@ -0,0 +1,116 @@
+
+package templates.security;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+import java.io.File;
+import java.io.IOException;
+import java.security.Principal;
+import java.util.Properties;
+
+import com.gemstone.gemfire.security.AuthenticationFailedException;
+
+public class SSLCredentialGenerator extends CredentialGenerator {
+
+  private File findTrustedJKS() {
+    File ssldir = new File(System.getProperty("JTESTS") + "/ssl");
+    return new File(ssldir, "trusted.keystore");
+  }
+
+  private File findUntrustedJKS() {
+    File ssldir = new File(System.getProperty("JTESTS") + "/ssl");
+    return new File(ssldir, "untrusted.keystore");
+  }
+
+  private Properties getValidJavaSSLProperties() {
+    File jks = findTrustedJKS();
+    try {
+      Properties props = new Properties();
+      props.setProperty("javax.net.ssl.trustStore", jks.getCanonicalPath());
+      props.setProperty("javax.net.ssl.trustStorePassword", "password");
+      props.setProperty("javax.net.ssl.keyStore", jks.getCanonicalPath());
+      props.setProperty("javax.net.ssl.keyStorePassword", "password");
+      return props;
+    }
+    catch (IOException ex) {
+      throw new AuthenticationFailedException(
+          "SSL: Exception while opening the key store: " + ex);
+    }
+  }
+
+  private Properties getInvalidJavaSSLProperties() {
+    File jks = findUntrustedJKS();
+    try {
+      Properties props = new Properties();
+      props.setProperty("javax.net.ssl.trustStore", jks.getCanonicalPath());
+      props.setProperty("javax.net.ssl.trustStorePassword", "password");
+      props.setProperty("javax.net.ssl.keyStore", jks.getCanonicalPath());
+      props.setProperty("javax.net.ssl.keyStorePassword", "password");
+      return props;
+    }
+    catch (IOException ex) {
+      throw new AuthenticationFailedException(
+          "SSL: Exception while opening the key store: " + ex);
+    }
+  }
+
+  private Properties getSSLProperties() {
+    Properties props = new Properties();
+    props.setProperty("ssl-enabled", "true");
+    props.setProperty("ssl-require-authentication", "true");
+    props.setProperty("ssl-ciphers", "SSL_RSA_WITH_RC4_128_MD5");
+    props.setProperty("ssl-protocols", "TLSv1");
+    return props;
+  }
+
+  protected Properties initialize() throws IllegalArgumentException {
+    this.javaProps = getValidJavaSSLProperties();
+    return getSSLProperties();
+  }
+
+  public ClassCode classCode() {
+    return ClassCode.SSL;
+  }
+
+  public String getAuthInit() {
+    return null;
+  }
+
+  public String getAuthenticator() {
+    return null;
+  }
+
+  public Properties getValidCredentials(int index) {
+    this.javaProps = getValidJavaSSLProperties();
+    return getSSLProperties();
+  }
+
+  public Properties getValidCredentials(Principal principal) {
+    this.javaProps = getValidJavaSSLProperties();
+    return getSSLProperties();
+  }
+
+  public Properties getInvalidCredentials(int index) {
+    this.javaProps = getInvalidJavaSSLProperties();
+    return getSSLProperties();
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/java/templates/security/UserPasswordWithExtraPropsAuthInit.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/templates/security/UserPasswordWithExtraPropsAuthInit.java b/gemfire-core/src/test/java/templates/security/UserPasswordWithExtraPropsAuthInit.java
new file mode 100644
index 0000000..56dbf7d
--- /dev/null
+++ b/gemfire-core/src/test/java/templates/security/UserPasswordWithExtraPropsAuthInit.java
@@ -0,0 +1,76 @@
+
+package templates.security;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+import java.util.Properties;
+import java.util.Iterator;
+
+import com.gemstone.gemfire.distributed.DistributedMember;
+import com.gemstone.gemfire.security.AuthInitialize;
+import com.gemstone.gemfire.security.AuthenticationFailedException;
+
+/**
+ * An {@link AuthInitialize} implementation that obtains the user name and
+ * password as the credentials from the given set of properties. If 
+ * keep-extra-props property exits, it will copy rest of the
+ * properties provided in getCredential props argument will also be 
+ * copied as new credentials.
+ * 
+ * @author Soubhik
+ * @since 5.5
+ */
+public class UserPasswordWithExtraPropsAuthInit extends UserPasswordAuthInit {
+
+  public static final String EXTRA_PROPS = "security-keep-extra-props";
+
+  public static final String SECURITY_PREFIX = "security-";
+  
+  public static AuthInitialize create() {
+    return new UserPasswordWithExtraPropsAuthInit();
+  }
+
+  public UserPasswordWithExtraPropsAuthInit() {
+    super();
+  }
+
+  public Properties getCredentials(Properties props, DistributedMember server,
+      boolean isPeer) throws AuthenticationFailedException {
+
+    Properties newProps = super.getCredentials(props, server, isPeer);
+    String extraProps = props.getProperty(EXTRA_PROPS);
+    if(extraProps != null) {
+    	for(Iterator it = props.keySet().iterator(); it.hasNext();) {
+    		String key = (String)it.next();
+    		if( key.startsWith(SECURITY_PREFIX) && 
+    		    key.equalsIgnoreCase(USER_NAME) == false &&
+    		    key.equalsIgnoreCase(PASSWORD) == false &&
+    		    key.equalsIgnoreCase(EXTRA_PROPS) == false) {
+    			newProps.setProperty(key, props.getProperty(key));
+    		}
+    	}
+    	this.securitylog.fine("got everything and now have: "
+          + newProps.keySet().toString());
+    }
+    return newProps;
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/java/templates/security/XmlAuthzCredentialGenerator.java
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/java/templates/security/XmlAuthzCredentialGenerator.java b/gemfire-core/src/test/java/templates/security/XmlAuthzCredentialGenerator.java
new file mode 100644
index 0000000..6b3f171
--- /dev/null
+++ b/gemfire-core/src/test/java/templates/security/XmlAuthzCredentialGenerator.java
@@ -0,0 +1,262 @@
+
+package templates.security;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+import java.security.Principal;
+import java.util.HashSet;
+import java.util.Properties;
+import java.util.Set;
+
+import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
+import com.gemstone.gemfire.util.test.TestUtil;
+
+public class XmlAuthzCredentialGenerator extends AuthzCredentialGenerator {
+
+  private static final String dummyXml = "authz-dummy.xml";
+
+  private static final String ldapXml = "authz-ldap.xml";
+
+  private static final String pkcsXml = "authz-pkcs.xml";
+
+  private static final String sslXml = "authz-ssl.xml";
+
+  private static final String[] QUERY_REGIONS = { "/Portfolios", "/Positions",
+      "/AuthRegion" };
+
+  public static OperationCode[] READER_OPS = { OperationCode.GET,
+      OperationCode.REGISTER_INTEREST, OperationCode.UNREGISTER_INTEREST,
+      OperationCode.KEY_SET, OperationCode.CONTAINS_KEY, OperationCode.EXECUTE_FUNCTION };
+
+  public static OperationCode[] WRITER_OPS = { OperationCode.PUT,
+      OperationCode.DESTROY, OperationCode.INVALIDATE, OperationCode.REGION_CLEAR };
+
+  public static OperationCode[] QUERY_OPS = { OperationCode.QUERY,
+      OperationCode.EXECUTE_CQ, OperationCode.STOP_CQ, OperationCode.CLOSE_CQ };
+
+  private static final byte READER_ROLE = 1;
+
+  private static final byte WRITER_ROLE = 2;
+
+  private static final byte QUERY_ROLE = 3;
+
+  private static final byte ADMIN_ROLE = 4;
+
+  private static Set readerOpsSet;
+
+  private static Set writerOpsSet;
+
+  private static Set queryOpsSet;
+
+  private static Set queryRegionSet;
+
+  static {
+
+    readerOpsSet = new HashSet();
+    for (int index = 0; index < READER_OPS.length; index++) {
+      readerOpsSet.add(READER_OPS[index]);
+    }
+    writerOpsSet = new HashSet();
+    for (int index = 0; index < WRITER_OPS.length; index++) {
+      writerOpsSet.add(WRITER_OPS[index]);
+    }
+    queryOpsSet = new HashSet();
+    for (int index = 0; index < QUERY_OPS.length; index++) {
+      queryOpsSet.add(QUERY_OPS[index]);
+    }
+    queryRegionSet = new HashSet();
+    for (int index = 0; index < QUERY_REGIONS.length; index++) {
+      queryRegionSet.add(QUERY_REGIONS[index]);
+    }
+  }
+
+  public XmlAuthzCredentialGenerator() {
+  }
+
+  protected Properties init() throws IllegalArgumentException {
+
+    Properties sysProps = new Properties();
+    String dirName = "/lib/";
+    if (this.cGen.classCode().isDummy()) {
+      String xmlFilename = TestUtil.getResourcePath(XmlAuthzCredentialGenerator.class, dirName + dummyXml);
+      sysProps.setProperty(XmlAuthorization.DOC_URI_PROP_NAME, xmlFilename);
+    }
+    else if (this.cGen.classCode().isLDAP()) {
+      String xmlFilename = TestUtil.getResourcePath(XmlAuthzCredentialGenerator.class, dirName + ldapXml);
+      sysProps.setProperty(XmlAuthorization.DOC_URI_PROP_NAME, xmlFilename);
+    }
+    // else if (this.cGen.classCode().isPKCS()) {
+    // sysProps
+    // .setProperty(XmlAuthorization.DOC_URI_PROP_NAME, dirName + pkcsXml);
+    // }
+    // else if (this.cGen.classCode().isSSL()) {
+    // sysProps
+    // .setProperty(XmlAuthorization.DOC_URI_PROP_NAME, dirName + sslXml);
+    // }
+    else {
+      throw new IllegalArgumentException(
+          "No XML defined for XmlAuthorization module to work with "
+              + this.cGen.getAuthenticator());
+    }
+    return sysProps;
+  }
+
+  public ClassCode classCode() {
+    return ClassCode.XML;
+  }
+
+  public String getAuthorizationCallback() {
+    return "templates.security.XmlAuthorization.create";
+  }
+
+  private Principal getDummyPrincipal(byte roleType, int index) {
+
+    String[] admins = new String[] { "root", "admin", "administrator" };
+    int numReaders = 3;
+    int numWriters = 3;
+
+    switch (roleType) {
+      case READER_ROLE:
+        return new UsernamePrincipal("reader" + (index % numReaders));
+      case WRITER_ROLE:
+        return new UsernamePrincipal("writer" + (index % numWriters));
+      case QUERY_ROLE:
+        return new UsernamePrincipal("reader" + ((index % 2) + 3));
+      default:
+        return new UsernamePrincipal(admins[index % admins.length]);
+    }
+  }
+
+  private Principal getLdapPrincipal(byte roleType, int index) {
+
+    final String userPrefix = "gemfire";
+    final int[] readerIndices = { 3, 4, 5 };
+    final int[] writerIndices = { 6, 7, 8 };
+    final int[] queryIndices = { 9, 10 };
+    final int[] adminIndices = { 1, 2 };
+
+    switch (roleType) {
+      case READER_ROLE:
+        int readerIndex = readerIndices[index % readerIndices.length];
+        return new UsernamePrincipal(userPrefix + readerIndex);
+      case WRITER_ROLE:
+        int writerIndex = writerIndices[index % writerIndices.length];
+        return new UsernamePrincipal(userPrefix + writerIndex);
+      case QUERY_ROLE:
+        int queryIndex = queryIndices[index % queryIndices.length];
+        return new UsernamePrincipal(userPrefix + queryIndex);
+      default:
+        int adminIndex = adminIndices[index % adminIndices.length];
+        return new UsernamePrincipal(userPrefix + adminIndex);
+    }
+  }
+
+  private byte getRequiredRole(OperationCode[] opCodes, String[] regionNames) {
+
+    byte roleType = ADMIN_ROLE;
+    boolean requiresReader = true;
+    boolean requiresWriter = true;
+    boolean requiresQuery = true;
+
+    for (int opNum = 0; opNum < opCodes.length; opNum++) {
+      OperationCode opCode = opCodes[opNum];
+      if (requiresReader && !readerOpsSet.contains(opCode)) {
+        requiresReader = false;
+      }
+      if (requiresWriter && !writerOpsSet.contains(opCode)) {
+        requiresWriter = false;
+      }
+      if (requiresQuery && !queryOpsSet.contains(opCode)) {
+        requiresQuery = false;
+      }
+    }
+    if (requiresReader) {
+      roleType = READER_ROLE;
+    }
+    else if (requiresWriter) {
+      roleType = WRITER_ROLE;
+    }
+    else if (requiresQuery) {
+      if (regionNames != null && regionNames.length > 0) {
+        for (int index = 0; index < regionNames.length; index++) {
+          String regionName = XmlAuthorization
+              .normalizeRegionName(regionNames[index]);
+          if (requiresQuery && !queryRegionSet.contains(regionName)) {
+            requiresQuery = false;
+            break;
+          }
+        }
+        if (requiresQuery) {
+          roleType = QUERY_ROLE;
+        }
+      }
+    }
+    return roleType;
+  }
+
+  protected Principal getAllowedPrincipal(OperationCode[] opCodes,
+      String[] regionNames, int index) {
+
+    if (this.cGen.classCode().isDummy()) {
+      byte roleType = getRequiredRole(opCodes, regionNames);
+      return getDummyPrincipal(roleType, index);
+    }
+    else if (this.cGen.classCode().isLDAP()) {
+      byte roleType = getRequiredRole(opCodes, regionNames);
+      return getLdapPrincipal(roleType, index);
+    }
+    return null;
+  }
+
+  protected Principal getDisallowedPrincipal(OperationCode[] opCodes,
+      String[] regionNames, int index) {
+
+    byte roleType = getRequiredRole(opCodes, regionNames);
+    byte disallowedRoleType = READER_ROLE;
+    switch (roleType) {
+      case READER_ROLE:
+        disallowedRoleType = WRITER_ROLE;
+        break;
+      case WRITER_ROLE:
+        disallowedRoleType = READER_ROLE;
+        break;
+      case QUERY_ROLE:
+        disallowedRoleType = READER_ROLE;
+        break;
+      case ADMIN_ROLE:
+        disallowedRoleType = READER_ROLE;
+        break;
+    }
+    if (this.cGen.classCode().isDummy()) {
+      return getDummyPrincipal(disallowedRoleType, index);
+    }
+    else if (this.cGen.classCode().isLDAP()) {
+      return getLdapPrincipal(disallowedRoleType, index);
+    }
+    return null;
+  }
+
+  protected int getNumPrincipalTries(OperationCode[] opCodes,
+      String[] regionNames) {
+    return 5;
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/authz-dummy.xml
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/authz-dummy.xml b/gemfire-core/src/test/resources/lib/authz-dummy.xml
new file mode 100644
index 0000000..7f73808
--- /dev/null
+++ b/gemfire-core/src/test/resources/lib/authz-dummy.xml
@@ -0,0 +1,126 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+
+<!DOCTYPE acl PUBLIC "-//GemStone Systems, Inc.//GemFire XML Authorization 1.0//EN"
+              "authz6_0.dtd" >
+<acl>
+
+  <role name="reader">
+    <user>reader0</user>
+    <user>reader1</user>
+    <user>reader2</user>
+    <user>root</user>
+    <user>admin</user>
+    <user>administrator</user>
+  </role>
+
+  <role name="writer">
+    <user>writer0</user>
+    <user>writer1</user>
+    <user>writer2</user>
+    <user>root</user>
+    <user>admin</user>
+    <user>administrator</user>
+  </role>
+
+  <role name="cacheOps">
+    <user>root</user>
+    <user>admin</user>
+    <user>administrator</user>
+  </role>
+
+  <role name="queryRegions">
+    <user>reader3</user>
+    <user>reader4</user>
+  </role>
+
+  <role name="registerInterest">
+    <user>reader5</user>
+    <user>reader6</user>
+  </role>
+
+  <role name="unregisterInterest">
+    <user>reader5</user>
+    <user>reader7</user>
+  </role>
+  
+  <role name="onRegionFunctionExecutor">
+    <user>reader8</user>
+  </role>
+  
+  <role name="onServerFunctionExecutor">
+    <user>reader9</user>
+  </role>
+
+  <permission role="cacheOps">
+    <operation>QUERY</operation>
+    <operation>EXECUTE_CQ</operation>
+    <operation>STOP_CQ</operation>
+    <operation>CLOSE_CQ</operation>
+    <operation>REGION_CREATE</operation>
+    <operation>REGION_DESTROY</operation>
+  </permission>
+
+  <permission role="reader">
+    <operation>GET</operation>
+    <operation>REGISTER_INTEREST</operation>
+    <operation>UNREGISTER_INTEREST</operation>
+    <operation>KEY_SET</operation>
+    <operation>CONTAINS_KEY</operation>
+    <operation>EXECUTE_FUNCTION</operation>
+  </permission>
+
+  <permission role="writer">
+    <operation>PUT</operation>
+    <operation>PUTALL</operation>
+    <operation>DESTROY</operation>
+    <operation>INVALIDATE</operation>
+    <operation>REGION_CLEAR</operation>
+  </permission>
+
+  <permission role="queryRegions" regions="//Portfolios,/Positions/,AuthRegion">
+    <operation>QUERY</operation>
+    <operation>EXECUTE_CQ</operation>
+    <operation>STOP_CQ</operation>
+    <operation>CLOSE_CQ</operation>
+  </permission>
+  
+  <permission role="onRegionFunctionExecutor" regions="secureRegion,Positions">
+    <operation>PUT</operation>
+    <operation functionIds="SecureFunction,OptimizationFunction" optimizeForWrite="false" keySet="KEY-0,KEY-1">EXECUTE_FUNCTION</operation>
+  </permission>
+  
+  <permission role="onServerFunctionExecutor" >
+    <operation>PUT</operation>
+    <operation functionIds="SecureFunction,OptimizationFunction">EXECUTE_FUNCTION</operation>
+  </permission>
+
+  <permission role="registerInterest">
+    <operation>REGISTER_INTEREST</operation>
+    <operation>GET</operation>
+  </permission>
+
+  <permission role="unregisterInterest">
+    <operation>UNREGISTER_INTEREST</operation>
+    <operation>GET</operation>
+  </permission>
+
+</acl>

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/authz-ldap.xml
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/authz-ldap.xml b/gemfire-core/src/test/resources/lib/authz-ldap.xml
new file mode 100644
index 0000000..e63c23b
--- /dev/null
+++ b/gemfire-core/src/test/resources/lib/authz-ldap.xml
@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+
+<!DOCTYPE acl PUBLIC "-//GemStone Systems, Inc.//GemFire XML Authorization 1.0//EN"
+              "authz5_5.dtd" >
+<acl>
+
+  <role name="reader">
+    <user>gemfire1</user>
+    <user>gemfire2</user>
+    <user>gemfire3</user>
+    <user>gemfire4</user>
+    <user>gemfire5</user>
+  </role>
+
+  <role name="writer">
+    <user>gemfire1</user>
+    <user>gemfire2</user>
+    <user>gemfire6</user>
+    <user>gemfire7</user>
+    <user>gemfire8</user>
+  </role>
+
+  <role name="cacheOps">
+    <user>gemfire1</user>
+    <user>gemfire2</user>
+  </role>
+
+  <role name="queryRegions">
+    <user>gemfire9</user>
+    <user>gemfire10</user>
+  </role>
+
+  <permission role="cacheOps">
+    <operation>QUERY</operation>
+    <operation>EXECUTE_CQ</operation>
+    <operation>STOP_CQ</operation>
+    <operation>CLOSE_CQ</operation>
+    <operation>REGION_CREATE</operation>
+    <operation>REGION_DESTROY</operation>
+  </permission>
+
+  <permission role="reader">
+    <operation>GET</operation>
+    <operation>REGISTER_INTEREST</operation>
+    <operation>UNREGISTER_INTEREST</operation>
+    <operation>KEY_SET</operation>
+    <operation>CONTAINS_KEY</operation>
+    <operation>EXECUTE_FUNCTION</operation>
+  </permission>
+
+  <permission role="writer">
+    <operation>PUT</operation>
+    <operation>PUTALL</operation>
+    <operation>DESTROY</operation>
+    <operation>INVALIDATE</operation>
+    <operation>REGION_CLEAR</operation>
+  </permission>
+
+  <permission role="queryRegions" regions="Portfolios,/Positions//,/AuthRegion">
+    <operation>QUERY</operation>
+    <operation>EXECUTE_CQ</operation>
+    <operation>STOP_CQ</operation>
+    <operation>CLOSE_CQ</operation>
+  </permission>
+
+</acl>

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/authz-multiUser-dummy.xml
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/authz-multiUser-dummy.xml b/gemfire-core/src/test/resources/lib/authz-multiUser-dummy.xml
new file mode 100644
index 0000000..0f3bbab
--- /dev/null
+++ b/gemfire-core/src/test/resources/lib/authz-multiUser-dummy.xml
@@ -0,0 +1,106 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+
+<!DOCTYPE acl PUBLIC "-//GemStone Systems, Inc.//GemFire XML Authorization 1.0//EN"
+              "authz6_0.dtd" >
+<acl>
+
+  <role name="reader">
+    <user>user1</user>
+    <user>user2</user>
+    <user>root</user>
+    <user>admin</user>
+    <user>administrator</user>
+  </role>
+
+  <role name="writer">
+    <user>user3</user>
+    <user>user4</user>
+    <user>root</user>
+    <user>admin</user>
+    <user>administrator</user>
+  </role>
+  
+  <role name="cacheOps">
+    <user>user1</user>
+    <user>user2</user>
+    <user>root</user>
+    <user>admin</user>
+    <user>administrator</user>
+  </role>
+
+  <role name="queryRegions">
+    <user>user5</user>
+    <user>user6</user>
+  </role>
+
+  <role name="registerInterest">
+    <user>user7</user>
+    <user>user8</user>
+  </role>
+
+  <role name="unregisterInterest">
+    <user>user5</user>
+    <user>user7</user>
+  </role>
+  
+  <permission role="cacheOps">
+    <operation>QUERY</operation>
+    <operation>EXECUTE_CQ</operation>
+    <operation>STOP_CQ</operation>
+    <operation>CLOSE_CQ</operation>
+  </permission>
+
+  <permission role="reader">
+    <operation>GET</operation>
+    <operation>REGISTER_INTEREST</operation>
+    <operation>UNREGISTER_INTEREST</operation>
+    <operation>KEY_SET</operation>
+    <operation>CONTAINS_KEY</operation>
+    <operation>EXECUTE_FUNCTION</operation>
+  </permission>
+
+  <permission role="writer">
+    <operation>PUT</operation>
+    <operation>PUTALL</operation>
+    <operation>DESTROY</operation>
+    <operation>INVALIDATE</operation>
+    <operation>REGION_CLEAR</operation>
+  </permission>
+
+  <permission role="queryRegions" regions="//Portfolios,/Positions/,AuthRegion">
+    <operation>QUERY</operation>
+    <operation>EXECUTE_CQ</operation>
+    <operation>STOP_CQ</operation>
+    <operation>CLOSE_CQ</operation>
+  </permission>
+  
+  <permission role="registerInterest">
+    <operation>REGISTER_INTEREST</operation>
+    <operation>GET</operation>
+  </permission>
+
+  <permission role="unregisterInterest">
+    <operation>UNREGISTER_INTEREST</operation>
+    <operation>GET</operation>
+  </permission>
+
+</acl>

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/authz-multiUser-ldap.xml
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/authz-multiUser-ldap.xml b/gemfire-core/src/test/resources/lib/authz-multiUser-ldap.xml
new file mode 100644
index 0000000..a8e5392
--- /dev/null
+++ b/gemfire-core/src/test/resources/lib/authz-multiUser-ldap.xml
@@ -0,0 +1,83 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+
+<!DOCTYPE acl PUBLIC "-//GemStone Systems, Inc.//GemFire XML Authorization 1.0//EN"
+              "authz5_5.dtd" >
+<acl>
+
+  <role name="reader">
+    <user>gemfire1</user>
+    <user>gemfire2</user>
+    <user>gemfire3</user>
+    <user>gemfire4</user>
+    <user>gemfire5</user>
+  </role>
+
+  <role name="writer">
+    <user>gemfire1</user>
+    <user>gemfire2</user>
+    <user>gemfire6</user>
+    <user>gemfire7</user>
+    <user>gemfire8</user>
+  </role>
+
+  <role name="cacheOps">
+    <user>gemfire1</user>
+    <user>gemfire2</user>
+  </role>
+
+  <role name="queryRegions">
+    <user>gemfire9</user>
+    <user>gemfire10</user>
+  </role>
+
+  <permission role="cacheOps">
+    <operation>QUERY</operation>
+    <operation>EXECUTE_CQ</operation>
+    <operation>STOP_CQ</operation>
+    <operation>CLOSE_CQ</operation>
+  </permission>
+
+  <permission role="reader">
+    <operation>GET</operation>
+    <operation>REGISTER_INTEREST</operation>
+    <operation>UNREGISTER_INTEREST</operation>
+    <operation>KEY_SET</operation>
+    <operation>CONTAINS_KEY</operation>
+    <operation>EXECUTE_FUNCTION</operation>
+  </permission>
+
+  <permission role="writer">
+    <operation>PUT</operation>
+    <operation>PUTALL</operation>
+    <operation>DESTROY</operation>
+    <operation>INVALIDATE</operation>
+    <operation>REGION_CLEAR</operation>
+  </permission>
+
+  <permission role="queryRegions" regions="Portfolios,/Positions//,/AuthRegion">
+    <operation>QUERY</operation>
+    <operation>EXECUTE_CQ</operation>
+    <operation>STOP_CQ</operation>
+    <operation>CLOSE_CQ</operation>
+  </permission>
+
+</acl>

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/gemfire1.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/gemfire1.keystore b/gemfire-core/src/test/resources/lib/keys/gemfire1.keystore
new file mode 100644
index 0000000..15270bb
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/gemfire1.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/gemfire10.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/gemfire10.keystore b/gemfire-core/src/test/resources/lib/keys/gemfire10.keystore
new file mode 100644
index 0000000..bb6f827
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/gemfire10.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/gemfire11.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/gemfire11.keystore b/gemfire-core/src/test/resources/lib/keys/gemfire11.keystore
new file mode 100644
index 0000000..6839c74
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/gemfire11.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/gemfire2.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/gemfire2.keystore b/gemfire-core/src/test/resources/lib/keys/gemfire2.keystore
new file mode 100644
index 0000000..fcb7ab8
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/gemfire2.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/gemfire3.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/gemfire3.keystore b/gemfire-core/src/test/resources/lib/keys/gemfire3.keystore
new file mode 100644
index 0000000..19afc4b
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/gemfire3.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/gemfire4.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/gemfire4.keystore b/gemfire-core/src/test/resources/lib/keys/gemfire4.keystore
new file mode 100644
index 0000000..c65916a
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/gemfire4.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/gemfire5.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/gemfire5.keystore b/gemfire-core/src/test/resources/lib/keys/gemfire5.keystore
new file mode 100644
index 0000000..d738cca
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/gemfire5.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/gemfire6.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/gemfire6.keystore b/gemfire-core/src/test/resources/lib/keys/gemfire6.keystore
new file mode 100644
index 0000000..1fea2d3
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/gemfire6.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/gemfire7.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/gemfire7.keystore b/gemfire-core/src/test/resources/lib/keys/gemfire7.keystore
new file mode 100644
index 0000000..7a3187c
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/gemfire7.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/gemfire8.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/gemfire8.keystore b/gemfire-core/src/test/resources/lib/keys/gemfire8.keystore
new file mode 100644
index 0000000..a3bb886
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/gemfire8.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/gemfire9.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/gemfire9.keystore b/gemfire-core/src/test/resources/lib/keys/gemfire9.keystore
new file mode 100644
index 0000000..674b4e6
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/gemfire9.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/ibm/gemfire1.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/ibm/gemfire1.keystore b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire1.keystore
new file mode 100644
index 0000000..4f9120c
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire1.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/ibm/gemfire10.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/ibm/gemfire10.keystore b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire10.keystore
new file mode 100644
index 0000000..0bd97d7
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire10.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/ibm/gemfire11.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/ibm/gemfire11.keystore b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire11.keystore
new file mode 100644
index 0000000..62ae3c7
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire11.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/ibm/gemfire2.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/ibm/gemfire2.keystore b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire2.keystore
new file mode 100644
index 0000000..c65bc81
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire2.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/ibm/gemfire3.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/ibm/gemfire3.keystore b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire3.keystore
new file mode 100644
index 0000000..b0796e0
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire3.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/ibm/gemfire4.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/ibm/gemfire4.keystore b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire4.keystore
new file mode 100644
index 0000000..9c94018
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire4.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/ibm/gemfire5.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/ibm/gemfire5.keystore b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire5.keystore
new file mode 100644
index 0000000..33f6937
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire5.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/ibm/gemfire6.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/ibm/gemfire6.keystore b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire6.keystore
new file mode 100644
index 0000000..568f674
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire6.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/ibm/gemfire7.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/ibm/gemfire7.keystore b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire7.keystore
new file mode 100644
index 0000000..80e2d80
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire7.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/ibm/gemfire8.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/ibm/gemfire8.keystore b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire8.keystore
new file mode 100644
index 0000000..a15def5
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire8.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/ibm/gemfire9.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/ibm/gemfire9.keystore b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire9.keystore
new file mode 100644
index 0000000..72087f3
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/ibm/gemfire9.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/ibm/publickeyfile
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/ibm/publickeyfile b/gemfire-core/src/test/resources/lib/keys/ibm/publickeyfile
new file mode 100644
index 0000000..1b13872
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/ibm/publickeyfile differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/lib/keys/publickeyfile
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/lib/keys/publickeyfile b/gemfire-core/src/test/resources/lib/keys/publickeyfile
new file mode 100644
index 0000000..9c2daa3
Binary files /dev/null and b/gemfire-core/src/test/resources/lib/keys/publickeyfile differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gemfire-core/src/test/resources/ssl/untrusted.keystore
----------------------------------------------------------------------
diff --git a/gemfire-core/src/test/resources/ssl/untrusted.keystore b/gemfire-core/src/test/resources/ssl/untrusted.keystore
new file mode 100755
index 0000000..aa73eeb
Binary files /dev/null and b/gemfire-core/src/test/resources/ssl/untrusted.keystore differ

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/a622d6ec/gradle/rat.gradle
----------------------------------------------------------------------
diff --git a/gradle/rat.gradle b/gradle/rat.gradle
index 2068b88..cb6bdfb 100644
--- a/gradle/rat.gradle
+++ b/gradle/rat.gradle
@@ -40,7 +40,7 @@ rat {
     '**/.classpath',
     '**/.settings/**',
     '**/build-eclipse/**',
-    '*.iml',
+    '**/*.iml',
     '.idea/**',
     '**/tags',
 


Mime
View raw message