geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kl...@apache.org
Subject [8/8] incubator-geode git commit: Tests are passing
Date Mon, 28 Mar 2016 22:48:42 GMT
Tests are passing


Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/4f6a5311
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/4f6a5311
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/4f6a5311

Branch: refs/heads/feature/GEODE-693
Commit: 4f6a5311f17b6014532fd9743d59e45ce0c0c7af
Parents: 5a321ff
Author: Kirk Lund <klund@apache.org>
Authored: Mon Mar 28 15:48:20 2016 -0700
Committer: Kirk Lund <klund@apache.org>
Committed: Mon Mar 28 15:48:20 2016 -0700

----------------------------------------------------------------------
 .../controllers/RestAPIsWithSSLDUnitTest.java   |    1 +
 .../security/ClientAuthenticationDUnitTest.java |  888 +-------
 .../ClientAuthenticationPart2DUnitTest.java     |   96 +-
 .../security/ClientAuthenticationTestCase.java  |  574 +++++
 .../security/ClientAuthenticationUtils.java     |   94 +
 .../security/ClientAuthorizationDUnitTest.java  |   34 +-
 .../security/ClientAuthorizationTestBase.java   |  759 +++----
 .../security/ClientMultiUserAuthzDUnitTest.java |  180 +-
 .../DeltaClientAuthorizationDUnitTest.java      |  295 +--
 .../DeltaClientPostAuthorizationDUnitTest.java  |  625 ++----
 .../security/P2PAuthenticationDUnitTest.java    |  657 +++---
 .../gemfire/security/SecurityTestUtil.java      | 2011 +++++++++---------
 .../ClientAuthorizationTwoDUnitTest.java        |   25 +-
 .../security/ClientAuthzObjectModDUnitTest.java |   38 +-
 .../ClientCQPostAuthorizationDUnitTest.java     |  183 +-
 .../ClientPostAuthorizationDUnitTest.java       |  218 +-
 .../gemfire/security/MultiuserAPIDUnitTest.java |   38 +-
 .../MultiuserDurableCQAuthzDUnitTest.java       |   77 +-
 18 files changed, 2875 insertions(+), 3918 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4f6a5311/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java b/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java
index 852591f..2217ecc 100644
--- a/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java
+++ b/geode-assembly/src/test/java/com/gemstone/gemfire/rest/internal/web/controllers/RestAPIsWithSSLDUnitTest.java
@@ -92,6 +92,7 @@ public class RestAPIsWithSSLDUnitTest extends LocatorTestBase {
   @Override
   public final void preSetUp() throws Exception {
     disconnectAllFromDS();
+    // add ignoredexception
   }
 
   @Override

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4f6a5311/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationDUnitTest.java
index 456a6ed..1744c15 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationDUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationDUnitTest.java
@@ -18,885 +18,77 @@
  */
 package com.gemstone.gemfire.security;
 
-import java.io.IOException;
-import java.util.Properties;
-
-import javax.net.ssl.SSLException;
-import javax.net.ssl.SSLHandshakeException;
+import static com.gemstone.gemfire.security.SecurityTestUtil.*;
+import static com.gemstone.gemfire.test.dunit.Assert.*;
 
-import com.gemstone.gemfire.security.generator.CredentialGenerator;
-import com.gemstone.gemfire.security.generator.CredentialGenerator.ClassCode;
+import java.util.Properties;
 
 import com.gemstone.gemfire.cache.Region;
 import com.gemstone.gemfire.distributed.internal.DistributionConfig;
-import com.gemstone.gemfire.internal.AvailablePort;
-import com.gemstone.gemfire.security.generator.DummyCredentialGenerator;
-import com.gemstone.gemfire.test.dunit.DistributedTestCase;
-import com.gemstone.gemfire.test.dunit.Host;
-import com.gemstone.gemfire.test.dunit.IgnoredException;
-import com.gemstone.gemfire.test.dunit.LogWriterUtils;
-import com.gemstone.gemfire.test.dunit.VM;
-import com.gemstone.gemfire.test.dunit.Wait;
+import com.gemstone.gemfire.test.junit.categories.DistributedTest;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
 
 /**
  * Test for authentication from client to server. This tests for both valid and
  * invalid credentials/modules. It also checks for authentication
  * success/failure in case of failover and for the notification channel.
  * 
- * @author sumedh
  * @since 5.5
  */
-public class ClientAuthenticationDUnitTest extends DistributedTestCase {
-
-  /** constructor */
-  public ClientAuthenticationDUnitTest(String name) {
-    super(name);
-  }
-
-  private VM server1 = null;
-
-  private VM server2 = null;
-
-  private VM client1 = null;
-
-  private VM client2 = null;
-
-  private static final String[] serverExpectedExceptions = {
-      AuthenticationRequiredException.class.getName(),
-      AuthenticationFailedException.class.getName(),
-      GemFireSecurityException.class.getName(),
-      ClassNotFoundException.class.getName(), IOException.class.getName(),
-      SSLException.class.getName(), SSLHandshakeException.class.getName() };
-
-  private static final String[] clientExpectedExceptions = {
-      AuthenticationRequiredException.class.getName(),
-      AuthenticationFailedException.class.getName(),
-      SSLHandshakeException.class.getName() };
-
-  @Override
-  public final void postSetUp() throws Exception {
-    final Host host = Host.getHost(0);
-    server1 = host.getVM(0);
-    server2 = host.getVM(1);
-    client1 = host.getVM(2);
-    client2 = host.getVM(3);
-    
-    IgnoredException.addIgnoredException("Connection refused: connect");
-
-    server1.invoke(() -> SecurityTestUtil.registerExpectedExceptions( serverExpectedExceptions ));
-    server2.invoke(() -> SecurityTestUtil.registerExpectedExceptions( serverExpectedExceptions ));
-    client1.invoke(() -> SecurityTestUtil.registerExpectedExceptions( clientExpectedExceptions ));
-    client2.invoke(() -> SecurityTestUtil.registerExpectedExceptions( clientExpectedExceptions ));
-  }
-
-  // Region: Utility and static functions invoked by the tests
-
-  public static Integer createCacheServer(Object dsPort, Object locatorString,
-      Object authenticator, Object extraProps, Object javaProps) {
-
-    Properties authProps;
-    if (extraProps == null) {
-      authProps = new Properties();
-    }
-    else {
-      authProps = (Properties)extraProps;
-    }
-    if (authenticator != null) {
-      authProps.setProperty(
-          DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME, authenticator
-              .toString());
-    }
-    return SecurityTestUtil.createCacheServer(authProps, javaProps,
-        (Integer)dsPort, (String)locatorString, null, new Integer(
-            SecurityTestUtil.NO_EXCEPTION));
-  }
-
-  public static void createCacheServer(Object dsPort, Object locatorString,
-      Integer serverPort, Object authenticator, Object extraProps,
-      Object javaProps) {
-
-    Properties authProps;
-    if (extraProps == null) {
-      authProps = new Properties();
-    }
-    else {
-      authProps = (Properties)extraProps;
-    }
-    if (authenticator != null) {
-      authProps.setProperty(
-          DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME, authenticator
-              .toString());
-    }
-    SecurityTestUtil.createCacheServer(authProps, javaProps, (Integer)dsPort,
-        (String)locatorString, serverPort, new Integer(
-            SecurityTestUtil.NO_EXCEPTION));
-  }
-
-  private static void createCacheClient(Object authInit, Properties authProps,
-      Properties javaProps, Integer[] ports, Object numConnections,
-      Boolean multiUserMode, Boolean subscriptionEnabled, Integer expectedResult) {
-
-    String authInitStr = (authInit == null ? null : authInit.toString());
-    SecurityTestUtil.createCacheClient(authInitStr, authProps, javaProps,
-        ports, (Integer)numConnections, Boolean.FALSE,
-        multiUserMode.toString(), subscriptionEnabled, expectedResult);
-  }
-
-  public static void createCacheClient(Object authInit, Object authProps,
-      Object javaProps, Integer[] ports, Object numConnections,
-      Boolean multiUserMode, Integer expectedResult) {
-
-    createCacheClient(authInit, (Properties)authProps, (Properties)javaProps,
-        ports, numConnections, multiUserMode, Boolean.TRUE, expectedResult);
-  }
-
-  public static void createCacheClient(Object authInit, Object authProps,
-      Object javaProps, Integer port1, Object numConnections,
-      Integer expectedResult) {
-
-    createCacheClient(authInit, (Properties)authProps, (Properties)javaProps,
-        new Integer[] { port1 }, numConnections, Boolean.FALSE, Boolean.TRUE,
-        expectedResult);
-  }
-
-  public static void createCacheClient(Object authInit, Object authProps,
-      Object javaProps, Integer port1, Integer port2, Object numConnections,
-      Integer expectedResult) {
-    createCacheClient(authInit, authProps, javaProps, port1, port2,
-        numConnections, Boolean.FALSE, expectedResult);
-  }
-
-  public static void createCacheClient(Object authInit, Object authProps,
-      Object javaProps, Integer port1, Integer port2, Object numConnections,
-      Boolean multiUserMode, Integer expectedResult) {
-
-    createCacheClient(authInit, authProps, javaProps,
-        port1, port2, numConnections, multiUserMode, Boolean.TRUE,
-        expectedResult);
-  }
-
-  public static void createCacheClient(Object authInit, Object authProps,
-      Object javaProps, Integer port1, Integer port2, Object numConnections,
-      Boolean multiUserMode, Boolean subscriptionEnabled,
-      Integer expectedResult) {
-
-    createCacheClient(authInit, (Properties)authProps, (Properties)javaProps,
-        new Integer[] { port1, port2 }, numConnections, multiUserMode,
-        subscriptionEnabled, expectedResult);
-  }
-
-  public static void registerAllInterest() {
-
-    Region region = SecurityTestUtil.getCache().getRegion(
-        SecurityTestUtil.regionName);
-    assertNotNull(region);
-    region.registerInterestRegex(".*");
-  }
-
-  // End Region: Utility and static functions invoked by the tests
-
-  // Region: Tests
-
-  public void testValidCredentials() {
-    itestValidCredentials(Boolean.FALSE);
-  }
-
-  public void itestValidCredentials(Boolean multiUser) {
-      CredentialGenerator gen = new DummyCredentialGenerator();
-      Properties extraProps = gen.getSystemProperties();
-      Properties javaProps = gen.getJavaProperties();
-      String authenticator = gen.getAuthenticator();
-      String authInit = gen.getAuthInit();
-
-      LogWriterUtils.getLogWriter().info(
-          "testValidCredentials: Using scheme: " + gen.classCode());
-      LogWriterUtils.getLogWriter().info(
-          "testValidCredentials: Using authenticator: " + authenticator);
-      LogWriterUtils.getLogWriter().info("testValidCredentials: Using authinit: " + authInit);
-
-      // Start the servers
-      Integer locPort1 = SecurityTestUtil.getLocatorPort();
-      Integer locPort2 = SecurityTestUtil.getLocatorPort();
-      String locString = SecurityTestUtil.getLocatorString();
-      Integer port1 = (Integer)server1.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort1, locString, authenticator, extraProps,
-              javaProps ));
-      Integer port2 = (Integer)server2.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort2, locString, authenticator, extraProps,
-              javaProps ));
-
-      // Start the clients with valid credentials
-      Properties credentials1 = gen.getValidCredentials(1);
-      Properties javaProps1 = gen.getJavaProperties();
-      LogWriterUtils.getLogWriter().info(
-          "testValidCredentials: For first client credentials: " + credentials1
-              + " : " + javaProps1);
-      Properties credentials2 = gen.getValidCredentials(2);
-      Properties javaProps2 = gen.getJavaProperties();
-      LogWriterUtils.getLogWriter().info(
-          "testValidCredentials: For second client credentials: "
-              + credentials2 + " : " + javaProps2);
-      createClientsNoException(multiUser, authInit, port1, port2, credentials1,
-          javaProps1, credentials2, javaProps2);
-
-      // Perform some put operations from client1
-      client1.invoke(() -> SecurityTestUtil.doPuts( new Integer(2) ));
-
-      // Verify that the puts succeeded
-      client2.invoke(() -> SecurityTestUtil.doGets( new Integer(2) ));
-      
-      if (multiUser) {
-        client1.invoke(() -> SecurityTestUtil.doProxyCacheClose());
-        client2.invoke(() -> SecurityTestUtil.doProxyCacheClose());
-        client1.invoke(() -> SecurityTestUtil.doSimplePut("CacheClosedException"));
-        client2.invoke(() -> SecurityTestUtil.doSimpleGet("CacheClosedException"));
-      }
-  }
-
-  public void testNoCredentials() {
-    itestNoCredentials(Boolean.FALSE);
-  }
-
-  public void itestNoCredentials(Boolean multiUser) {
-      CredentialGenerator gen = new DummyCredentialGenerator();
-      Properties extraProps = gen.getSystemProperties();
-      Properties javaProps = gen.getJavaProperties();
-      String authenticator = gen.getAuthenticator();
-      String authInit = gen.getAuthInit();
-
-      LogWriterUtils.getLogWriter()
-          .info("testNoCredentials: Using scheme: " + gen.classCode());
-      LogWriterUtils.getLogWriter().info(
-          "testNoCredentials: Using authenticator: " + authenticator);
-      LogWriterUtils.getLogWriter().info("testNoCredentials: Using authinit: " + authInit);
-
-      // Start the servers
-      Integer locPort1 = SecurityTestUtil.getLocatorPort();
-      Integer locPort2 = SecurityTestUtil.getLocatorPort();
-      String locString = SecurityTestUtil.getLocatorString();
-      Integer port1 = createServer1(extraProps, javaProps, authenticator,
-          locPort1, locString);
-      Integer port2 = ((Integer)server2.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort2, locString, authenticator, extraProps,
-              javaProps )));
-
-      // Start first client with valid credentials
-      Properties credentials1 = gen.getValidCredentials(1);
-      Properties javaProps1 = gen.getJavaProperties();
-      LogWriterUtils.getLogWriter().info(
-          "testNoCredentials: For first client credentials: " + credentials1
-              + " : " + javaProps1);
-      createClient1NoException(multiUser, authInit, port1, port2, credentials1,
-          javaProps1);
-
-      // Perform some put operations from client1
-      client1.invoke(() -> SecurityTestUtil.doPuts( new Integer(2) ));
-
-      // Trying to create the region on client2 
-      if (gen.classCode().equals(ClassCode.SSL)) {
-        // For SSL the exception may not come since the server can close socket
-        // before handshake message is sent from client. However exception
-        // should come in any region operations.
-        client2
-            .invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, null, null, port1, port2, null, multiUser,
-                    new Integer(SecurityTestUtil.NO_EXCEPTION) ));
-        client2.invoke(() -> SecurityTestUtil.doPuts(
-            new Integer(2), new Integer(SecurityTestUtil.OTHER_EXCEPTION) ));
-      }
-      else {
-        client2.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, null, null, port1, port2,
-                null, multiUser, new Integer(SecurityTestUtil.AUTHREQ_EXCEPTION) ));
-      }
-  }
-
-  public void testInvalidCredentials() {
-    itestInvalidCredentials(Boolean.FALSE);
-  }
-
-  public void itestInvalidCredentials(Boolean multiUser) {
-
-
-      CredentialGenerator gen = new DummyCredentialGenerator();
-      Properties extraProps = gen.getSystemProperties();
-      Properties javaProps = gen.getJavaProperties();
-      String authenticator = gen.getAuthenticator();
-      String authInit = gen.getAuthInit();
-
-      LogWriterUtils.getLogWriter().info(
-          "testInvalidCredentials: Using scheme: " + gen.classCode());
-      LogWriterUtils.getLogWriter().info(
-          "testInvalidCredentials: Using authenticator: " + authenticator);
-      LogWriterUtils.getLogWriter()
-          .info("testInvalidCredentials: Using authinit: " + authInit);
-
-      // Start the servers
-      Integer locPort1 = SecurityTestUtil.getLocatorPort();
-      Integer locPort2 = SecurityTestUtil.getLocatorPort();
-      String locString = SecurityTestUtil.getLocatorString();
-      Integer port1 = createServer1(extraProps, javaProps, authenticator,
-          locPort1, locString);
-      Integer port2 = ((Integer)server2.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort2, locString, authenticator, extraProps,
-              javaProps )));
-
-      // Start first client with valid credentials
-      Properties credentials1 = gen.getValidCredentials(1);
-      Properties javaProps1 = gen.getJavaProperties();
-      LogWriterUtils.getLogWriter().info(
-          "testInvalidCredentials: For first client credentials: "
-              + credentials1 + " : " + javaProps1);
-      createClient1NoException(multiUser, authInit, port1, port2, credentials1,
-          javaProps1);
-
-      // Perform some put operations from client1
-      client1.invoke(() -> SecurityTestUtil.doPuts( new Integer(2) ));
-
-      // Start second client with invalid credentials
-      // Trying to create the region on client2 should throw a security
-      // exception
-      Properties credentials2 = gen.getInvalidCredentials(1);
-      Properties javaProps2 = gen.getJavaProperties();
-      LogWriterUtils.getLogWriter().info(
-          "testInvalidCredentials: For second client credentials: "
-              + credentials2 + " : " + javaProps2);
-      client2.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( authInit, credentials2, javaProps2, port1, port2,
-              null, multiUser, new Integer(SecurityTestUtil.AUTHFAIL_EXCEPTION) ));
-  }
-
-  public void testInvalidAuthInit() {
-    itestInvalidAuthInit(Boolean.FALSE);
-  }
+@Category(DistributedTest.class)
+public class ClientAuthenticationDUnitTest extends ClientAuthenticationTestCase {
 
-  public void itestInvalidAuthInit(Boolean multiUser) {
-
-      CredentialGenerator gen = new DummyCredentialGenerator();
-      Properties extraProps = gen.getSystemProperties();
-      Properties javaProps = gen.getJavaProperties();
-      String authenticator = gen.getAuthenticator();
-
-      LogWriterUtils.getLogWriter().info(
-          "testInvalidAuthInit: Using scheme: " + gen.classCode());
-      LogWriterUtils.getLogWriter().info(
-          "testInvalidAuthInit: Using authenticator: " + authenticator);
-
-      // Start the server
-      Integer locPort1 = SecurityTestUtil.getLocatorPort();
-      String locString = SecurityTestUtil.getLocatorString();
-      Integer port1 = createServer1(extraProps, javaProps, authenticator,
-          locPort1, locString);
-
-      Properties credentials = gen.getValidCredentials(1);
-      javaProps = gen.getJavaProperties();
-      LogWriterUtils.getLogWriter().info(
-          "testInvalidAuthInit: For first client credentials: " + credentials
-              + " : " + javaProps);
-      client1.invoke(ClientAuthenticationDUnitTest.class, "createCacheClient",
-          new Object[] { "com.gemstone.none", credentials, javaProps,
-            new Integer[] { port1 }, null, multiUser,
-            Integer.valueOf(SecurityTestUtil.AUTHREQ_EXCEPTION) });
-  }
-
-  protected Integer createServer1(Properties extraProps, Properties javaProps,
-      String authenticator, Integer locPort1, String locString) {
-    Integer port1 = ((Integer)server1.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort1, locString, authenticator, extraProps,
-            javaProps )));
-    return port1;
-  }
-
-  public void testNoAuthInitWithCredentials() {
-    itestNoAuthInitWithCredentials(Boolean.FALSE);
-  }
-
-  public void itestNoAuthInitWithCredentials(Boolean multiUser) {
-
-      CredentialGenerator gen = new DummyCredentialGenerator();
-      Properties extraProps = gen.getSystemProperties();
-      Properties javaProps = gen.getJavaProperties();
-      String authenticator = gen.getAuthenticator();
-
-
-      LogWriterUtils.getLogWriter().info(
-          "testNoAuthInitWithCredentials: Using scheme: " + gen.classCode());
-      LogWriterUtils.getLogWriter().info(
-          "testNoAuthInitWithCredentials: Using authenticator: "
-              + authenticator);
-
-      // Start the servers
-      Integer locPort1 = SecurityTestUtil.getLocatorPort();
-      Integer locPort2 = SecurityTestUtil.getLocatorPort();
-      String locString = SecurityTestUtil.getLocatorString();
-      Integer port1 = createServer1(extraProps, javaProps, authenticator,
-          locPort1, locString);
-      Integer port2 = ((Integer)server2.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort2, locString, authenticator, extraProps,
-              javaProps )));
-
-      // Start the clients with valid credentials
-      Properties credentials1 = gen.getValidCredentials(1);
-      Properties javaProps1 = gen.getJavaProperties();
-      LogWriterUtils.getLogWriter().info(
-          "testNoAuthInitWithCredentials: For first client credentials: "
-              + credentials1 + " : " + javaProps1);
-      Properties credentials2 = gen.getValidCredentials(2);
-      Properties javaProps2 = gen.getJavaProperties();
-      LogWriterUtils.getLogWriter().info(
-          "testNoAuthInitWithCredentials: For second client credentials: "
-              + credentials2 + " : " + javaProps2);
-      client1.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, credentials1, javaProps1, port1, port2, null,
-          multiUser, new Integer(SecurityTestUtil.AUTHREQ_EXCEPTION) ));
-      client2.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, credentials2, javaProps2, port1, port2, null,
-          multiUser, new Integer(SecurityTestUtil.AUTHREQ_EXCEPTION) ));
-      client2.invoke(() -> SecurityTestUtil.closeCache());
-      
-
-      // Now also try with invalid credentials
-      Properties credentials3 = gen.getInvalidCredentials(5);
-      Properties javaProps3 = gen.getJavaProperties();
-      client2.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, credentials3, javaProps3, port1, port2, null,
-          multiUser, new Integer(SecurityTestUtil.AUTHREQ_EXCEPTION) ));
-  }
-
-  public void testInvalidAuthenticator() {
-    itestInvalidAuthenticator(Boolean.FALSE);
-  }
-
-  public void itestInvalidAuthenticator(Boolean multiUser) {
-
-      CredentialGenerator gen = new DummyCredentialGenerator();
-      Properties extraProps = gen.getSystemProperties();
-      Properties javaProps = gen.getJavaProperties();
-      String authInit = gen.getAuthInit();
-
-      LogWriterUtils.getLogWriter().info(
-          "testInvalidAuthenticator: Using scheme: " + gen.classCode());
-      LogWriterUtils.getLogWriter().info(
-          "testInvalidAuthenticator: Using authinit: " + authInit);
-
-      // Start the server with invalid authenticator
-      Integer locPort1 = SecurityTestUtil.getLocatorPort();
-      String locString = SecurityTestUtil.getLocatorString();
-      Integer port1 = (Integer)server1.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort1, locString, "com.gemstone.gemfire.none",
-              extraProps, javaProps ));
-
-      // Trying to create the region on client should throw a security exception
-      Properties credentials2 = gen.getValidCredentials(1);
-      Properties javaProps2 = gen.getJavaProperties();
-      LogWriterUtils.getLogWriter().info(
-          "testInvalidAuthenticator: For first client credentials: "
-              + credentials2 + " : " + javaProps2);
-      client1.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( authInit, credentials2, javaProps2, port1, null,
-              new Integer(SecurityTestUtil.AUTHFAIL_EXCEPTION) ));
-      client1.invoke(() -> SecurityTestUtil.closeCache());
-      
-
-      // Also test with invalid credentials
-      Properties credentials3 = gen.getInvalidCredentials(1);
-      Properties javaProps3 = gen.getJavaProperties();
-      LogWriterUtils.getLogWriter().info(
-          "testInvalidAuthenticator: For first client credentials: "
-              + credentials3 + " : " + javaProps3);
-      client1.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( authInit, credentials3, javaProps3, port1, null,
-              new Integer(SecurityTestUtil.AUTHFAIL_EXCEPTION) ));
-  }
-
-  public void testNoAuthenticatorWithCredentials() {
-    itestNoAuthenticatorWithCredentials(Boolean.FALSE);
-  }
-
-  public void itestNoAuthenticatorWithCredentials(Boolean multiUser) {
-
-      CredentialGenerator gen = new DummyCredentialGenerator();
-      Properties extraProps = gen.getSystemProperties();
-      Properties javaProps = gen.getJavaProperties();
-      String authenticator = gen.getAuthenticator();
-      String authInit = gen.getAuthInit();
-
-      LogWriterUtils.getLogWriter().info(
-          "testNoAuthenticatorWithCredentials: Using scheme: "
-              + gen.classCode());
-      LogWriterUtils.getLogWriter().info(
-          "testNoAuthenticatorWithCredentials: Using authinit: " + authInit);
-
-      // Start the servers with no authenticator
-      Integer locPort1 = SecurityTestUtil.getLocatorPort();
-      Integer locPort2 = SecurityTestUtil.getLocatorPort();
-      String locString = SecurityTestUtil.getLocatorString();
-      Integer port1 = (Integer)server1.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort1, locString, null, extraProps, javaProps ));
-      Integer port2 = (Integer)server2.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort2, locString, null, extraProps, javaProps ));
-
-      // Clients should connect successfully and work properly with
-      // valid/invalid credentials when none are required on the server side
-      Properties credentials1 = gen.getValidCredentials(3);
-      Properties javaProps1 = gen.getJavaProperties();
-      LogWriterUtils.getLogWriter().info(
-          "testNoAuthenticatorWithCredentials: For first client credentials: "
-              + credentials1 + " : " + javaProps1);
-      Properties credentials2 = gen.getInvalidCredentials(5);
-      Properties javaProps2 = gen.getJavaProperties();
-      LogWriterUtils.getLogWriter().info(
-          "testNoAuthenticatorWithCredentials: For second client credentials: "
-              + credentials2 + " : " + javaProps2);
-      createClientsNoException(multiUser, authInit, port1, port2, credentials1,
-          javaProps1, credentials2, javaProps2);
-
-      // Perform some put operations from client1
-      client1.invoke(() -> SecurityTestUtil.doPuts( new Integer(2) ));
-
-      // Verify that the puts succeeded
-      client2.invoke(() -> SecurityTestUtil.doGets( new Integer(2) ));
-  }
-
-  public void testCredentialsWithFailover() {
-    itestCredentialsWithFailover(Boolean.FALSE);
+  @Test
+  public void testValidCredentials() throws Exception {
+    doTestValidCredentials(Boolean.FALSE);
   }
 
-  public void itestCredentialsWithFailover(Boolean multiUser) {
-      CredentialGenerator gen = new DummyCredentialGenerator();
-      Properties extraProps = gen.getSystemProperties();
-      Properties javaProps = gen.getJavaProperties();
-      String authenticator = gen.getAuthenticator();
-      String authInit = gen.getAuthInit();
-
-      LogWriterUtils.getLogWriter().info(
-          "testCredentialsWithFailover: Using scheme: " + gen.classCode());
-      LogWriterUtils.getLogWriter().info(
-          "testCredentialsWithFailover: Using authenticator: " + authenticator);
-      LogWriterUtils.getLogWriter().info(
-          "testCredentialsWithFailover: Using authinit: " + authInit);
-
-      // Start the first server
-      Integer locPort1 = SecurityTestUtil.getLocatorPort();
-      Integer locPort2 = SecurityTestUtil.getLocatorPort();
-      String locString = SecurityTestUtil.getLocatorString();
-      Integer port1 = (Integer)server1.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort1, locString, authenticator, extraProps,
-              javaProps ));
-      // Get a port for second server but do not start it
-      // This forces the clients to connect to the first server
-      Integer port2 = new Integer(AvailablePort
-          .getRandomAvailablePort(AvailablePort.SOCKET));
-
-      // Start the clients with valid credentials
-      Properties credentials1 = gen.getValidCredentials(5);
-      Properties javaProps1 = gen.getJavaProperties();
-      LogWriterUtils.getLogWriter().info(
-          "testCredentialsWithFailover: For first client credentials: "
-              + credentials1 + " : " + javaProps1);
-      Properties credentials2 = gen.getValidCredentials(6);
-      Properties javaProps2 = gen.getJavaProperties();
-      LogWriterUtils.getLogWriter().info(
-          "testCredentialsWithFailover: For second client credentials: "
-              + credentials2 + " : " + javaProps2);
-      createClientsNoException(multiUser, authInit, port1, port2, credentials1,
-          javaProps1, credentials2, javaProps2);
-
-      // Perform some put operations from client1
-      client1.invoke(() -> SecurityTestUtil.doPuts( new Integer(2) ));
-      // Verify that the puts succeeded
-      client2.invoke(() -> SecurityTestUtil.doGets( new Integer(2) ));
-
-      // start the second one and stop the first server to force a failover
-      server2.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort2, locString, port2, authenticator, extraProps,
-              javaProps ));
-      server1.invoke(() -> SecurityTestUtil.closeCache());
-
-      // Perform some create/update operations from client1
-      client1.invoke(() -> SecurityTestUtil.doNPuts( new Integer(4) ));
-      // Verify that the creates/updates succeeded
-      client2.invoke(() -> SecurityTestUtil.doNGets( new Integer(4) ));
-
-      // Try to connect client2 with no credentials
-      // Verify that the creation of region throws security exception
-      if (gen.classCode().equals(ClassCode.SSL)) {
-        // For SSL the exception may not come since the server can close socket
-        // before handshake message is sent from client. However exception
-        // should come in any region operations.
-        client2
-            .invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, null, null, port1, port2, null, multiUser,
-                    new Integer(SecurityTestUtil.NOFORCE_AUTHREQ_EXCEPTION) ));
-        client2.invoke(() -> SecurityTestUtil.doPuts(
-            new Integer(2), new Integer(SecurityTestUtil.OTHER_EXCEPTION) ));
-      }
-      else {
-        client2.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, null, null, port1, port2,
-                null, multiUser, new Integer(SecurityTestUtil.AUTHREQ_EXCEPTION) ));
-      }
-
-      // Now try to connect client1 with invalid credentials
-      // Verify that the creation of region throws security exception
-      Properties credentials3 = gen.getInvalidCredentials(7);
-      Properties javaProps3 = gen.getJavaProperties();
-      LogWriterUtils.getLogWriter().info(
-          "testCredentialsWithFailover: For first client invalid credentials: "
-              + credentials3 + " : " + javaProps3);
-      client1.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( authInit, credentials3, javaProps3, port1, port2,
-              null, multiUser, new Integer(SecurityTestUtil.AUTHFAIL_EXCEPTION) ));
-
-      if (multiUser) {
-        client1.invoke(() -> SecurityTestUtil.doProxyCacheClose());
-        client2.invoke(() -> SecurityTestUtil.doProxyCacheClose());
-        client1.invoke(() -> SecurityTestUtil.doSimplePut("CacheClosedException"));
-        client2.invoke(() -> SecurityTestUtil.doSimpleGet("CacheClosedException"));
-      }
+  @Test
+  public void testNoCredentials() throws Exception {
+    doTestNoCredentials(Boolean.FALSE);
   }
 
-  protected void createClientsNoException(Boolean multiUser, String authInit,
-      Integer port1, Integer port2, Properties credentials1,
-      Properties javaProps1, Properties credentials2, Properties javaProps2) {
-    createClient1NoException(multiUser, authInit, port1, port2, credentials1,
-        javaProps1);
-    client2.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( authInit, credentials2, javaProps2, port1, port2,
-            null, multiUser, new Integer(SecurityTestUtil.NO_EXCEPTION) ));
+  @Test
+  public void testInvalidCredentials() throws Exception {
+    doTestInvalidCredentials(Boolean.FALSE);
   }
 
-  public void testCredentialsForNotifications() {
-    itestCredentialsForNotifications(Boolean.FALSE);
+  @Test
+  public void testInvalidAuthInit() throws Exception {
+    doTestInvalidAuthInit(Boolean.FALSE);
   }
 
-  public void itestCredentialsForNotifications(Boolean multiUser) {
-      CredentialGenerator gen = new DummyCredentialGenerator();
-      Properties extraProps = gen.getSystemProperties();
-      Properties javaProps = gen.getJavaProperties();
-      String authenticator = gen.getAuthenticator();
-      String authInit = gen.getAuthInit();
-
-      LogWriterUtils.getLogWriter().info(
-          "testCredentialsForNotifications: Using scheme: " + gen.classCode());
-      LogWriterUtils.getLogWriter().info(
-          "testCredentialsForNotifications: Using authenticator: "
-              + authenticator);
-      LogWriterUtils.getLogWriter().info(
-          "testCredentialsForNotifications: Using authinit: " + authInit);
-
-      // Start the first server
-      Integer locPort1 = SecurityTestUtil.getLocatorPort();
-      Integer locPort2 = SecurityTestUtil.getLocatorPort();
-      String locString = SecurityTestUtil.getLocatorString();
-      Integer port1 = (Integer)server1.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort1, locString, authenticator, extraProps,
-              javaProps ));
-      // Get a port for second server but do not start it
-      // This forces the clients to connect to the first server
-      Integer port2 = new Integer(AvailablePort
-          .getRandomAvailablePort(AvailablePort.SOCKET));
-
-      // Start the clients with valid credentials
-      Properties credentials1 = gen.getValidCredentials(3);
-      Properties javaProps1 = gen.getJavaProperties();
-      LogWriterUtils.getLogWriter().info(
-          "testCredentialsForNotifications: For first client credentials: "
-              + credentials1 + " : " + javaProps1);
-      Properties credentials2 = gen.getValidCredentials(4);
-      Properties javaProps2 = gen.getJavaProperties();
-      LogWriterUtils.getLogWriter().info(
-          "testCredentialsForNotifications: For second client credentials: "
-              + credentials2 + " : " + javaProps2);
-      createClient1NoException(multiUser, authInit, port1, port2, credentials1,
-          javaProps1);
-      // Set up zero forward connections to check notification handshake only
-      Object zeroConns = new Integer(0);
-      createClient2NoException(multiUser, authInit, port1, port2, credentials2,
-          javaProps2, zeroConns);
-
-      // Register interest on all keys on second client
-      client2
-          .invoke(() -> ClientAuthenticationDUnitTest.registerAllInterest());
-
-      // Perform some put operations from client1
-      client1.invoke(() -> SecurityTestUtil.doPuts( new Integer(2) ));
-
-      // Verify that the puts succeeded
-      client2.invoke(() -> SecurityTestUtil.doLocalGets( new Integer(2) ));
-
-      // start the second one and stop the first server to force a failover
-      server2.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort2, locString, port2, authenticator, extraProps,
-              javaProps ));
-      server1.invoke(() -> SecurityTestUtil.closeCache());
-
-      // Wait for failover to complete
-      Wait.pause(500);
-
-      // Perform some create/update operations from client1
-      client1.invoke(() -> SecurityTestUtil.doNPuts( new Integer(4) ));
-      // Verify that the creates/updates succeeded
-      client2.invoke(() -> SecurityTestUtil.doNLocalGets( new Integer(4) ));
-
-      // Try to connect client1 with no credentials
-      // Verify that the creation of region throws security exception
-      server1.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort1, locString, port1, authenticator, extraProps,
-              javaProps ));
-      if (gen.classCode().equals(ClassCode.SSL)) {
-        // For SSL the exception may not come since the server can close socket
-        // before handshake message is sent from client. However exception
-        // should come in any region operations.
-        client1.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, null, null, port1, port2,
-                zeroConns, multiUser,
-                new Integer(SecurityTestUtil.NOFORCE_AUTHREQ_EXCEPTION) ));
-        client1.invoke(() -> SecurityTestUtil.doPuts(
-            new Integer(2), new Integer(SecurityTestUtil.OTHER_EXCEPTION) ));
-      }
-      else {
-        client1.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, null, null, port1, port2,
-                zeroConns, multiUser, new Integer(SecurityTestUtil.AUTHREQ_EXCEPTION) ));
-      }
-
-      // Now try to connect client2 with invalid credentials
-      // Verify that the creation of region throws security exception
-      credentials2 = gen.getInvalidCredentials(3);
-      javaProps2 = gen.getJavaProperties();
-      LogWriterUtils.getLogWriter().info(
-          "testCredentialsForNotifications: For second client invalid credentials: "
-              + credentials2 + " : " + javaProps2);
-      createClient2WithException(multiUser, authInit, port1, port2,
-          credentials2, javaProps2, zeroConns);
-
-      // Now try to connect client2 with invalid auth-init method
-      // Trying to create the region on client with valid credentials should
-      // throw a security exception
-      client2
-          .invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( "com.gemstone.none", credentials1, javaProps1,
-                  port1, port2, zeroConns, multiUser, 
-                  new Integer(SecurityTestUtil.AUTHREQ_EXCEPTION) ));
-
-      // Now start the servers with invalid authenticator method.
-      // Skip this test for a scheme which does not have an authInit in the
-      // first place (e.g. SSL) since that will fail with AuthReqEx before
-      // authenticator is even invoked.
-      if (authInit != null && authInit.length() > 0) {
-        server1.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort1, locString, port1,
-                "com.gemstone.gemfire.none", extraProps, javaProps ));
-        server2.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort2, locString, port2,
-                "com.gemstone.gemfire.none", extraProps, javaProps ));
-
-        createClient2WithException(multiUser, authInit, port1, port2,
-            credentials1, javaProps1, zeroConns);
-        createClient1WithException(multiUser, authInit, port1, port2,
-            credentials2, javaProps2, zeroConns);
-      }
-      else {
-        LogWriterUtils.getLogWriter().info(
-            "testCredentialsForNotifications: Skipping invalid authenticator for scheme ["
-                + gen.classCode() + "] which has no authInit");
-      }
-
-      // Try connection with null auth-init on clients.
-      // Skip this test for a scheme which does not have an authInit in the
-      // first place (e.g. SSL).
-      if (authInit != null && authInit.length() > 0) {
-        server1.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort1, locString, port1,
-                authenticator, extraProps, javaProps ));
-        server2.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort2, locString, port2,
-                authenticator, extraProps, javaProps ));
-        client1.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, credentials1, javaProps1,
-                port1, port2, null, multiUser,
-                new Integer(SecurityTestUtil.AUTHREQ_EXCEPTION) ));
-        createClient2AuthReqException(multiUser, port1, port2, credentials2,
-            javaProps2, zeroConns);
-
-        createClient2AuthReqException(multiUser, port1, port2, credentials2,
-            javaProps2, zeroConns);
-      }
-      else {
-        LogWriterUtils.getLogWriter().info(
-            "testCredentialsForNotifications: Skipping null authInit for scheme ["
-                + gen.classCode() + "] which has no authInit");
-      }
-
-      // Try connection with null authenticator on server and sending
-      // valid/invalid credentials.
-      // If the scheme does not have an authenticator in the first place (e.g.
-      // SSL) then skip it since this test is useless.
-      if (authenticator != null && authenticator.length() > 0) {
-        server1.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort1, locString, port1,
-                null, extraProps, javaProps ));
-        server2.invoke(() -> ClientAuthenticationDUnitTest.createCacheServer( locPort2, locString, port2,
-                null, extraProps, javaProps ));
-        createClient1NoException(multiUser, authInit, port1, port2,
-            credentials1, javaProps1);
-        createClient2NoException(multiUser, authInit, port1, port2,
-            credentials2, javaProps2, zeroConns);
-
-        // Register interest on all keys on second client
-        client2.invoke(() -> ClientAuthenticationDUnitTest.registerAllInterest());
-
-        // Perform some put operations from client1
-        client1.invoke(() -> SecurityTestUtil.doPuts( new Integer(4) ));
-
-        // Verify that the puts succeeded
-        client2.invoke(() -> SecurityTestUtil.doLocalGets( new Integer(4) ));
-
-        // Now also try with valid credentials on client2
-        createClient1NoException(multiUser, authInit, port1, port2,
-            credentials2, javaProps2);
-        createClient2NoException(multiUser, authInit, port1, port2,
-            credentials1, javaProps1, zeroConns);
-
-        // Register interest on all keys on second client
-        client2.invoke(() -> ClientAuthenticationDUnitTest.registerAllInterest());
-
-        // Perform some put operations from client1
-        client1.invoke(() -> SecurityTestUtil.doNPuts( new Integer(4) ));
-
-        // Verify that the puts succeeded
-        client2.invoke(() -> SecurityTestUtil.doNLocalGets( new Integer(4) ));
-      }
-      else {
-        LogWriterUtils.getLogWriter().info(
-            "testCredentialsForNotifications: Skipping scheme ["
-                + gen.classCode() + "] which has no authenticator");
-      }
+  @Test
+  public void testNoAuthInitWithCredentials() throws Exception {
+    doTestNoAuthInitWithCredentials(Boolean.FALSE);
   }
 
-  protected void createClient1NoException(Boolean multiUser, String authInit,
-      Integer port1, Integer port2, Properties credentials2,
-      Properties javaProps2) {
-    client1.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( authInit, credentials2,
-            javaProps2, port1, port2, null, multiUser,
-            new Integer(SecurityTestUtil.NO_EXCEPTION) ));
+  @Test
+  public void testInvalidAuthenticator() throws Exception {
+    doTestInvalidAuthenticator(Boolean.FALSE);
   }
 
-  protected void createClient2AuthReqException(Boolean multiUser, Integer port1,
-      Integer port2, Properties credentials2, Properties javaProps2,
-      Object zeroConns) {
-    client2.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( null, credentials2, javaProps2,
-            port1, port2, zeroConns, multiUser,
-            new Integer(SecurityTestUtil.AUTHREQ_EXCEPTION) ));
+  @Test
+  public void testNoAuthenticatorWithCredentials() throws Exception {
+    doTestNoAuthenticatorWithCredentials(Boolean.FALSE);
   }
 
-  protected void createClient1WithException(Boolean multiUser, String authInit,
-      Integer port1, Integer port2, Properties credentials2,
-      Properties javaProps2, Object zeroConns) {
-    client1.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( authInit, credentials2,
-            javaProps2, port1, port2, zeroConns, multiUser,
-            new Integer(SecurityTestUtil.AUTHFAIL_EXCEPTION) ));
+  @Test
+  public void testCredentialsWithFailover() throws Exception {
+    doTestCredentialsWithFailover(Boolean.FALSE);
   }
 
-  protected void createClient2WithException(Boolean multiUser, String authInit,
-      Integer port1, Integer port2, Properties credentials2,
-      Properties javaProps2, Object zeroConns) {
-    client2.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( authInit, credentials2, javaProps2, port1, port2,
-            zeroConns, multiUser, new Integer(SecurityTestUtil.AUTHFAIL_EXCEPTION) ));
+  @Test
+  public void testCredentialsForNotifications() throws Exception {
+    doTestCredentialsForNotifications(Boolean.FALSE);
   }
 
-  protected void createClient2NoException(Boolean multiUser, String authInit,
-      Integer port1, Integer port2, Properties credentials2,
-      Properties javaProps2, Object zeroConns) {
-    client2.invoke(() -> ClientAuthenticationDUnitTest.createCacheClient( authInit, credentials2, javaProps2, port1, port2,
-            zeroConns, multiUser, new Integer(SecurityTestUtil.NO_EXCEPTION) ));
+  @Ignore("Disabled for unknown reason")
+  @Test
+  public void testValidCredentialsForMultipleUsers() throws Exception {
+    doTestValidCredentials(Boolean.TRUE);
   }
 
-  //////////////////////////////////////////////////////////////////////////////
-  // Tests for MULTI_USER_MODE start here
-  //////////////////////////////////////////////////////////////////////////////
-
-  public void xtestValidCredentialsForMultipleUsers() {
-    itestValidCredentials(Boolean.TRUE);
-  }
-
-  //////////////////////////////////////////////////////////////////////////////
-  // Tests for MULTI_USER_MODE end here
-  //////////////////////////////////////////////////////////////////////////////
-  
-  @Override
-  public final void preTearDown() throws Exception {
-    // close the clients first
-    client1.invoke(() -> SecurityTestUtil.closeCache());
-    client2.invoke(() -> SecurityTestUtil.closeCache());
-    // then close the servers
-    server1.invoke(() -> SecurityTestUtil.closeCache());
-    server2.invoke(() -> SecurityTestUtil.closeCache());
-  }
 }

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4f6a5311/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationPart2DUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationPart2DUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationPart2DUnitTest.java
index 138114a..540632a 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationPart2DUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationPart2DUnitTest.java
@@ -1,6 +1,3 @@
-
-package com.gemstone.gemfire.security;
-
 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
@@ -9,9 +6,9 @@ package com.gemstone.gemfire.security;
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
- * 
+ *
  *   http://www.apache.org/licenses/LICENSE-2.0
- * 
+ *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -19,70 +16,59 @@ package com.gemstone.gemfire.security;
  * specific language governing permissions and limitations
  * under the License.
  */
+package com.gemstone.gemfire.security;
 
+import com.gemstone.gemfire.test.junit.categories.DistributedTest;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
 
 /**
  * this class contains test methods that used to be in its superclass but
  * that test started taking too long and caused dunit runs to hang
  */
-public class ClientAuthenticationPart2DUnitTest extends
-    ClientAuthenticationDUnitTest {
+@Category(DistributedTest.class)
+public class ClientAuthenticationPart2DUnitTest extends ClientAuthenticationTestCase {
 
-  /** constructor */
-  public ClientAuthenticationPart2DUnitTest(String name) {
-    super(name);
+  @Test
+  public void testNoCredentialsForMultipleUsers() throws Exception {
+    doTestNoCredentials(Boolean.TRUE);
   }
 
-  // override inherited tests so they aren't executed again
-  
-  @Override
-  public void testValidCredentials() {  }
-  @Override
-  public void testNoCredentials() {  }
-  @Override
-  public void testInvalidCredentials() {  }
-  @Override
-  public void testInvalidAuthInit() {  }
-  @Override
-  public void testNoAuthInitWithCredentials() {  }
-  @Override
-  public void testInvalidAuthenticator() {  }
-  @Override
-  public void testNoAuthenticatorWithCredentials() {  }
-  @Override
-  public void testCredentialsWithFailover() {  }
-  @Override
-  public void testCredentialsForNotifications() {  }
-  //@Override
-  public void testValidCredentialsForMultipleUsers() {  }
-
-
-  
-  
-  
-  public void testNoCredentialsForMultipleUsers() {
-    itestNoCredentials(Boolean.TRUE);
-  }
-  public void testInvalidCredentialsForMultipleUsers() {
-    itestInvalidCredentials(Boolean.TRUE);
+  @Test
+  public void testInvalidCredentialsForMultipleUsers() throws Exception {
+    doTestInvalidCredentials(Boolean.TRUE);
   }
-  public void testInvalidAuthInitForMultipleUsers() {
-    itestInvalidAuthInit(Boolean.TRUE);
-  }
-  public void testNoAuthInitWithCredentialsForMultipleUsers() {
-    itestNoAuthInitWithCredentials(Boolean.TRUE);
+
+  @Test
+  public void testInvalidAuthInitForMultipleUsers() throws Exception {
+    doTestInvalidAuthInit(Boolean.TRUE);
   }
-  public void testInvalidAuthenitcatorForMultipleUsers() {
-    itestInvalidAuthenticator(Boolean.TRUE);
+
+  @Test
+  public void testNoAuthInitWithCredentialsForMultipleUsers() throws Exception {
+    doTestNoAuthInitWithCredentials(Boolean.TRUE);
   }
-  public void testNoAuthenticatorWithCredentialsForMultipleUsers() {
-    itestNoAuthenticatorWithCredentials(Boolean.TRUE);
+
+  @Test
+  public void testInvalidAuthenitcatorForMultipleUsers() throws Exception {
+    doTestInvalidAuthenticator(Boolean.TRUE);
   }
-  public void disabled_testCredentialsWithFailoverForMultipleUsers() {
-    itestCredentialsWithFailover(Boolean.TRUE);
+
+  @Test
+  public void testNoAuthenticatorWithCredentialsForMultipleUsers() throws Exception {
+    doTestNoAuthenticatorWithCredentials(Boolean.TRUE);
   }
-  public void __testCredentialsForNotificationsForMultipleUsers() {
-    itestCredentialsForNotifications(Boolean.TRUE);
+
+  @Ignore("Disabled for unknown reason")
+  @Test
+  public void testCredentialsWithFailoverForMultipleUsers() throws Exception {
+    doTestCredentialsWithFailover(Boolean.TRUE);
   }
 
+  @Ignore("Disabled for unknown reason")
+  @Test
+  public void testCredentialsForNotificationsForMultipleUsers() throws Exception {
+    doTestCredentialsForNotifications(Boolean.TRUE);
+  }
 }

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4f6a5311/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationTestCase.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationTestCase.java b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationTestCase.java
new file mode 100644
index 0000000..d308769
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationTestCase.java
@@ -0,0 +1,574 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.security;
+
+import static com.gemstone.gemfire.security.SecurityTestUtil.*;
+import static com.gemstone.gemfire.test.dunit.IgnoredException.*;
+import static com.gemstone.gemfire.test.dunit.LogWriterUtils.*;
+import static com.gemstone.gemfire.test.dunit.Wait.*;
+
+import java.io.IOException;
+import java.util.Properties;
+import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLHandshakeException;
+
+import com.gemstone.gemfire.internal.AvailablePort;
+import com.gemstone.gemfire.security.generator.CredentialGenerator;
+import com.gemstone.gemfire.security.generator.DummyCredentialGenerator;
+import com.gemstone.gemfire.test.dunit.Host;
+import com.gemstone.gemfire.test.dunit.VM;
+import com.gemstone.gemfire.test.dunit.internal.JUnit4DistributedTestCase;
+
+public abstract class ClientAuthenticationTestCase extends JUnit4DistributedTestCase {
+
+  private VM server1 = null;
+  private VM server2 = null;
+  private VM client1 = null;
+  private VM client2 = null;
+
+  private static final String[] serverIgnoredExceptions = {
+      AuthenticationRequiredException.class.getName(),
+      AuthenticationFailedException.class.getName(),
+      GemFireSecurityException.class.getName(),
+      ClassNotFoundException.class.getName(),
+      IOException.class.getName(),
+      SSLException.class.getName(),
+      SSLHandshakeException.class.getName()
+  };
+
+  private static final String[] clientIgnoredExceptions = {
+      AuthenticationRequiredException.class.getName(),
+      AuthenticationFailedException.class.getName(),
+      SSLHandshakeException.class.getName()
+  };
+
+  @Override
+  public final void postSetUp() throws Exception {
+    final Host host = Host.getHost(0);
+    server1 = host.getVM(0);
+    server2 = host.getVM(1);
+    client1 = host.getVM(2);
+    client2 = host.getVM(3);
+
+    addIgnoredException("Connection refused: connect");
+
+    server1.invoke(() -> registerExpectedExceptions(serverIgnoredExceptions));
+    server2.invoke(() -> registerExpectedExceptions(serverIgnoredExceptions));
+    client1.invoke(() -> registerExpectedExceptions(clientIgnoredExceptions));
+    client2.invoke(() -> registerExpectedExceptions(clientIgnoredExceptions));
+  }
+
+  protected void doTestValidCredentials(boolean multiUser) throws Exception {
+    CredentialGenerator gen = new DummyCredentialGenerator();
+    Properties extraProps = gen.getSystemProperties();
+    Properties javaProps = gen.getJavaProperties();
+    String authenticator = gen.getAuthenticator();
+    String authInit = gen.getAuthInit();
+
+    getLogWriter().info("testValidCredentials: Using scheme: " + gen.classCode());
+    getLogWriter().info("testValidCredentials: Using authenticator: " + authenticator);
+    getLogWriter().info("testValidCredentials: Using authinit: " + authInit);
+
+    // Start the servers
+    Integer locPort1 = getLocatorPort();
+    Integer locPort2 = getLocatorPort();
+    String locString = getLocatorString();
+    Integer port1 = server1.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort1, locString, authenticator, extraProps, javaProps));
+    Integer port2 = server2.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort2, locString, authenticator, extraProps, javaProps));
+
+    // Start the clients with valid credentials
+    Properties credentials1 = gen.getValidCredentials(1);
+    Properties javaProps1 = gen.getJavaProperties();
+
+    getLogWriter().info("testValidCredentials: For first client credentials: " + credentials1 + " : " + javaProps1);
+
+    Properties credentials2 = gen.getValidCredentials(2);
+    Properties javaProps2 = gen.getJavaProperties();
+
+    getLogWriter().info("testValidCredentials: For second client credentials: " + credentials2 + " : " + javaProps2);
+
+    createClientsNoException(multiUser, authInit, port1, port2, credentials1, javaProps1, credentials2, javaProps2);
+
+    // Perform some put operations from client1
+    client1.invoke(() -> doPuts(2));
+
+    // Verify that the puts succeeded
+    client2.invoke(() -> doGets(2));
+
+    if (multiUser) {
+      client1.invoke(() -> doProxyCacheClose());
+      client2.invoke(() -> doProxyCacheClose());
+      client1.invoke(() -> doSimplePut("CacheClosedException"));
+      client2.invoke(() -> doSimpleGet("CacheClosedException"));
+    }
+  }
+
+  protected void doTestNoCredentials(boolean multiUser) throws Exception {
+    CredentialGenerator gen = new DummyCredentialGenerator();
+    Properties extraProps = gen.getSystemProperties();
+    Properties javaProps = gen.getJavaProperties();
+    String authenticator = gen.getAuthenticator();
+    String authInit = gen.getAuthInit();
+
+    getLogWriter().info("testNoCredentials: Using scheme: " + gen.classCode());
+    getLogWriter().info("testNoCredentials: Using authenticator: " + authenticator);
+    getLogWriter().info("testNoCredentials: Using authinit: " + authInit);
+
+    // Start the servers
+    Integer locPort1 = getLocatorPort();
+    Integer locPort2 = getLocatorPort();
+    String locString = getLocatorString();
+    Integer port1 = createServer1(extraProps, javaProps, authenticator, locPort1, locString);
+    Integer port2 = server2.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort2, locString, authenticator, extraProps, javaProps));
+
+    // Start first client with valid credentials
+    Properties credentials1 = gen.getValidCredentials(1);
+    Properties javaProps1 = gen.getJavaProperties();
+
+    getLogWriter().info("testNoCredentials: For first client credentials: " + credentials1 + " : " + javaProps1);
+
+    createClient1NoException(multiUser, authInit, port1, port2, credentials1, javaProps1);
+
+    // Perform some put operations from client1
+    client1.invoke(() -> doPuts(2));
+
+    // Trying to create the region on client2
+    if (gen.classCode().equals(CredentialGenerator.ClassCode.SSL)) {
+      // For SSL the exception may not come since the server can close socket
+      // before handshake message is sent from client. However exception
+      // should come in any region operations.
+      client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, null, null, port1, port2, 0, multiUser, NO_EXCEPTION));
+      client2.invoke(() -> doPuts(2, OTHER_EXCEPTION));
+
+    } else {
+      client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, null, null, port1, port2, 0, multiUser, AUTHREQ_EXCEPTION));
+    }
+  }
+
+  protected void doTestInvalidCredentials(boolean multiUser) throws Exception {
+    CredentialGenerator gen = new DummyCredentialGenerator();
+    Properties extraProps = gen.getSystemProperties();
+    Properties javaProps = gen.getJavaProperties();
+    String authenticator = gen.getAuthenticator();
+    String authInit = gen.getAuthInit();
+
+    getLogWriter().info("testInvalidCredentials: Using scheme: " + gen.classCode());
+    getLogWriter().info("testInvalidCredentials: Using authenticator: " + authenticator);
+    getLogWriter().info("testInvalidCredentials: Using authinit: " + authInit);
+
+    // Start the servers
+    Integer locPort1 = getLocatorPort();
+    Integer locPort2 = getLocatorPort();
+    String locString = getLocatorString();
+    Integer port1 = createServer1(extraProps, javaProps, authenticator, locPort1, locString);
+    Integer port2 = server2.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort2, locString, authenticator, extraProps, javaProps));
+
+    // Start first client with valid credentials
+    Properties credentials1 = gen.getValidCredentials(1);
+    Properties javaProps1 = gen.getJavaProperties();
+    getLogWriter().info("testInvalidCredentials: For first client credentials: " + credentials1 + " : " + javaProps1);
+
+    createClient1NoException(multiUser, authInit, port1, port2, credentials1, javaProps1);
+
+    // Perform some put operations from client1
+    client1.invoke(() -> doPuts(2));
+
+    // Start second client with invalid credentials
+    // Trying to create the region on client2 should throw a security
+    // exception
+    Properties credentials2 = gen.getInvalidCredentials(1);
+    Properties javaProps2 = gen.getJavaProperties();
+    getLogWriter().info("testInvalidCredentials: For second client credentials: " + credentials2 + " : " + javaProps2);
+
+    client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, credentials2, javaProps2, port1, port2, 0, multiUser, AUTHFAIL_EXCEPTION));
+  }
+
+  protected void doTestInvalidAuthInit(boolean multiUser) throws Exception {
+    CredentialGenerator gen = new DummyCredentialGenerator();
+    Properties extraProps = gen.getSystemProperties();
+    final Properties javaProps = gen.getJavaProperties();
+    String authenticator = gen.getAuthenticator();
+
+    getLogWriter().info("testInvalidAuthInit: Using scheme: " + gen.classCode());
+    getLogWriter().info("testInvalidAuthInit: Using authenticator: " + authenticator);
+
+    // Start the server
+    Integer locPort1 = getLocatorPort();
+    String locString = getLocatorString();
+    Integer port1 = createServer1(extraProps, javaProps, authenticator, locPort1, locString);
+
+    Properties credentials = gen.getValidCredentials(1);
+
+    getLogWriter().info("testInvalidAuthInit: For first client credentials: " + credentials + " : " + javaProps);
+    client1.invoke(() -> ClientAuthenticationUtils.createCacheClient("com.gemstone.none", credentials, javaProps, new int[] { port1 }, 0, multiUser, AUTHREQ_EXCEPTION));
+  }
+
+  protected void doTestNoAuthInitWithCredentials(boolean multiUser) throws Exception {
+    CredentialGenerator gen = new DummyCredentialGenerator();
+    Properties extraProps = gen.getSystemProperties();
+    Properties javaProps = gen.getJavaProperties();
+    String authenticator = gen.getAuthenticator();
+
+    getLogWriter().info("testNoAuthInitWithCredentials: Using scheme: " + gen.classCode());
+    getLogWriter().info("testNoAuthInitWithCredentials: Using authenticator: " + authenticator);
+
+    // Start the servers
+    Integer locPort1 = getLocatorPort();
+    Integer locPort2 = getLocatorPort();
+    String locString = getLocatorString();
+    Integer port1 = createServer1(extraProps, javaProps, authenticator, locPort1, locString);
+    Integer port2 = server2.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort2, locString, authenticator, extraProps, javaProps));
+
+    // Start the clients with valid credentials
+    Properties credentials1 = gen.getValidCredentials(1);
+    Properties javaProps1 = gen.getJavaProperties();
+    getLogWriter().info("testNoAuthInitWithCredentials: For first client credentials: " + credentials1 + " : " + javaProps1);
+
+    Properties credentials2 = gen.getValidCredentials(2);
+    Properties javaProps2 = gen.getJavaProperties();
+    getLogWriter().info("testNoAuthInitWithCredentials: For second client credentials: " + credentials2 + " : " + javaProps2);
+
+    client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, credentials1, javaProps1, port1, port2, 0, multiUser, AUTHREQ_EXCEPTION));
+    client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, credentials2, javaProps2, port1, port2, 0, multiUser, AUTHREQ_EXCEPTION));
+    client2.invoke(() -> closeCache());
+
+    // Now also try with invalid credentials
+    Properties credentials3 = gen.getInvalidCredentials(5);
+    Properties javaProps3 = gen.getJavaProperties();
+    client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, credentials3, javaProps3, port1, port2, 0, multiUser, AUTHREQ_EXCEPTION));
+  }
+
+  protected void doTestInvalidAuthenticator(boolean multiUser) throws Exception {
+    CredentialGenerator gen = new DummyCredentialGenerator();
+    Properties extraProps = gen.getSystemProperties();
+    Properties javaProps = gen.getJavaProperties();
+    String authInit = gen.getAuthInit();
+
+    getLogWriter().info("testInvalidAuthenticator: Using scheme: " + gen.classCode());
+    getLogWriter().info("testInvalidAuthenticator: Using authinit: " + authInit);
+
+    // Start the server with invalid authenticator
+    Integer locPort1 = getLocatorPort();
+    String locString = getLocatorString();
+    Integer port1 = server1.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort1, locString, "com.gemstone.gemfire.none", extraProps, javaProps));
+
+    // Trying to create the region on client should throw a security exception
+    Properties credentials2 = gen.getValidCredentials(1);
+    Properties javaProps2 = gen.getJavaProperties();
+    getLogWriter().info("testInvalidAuthenticator: For first client credentials: " + credentials2 + " : " + javaProps2);
+
+    client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, credentials2, javaProps2, port1, 0, AUTHFAIL_EXCEPTION));
+    client1.invoke(() -> closeCache());
+
+    // Also test with invalid credentials
+    Properties credentials3 = gen.getInvalidCredentials(1);
+    Properties javaProps3 = gen.getJavaProperties();
+    getLogWriter().info("testInvalidAuthenticator: For first client credentials: " + credentials3 + " : " + javaProps3);
+    client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, credentials3, javaProps3, port1, 0, AUTHFAIL_EXCEPTION));
+  }
+
+  protected void doTestNoAuthenticatorWithCredentials(boolean multiUser) throws Exception {
+    CredentialGenerator gen = new DummyCredentialGenerator();
+    Properties extraProps = gen.getSystemProperties();
+    Properties javaProps = gen.getJavaProperties();
+    String authenticator = gen.getAuthenticator();
+    String authInit = gen.getAuthInit();
+
+    getLogWriter().info("testNoAuthenticatorWithCredentials: Using scheme: " + gen.classCode());
+    getLogWriter().info("testNoAuthenticatorWithCredentials: Using authinit: " + authInit);
+
+    // Start the servers with no authenticator
+    Integer locPort1 = getLocatorPort();
+    Integer locPort2 = getLocatorPort();
+    String locString = getLocatorString();
+    Integer port1 = server1.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort1, locString, null, extraProps, javaProps));
+    Integer port2 = server2.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort2, locString, null, extraProps, javaProps));
+
+    // Clients should connect successfully and work properly with
+    // valid/invalid credentials when none are required on the server side
+    Properties credentials1 = gen.getValidCredentials(3);
+    Properties javaProps1 = gen.getJavaProperties();
+    getLogWriter().info("testNoAuthenticatorWithCredentials: For first client credentials: " + credentials1 + " : " + javaProps1);
+
+    Properties credentials2 = gen.getInvalidCredentials(5);
+    Properties javaProps2 = gen.getJavaProperties();
+    getLogWriter().info("testNoAuthenticatorWithCredentials: For second client credentials: " + credentials2 + " : " + javaProps2);
+
+    createClientsNoException(multiUser, authInit, port1, port2, credentials1, javaProps1, credentials2, javaProps2);
+
+    // Perform some put operations from client1
+    client1.invoke(() -> doPuts(2));
+
+    // Verify that the puts succeeded
+    client2.invoke(() -> doGets(2));
+  }
+
+  protected void doTestCredentialsWithFailover(boolean multiUser) throws Exception {
+    CredentialGenerator gen = new DummyCredentialGenerator();
+    Properties extraProps = gen.getSystemProperties();
+    Properties javaProps = gen.getJavaProperties();
+    String authenticator = gen.getAuthenticator();
+    String authInit = gen.getAuthInit();
+
+    getLogWriter().info("testCredentialsWithFailover: Using scheme: " + gen.classCode());
+    getLogWriter().info("testCredentialsWithFailover: Using authenticator: " + authenticator);
+    getLogWriter().info("testCredentialsWithFailover: Using authinit: " + authInit);
+
+    // Start the first server
+    Integer locPort1 = getLocatorPort();
+    Integer locPort2 = getLocatorPort();
+    String locString = getLocatorString();
+    Integer port1 = server1.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort1, locString, authenticator, extraProps, javaProps));
+    // Get a port for second server but do not start it
+    // This forces the clients to connect to the first server
+    Integer port2 = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
+
+    // Start the clients with valid credentials
+    Properties credentials1 = gen.getValidCredentials(5);
+    Properties javaProps1 = gen.getJavaProperties();
+    getLogWriter().info("testCredentialsWithFailover: For first client credentials: " + credentials1 + " : " + javaProps1);
+
+    Properties credentials2 = gen.getValidCredentials(6);
+    Properties javaProps2 = gen.getJavaProperties();
+    getLogWriter().info("testCredentialsWithFailover: For second client credentials: " + credentials2 + " : " + javaProps2);
+
+    createClientsNoException(multiUser, authInit, port1, port2, credentials1, javaProps1, credentials2, javaProps2);
+
+    // Perform some put operations from client1
+    client1.invoke(() -> doPuts(2));
+    // Verify that the puts succeeded
+    client2.invoke(() -> doGets(2));
+
+    // start the second one and stop the first server to force a failover
+    server2.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort2, locString, port2, authenticator, extraProps, javaProps));
+    server1.invoke(() -> closeCache());
+
+    // Perform some create/update operations from client1
+    client1.invoke(() -> doNPuts(4));
+    // Verify that the creates/updates succeeded
+    client2.invoke(() -> doNGets(4));
+
+    // Try to connect client2 with no credentials
+    // Verify that the creation of region throws security exception
+    if (gen.classCode().equals(CredentialGenerator.ClassCode.SSL)) {
+      // For SSL the exception may not come since the server can close socket
+      // before handshake message is sent from client. However exception
+      // should come in any region operations.
+      client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, null, null, port1, port2, 0, multiUser, NOFORCE_AUTHREQ_EXCEPTION));
+      client2.invoke(() -> doPuts(2, OTHER_EXCEPTION));
+
+    } else {
+      client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, null, null, port1, port2, 0, multiUser, AUTHREQ_EXCEPTION));
+    }
+
+    // Now try to connect client1 with invalid credentials
+    // Verify that the creation of region throws security exception
+    Properties credentials3 = gen.getInvalidCredentials(7);
+    Properties javaProps3 = gen.getJavaProperties();
+    getLogWriter().info("testCredentialsWithFailover: For first client invalid credentials: " + credentials3 + " : " + javaProps3);
+
+    client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, credentials3, javaProps3, port1, port2, 0, multiUser, AUTHFAIL_EXCEPTION));
+
+    if (multiUser) {
+      client1.invoke(() -> doProxyCacheClose());
+      client2.invoke(() -> doProxyCacheClose());
+      client1.invoke(() -> doSimplePut("CacheClosedException"));
+      client2.invoke(() -> doSimpleGet("CacheClosedException"));
+    }
+  }
+
+  protected void doTestCredentialsForNotifications(boolean multiUser) throws Exception {
+    CredentialGenerator gen = new DummyCredentialGenerator();
+    Properties extraProps = gen.getSystemProperties();
+    Properties javaProps = gen.getJavaProperties();
+    String authenticator = gen.getAuthenticator();
+    String authInit = gen.getAuthInit();
+
+    getLogWriter().info("testCredentialsForNotifications: Using scheme: " + gen.classCode());
+    getLogWriter().info("testCredentialsForNotifications: Using authenticator: " + authenticator);
+    getLogWriter().info("testCredentialsForNotifications: Using authinit: " + authInit);
+
+    // Start the first server
+    Integer locPort1 = getLocatorPort();
+    Integer locPort2 = getLocatorPort();
+    String locString = getLocatorString();
+    Integer port1 = server1.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort1, locString, authenticator, extraProps, javaProps));
+    // Get a port for second server but do not start it
+    // This forces the clients to connect to the first server
+    Integer port2 = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
+
+    // Start the clients with valid credentials
+    Properties credentials1 = gen.getValidCredentials(3);
+    Properties javaProps1 = gen.getJavaProperties();
+    getLogWriter().info("testCredentialsForNotifications: For first client credentials: " + credentials1 + " : " + javaProps1);
+
+    Properties credentials2 = gen.getValidCredentials(4);
+    Properties javaProps2 = gen.getJavaProperties();
+    getLogWriter().info("testCredentialsForNotifications: For second client credentials: " + credentials2 + " : " + javaProps2);
+
+    createClient1NoException(multiUser, authInit, port1, port2, credentials1, javaProps1);
+
+    // Set up zero forward connections to check notification handshake only
+    int zeroConns = 0;
+    createClient2NoException(multiUser, authInit, port1, port2, credentials2, javaProps2, zeroConns);
+
+    // Register interest on all keys on second client
+    client2.invoke(() -> ClientAuthenticationUtils.registerAllInterest());
+
+    // Perform some put operations from client1
+    client1.invoke(() -> doPuts(2));
+
+    // Verify that the puts succeeded
+    client2.invoke(() -> doLocalGets(2));
+
+    // start the second one and stop the first server to force a failover
+    server2.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort2, locString, port2, authenticator, extraProps, javaProps));
+    server1.invoke(() -> closeCache());
+
+    // Wait for failover to complete
+    pause(500);
+
+    // Perform some create/update operations from client1
+    client1.invoke(() -> doNPuts(4));
+    // Verify that the creates/updates succeeded
+    client2.invoke(() -> doNLocalGets(4));
+
+    // Try to connect client1 with no credentials
+    // Verify that the creation of region throws security exception
+    server1.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort1, locString, port1, authenticator, extraProps, javaProps));
+
+    if (gen.classCode().equals(CredentialGenerator.ClassCode.SSL)) {
+      // For SSL the exception may not come since the server can close socket
+      // before handshake message is sent from client. However exception
+      // should come in any region operations.
+      client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, null, null, port1, port2, zeroConns, multiUser, NOFORCE_AUTHREQ_EXCEPTION));
+      client1.invoke(() -> doPuts(2, OTHER_EXCEPTION));
+
+    } else {
+      client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, null, null, port1, port2, zeroConns, multiUser, AUTHREQ_EXCEPTION));
+    }
+
+    // Now try to connect client2 with invalid credentials
+    // Verify that the creation of region throws security exception
+    credentials2 = gen.getInvalidCredentials(3);
+    javaProps2 = gen.getJavaProperties();
+    getLogWriter().info("testCredentialsForNotifications: For second client invalid credentials: " + credentials2 + " : " + javaProps2);
+
+    createClient2WithException(multiUser, authInit, port1, port2, credentials2, javaProps2, zeroConns);
+
+    // Now try to connect client2 with invalid auth-init method
+    // Trying to create the region on client with valid credentials should
+    // throw a security exception
+    client2.invoke(() -> ClientAuthenticationUtils.createCacheClient("com.gemstone.none", credentials1, javaProps1, port1, port2, zeroConns, multiUser, AUTHREQ_EXCEPTION));
+
+    // Now start the servers with invalid authenticator method.
+    // Skip this test for a scheme which does not have an authInit in the
+    // first place (e.g. SSL) since that will fail with AuthReqEx before
+    // authenticator is even invoked.
+    if (authInit != null && authInit.length() > 0) {
+      server1.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort1, locString, port1, "com.gemstone.gemfire.none", extraProps, javaProps));
+      server2.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort2, locString, port2, "com.gemstone.gemfire.none", extraProps, javaProps));
+
+      createClient2WithException(multiUser, authInit, port1, port2, credentials1, javaProps1, zeroConns);
+      createClient1WithException(multiUser, authInit, port1, port2, credentials2, javaProps2, zeroConns);
+
+    } else {
+      getLogWriter().info("testCredentialsForNotifications: Skipping invalid authenticator for scheme [" + gen.classCode() + "] which has no authInit");
+    }
+
+    // Try connection with null auth-init on clients.
+    // Skip this test for a scheme which does not have an authInit in the
+    // first place (e.g. SSL).
+    if (authInit != null && authInit.length() > 0) {
+      server1.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort1, locString, port1, authenticator, extraProps, javaProps));
+      server2.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort2, locString, port2, authenticator, extraProps, javaProps));
+      client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, credentials1, javaProps1, port1, port2, 0, multiUser, AUTHREQ_EXCEPTION));
+
+      createClient2AuthReqException(multiUser, port1, port2, credentials2, javaProps2, zeroConns);
+      createClient2AuthReqException(multiUser, port1, port2, credentials2, javaProps2, zeroConns);
+
+    } else {
+      getLogWriter().info("testCredentialsForNotifications: Skipping null authInit for scheme [" + gen.classCode() + "] which has no authInit");
+    }
+
+    // Try connection with null authenticator on server and sending
+    // valid/invalid credentials.
+    // If the scheme does not have an authenticator in the first place (e.g.
+    // SSL) then skip it since this test is useless.
+    if (authenticator != null && authenticator.length() > 0) {
+      server1.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort1, locString, port1, null, extraProps, javaProps));
+      server2.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort2, locString, port2, null, extraProps, javaProps));
+
+      createClient1NoException(multiUser, authInit, port1, port2, credentials1, javaProps1);
+      createClient2NoException(multiUser, authInit, port1, port2, credentials2, javaProps2, zeroConns);
+
+      // Register interest on all keys on second client
+      client2.invoke(() -> ClientAuthenticationUtils.registerAllInterest());
+
+      // Perform some put operations from client1
+      client1.invoke(() -> doPuts(4));
+
+      // Verify that the puts succeeded
+      client2.invoke(() -> doLocalGets(4));
+
+      // Now also try with valid credentials on client2
+      createClient1NoException(multiUser, authInit, port1, port2, credentials2, javaProps2);
+      createClient2NoException(multiUser, authInit, port1, port2, credentials1, javaProps1, zeroConns);
+
+      // Register interest on all keys on second client
+      client2.invoke(() -> ClientAuthenticationUtils.registerAllInterest());
+
+      // Perform some put operations from client1
+      client1.invoke(() -> doNPuts(4));
+
+      // Verify that the puts succeeded
+      client2.invoke(() -> doNLocalGets(4));
+
+    } else {
+      getLogWriter().info("testCredentialsForNotifications: Skipping scheme [" + gen.classCode() + "] which has no authenticator");
+    }
+  }
+
+  private Integer createServer1(Properties extraProps, Properties javaProps, String authenticator, int locPort1, String locString) {
+    return server1.invoke(() -> ClientAuthenticationUtils.createCacheServer(locPort1, locString, authenticator, extraProps, javaProps));
+  }
+
+  private void createClient1NoException(boolean multiUser, String authInit, int port1, int port2, Properties credentials2, Properties javaProps2) {
+    client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, credentials2, javaProps2, port1, port2, 0, multiUser, NO_EXCEPTION));
+  }
+
+  private void createClient2AuthReqException(boolean multiUser, int port1, int port2, Properties credentials2, Properties javaProps2, int zeroConns) {
+    client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(null, credentials2, javaProps2, port1, port2, zeroConns, multiUser, AUTHREQ_EXCEPTION));
+  }
+
+  private void createClient1WithException(boolean multiUser, String authInit, int port1, int port2, Properties credentials2, Properties javaProps2, int zeroConns) {
+    client1.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, credentials2, javaProps2, port1, port2, zeroConns, multiUser, AUTHFAIL_EXCEPTION));
+  }
+
+  private void createClient2WithException(boolean multiUser, String authInit, int port1, int port2, Properties credentials2, Properties javaProps2, int zeroConns) {
+    client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, credentials2, javaProps2, port1, port2, zeroConns, multiUser, AUTHFAIL_EXCEPTION));
+  }
+
+  private void createClient2NoException(boolean multiUser, String authInit, int port1, int port2, Properties credentials2, Properties javaProps2, int zeroConns) {
+    client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, credentials2, javaProps2, port1, port2, zeroConns, multiUser, NO_EXCEPTION));
+  }
+
+  private void createClientsNoException(boolean multiUser, String authInit, int port1, int port2, Properties credentials1, Properties javaProps1, Properties credentials2, Properties javaProps2) {
+    createClient1NoException(multiUser, authInit, port1, port2, credentials1, javaProps1);
+    client2.invoke(() -> ClientAuthenticationUtils.createCacheClient(authInit, credentials2, javaProps2, port1, port2, 0, multiUser, NO_EXCEPTION));
+  }
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/4f6a5311/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationUtils.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationUtils.java b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationUtils.java
new file mode 100644
index 0000000..09cc2d5
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthenticationUtils.java
@@ -0,0 +1,94 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.security;
+
+import static com.gemstone.gemfire.security.SecurityTestUtil.*;
+import static org.junit.Assert.*;
+
+import java.util.Properties;
+
+import com.gemstone.gemfire.cache.Region;
+import com.gemstone.gemfire.distributed.internal.DistributionConfig;
+
+/**
+ * Extracted from ClientAuthenticationDUnitTest
+ */
+public class ClientAuthenticationUtils {
+
+  protected ClientAuthenticationUtils() {
+  }
+
+  public static Integer createCacheServer(int dsPort, String locatorString, String authenticator, Properties extraProps, Properties javaProps) {
+    Properties authProps;
+    if (extraProps == null) {
+      authProps = new Properties();
+    } else {
+      authProps = (Properties)extraProps;
+    }
+
+    if (authenticator != null) {
+      authProps.setProperty(DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME, authenticator.toString());
+    }
+
+    return SecurityTestUtil.createCacheServer(authProps, javaProps, dsPort, (String)locatorString, 0, NO_EXCEPTION);
+  }
+
+  public static void createCacheServer(int dsPort, String locatorString, int serverPort, String authenticator, Properties extraProps, Properties javaProps) {
+    Properties authProps;
+    if (extraProps == null) {
+      authProps = new Properties();
+    } else {
+      authProps = (Properties)extraProps;
+    }
+
+    if (authenticator != null) {
+      authProps.setProperty(DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME, authenticator.toString());
+    }
+    SecurityTestUtil.createCacheServer(authProps, javaProps, dsPort, locatorString, serverPort, NO_EXCEPTION);
+  }
+
+  public static void createCacheClient(String authInit, Properties authProps, Properties javaProps, int[] ports, int numConnections, boolean multiUserMode, boolean subscriptionEnabled, int expectedResult) {
+
+    SecurityTestUtil.createCacheClient(authInit, authProps, javaProps, ports, numConnections, false, multiUserMode, subscriptionEnabled, expectedResult);
+  }
+
+  public static void createCacheClient(String authInit, Properties authProps, Properties javaProps, int[] ports, int numConnections, boolean multiUserMode, int expectedResult) {
+    createCacheClient(authInit, (Properties)authProps, (Properties)javaProps, ports, numConnections, multiUserMode, true, expectedResult);
+  }
+
+  public static void createCacheClient(String authInit, Properties authProps, Properties javaProps, int port1, int numConnections, int expectedResult) {
+    createCacheClient(authInit, authProps, javaProps, new int[] { port1 }, numConnections, Boolean.FALSE, Boolean.TRUE, expectedResult);
+  }
+
+  public static void createCacheClient(String authInit, Properties authProps, Properties javaProps, int port1, int port2, int numConnections, int expectedResult) {
+    createCacheClient(authInit, authProps, javaProps, port1, port2, numConnections, Boolean.FALSE, expectedResult);
+  }
+
+  public static void createCacheClient(String authInit, Properties authProps, Properties javaProps, Integer port1, Integer port2, int numConnections, boolean multiUserMode, int expectedResult) {
+    createCacheClient(authInit, authProps, javaProps, port1, port2, numConnections, multiUserMode, Boolean.TRUE, expectedResult);
+  }
+
+  public static void createCacheClient(String authInit, Properties authProps, Properties javaProps, int port1, int port2, int numConnections, boolean multiUserMode, boolean subscriptionEnabled, int expectedResult) {
+    createCacheClient(authInit, authProps, javaProps, new int[] { port1, port2 }, numConnections, multiUserMode, subscriptionEnabled, expectedResult);
+  }
+
+  public static void registerAllInterest() {
+    Region region = SecurityTestUtil.getCache().getRegion(SecurityTestUtil.REGION_NAME);
+    assertNotNull(region);
+    region.registerInterestRegex(".*");
+  }
+}



Mime
View raw message