geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jensde...@apache.org
Subject [52/54] [abbrv] incubator-geode git commit: Merge branch 'develop' into feature/GEODE-17-2
Date Mon, 21 Mar 2016 20:40:23 GMT
Merge branch 'develop' into feature/GEODE-17-2


Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/da7a76de
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/da7a76de
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/da7a76de

Branch: refs/heads/feature/GEODE-17-2
Commit: da7a76defd44b172ed8d7987c93e2d39576289bf
Parents: 386ace7 ff55590
Author: Jens Deppe <jdeppe@pivotal.io>
Authored: Fri Mar 18 07:20:59 2016 -0700
Committer: Jens Deppe <jdeppe@pivotal.io>
Committed: Fri Mar 18 07:20:59 2016 -0700

----------------------------------------------------------------------
 .travis.yml                                     |    7 +-
 README.md                                       |   16 +-
 extensions/geode-modules-assembly/build.gradle  |   10 +-
 extensions/geode-modules/build.gradle           |    3 +-
 geode-assembly/build.gradle                     |   27 +-
 .../LauncherLifecycleCommandsDUnitTest.java     |   10 +-
 .../rest/internal/web/RestFunctionTemplate.java |   23 +
 ...stAPIOnRegionFunctionExecutionDUnitTest.java |  479 +-
 .../web/controllers/RestAPITestBase.java        |  209 +-
 ...tAPIsOnGroupsFunctionExecutionDUnitTest.java |  310 +-
 ...APIsOnMembersFunctionExecutionDUnitTest.java |  299 +-
 geode-core/build.gradle                         |   13 +-
 .../com/gemstone/gemfire/DataSerializable.java  |    2 +-
 .../internal/doc-files/config-hierarchy.fig     |  156 -
 .../admin/internal/doc-files/health-classes.fig |  233 -
 .../admin/internal/doc-files/health-classes.gif |  Bin 8973 -> 0 bytes
 .../gemfire/admin/internal/package.html         |    4 +-
 .../client/doc-files/example-client-cache.xml   |   46 -
 .../gemfire/cache/client/internal/Endpoint.java |    2 +-
 .../internal/PdxRegistryRecoveryListener.java   |    6 +-
 .../gemfire/cache/client/internal/PoolImpl.java |    5 +-
 .../gemfire/cache/client/internal/PutAllOp.java |    8 +-
 .../gemfire/cache/client/internal/PutOp.java    |   15 +-
 .../doc-files/ConnectionManagerImpl.dia         |  Bin 2034 -> 0 bytes
 .../doc-files/ConnectionManagerImpl.png         |  Bin 11825 -> 0 bytes
 .../client/internal/doc-files/PoolImpl.dia      |  Bin 3083 -> 0 bytes
 .../internal/doc-files/QueueManagerImpl.dia     |  Bin 2180 -> 0 bytes
 .../internal/doc-files/QueueManagerImpl.png     |  Bin 15075 -> 0 bytes
 .../doc-files/client_static_diagram.png         |  Bin 29430 -> 0 bytes
 .../gemfire/cache/client/internal/package.html  |    6 +-
 .../gemstone/gemfire/cache/client/package.html  |    2 +-
 .../gemfire/cache/doc-files/architecture.fig    |  170 -
 .../gemfire/cache/doc-files/architecture.gif    |  Bin 9983 -> 0 bytes
 .../cache/doc-files/entry-life-cycle.fig        |   64 -
 .../cache/doc-files/entry-life-cycle.gif        |  Bin 3357 -> 0 bytes
 .../gemfire/cache/doc-files/example-cache.xml   |   98 -
 .../gemfire/cache/doc-files/example2-cache.xml  |   63 -
 .../gemfire/cache/doc-files/example3-cache.xml  |   60 -
 .../cache/doc-files/partitioned-regions.fig     |  267 -
 .../cache/doc-files/partitioned-regions.gif     |  Bin 9494 -> 0 bytes
 .../operations/PutAllOperationContext.java      |  275 +-
 .../internal/GetOperationContextImpl.java       |   24 +-
 .../operations/internal/UpdateOnlyMap.java      |  304 +
 .../com/gemstone/gemfire/cache/package.html     |    8 +-
 .../query/internal/index/AbstractIndex.java     |    8 +-
 .../query/internal/index/DummyQRegion.java      |   14 +-
 .../cache/query/internal/index/HashIndex.java   |    6 +-
 .../query/internal/index/IndexElemArray.java    |   34 +-
 .../query/internal/index/IndexManager.java      |   10 +-
 .../gemfire/distributed/ServerLauncher.java     |   56 +-
 .../ServerLauncherCacheProvider.java            |   34 +
 .../DefaultServerLauncherCacheProvider.java     |   57 +
 .../internal/DistributionConfigImpl.java        |   33 +-
 .../internal/InternalDistributedSystem.java     |   22 +-
 .../internal/LonerDistributionManager.java      |    4 +-
 .../internal/direct/DirectChannel.java          |   31 +-
 .../internal/doc-files/config-classes.fig       |  138 -
 .../internal/doc-files/config-classes.gif       |  Bin 4205 -> 0 bytes
 .../doc-files/distribution-managers.fig         |   76 -
 .../doc-files/distribution-managers.gif         |  Bin 3267 -> 0 bytes
 .../internal/locks/doc-files/elder.fig          |   84 -
 .../internal/locks/doc-files/elder.jpg          |  Bin 55182 -> 0 bytes
 .../internal/locks/doc-files/turks.fig          |  128 -
 .../internal/locks/doc-files/turks.jpg          |  Bin 79859 -> 0 bytes
 .../distributed/internal/locks/package.html     |    4 +-
 .../membership/gms/auth/GMSAuthenticator.java   |   98 +-
 .../membership/gms/fd/GMSHealthMonitor.java     |    2 +-
 .../membership/gms/membership/GMSJoinLeave.java |   29 +-
 .../gms/messages/JoinResponseMessage.java       |   15 -
 .../gms/messenger/JGroupsMessenger.java         |    5 +
 .../gemfire/distributed/internal/package.html   |    2 +-
 .../internal/tcpserver/TcpClient.java           |   16 +-
 .../internal/tcpserver/TcpServer.java           |    0
 .../doc-files/data-serialization-exceptions.fig |  135 -
 .../doc-files/data-serialization-exceptions.gif |  Bin 3666 -> 0 bytes
 .../gemfire/internal/AbstractConfig.java        |    2 +
 .../gemfire/internal/SocketCreator.java         |    2 +-
 .../admin/doc-files/class-hierarchy.fig         |  224 -
 .../admin/doc-files/class-hierarchy.gif         |  Bin 11971 -> 0 bytes
 .../internal/cache/AbstractRegionEntry.java     |  107 +-
 .../internal/cache/AbstractRegionMap.java       |   81 +-
 .../gemfire/internal/cache/BucketRegion.java    |   36 +-
 .../cache/BytesAndBitsForCompactor.java         |   18 +-
 .../internal/cache/CachedDeserializable.java    |    8 +
 .../cache/CachedDeserializableFactory.java      |    4 +-
 .../gemfire/internal/cache/DiskEntry.java       |  113 +-
 .../gemfire/internal/cache/DiskStoreImpl.java   |    4 -
 .../internal/cache/DistributedRegion.java       |   12 +-
 .../gemfire/internal/cache/EntryEventImpl.java  |  161 +-
 .../gemfire/internal/cache/LocalRegion.java     |   18 +-
 .../gemstone/gemfire/internal/cache/Oplog.java  |   12 +-
 .../internal/cache/PartitionedRegion.java       |    1 -
 .../cache/PartitionedRegionQueryEvaluator.java  |  391 +-
 .../cache/PreferBytesCachedDeserializable.java  |   11 +-
 .../gemfire/internal/cache/RegionEntry.java     |    9 +-
 .../internal/cache/RemoteDestroyMessage.java    |    4 +-
 .../cache/SearchLoadAndWriteProcessor.java      |    8 +-
 .../cache/StoreAllCachedDeserializable.java     |   11 +-
 .../gemfire/internal/cache/TXManagerImpl.java   |    3 +-
 .../gemfire/internal/cache/UpdateOperation.java |    2 +-
 .../internal/cache/VMCachedDeserializable.java  |    9 +-
 .../SnappyCompressedCachedDeserializable.java   |   10 +
 .../cache/control/HeapMemoryMonitor.java        |   14 +-
 .../cache/control/OffHeapMemoryMonitor.java     |   45 +-
 .../cache/doc-files/BucketAdvisor-state.png     |  Bin 39148 -> 0 bytes
 .../internal/cache/doc-files/eventmatrix.xls    |  Bin 24576 -> 0 bytes
 .../cache/doc-files/extensible-hashing.fig      |  159 -
 .../cache/doc-files/extensible-hashing.gif      |  Bin 6605 -> 0 bytes
 .../cache/doc-files/jcache-get-flow.fig         |  349 --
 .../cache/doc-files/jcache-get-flow.pdf         |  Bin 7519 -> 0 bytes
 .../cache/doc-files/jcache-put-flow.fig         |  359 --
 .../cache/doc-files/jcache-put-flow.pdf         |  Bin 7667 -> 0 bytes
 .../doc-files/jcache-update-message-flow.fig    |  334 -
 .../doc-files/jcache-update-message-flow.pdf    |  Bin 5937 -> 0 bytes
 .../cache/doc-files/partitioned-regions.fig     |  255 -
 .../cache/doc-files/partitioned-regions.gif     |  Bin 9273 -> 0 bytes
 .../internal/cache/doc-files/properties.html    | 3937 ------------
 .../cache/doc-files/region-implementation.fig   |  262 -
 .../gemfire/internal/cache/package.html         |    8 +-
 .../cache/partitioned/FetchEntriesMessage.java  |   10 +-
 .../internal/cache/partitioned/PutMessage.java  |    8 +-
 .../gemfire/internal/cache/properties.html      | 3937 ++++++++++++
 .../cache/tier/sockets/AcceptorImpl.java        |    9 +-
 .../cache/tier/sockets/CacheClientProxy.java    |    8 +-
 .../tier/sockets/ClientUpdateMessageImpl.java   |    2 +-
 .../internal/cache/tier/sockets/HandShake.java  |    3 +-
 .../internal/cache/tier/sockets/Message.java    |    2 +-
 .../internal/cache/tier/sockets/Part.java       |   51 +-
 .../cache/tier/sockets/command/Get70.java       |   19 +-
 .../cache/tier/sockets/command/PutAll.java      |    4 +
 .../cache/tier/sockets/command/PutAll70.java    |    4 +
 .../cache/tier/sockets/command/PutAll80.java    |    4 +
 .../cache/tier/sockets/command/Request.java     |    8 +-
 .../doc-files/communication-architecture.fig    |  158 -
 .../doc-files/communication-architecture.gif    |  Bin 5485 -> 0 bytes
 .../AbstractGatewaySenderEventProcessor.java    |   48 +-
 .../cache/wan/GatewaySenderEventImpl.java       |   81 +-
 .../parallel/ParallelGatewaySenderQueue.java    |   74 +-
 .../gemfire/internal/doc-files/cs-maps.fig      |  150 -
 .../gemfire/internal/doc-files/cs-maps.gif      |  Bin 5951 -> 0 bytes
 .../gemfire/internal/doc-files/ds-map.fig       |  105 -
 .../gemfire/internal/doc-files/ds-map.gif       |  Bin 4867 -> 0 bytes
 .../internal/doc-files/merge-log-files.fig      |  153 -
 .../internal/doc-files/merge-log-files.gif      |  Bin 2646 -> 0 bytes
 .../gemfire/internal/i18n/LocalizedStrings.java |    6 +-
 .../gemfire/internal/logging/MergeLogFiles.java |    2 +-
 .../internal/offheap/AbstractStoredObject.java  |   24 +
 .../offheap/AddressableMemoryChunk.java         |   29 -
 .../offheap/AddressableMemoryChunkFactory.java  |   27 -
 .../offheap/AddressableMemoryManager.java       |  261 +
 .../internal/offheap/ByteArrayMemoryChunk.java  |   77 -
 .../internal/offheap/ByteBufferMemoryChunk.java |   90 -
 .../gemfire/internal/offheap/DataAsAddress.java |  131 -
 .../gemfire/internal/offheap/Fragment.java      |   14 +-
 .../internal/offheap/FreeListManager.java       |  281 +-
 .../internal/offheap/LifecycleListener.java     |   20 +-
 .../internal/offheap/MemoryAllocator.java       |   18 +-
 .../internal/offheap/MemoryAllocatorImpl.java   |  507 ++
 .../gemfire/internal/offheap/MemoryBlock.java   |    2 +-
 .../internal/offheap/MemoryBlockNode.java       |   26 +-
 .../gemfire/internal/offheap/MemoryChunk.java   |   47 -
 .../offheap/MemoryChunkWithRefCount.java        |   34 -
 .../gemfire/internal/offheap/ObjectChunk.java   |  737 ---
 .../internal/offheap/ObjectChunkSlice.java      |   44 -
 .../offheap/ObjectChunkWithHeapForm.java        |   40 -
 .../offheap/OffHeapCachedDeserializable.java    |  142 -
 .../gemfire/internal/offheap/OffHeapHelper.java |   24 +-
 .../internal/offheap/OffHeapMemoryStats.java    |    8 +-
 .../offheap/OffHeapRegionEntryHelper.java       |   28 +-
 .../internal/offheap/OffHeapStorage.java        |   67 +-
 .../internal/offheap/OffHeapStoredObject.java   |  718 +++
 .../OffHeapStoredObjectAddressStack.java        |  141 +
 .../offheap/OffHeapStoredObjectSlice.java       |   44 +
 .../OffHeapStoredObjectWithHeapForm.java        |   41 +
 .../internal/offheap/RefCountChangeInfo.java    |    2 +-
 .../internal/offheap/ReferenceCountHelper.java  |    4 +-
 .../offheap/SimpleMemoryAllocatorImpl.java      |  511 --
 .../gemstone/gemfire/internal/offheap/Slab.java |   39 +
 .../gemfire/internal/offheap/SlabFactory.java   |   27 +
 .../gemfire/internal/offheap/SlabImpl.java      |   61 +
 .../gemfire/internal/offheap/StoredObject.java  |  117 +-
 .../internal/offheap/SyncChunkStack.java        |  141 -
 .../internal/offheap/TinyStoredObject.java      |  229 +
 .../internal/offheap/UnsafeMemoryChunk.java     |  217 -
 .../internal/tcp/ByteBufferInputStream.java     |   74 +-
 .../tcp/ImmutableByteBufferInputStream.java     |    4 +-
 .../gemfire/internal/util/BlobHelper.java       |    4 +-
 .../internal/util/doc-files/call-stack.fig      |   34 -
 .../internal/util/doc-files/class-loaders.fig   |   49 -
 .../internal/beans/MemberMBeanBridge.java       |    2 +-
 .../management/internal/cli/shell/Gfsh.java     |    2 +-
 .../gemfire/pdx/internal/PdxInputStream.java    |    4 +-
 .../gemstone/gemfire/pdx/internal/PdxType.java  |    2 +-
 .../security/GemFireSecurityException.java      |  112 +-
 .../security/NotAuthorizedException.java        |  118 +-
 .../javadoc-images/BucketAdvisor-state.png      |  Bin 0 -> 39148 bytes
 .../javadoc-images/ConnectionManagerImpl.dia    |  Bin 0 -> 2034 bytes
 .../javadoc-images/ConnectionManagerImpl.png    |  Bin 0 -> 11825 bytes
 .../javadoc-images/QueueManagerImpl.dia         |  Bin 0 -> 2180 bytes
 .../javadoc-images/QueueManagerImpl.png         |  Bin 0 -> 15075 bytes
 .../javadoc-images/class-hierarchy.fig          |  224 +
 .../javadoc-images/class-hierarchy.gif          |  Bin 0 -> 11971 bytes
 .../javadoc-images/client_static_diagram.png    |  Bin 0 -> 29430 bytes
 .../data-serialization-exceptions.fig           |  135 +
 .../data-serialization-exceptions.gif           |  Bin 0 -> 3666 bytes
 .../javadoc-images/distribution-managers.fig    |   76 +
 .../javadoc-images/distribution-managers.gif    |  Bin 0 -> 3267 bytes
 .../src/main/resources/javadoc-images/elder.fig |   84 +
 .../src/main/resources/javadoc-images/elder.jpg |  Bin 0 -> 55182 bytes
 .../javadoc-images/entry-life-cycle.fig         |   64 +
 .../javadoc-images/entry-life-cycle.gif         |  Bin 0 -> 3357 bytes
 .../resources/javadoc-images/eventmatrix.xls    |  Bin 0 -> 24576 bytes
 .../resources/javadoc-images/example-cache.xml  |   98 +
 .../javadoc-images/example-client-cache.xml     |   46 +
 .../resources/javadoc-images/example2-cache.xml |   63 +
 .../resources/javadoc-images/example3-cache.xml |   60 +
 .../javadoc-images/extensible-hashing.fig       |  159 +
 .../javadoc-images/extensible-hashing.gif       |  Bin 0 -> 6605 bytes
 .../resources/javadoc-images/health-classes.gif |  Bin 0 -> 8973 bytes
 .../javadoc-images/jcache-get-flow.fig          |  349 ++
 .../javadoc-images/jcache-get-flow.pdf          |  Bin 0 -> 7519 bytes
 .../javadoc-images/jcache-put-flow.fig          |  359 ++
 .../javadoc-images/jcache-put-flow.pdf          |  Bin 0 -> 7667 bytes
 .../jcache-update-message-flow.fig              |  334 +
 .../jcache-update-message-flow.pdf              |  Bin 0 -> 5937 bytes
 .../javadoc-images/merge-log-files.fig          |  153 +
 .../javadoc-images/merge-log-files.gif          |  Bin 0 -> 2646 bytes
 .../javadoc-images/partitioned-regions.fig      |  255 +
 .../javadoc-images/partitioned-regions.gif      |  Bin 0 -> 9273 bytes
 .../src/main/resources/javadoc-images/turks.fig |  128 +
 .../src/main/resources/javadoc-images/turks.jpg |  Bin 0 -> 79859 bytes
 .../gemfire/SystemFailureJUnitTest.java         |    5 +-
 .../cache/ConnectionPoolAutoDUnitTest.java      |   54 +
 .../gemfire/cache/ConnectionPoolDUnitTest.java  | 5880 ++++++++++++++++++
 .../CacheServerSSLConnectionDUnitTest.java      |  124 +-
 .../internal/index/IndexElemArrayJUnitTest.java |   66 +-
 .../gemfire/cache30/CacheXml80DUnitTest.java    |    2 +
 .../cache30/ClientMembershipDUnitTest.java      |  213 +-
 .../gemfire/cache30/ClientServerTestCase.java   |   12 +-
 .../DistributedMulticastRegionDUnitTest.java    |   12 +-
 .../gemfire/cache30/MultiVMRegionTestCase.java  |   36 +-
 .../gemfire/distributed/LauncherTestSuite.java  |    2 +-
 .../MockServerLauncherCacheProvider.java        |   42 +
 .../ServerLauncherWithProviderJUnitTest.java    |   92 +
 .../ServerLauncherWithSpringJUnitTest.java      |   99 -
 .../internal/DistributionAdvisorDUnitTest.java  |    3 +-
 .../gms/fd/GMSHealthMonitorJUnitTest.java       |   20 +-
 .../gms/membership/GMSJoinLeaveJUnitTest.java   |   14 +-
 .../gms/membership/GMSJoinLeaveTestHelper.java  |   24 +
 .../TcpServerBackwardCompatDUnitTest.java       |   97 +-
 .../disttx/DistTXManagerImplJUnitTest.java      |    6 +
 .../internal/SSLConfigIntegrationJUnitTest.java |    2 +-
 .../gemfire/internal/SSLConfigJUnitTest.java    |   73 +-
 .../AbstractDistributedRegionJUnitTest.java     |  166 +
 .../internal/cache/BucketRegionJUnitTest.java   |  186 +-
 .../cache/ChunkValueWrapperJUnitTest.java       |  188 -
 .../cache/ClientServerGetAllDUnitTest.java      |    4 +-
 .../cache/ClientServerTransactionDUnitTest.java |   58 +-
 .../cache/DistributedRegionJUnitTest.java       |  101 +
 .../gemfire/internal/cache/OffHeapTestUtil.java |    8 +-
 .../cache/OffHeapValueWrapperJUnitTest.java     |  188 +
 .../cache/OldValueImporterTestBase.java         |   40 +-
 .../internal/cache/TXManagerImplJUnitTest.java  |   11 +
 .../FetchEntriesMessageJUnitTest.java           |   93 +
 .../sockets/DurableClientBug39997DUnitTest.java |    6 +
 .../cache/tier/sockets/MessageJUnitTest.java    |    1 -
 .../cache/wan/AsyncEventQueueTestBase.java      |   86 +-
 .../asyncqueue/AsyncEventListenerDUnitTest.java |   21 +-
 .../offheap/ByteArrayMemoryChunkJUnitTest.java  |   30 -
 .../offheap/DataAsAddressJUnitTest.java         |  368 --
 .../DirectByteBufferMemoryChunkJUnitTest.java   |   33 -
 .../internal/offheap/FragmentJUnitTest.java     |   22 +-
 .../internal/offheap/FreeListManagerTest.java   |  448 +-
 .../offheap/FreeListOffHeapRegionJUnitTest.java |    2 +-
 .../HeapByteBufferMemoryChunkJUnitTest.java     |   33 -
 .../offheap/LifecycleListenerJUnitTest.java     |   50 +-
 ...moryAllocatorFillPatternIntegrationTest.java |  246 +
 .../MemoryAllocatorFillPatternJUnitTest.java    |  183 +
 .../offheap/MemoryAllocatorJUnitTest.java       |  594 ++
 .../offheap/MemoryBlockNodeJUnitTest.java       |   54 +-
 .../offheap/MemoryChunkJUnitTestBase.java       |  290 -
 .../internal/offheap/MemoryChunkTestSuite.java  |   32 -
 .../offheap/NullOffHeapMemoryStats.java         |    8 +-
 .../internal/offheap/ObjectChunkJUnitTest.java  |  902 ---
 .../offheap/ObjectChunkSliceJUnitTest.java      |   72 -
 .../ObjectChunkWithHeapFormJUnitTest.java       |   64 -
 .../offheap/OffHeapHelperJUnitTest.java         |   21 +-
 .../internal/offheap/OffHeapIndexJUnitTest.java |    2 +-
 .../internal/offheap/OffHeapRegionBase.java     |   22 +-
 .../OffHeapRegionEntryHelperJUnitTest.java      |   94 +-
 .../offheap/OffHeapStorageJUnitTest.java        |   36 +-
 ...ffHeapStoredObjectAddressStackJUnitTest.java |  290 +
 .../offheap/OffHeapStoredObjectJUnitTest.java   |  867 +++
 .../OffHeapStoredObjectSliceJUnitTest.java      |   72 +
 ...ffHeapStoredObjectWithHeapFormJUnitTest.java |   64 +
 .../offheap/OffHeapValidationJUnitTest.java     |   10 +-
 .../OffHeapWriteObjectAsByteArrayJUnitTest.java |   18 +-
 .../OldFreeListOffHeapRegionJUnitTest.java      |    2 +-
 .../offheap/OutOfOffHeapMemoryDUnitTest.java    |    2 +-
 ...moryAllocatorFillPatternIntegrationTest.java |  246 -
 ...mpleMemoryAllocatorFillPatternJUnitTest.java |  183 -
 .../offheap/SimpleMemoryAllocatorJUnitTest.java |  631 --
 .../internal/offheap/StoredObjectTestSuite.java |    8 +-
 .../offheap/SyncChunkStackJUnitTest.java        |  289 -
 .../offheap/TinyMemoryBlockJUnitTest.java       |  244 +
 .../offheap/TinyStoredObjectJUnitTest.java      |  353 ++
 .../TxReleasesOffHeapOnCloseJUnitTest.java      |    2 +-
 .../offheap/UnsafeMemoryChunkJUnitTest.java     |   87 -
 .../internal/process/PidFileJUnitTest.java      |    4 +-
 .../management/OffHeapManagementDUnitTest.java  |   54 +-
 ...ersalMembershipListenerAdapterDUnitTest.java |   85 +-
 .../OffHeapByteBufferByteSourceJUnitTest.java   |   10 +-
 .../gemfire/pdx/OffHeapByteSourceJUnitTest.java |   16 +-
 .../gemfire/pdx/PdxClientServerDUnitTest.java   |   46 +-
 .../security/ClientAuthenticationDUnitTest.java |    7 +-
 .../security/ClientAuthorizationDUnitTest.java  |   40 +-
 .../security/ClientAuthorizationTestBase.java   |   56 +-
 .../security/ClientMultiUserAuthzDUnitTest.java |    5 +-
 .../DeltaClientAuthorizationDUnitTest.java      |    5 +-
 .../DeltaClientPostAuthorizationDUnitTest.java  |    5 +-
 .../security/GemFireSecurityExceptionTest.java  |  167 +
 .../security/NotAuthorizedExceptionTest.java    |  198 +
 .../security/P2PAuthenticationDUnitTest.java    |   11 +-
 .../gemfire/security/SecurityTestUtil.java      |   44 +
 .../generator/AuthzCredentialGenerator.java     |  446 ++
 .../security/generator/CredentialGenerator.java |  332 +
 .../DummyAuthzCredentialGenerator.java          |  129 +
 .../generator/DummyCredentialGenerator.java     |   89 +
 .../generator/LdapUserCredentialGenerator.java  |  163 +
 .../generator/PKCSCredentialGenerator.java      |  115 +
 .../generator/SSLCredentialGenerator.java       |  121 +
 .../UserPasswordWithExtraPropsAuthInit.java     |   69 +
 .../generator/XmlAuthzCredentialGenerator.java  |  257 +
 .../security/templates/DummyAuthenticator.java  |   75 +
 .../security/templates/DummyAuthorization.java  |  122 +
 .../templates/FunctionSecurityPrmsHolder.java   |   50 +
 .../templates/LdapUserAuthenticator.java        |  106 +
 .../security/templates/PKCSAuthInit.java        |  119 +
 .../security/templates/PKCSAuthenticator.java   |  157 +
 .../security/templates/PKCSPrincipal.java       |   40 +
 .../security/templates/PKCSPrincipalTest.java   |   48 +
 .../templates/UserPasswordAuthInit.java         |   75 +
 .../security/templates/UsernamePrincipal.java   |   44 +
 .../templates/UsernamePrincipalTest.java        |   48 +
 .../security/templates/XmlAuthorization.java    |  614 ++
 .../security/templates/XmlErrorHandler.java     |   74 +
 .../gemfire/test/dunit/DistributedTestCase.java |    5 +-
 .../test/dunit/DistributedTestUtils.java        |    1 +
 .../gemfire/test/dunit/NamedCallable.java       |   41 +
 .../gemfire/test/dunit/NamedRunnable.java       |   41 +
 .../com/gemstone/gemfire/test/dunit/VM.java     |   61 +
 .../dunit/rules/DistributedDisconnectRule.java  |   44 +-
 .../rules/DistributedExternalResource.java      |   27 +-
 .../DistributedRestoreSystemProperties.java     |    5 +-
 .../gemfire/test/dunit/rules/RemoteInvoker.java |   10 +-
 .../test/dunit/tests/BasicDUnitTest.java        |   66 +
 .../com/gemstone/gemfire/test/fake/Fakes.java   |    5 +-
 .../java/security/AuthzCredentialGenerator.java |  462 --
 .../test/java/security/CredentialGenerator.java |  343 -
 .../security/DummyAuthzCredentialGenerator.java |  145 -
 .../java/security/DummyCredentialGenerator.java |   94 -
 .../security/LdapUserCredentialGenerator.java   |  160 -
 .../java/security/PKCSCredentialGenerator.java  |  112 -
 .../java/security/SSLCredentialGenerator.java   |  117 -
 .../UserPasswordWithExtraPropsAuthInit.java     |   77 -
 .../security/XmlAuthzCredentialGenerator.java   |  264 -
 .../templates/security/DummyAuthenticator.java  |   87 -
 .../templates/security/DummyAuthorization.java  |  118 -
 .../security/FunctionSecurityPrmsHolder.java    |   55 -
 .../security/LdapUserAuthenticator.java         |  117 -
 .../java/templates/security/PKCSAuthInit.java   |  133 -
 .../templates/security/PKCSAuthenticator.java   |  167 -
 .../java/templates/security/PKCSPrincipal.java  |   42 -
 .../security/UserPasswordAuthInit.java          |   84 -
 .../templates/security/UsernamePrincipal.java   |   46 -
 .../templates/security/XmlAuthorization.java    |  675 --
 .../templates/security/XmlErrorHandler.java     |   82 -
 ...fire.distributed.ServerLauncherCacheProvider |    1 +
 .../gemfire/codeAnalysis/excludedClasses.txt    |    1 +
 .../sanctionedDataSerializables.txt             |    6 +-
 .../codeAnalysis/sanctionedSerializables.txt    |   10 +-
 .../gemfire/security/generator/authz-dummy.xml  |  124 +
 .../gemfire/security/generator/authz-ldap.xml   |   83 +
 .../generator/authz-multiUser-dummy.xml         |  104 +
 .../security/generator/authz-multiUser-ldap.xml |   81 +
 .../security/generator/keys/gemfire1.keystore   |  Bin 0 -> 1536 bytes
 .../security/generator/keys/gemfire10.keystore  |  Bin 0 -> 1546 bytes
 .../security/generator/keys/gemfire11.keystore  |  Bin 0 -> 1546 bytes
 .../security/generator/keys/gemfire2.keystore   |  Bin 0 -> 1536 bytes
 .../security/generator/keys/gemfire3.keystore   |  Bin 0 -> 1536 bytes
 .../security/generator/keys/gemfire4.keystore   |  Bin 0 -> 1536 bytes
 .../security/generator/keys/gemfire5.keystore   |  Bin 0 -> 1536 bytes
 .../security/generator/keys/gemfire6.keystore   |  Bin 0 -> 1536 bytes
 .../security/generator/keys/gemfire7.keystore   |  Bin 0 -> 1536 bytes
 .../security/generator/keys/gemfire8.keystore   |  Bin 0 -> 1536 bytes
 .../security/generator/keys/gemfire9.keystore   |  Bin 0 -> 1536 bytes
 .../generator/keys/ibm/gemfire1.keystore        |  Bin 0 -> 1426 bytes
 .../generator/keys/ibm/gemfire10.keystore       |  Bin 0 -> 1434 bytes
 .../generator/keys/ibm/gemfire11.keystore       |  Bin 0 -> 1434 bytes
 .../generator/keys/ibm/gemfire2.keystore        |  Bin 0 -> 1434 bytes
 .../generator/keys/ibm/gemfire3.keystore        |  Bin 0 -> 1426 bytes
 .../generator/keys/ibm/gemfire4.keystore        |  Bin 0 -> 1434 bytes
 .../generator/keys/ibm/gemfire5.keystore        |  Bin 0 -> 1434 bytes
 .../generator/keys/ibm/gemfire6.keystore        |  Bin 0 -> 1434 bytes
 .../generator/keys/ibm/gemfire7.keystore        |  Bin 0 -> 1426 bytes
 .../generator/keys/ibm/gemfire8.keystore        |  Bin 0 -> 1434 bytes
 .../generator/keys/ibm/gemfire9.keystore        |  Bin 0 -> 1426 bytes
 .../security/generator/keys/ibm/publickeyfile   |  Bin 0 -> 4535 bytes
 .../security/generator/keys/publickeyfile       |  Bin 0 -> 4535 bytes
 .../gemfire/security/templates/authz5_5.dtd     |  105 +
 .../gemfire/security/templates/authz6_0.dtd     |  110 +
 .../src/test/resources/lib/authz-dummy.xml      |  126 -
 .../src/test/resources/lib/authz-ldap.xml       |   85 -
 .../resources/lib/authz-multiUser-dummy.xml     |  106 -
 .../test/resources/lib/authz-multiUser-ldap.xml |   83 -
 .../test/resources/lib/keys/gemfire1.keystore   |  Bin 1536 -> 0 bytes
 .../test/resources/lib/keys/gemfire10.keystore  |  Bin 1546 -> 0 bytes
 .../test/resources/lib/keys/gemfire11.keystore  |  Bin 1546 -> 0 bytes
 .../test/resources/lib/keys/gemfire2.keystore   |  Bin 1536 -> 0 bytes
 .../test/resources/lib/keys/gemfire3.keystore   |  Bin 1536 -> 0 bytes
 .../test/resources/lib/keys/gemfire4.keystore   |  Bin 1536 -> 0 bytes
 .../test/resources/lib/keys/gemfire5.keystore   |  Bin 1536 -> 0 bytes
 .../test/resources/lib/keys/gemfire6.keystore   |  Bin 1536 -> 0 bytes
 .../test/resources/lib/keys/gemfire7.keystore   |  Bin 1536 -> 0 bytes
 .../test/resources/lib/keys/gemfire8.keystore   |  Bin 1536 -> 0 bytes
 .../test/resources/lib/keys/gemfire9.keystore   |  Bin 1536 -> 0 bytes
 .../resources/lib/keys/ibm/gemfire1.keystore    |  Bin 1426 -> 0 bytes
 .../resources/lib/keys/ibm/gemfire10.keystore   |  Bin 1434 -> 0 bytes
 .../resources/lib/keys/ibm/gemfire11.keystore   |  Bin 1434 -> 0 bytes
 .../resources/lib/keys/ibm/gemfire2.keystore    |  Bin 1434 -> 0 bytes
 .../resources/lib/keys/ibm/gemfire3.keystore    |  Bin 1426 -> 0 bytes
 .../resources/lib/keys/ibm/gemfire4.keystore    |  Bin 1434 -> 0 bytes
 .../resources/lib/keys/ibm/gemfire5.keystore    |  Bin 1434 -> 0 bytes
 .../resources/lib/keys/ibm/gemfire6.keystore    |  Bin 1434 -> 0 bytes
 .../resources/lib/keys/ibm/gemfire7.keystore    |  Bin 1426 -> 0 bytes
 .../resources/lib/keys/ibm/gemfire8.keystore    |  Bin 1434 -> 0 bytes
 .../resources/lib/keys/ibm/gemfire9.keystore    |  Bin 1426 -> 0 bytes
 .../test/resources/lib/keys/ibm/publickeyfile   |  Bin 4535 -> 0 bytes
 .../src/test/resources/lib/keys/publickeyfile   |  Bin 4535 -> 0 bytes
 .../resources/spring/spring-gemfire-context.xml |   42 -
 .../resources/templates/security/authz5_5.dtd   |  105 -
 .../resources/templates/security/authz6_0.dtd   |  110 -
 .../internal/cache/PutAllCSDUnitTest.java       |  225 +-
 .../tier/sockets/DurableClientTestCase.java     |    9 +-
 .../security/ClientAuthzObjectModDUnitTest.java |   16 +-
 .../ClientCQPostAuthorizationDUnitTest.java     |    5 +-
 .../ClientPostAuthorizationDUnitTest.java       |    4 +-
 .../gemfire/security/MultiuserAPIDUnitTest.java |    6 +-
 .../MultiuserDurableCQAuthzDUnitTest.java       |    7 +-
 geode-junit/build.gradle                        |    1 +
 .../gemfire/test/junit/ConditionalIgnore.java   |    1 -
 .../gemfire/test/junit/IgnoreCondition.java     |    1 -
 .../gemfire/test/junit/IgnoreUntil.java         |    1 -
 .../com/gemstone/gemfire/test/junit/Repeat.java |    3 +-
 .../com/gemstone/gemfire/test/junit/Retry.java  |    4 +-
 .../test/junit/categories/ContainerTest.java    |    3 +-
 .../test/junit/categories/DistributedTest.java  |    3 +-
 .../categories/DistributedTransactionsTest.java |    3 +-
 .../test/junit/categories/HydraTest.java        |    3 +-
 .../test/junit/categories/IntegrationTest.java  |    3 +-
 .../test/junit/categories/PerformanceTest.java  |    3 +-
 .../gemfire/test/junit/categories/UITest.java   |    3 +-
 .../gemfire/test/junit/categories/UnitTest.java |   13 +-
 .../gemfire/test/junit/categories/WanTest.java  |    5 +-
 .../test/junit/rules/ConditionalIgnoreRule.java |    1 -
 .../test/junit/rules/ExpectedTimeout.java       |  180 -
 .../test/junit/rules/ExpectedTimeoutRule.java   |   42 +-
 .../test/junit/rules/IgnoreUntilRule.java       |    1 -
 .../gemfire/test/junit/rules/RepeatRule.java    |    3 +-
 .../gemfire/test/junit/rules/RetryRule.java     |    1 -
 .../gemfire/test/junit/rules/RuleList.java      |   95 +
 .../rules/SerializableExternalResource.java     |  107 -
 .../test/junit/rules/SerializableRuleChain.java |  119 -
 .../rules/SerializableTemporaryFolder.java      |   70 -
 .../test/junit/rules/SerializableTestName.java  |   54 -
 .../test/junit/rules/SerializableTestRule.java  |   33 -
 .../junit/rules/SerializableTestWatcher.java    |   29 -
 .../test/junit/rules/SerializableTimeout.java   |  119 -
 .../serializable/FieldSerializationUtils.java   |   48 +
 .../serializable/FieldsOfTemporaryFolder.java   |   26 +
 .../rules/serializable/FieldsOfTestName.java    |   24 +
 .../rules/serializable/FieldsOfTimeout.java     |   26 +
 .../SerializableExternalResource.java           |   25 +
 .../serializable/SerializableRuleList.java      |   78 +
 .../SerializableTemporaryFolder.java            |   70 +
 .../serializable/SerializableTestName.java      |   65 +
 .../serializable/SerializableTestRule.java      |   28 +
 .../serializable/SerializableTestWatcher.java   |   26 +
 .../rules/serializable/SerializableTimeout.java |  104 +
 .../junit/support/DefaultIgnoreCondition.java   |    3 +-
 .../IgnoreConditionEvaluationException.java     |    1 -
 .../junit/rules/ExpectedTimeoutJUnitTest.java   |  204 -
 .../junit/rules/ExpectedTimeoutRuleTest.java    |  246 +
 .../test/junit/rules/IgnoreUntilRuleTest.java   |  145 +
 .../test/junit/rules/RepeatRuleTest.java        |  411 ++
 .../rules/RetryRuleGlobalWithErrorTest.java     |  326 +
 .../rules/RetryRuleGlobalWithExceptionTest.java |  332 +
 .../rules/RetryRuleLocalWithErrorTest.java      |  265 +
 .../rules/RetryRuleLocalWithExceptionTest.java  |  276 +
 .../gemfire/test/junit/rules/RuleListTest.java  |  209 +
 .../gemfire/test/junit/rules/TestRunner.java    |   35 +
 .../examples/RepeatingTestCasesExampleTest.java |   15 +-
 .../rules/examples/RetryRuleExampleTest.java    |   20 +-
 .../rules/examples/RuleAndClassRuleTest.java    |  147 +
 .../SerializableExternalResourceTest.java       |   79 +
 .../serializable/SerializableRuleListTest.java  |   89 +
 .../SerializableTemporaryFolderTest.java        |   90 +
 .../serializable/SerializableTestNameTest.java  |   84 +
 .../SerializableTestWatcherTest.java            |   79 +
 .../serializable/SerializableTimeoutTest.java   |  106 +
 .../rules/tests/ExpectedTimeoutRuleTest.java    |  214 -
 .../junit/rules/tests/IgnoreUntilRuleTest.java  |  121 -
 .../junit/rules/tests/JUnitRuleTestSuite.java   |   33 -
 .../test/junit/rules/tests/RepeatRuleTest.java  |  304 -
 .../tests/RetryRuleGlobalWithErrorTest.java     |  250 -
 .../tests/RetryRuleGlobalWithExceptionTest.java |  254 -
 .../tests/RetryRuleLocalWithErrorTest.java      |  207 -
 .../tests/RetryRuleLocalWithExceptionTest.java  |  213 -
 .../junit/rules/tests/RuleAndClassRuleTest.java |  138 -
 .../test/junit/rules/tests/TestRunner.java      |   37 -
 .../internal/distributed/LuceneFunction.java    |    3 +-
 geode-pulse/build.gradle                        |   12 +
 .../pulse/internal/data/JMXDataUpdater.java     |   85 +-
 .../service/ClusterSelectedRegionService.java   |    8 +-
 .../ClusterSelectedRegionsMemberService.java    |    8 +-
 geode-rebalancer/build.gradle                   |    1 +
 geode-site/website/README.md                    |    2 +-
 geode-site/website/Rules                        |    3 -
 geode-site/website/content/community/index.html |    2 +-
 geode-site/website/content/docs/index.html      |   48 +
 geode-site/website/layouts/default.html         |   32 -
 geode-site/website/layouts/footer.html          |    2 +-
 geode-site/website/layouts/header.html          |    2 +-
 .../wan/GatewaySenderEventRemoteDispatcher.java |   44 +-
 .../gemfire/internal/cache/wan/WANTestBase.java |   26 +-
 .../cache/wan/misc/WANSSLDUnitTest.java         |    2 +
 ...arallelGatewaySenderOperationsDUnitTest.java |   35 +
 geode-web-api/build.gradle                      |    7 +
 .../controllers/FunctionAccessController.java   |  195 +-
 .../rest/internal/web/util/ArrayUtils.java      |   12 +-
 geode-web/build.gradle                          |    7 +
 gradle/dependency-versions.properties           |    4 +-
 gradle/java.gradle                              |    9 -
 gradle/rat.gradle                               |    1 +
 gradle/test.gradle                              |    4 +
 545 files changed, 30213 insertions(+), 25049 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/da7a76de/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationDUnitTest.java
----------------------------------------------------------------------

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/da7a76de/geode-core/src/test/java/com/gemstone/gemfire/security/ClientAuthorizationTestBase.java
----------------------------------------------------------------------

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/da7a76de/geode-core/src/test/java/com/gemstone/gemfire/security/DeltaClientPostAuthorizationDUnitTest.java
----------------------------------------------------------------------

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/da7a76de/geode-core/src/test/java/com/gemstone/gemfire/security/templates/XmlAuthorization.java
----------------------------------------------------------------------
diff --cc geode-core/src/test/java/com/gemstone/gemfire/security/templates/XmlAuthorization.java
index 0000000,b8f2e50..d9aa391
mode 000000,100755..100755
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/XmlAuthorization.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/templates/XmlAuthorization.java
@@@ -1,0 -1,614 +1,614 @@@
+ /*
+  * Licensed to the Apache Software Foundation (ASF) under one or more
+  * contributor license agreements.  See the NOTICE file distributed with
+  * this work for additional information regarding copyright ownership.
+  * The ASF licenses this file to You under the Apache License, Version 2.0
+  * (the "License"); you may not use this file except in compliance with
+  * the License.  You may obtain a copy of the License at
+  *
+  *      http://www.apache.org/licenses/LICENSE-2.0
+  *
+  * Unless required by applicable law or agreed to in writing, software
+  * distributed under the License is distributed on an "AS IS" BASIS,
+  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  * See the License for the specific language governing permissions and
+  * limitations under the License.
+  */
+ package com.gemstone.gemfire.security.templates;
+ 
+ import java.io.IOException;
+ import java.io.InputStream;
+ import java.security.Principal;
+ import java.util.ArrayList;
+ import java.util.HashMap;
+ import java.util.HashSet;
+ import java.util.Map;
+ import java.util.Set;
+ import java.util.regex.Matcher;
+ import java.util.regex.Pattern;
+ import javax.xml.parsers.DocumentBuilder;
+ import javax.xml.parsers.DocumentBuilderFactory;
+ 
+ import com.gemstone.gemfire.LogWriter;
+ import com.gemstone.gemfire.cache.Cache;
+ import com.gemstone.gemfire.cache.operations.ExecuteFunctionOperationContext;
+ import com.gemstone.gemfire.cache.operations.OperationContext;
+ import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
+ import com.gemstone.gemfire.cache.operations.QueryOperationContext;
+ import com.gemstone.gemfire.distributed.DistributedMember;
+ import com.gemstone.gemfire.security.AccessControl;
+ import com.gemstone.gemfire.security.NotAuthorizedException;
+ import org.w3c.dom.Attr;
+ import org.w3c.dom.Document;
+ import org.w3c.dom.NamedNodeMap;
+ import org.w3c.dom.Node;
+ import org.w3c.dom.NodeList;
+ import org.xml.sax.EntityResolver;
+ import org.xml.sax.InputSource;
+ import org.xml.sax.SAXException;
+ import org.xml.sax.SAXParseException;
+ 
+ /**
+  * An implementation of the {@link AccessControl} interface that allows
+  * authorization using the permissions as specified in the given XML
+  * file.
+  * 
+  * The format of the XML file is specified in <a href="authz5_5.dtd"/>. It
+  * implements a role-based authorization at the operation level for each region.
+  * Each principal name may be associated with a set of roles. The name of the
+  * principal is obtained using the {@link Principal#getName()} method and no other
+  * information of the principal is utilized. Each role can be provided
+  * permissions to execute operations for each region.
+  * 
+  * The top-level element in the XML is "acl" tag that contains the "role" and
+  * "permission" tags. The "role" tag contains the list of users that have been
+  * given that role. The name of the role is specified in the "role" attribute
+  * and the users are contained in the "user" tags insided the "role" tag.
+  * 
+  * The "permissions" tag contains the list of operations allowed for a
+  * particular region. The role name is specified as the "role" attribute, the
+  * list of comma separated region names as the optional "regions" attribute and
+  * the operation names are contained in the "operation" tags inside the
+  * "permissions" tag. The allowed operation names are: GET, PUT, PUTALL,
+  * DESTROY, REGISTER_INTEREST, UNREGISTER_INTEREST, CONTAINS_KEY, KEY_SET,
+  * QUERY, EXECUTE_CQ, STOP_CQ, CLOSE_CQ, REGION_CLEAR, REGION_CREATE,
+  * REGION_DESTROY. These correspond to the operations in the
+  * {@link OperationCode} enumeration with the same name.
+  * 
+  * When no region name is specified then the operation is allowed for all
+  * regions in the cache. Any permissions specified for regions using the
+  * "regions" attribute override these permissions. This allows users to provide
+  * generic permissions without any region name, and override for specific
+  * regions specified using the "regions" attribute. A cache-level operation
+  * (e.g. {@link OperationCode#REGION_DESTROY}) specified for a particular region
+  * is ignored i.e. the cache-level operations are only applicable when no region
+  * name is specified. A {@link OperationCode#QUERY} operation is permitted when
+  * either the {@code QUERY} permission is provided at the cache-level for
+  * the user or when {@code QUERY} permission is provided for all the
+  * regions that are part of the query string.
+  * 
+  * Any roles specified in the "user" tag that do not have a specified permission
+  * set using the "permission" tags are ignored. When no {@link Principal} is
+  * associated with the current connection, then empty user name is used to
+  * search for the roles so an empty user name can be used to specify roles of
+  * unauthenticated clients (i.e. {@code Everyone}).
+  * 
+  * This sample implementation is useful only for pre-operation checks and should
+  * not be used for post-operation authorization since it does nothing useful for
+  * post-operation case.
+  * 
+  * @since 5.5
+  */
+ public class XmlAuthorization implements AccessControl {
+ 
+   public static final String DOC_URI_PROP_NAME = "security-authz-xml-uri";
+ 
+   private static final Object sync = new Object();
+   private static final String EMPTY_VALUE = "";
+ 
+   private static final String TAG_ROLE = "role";
+   private static final String TAG_USER = "user";
+   private static final String TAG_PERMS = "permission";
+   private static final String TAG_OP = "operation";
+ 
+   private static final String ATTR_ROLENAME = "name";
+   private static final String ATTR_ROLE = "role";
+   private static final String ATTR_REGIONS = "regions";
+   private static final String ATTR_FUNCTION_IDS = "functionIds";
+   private static final String ATTR_FUNCTION_OPTIMIZE_FOR_WRITE = "optimizeForWrite";
+   private static final String ATTR_FUNCTION_KEY_SET = "keySet";
+ 
+   private static String currentDocUri = null;
+   private static Map<String, HashSet<String>> userRoles = null;
+   private static Map<String, Map<String, Map<OperationCode, FunctionSecurityPrmsHolder>>> rolePermissions = null;
+   private static NotAuthorizedException xmlLoadFailure = null;
+ 
+   private final Map<String, Map<OperationCode, FunctionSecurityPrmsHolder>> allowedOps;
+ 
+   protected LogWriter systemLogWriter;
+   protected LogWriter securityLogWriter;
+ 
+   /**
+    * Public static factory method to create an instance of
+    * {@code XmlAuthorization}. The fully qualified name of the class
+    * ({@code com.gemstone.gemfire.security.templates.XmlAuthorization.create})
+    * should be mentioned as the {@code security-client-accessor} system
+    * property to enable pre-operation authorization checks as implemented in
+    * this class.
+    *
+    * @return an object of {@code XmlAuthorization} class
+    */
+   public static AccessControl create() {
+     return new XmlAuthorization();
+   }
+ 
+   /**
+    * Clear all the statically cached information.
+    */
+   public static void clear() {
+     XmlAuthorization.currentDocUri = null;
+     if (XmlAuthorization.userRoles != null) {
+       XmlAuthorization.userRoles.clear();
+       XmlAuthorization.userRoles = null;
+     }
+     if (XmlAuthorization.rolePermissions != null) {
+       XmlAuthorization.rolePermissions.clear();
+       XmlAuthorization.rolePermissions = null;
+     }
+     XmlAuthorization.xmlLoadFailure = null;
+   }
+ 
+   /**
+    * Change the region name to a standard format having single '/' as separator
+    * and starting with a '/' as in standard POSIX paths
+    */
+   public static String normalizeRegionName(final String regionName) {
+     if (regionName == null || regionName.length() == 0) {
+       return EMPTY_VALUE;
+     }
+ 
+     char[] resultName = new char[regionName.length() + 1];
+     boolean changed = false;
+     boolean isPrevCharSlash = false;
+     int startIndex;
+ 
+     if (regionName.charAt(0) != '/') {
+       changed = true;
+       startIndex = 0;
+     } else {
+       isPrevCharSlash = true;
+       startIndex = 1;
+     }
+ 
+     resultName[0] = '/';
+     int resultLength = 1;
+ 
+     // Replace all more than one '/'s with a single '/'
+     for (int index = startIndex; index < regionName.length(); ++index) {
+       char currChar = regionName.charAt(index);
+       if (currChar == '/') {
+         if (isPrevCharSlash) {
+           changed = true;
+           continue;
+         }
+         isPrevCharSlash = true;
+       } else {
+         isPrevCharSlash = false;
+       }
+       resultName[resultLength++] = currChar;
+     }
+ 
+     // Remove any trailing slash
+     if (resultName[resultLength - 1] == '/') {
+       --resultLength;
+       changed = true;
+     }
+ 
+     if (changed) {
+       return new String(resultName, 0, resultLength);
+     } else {
+       return regionName;
+     }
+   }
+ 
+   private XmlAuthorization() {
+     this.allowedOps = new HashMap<String, Map<OperationCode, FunctionSecurityPrmsHolder>>();
+     this.systemLogWriter = null;
+     this.securityLogWriter = null;
+   }
+ 
+   /**
+    * Initialize the {@code XmlAuthorization} callback for a client having
+    * the given principal.
+    * 
+    * This method caches the full XML authorization file the first time it is
+    * invoked and caches all the permissions for the provided
+    * {@code principal} to speed up lookup the
+    * {@code authorizeOperation} calls. The permissions for the principal
+    * are maintained as a {@link Map} of region name to the {@link HashSet} of
+    * operations allowed for that region. A global entry with region name as
+    * empty string is also made for permissions provided for all the regions.
+    * 
+    * @param  principal
+    *         the principal associated with the authenticated client
+    * @param  cache
+    *         reference to the cache object
+    * @param  remoteMember
+    *         the {@link DistributedMember} object for the remote authenticated
+    *         client
+    * 
+    * @throws NotAuthorizedException
+    *         if some exception condition happens during the initialization
+    *         while reading the XML; in such a case all subsequent client
+    *         operations will throw {@code NotAuthorizedException}
+    */
+   @Override
+   public void init(final Principal principal, final DistributedMember remoteMember, final Cache cache) throws NotAuthorizedException {
+     synchronized (sync) {
+       XmlAuthorization.init(cache);
+     }
+ 
+     this.systemLogWriter = cache.getLogger();
+     this.securityLogWriter = cache.getSecurityLogger();
+ 
+     String name;
+     if (principal != null) {
+       name = principal.getName();
+     } else {
+       name = EMPTY_VALUE;
+     }
+ 
+     HashSet<String> roles = XmlAuthorization.userRoles.get(name);
+     if (roles != null) {
+       for (String roleName : roles) {
+         Map<String, Map<OperationCode, FunctionSecurityPrmsHolder>> regionOperationMap = XmlAuthorization.rolePermissions.get(roleName);
+         if (regionOperationMap != null) {
+           for (Map.Entry<String, Map<OperationCode, FunctionSecurityPrmsHolder>> regionEntry : regionOperationMap.entrySet()) {
+             String regionName = regionEntry.getKey();
+             Map<OperationCode, FunctionSecurityPrmsHolder> regionOperations = this.allowedOps.get(regionName);
+             if (regionOperations == null) {
+               regionOperations = new HashMap<OperationCode, FunctionSecurityPrmsHolder>();
+               this.allowedOps.put(regionName, regionOperations);
+             }
+             regionOperations.putAll(regionEntry.getValue());
+           }
+         }
+       }
+     }
+   }
+ 
+   /**
+    * Return true if the given operation is allowed for the cache/region.
+    * 
+    * This looks up the cached permissions of the principal in the map for the
+    * provided region name. If none are found then the global permissions with
+    * empty region name are looked up. The operation is allowed if it is found
+    * this permission list.
+    * 
+    * @param  regionName
+    *         When null then it indicates a cache-level operation, else the
+    *         name of the region for the operation.
+    * @param  context
+    *         the data required by the operation
+    * 
+    * @return true if the operation is authorized and false otherwise
+    */
+   @Override
+   public boolean authorizeOperation(String regionName, final OperationContext context) {
+     Map<OperationCode, FunctionSecurityPrmsHolder> operationMap;
+ 
+     // Check GET permissions for updates from server to client
+     if (context.isClientUpdate()) {
+       operationMap = this.allowedOps.get(regionName);
+       if (operationMap == null && regionName.length() > 0) {
+         operationMap = this.allowedOps.get(EMPTY_VALUE);
+       }
+       if (operationMap != null) {
+         return operationMap.containsKey(OperationCode.GET);
+       }
+       return false;
+     }
+ 
+     OperationCode opCode = context.getOperationCode();
+     if (opCode.isQuery() || opCode.isExecuteCQ() || opCode.isCloseCQ() || opCode.isStopCQ()) {
+       // First check if cache-level permission has been provided
+       operationMap = this.allowedOps.get(EMPTY_VALUE);
+       boolean globalPermission = (operationMap != null && operationMap .containsKey(opCode));
+       Set<String> regionNames = ((QueryOperationContext)context) .getRegionNames();
+       if (regionNames == null || regionNames.size() == 0) {
+         return globalPermission;
+       }
+ 
+       for (String r : regionNames) {
+         regionName = normalizeRegionName(r);
+         operationMap = this.allowedOps.get(regionName);
+         if (operationMap == null) {
+           if (!globalPermission) {
+             return false;
+           }
+         } else if (!operationMap.containsKey(opCode)) {
+           return false;
+         }
+       }
+       return true;
+     }
+ 
+     final String normalizedRegionName = normalizeRegionName(regionName);
+     operationMap = this.allowedOps.get(normalizedRegionName);
+     if (operationMap == null && normalizedRegionName.length() > 0) {
+       operationMap = this.allowedOps.get(EMPTY_VALUE);
+     }
+     if (operationMap != null) {
+       if (context.getOperationCode() != OperationCode.EXECUTE_FUNCTION) {
+         return operationMap.containsKey(context.getOperationCode());
+ 
+       } else {
+         if (!operationMap.containsKey(context.getOperationCode())) {
+           return false;
+ 
+         } else {
+           if (!context.isPostOperation()) {
+             FunctionSecurityPrmsHolder functionParameter = operationMap.get(context.getOperationCode());
+             ExecuteFunctionOperationContext functionContext = (ExecuteFunctionOperationContext) context;
+             // OnRegion execution
+             if (functionContext.getRegionName() != null) {
+               if (functionParameter.isOptimizeForWrite() != null && functionParameter.isOptimizeForWrite().booleanValue() != functionContext.isOptimizeForWrite()) {
+                 return false;
+               }
+               if (functionParameter.getFunctionIds() != null && !functionParameter.getFunctionIds().contains( functionContext.getFunctionId())) {
+                 return false;
+               }
+               if (functionParameter.getKeySet() != null && functionContext.getKeySet() != null) {
+                 if (functionContext.getKeySet().containsAll( functionParameter.getKeySet())) {
+                   return false;
+                 }
+               }
+               return true;
+ 
+             } else {// On Server execution
+               if (functionParameter.getFunctionIds() != null && !functionParameter.getFunctionIds().contains(functionContext.getFunctionId())) {
+                 return false;
+               }
+               return true;
+             }
+ 
+           } else {
+             ExecuteFunctionOperationContext functionContext = (ExecuteFunctionOperationContext)context;
+             FunctionSecurityPrmsHolder functionParameter = operationMap.get(context.getOperationCode());
+             if (functionContext.getRegionName() != null) {
+               if (functionContext.getResult() instanceof ArrayList && functionParameter.getKeySet() != null) {
+                 ArrayList<String> resultList = (ArrayList)functionContext.getResult();
+                 Set<String> nonAllowedKeys = functionParameter.getKeySet();
+                 if (resultList.containsAll(nonAllowedKeys)) {
+                   return false;
+                 }
+               }
+               return true;
+ 
+             } else {
+               ArrayList<String> resultList = (ArrayList)functionContext.getResult();
+               final String inSecureItem = "Insecure item";
+               if (resultList.contains(inSecureItem)) {
+                 return false;
+               }
+               return true;
+             }
+           }
+         }
+       }
+     }
+     return false;
+   }
+ 
+   /**
+    * Clears the cached information for this principal.
+    */
+   @Override
+   public void close() {
+     this.allowedOps.clear();
+   }
+ 
+   /** Get the attribute value for a given attribute name of a node. */
+   private static String getAttributeValue(final Node node, final String attrName) {
+     NamedNodeMap attrMap = node.getAttributes();
+     Node attrNode;
+     if (attrMap != null && (attrNode = attrMap.getNamedItem(attrName)) != null) {
+       return ((Attr)attrNode).getValue();
+     }
+     return EMPTY_VALUE;
+   }
+ 
+   /** Get the string contained in the first text child of the node. */
+   private static String getNodeValue(final Node node) {
+     NodeList childNodes = node.getChildNodes();
+     for (int index = 0; index < childNodes.getLength(); index++) {
+       Node childNode = childNodes.item(index);
+       if (childNode.getNodeType() == Node.TEXT_NODE) {
+         return childNode.getNodeValue();
+       }
+     }
+     return EMPTY_VALUE;
+   }
+ 
+   /**
+    * Cache authorization information for all users statically. This method is
+    * not thread-safe and is should either be invoked only once, or the caller
+    * should take the appropriate locks.
+    *
+    * @param cache reference to the cache object for the distributed system
+    */
+   private static void init(final Cache cache) throws NotAuthorizedException {
+     final LogWriter systemLogWriter = cache.getLogger();
+     final String xmlDocumentUri = (String)cache.getDistributedSystem().getSecurityProperties().get(DOC_URI_PROP_NAME);
+ 
+     try {
+       if (xmlDocumentUri == null) {
+         throw new NotAuthorizedException("No ACL file defined using tag [" + DOC_URI_PROP_NAME + "] in system properties");
+       }
+       if (xmlDocumentUri.equals(XmlAuthorization.currentDocUri)) {
+         if (XmlAuthorization.xmlLoadFailure != null) {
+           throw XmlAuthorization.xmlLoadFailure;
+         }
+         return;
+       }
+ 
+       final DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+       factory.setIgnoringComments(true);
+       factory.setIgnoringElementContentWhitespace(true);
+       factory.setValidating(true);
+ 
+       final DocumentBuilder builder = factory.newDocumentBuilder();
+       final XmlErrorHandler errorHandler = new XmlErrorHandler(systemLogWriter, xmlDocumentUri);
+       builder.setErrorHandler(errorHandler);
+       builder.setEntityResolver(new AuthzDtdResolver());
+ 
+       final Document xmlDocument = builder.parse(xmlDocumentUri);
+ 
+       XmlAuthorization.userRoles = new HashMap<String, HashSet<String>>();
+       XmlAuthorization.rolePermissions = new HashMap<String, Map<String, Map<OperationCode, FunctionSecurityPrmsHolder>>>();
+ 
+       final NodeList roleUserNodes = xmlDocument.getElementsByTagName(TAG_ROLE);
+ 
+       for (int roleIndex = 0; roleIndex < roleUserNodes.getLength(); roleIndex++) {
+         final Node roleUserNode = roleUserNodes.item(roleIndex);
+         final String roleName = getAttributeValue(roleUserNode, ATTR_ROLENAME);
+         final NodeList userNodes = roleUserNode.getChildNodes();
+ 
+         for (int userIndex = 0; userIndex < userNodes.getLength(); userIndex++) {
+           final Node userNode = userNodes.item(userIndex);
+ 
+           if (userNode.getNodeName() == TAG_USER) {
+             final String userName = getNodeValue(userNode);
+             HashSet<String> userRoleSet = XmlAuthorization.userRoles.get(userName);
+             if (userRoleSet == null) {
+               userRoleSet = new HashSet<String>();
+               XmlAuthorization.userRoles.put(userName, userRoleSet);
+             }
+             userRoleSet.add(roleName);
+ 
+           } else {
+             throw new SAXParseException("Unknown tag [" + userNode.getNodeName() + "] as child of tag [" + TAG_ROLE + ']', null);
+           }
+         }
+       }
+ 
+       final NodeList rolePermissionNodes = xmlDocument.getElementsByTagName(TAG_PERMS);
+ 
+       for (int permIndex = 0; permIndex < rolePermissionNodes.getLength(); permIndex++) {
+         final Node rolePermissionNode = rolePermissionNodes.item(permIndex);
+         final String roleName = getAttributeValue(rolePermissionNode, ATTR_ROLE);
+         Map<String, Map<OperationCode, FunctionSecurityPrmsHolder>> regionOperationMap = XmlAuthorization.rolePermissions.get(roleName);
+ 
+         if (regionOperationMap == null) {
+           regionOperationMap = new HashMap<String, Map<OperationCode, FunctionSecurityPrmsHolder>>();
+           XmlAuthorization.rolePermissions.put(roleName, regionOperationMap);
+         }
+ 
+         final NodeList operationNodes = rolePermissionNode.getChildNodes();
+         final HashMap<OperationCode, FunctionSecurityPrmsHolder> operationMap = new HashMap<OperationCode, FunctionSecurityPrmsHolder>();
+ 
+         for (int opIndex = 0; opIndex < operationNodes.getLength(); opIndex++) {
+           final Node operationNode = operationNodes.item(opIndex);
+ 
+           if (operationNode.getNodeName() == TAG_OP) {
+             final String operationName = getNodeValue(operationNode);
 -            final OperationCode code = OperationCode.parse(operationName);
++            final OperationCode code = OperationCode.valueOf(operationName);
+ 
+             if (code == null) {
+               throw new SAXParseException("Unknown operation [" + operationName + ']', null);
+             }
+ 
+             if (code != OperationCode.EXECUTE_FUNCTION) {
+               operationMap.put(code, null);
+ 
+             } else {
+               final String optimizeForWrite = getAttributeValue(operationNode, ATTR_FUNCTION_OPTIMIZE_FOR_WRITE);
+               final String functionAttr = getAttributeValue(operationNode, ATTR_FUNCTION_IDS);
+               final String keysAttr = getAttributeValue(operationNode, ATTR_FUNCTION_KEY_SET);
+ 
+               Boolean isOptimizeForWrite;
+               HashSet<String> functionIds;
+               HashSet<String> keySet;
+ 
+               if (optimizeForWrite == null || optimizeForWrite.length() == 0) {
+                 isOptimizeForWrite = null;
+               } else {
+                 isOptimizeForWrite = Boolean.parseBoolean(optimizeForWrite);
+               }
+ 
+               if (functionAttr == null || functionAttr.length() == 0) {
+                 functionIds = null;
+               } else {
+                 final String[] functionArray = functionAttr.split(",");
+                 functionIds = new HashSet<String>();
+                 for (int strIndex = 0; strIndex < functionArray.length; ++strIndex) {
+                   functionIds.add((functionArray[strIndex]));
+                 }
+               }
+ 
+               if (keysAttr == null || keysAttr.length() == 0) {
+                 keySet = null;
+               } else {
+                 final String[] keySetArray = keysAttr.split(",");
+                 keySet = new HashSet<String>();
+                 for (int strIndex = 0; strIndex < keySetArray.length; ++strIndex) {
+                   keySet.add((keySetArray[strIndex]));
+                 }
+               }
+ 
+               final FunctionSecurityPrmsHolder functionContext = new FunctionSecurityPrmsHolder(isOptimizeForWrite, functionIds, keySet);
+               operationMap.put(code, functionContext);
+             }
+ 
+           } else {
+             throw new SAXParseException("Unknown tag [" + operationNode.getNodeName() + "] as child of tag [" + TAG_PERMS + ']', null);
+           }
+         }
+ 
+         final String regionNames = getAttributeValue(rolePermissionNode, ATTR_REGIONS);
+         if (regionNames == null || regionNames.length() == 0) {
+           regionOperationMap.put(EMPTY_VALUE, operationMap);
+         } else {
+           final String[] regionNamesSplit = regionNames.split(",");
+           for (int strIndex = 0; strIndex < regionNamesSplit.length; ++strIndex) {
+             regionOperationMap.put(normalizeRegionName(regionNamesSplit[strIndex]), operationMap);
+           }
+         }
+       }
+       XmlAuthorization.currentDocUri = xmlDocumentUri;
+ 
+     } catch (Exception ex) {
+       String message;
+       if (ex instanceof NotAuthorizedException) {
+         message = ex.getMessage();
+       }
+       else {
+         message = ex.getClass().getName() + ": " + ex.getMessage();
+       }
+       systemLogWriter.warning("XmlAuthorization.init: " + message);
+       XmlAuthorization.xmlLoadFailure = new NotAuthorizedException(message, ex);
+       throw XmlAuthorization.xmlLoadFailure;
+     }
+   }
+ 
+   private static class AuthzDtdResolver implements EntityResolver {
+     final Pattern authzPattern = Pattern.compile("authz.*\\.dtd");
+ 
+     @Override
+     public InputSource resolveEntity(final String publicId, final String systemId) throws SAXException, IOException {
+       try {
+         final Matcher matcher = authzPattern.matcher(systemId);
+         if (matcher.find()) {
+           final String dtdName = matcher.group(0);
+           final InputStream stream = XmlAuthorization.class.getResourceAsStream(dtdName);
+           return new InputSource(stream);
+         }
+ 
+       } catch(Exception e) {
+         //do nothing, use the default resolver
+       }
+       
+       return null;
+     }
+   }
+ }

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/da7a76de/geode-pulse/src/main/java/com/vmware/gemfire/tools/pulse/internal/data/JMXDataUpdater.java
----------------------------------------------------------------------


Mime
View raw message