geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kl...@apache.org
Subject [29/50] [abbrv] incubator-geode git commit: GEODE-17: move GeodeSecurityUtil and two other classes to internal package
Date Tue, 03 May 2016 21:52:18 GMT
GEODE-17: move GeodeSecurityUtil and two other classes to internal package


Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/f04b6695
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/f04b6695
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/f04b6695

Branch: refs/heads/feature/GEODE-1255
Commit: f04b66956c8b98909b924f2ed648ba735610bebb
Parents: 7c38f0d
Author: Jinmei Liao <jiliao@pivotal.io>
Authored: Fri Apr 29 10:06:12 2016 -0700
Committer: Jinmei Liao <jiliao@pivotal.io>
Committed: Fri Apr 29 10:06:12 2016 -0700

----------------------------------------------------------------------
 .../internal/security/GeodeSecurityUtil.java    | 165 +++++++++++++++++
 .../security/shiro/CustomAuthRealm.java         | 177 +++++++++++++++++++
 .../security/shiro/JMXShiroAuthenticator.java   |  69 ++++++++
 .../management/internal/ManagementAgent.java    |   2 +-
 .../internal/SystemManagementService.java       |   2 +-
 .../internal/cli/commands/DataCommands.java     |   2 +-
 .../internal/cli/remote/CommandProcessor.java   |   2 +-
 .../internal/security/AccessControlMBean.java   |   2 +-
 .../internal/security/MBeanServerWrapper.java   |   2 +-
 .../controllers/AbstractCommandsController.java |   2 +-
 .../support/LoginHandlerInterceptor.java        |   2 +-
 .../gemfire/security/CustomAuthRealm.java       | 174 ------------------
 .../gemfire/security/GeodeSecurityUtil.java     | 163 -----------------
 .../gemfire/security/JMXShiroAuthenticator.java |  68 -------
 .../GeodeSecurityUtilCustomRealmJUnitTest.java  |   2 +-
 .../GeodeSecurityUtilWithIniFileJUnitTest.java  |   2 +-
 .../gemfire/tools/pulse/tests/Server.java       |   4 +-
 17 files changed, 423 insertions(+), 417 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f04b6695/geode-core/src/main/java/com/gemstone/gemfire/internal/security/GeodeSecurityUtil.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/security/GeodeSecurityUtil.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/security/GeodeSecurityUtil.java
new file mode 100644
index 0000000..4fd92ed
--- /dev/null
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/security/GeodeSecurityUtil.java
@@ -0,0 +1,165 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.gemstone.gemfire.internal.security;
+
+import java.util.concurrent.Callable;
+
+import com.gemstone.gemfire.cache.operations.OperationContext;
+import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
+import com.gemstone.gemfire.cache.operations.OperationContext.Resource;
+import com.gemstone.gemfire.internal.logging.LogService;
+import com.gemstone.gemfire.management.internal.security.ResourceOperation;
+import com.gemstone.gemfire.management.internal.security.ResourceOperationContext;
+import com.gemstone.gemfire.security.AuthenticationFailedException;
+import com.gemstone.gemfire.security.GemFireSecurityException;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.logging.log4j.Logger;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.ShiroException;
+import org.apache.shiro.UnavailableSecurityManagerException;
+import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.subject.Subject;
+import org.apache.shiro.util.ThreadContext;
+
+public class GeodeSecurityUtil {
+
+  private static Logger logger = LogService.getLogger();
+
+  public static void login(String username, String password){
+    if(!isShiroConfigured())
+      return;
+
+    Subject currentUser = SecurityUtils.getSubject();
+
+    UsernamePasswordToken token =
+        new UsernamePasswordToken(username, password);
+    try {
+      logger.info("Logging in "+username+"/"+password);
+      currentUser.login(token);
+    } catch (ShiroException e) {
+      throw new AuthenticationFailedException(e.getMessage(), e);
+    }
+  }
+
+  public static void logout(){
+    if(!isShiroConfigured())
+      return;
+
+    Subject currentUser = SecurityUtils.getSubject();
+    try {
+      logger.info("Logging out "+currentUser.getPrincipal());
+      currentUser.logout();
+    }
+    catch(ShiroException e){
+      throw new AuthenticationFailedException(e.getMessage(), e);
+    }
+    // clean out Shiro's thread local content
+    ThreadContext.remove();
+  }
+
+  public static Callable associateWith(Callable callable){
+    if(!isShiroConfigured())
+      return callable;
+
+    Subject currentUser = SecurityUtils.getSubject();
+    return currentUser.associateWith(callable);
+  }
+
+  public static void authorize(ResourceOperation resourceOperation) {
+    if(resourceOperation==null)
+      return;
+
+    authorize(resourceOperation.resource().name(),
+      resourceOperation.operation().name(),
+      null);
+  }
+
+  public static void authorizeClusterManage(){
+    authorize("CLUSTER", "MANAGE");
+  }
+
+  public static void authorizeClusterWrite(){
+    authorize("CLUSTER", "WRITE");
+  }
+
+  public static void authorizeClusterRead(){
+    authorize("CLUSTER", "READ");
+  }
+
+  public static void authorizeDataManage(){
+    authorize("DATA", "MANAGE");
+  }
+
+  public static void authorizeDataWrite(){
+    authorize("DATA", "WRITE");
+  }
+
+  public static void authorizeDataRead(){
+    authorize("DATA", "READ");
+  }
+
+  public static void authorizeRegionWrite(String regionName){
+    authorize("DATA", "WRITE", regionName);
+  }
+
+  public static void authorizeRegionRead(String regionName){
+    authorize("DATA", "READ", regionName);
+  }
+
+  public static void authorize(String resource, String operation){
+    authorize(resource, operation, null);
+  }
+
+  private static void authorize(String resource, String operation, String regionName){
+    regionName = StringUtils.stripStart(regionName, "/");
+    authorize(new ResourceOperationContext(resource, operation, regionName));
+  }
+
+  public static void authorize(OperationContext context) {
+    if(context==null)
+      return;
+
+    if(context.getResource()== Resource.NULL && context.getOperationCode()== OperationCode.NULL)
+      return;
+
+    if(!isShiroConfigured())
+      return;
+
+
+    Subject currentUser = SecurityUtils.getSubject();
+    try {
+      currentUser.checkPermission(context);
+    }
+    catch(ShiroException e){
+      logger.info(currentUser.getPrincipal() + " not authorized for " + context);
+      throw new GemFireSecurityException(e.getMessage(), e);
+    }
+  }
+
+  private static boolean isShiroConfigured(){
+    try{
+      SecurityUtils.getSecurityManager();
+    }
+    catch(UnavailableSecurityManagerException e){
+      return false;
+    }
+    return true;
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f04b6695/geode-core/src/main/java/com/gemstone/gemfire/internal/security/shiro/CustomAuthRealm.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/security/shiro/CustomAuthRealm.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/security/shiro/CustomAuthRealm.java
new file mode 100644
index 0000000..afc3125
--- /dev/null
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/security/shiro/CustomAuthRealm.java
@@ -0,0 +1,177 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.internal.security.shiro;
+
+import static com.gemstone.gemfire.management.internal.security.ResourceConstants.*;
+
+import java.lang.reflect.Method;
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.Principal;
+import java.util.Properties;
+import java.util.Set;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.ConcurrentMap;
+import javax.management.remote.JMXPrincipal;
+import javax.security.auth.Subject;
+
+import com.gemstone.gemfire.cache.operations.OperationContext;
+import com.gemstone.gemfire.distributed.internal.DistributionConfig;
+import com.gemstone.gemfire.internal.ClassLoadUtil;
+import com.gemstone.gemfire.internal.i18n.LocalizedStrings;
+import com.gemstone.gemfire.internal.lang.StringUtils;
+import com.gemstone.gemfire.management.internal.security.ResourceConstants;
+import com.gemstone.gemfire.security.AccessControl;
+import com.gemstone.gemfire.security.AuthenticationFailedException;
+import com.gemstone.gemfire.security.Authenticator;
+
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authc.SimpleAuthenticationInfo;
+import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.authz.AuthorizationInfo;
+import org.apache.shiro.authz.Permission;
+import org.apache.shiro.realm.AuthorizingRealm;
+import org.apache.shiro.subject.PrincipalCollection;
+
+public class CustomAuthRealm extends AuthorizingRealm{
+  public static final String REALM_NAME = "CUSTOMAUTHREALM";
+
+  private static final Logger logger = LogManager.getLogger(CustomAuthRealm.class);
+  private String authzFactoryName;
+  private String postAuthzFactoryName;
+  private String authenticatorFactoryName;
+  private Properties securityProps = null;
+  private ConcurrentMap<Principal, AccessControl> cachedAuthZCallback;
+  private ConcurrentMap<Principal, AccessControl> cachedPostAuthZCallback;
+
+  public CustomAuthRealm(Properties securityProps) {
+    this.securityProps = securityProps;
+    this.authzFactoryName = securityProps.getProperty(DistributionConfig.SECURITY_CLIENT_ACCESSOR_NAME);
+    this.postAuthzFactoryName = securityProps.getProperty(DistributionConfig.SECURITY_CLIENT_ACCESSOR_PP_NAME);
+    this.authenticatorFactoryName = securityProps.getProperty(DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME);
+    this.cachedAuthZCallback = new ConcurrentHashMap<>();
+    this.cachedPostAuthZCallback = new ConcurrentHashMap<>();
+  }
+
+  @Override
+  protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
+    UsernamePasswordToken authToken = (UsernamePasswordToken) token;
+    String username = authToken.getUsername();
+    String password = new String(authToken.getPassword());
+
+    Properties credentialProps = new Properties();
+    credentialProps.put(ResourceConstants.USER_NAME, username);
+    credentialProps.put(ResourceConstants.PASSWORD, password);
+
+    Principal principal  = getAuthenticator(securityProps).authenticate(credentialProps);
+
+    return new SimpleAuthenticationInfo(principal, authToken.getPassword(), REALM_NAME);
+  }
+
+
+  @Override
+  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
+    // we intercepted the call to this method by overriding the isPermitted call
+    return null;
+  }
+
+  @Override
+  public boolean isPermitted(PrincipalCollection principals, Permission permission) {
+    OperationContext context =(OperationContext)permission;
+    Principal principal = (Principal)principals.getPrimaryPrincipal();
+    // if no access control is specified, then we allow all
+    if(StringUtils.isBlank(authzFactoryName))
+      return true;
+    AccessControl accessControl = getAccessControl(principal, false);
+    return accessControl.authorizeOperation(context.getRegionName(), context);
+  }
+
+  public AccessControl getAccessControl(Principal principal, boolean isPost) {
+    if (!isPost) {
+      if (cachedAuthZCallback.containsKey(principal)) {
+        return cachedAuthZCallback.get(principal);
+      } else if (!StringUtils.isBlank(authzFactoryName)) {
+        try {
+          Method authzMethod = ClassLoadUtil.methodFromName(authzFactoryName);
+          AccessControl authzCallback = (AccessControl) authzMethod.invoke(null, (Object[]) null);
+          authzCallback.init(principal, null);
+          cachedAuthZCallback.put(principal, authzCallback);
+          return authzCallback;
+        } catch (Exception ex) {
+          throw new AuthenticationFailedException(
+              LocalizedStrings.HandShake_FAILED_TO_ACQUIRE_AUTHENTICATOR_OBJECT.toLocalizedString(), ex);
+        }
+      }
+    } else {
+      if (cachedPostAuthZCallback.containsKey(principal)) {
+        return cachedPostAuthZCallback.get(principal);
+      } else if (!StringUtils.isBlank(postAuthzFactoryName)) {
+        try {
+          Method authzMethod = ClassLoadUtil.methodFromName(postAuthzFactoryName);
+          AccessControl postAuthzCallback = (AccessControl) authzMethod.invoke(null, (Object[]) null);
+          postAuthzCallback.init(principal, null);
+          cachedPostAuthZCallback.put(principal, postAuthzCallback);
+          return postAuthzCallback;
+        } catch (Exception ex) {
+          throw new AuthenticationFailedException(
+              LocalizedStrings.HandShake_FAILED_TO_ACQUIRE_AUTHENTICATOR_OBJECT.toLocalizedString(), ex);
+        }
+      }
+    }
+    return null;
+  }
+
+  private Authenticator getAuthenticator(Properties gfSecurityProperties) throws AuthenticationFailedException {
+    Authenticator auth;
+    try {
+      Method instanceGetter = ClassLoadUtil.methodFromName(this.authenticatorFactoryName);
+      auth = (Authenticator) instanceGetter.invoke(null, (Object[]) null);
+    } catch (Exception ex) {
+      throw new AuthenticationFailedException(
+          LocalizedStrings.HandShake_FAILED_TO_ACQUIRE_AUTHENTICATOR_OBJECT.toLocalizedString(), ex);
+    }
+    if (auth == null) {
+      throw new AuthenticationFailedException(
+          LocalizedStrings.HandShake_AUTHENTICATOR_INSTANCE_COULD_NOT_BE_OBTAINED.toLocalizedString());
+    }
+    auth.init(gfSecurityProperties);
+    return auth;
+  }
+
+  public void postAuthorize(OperationContext context) {
+    if (StringUtils.isBlank(postAuthzFactoryName)){
+      return ;
+    }
+
+    AccessControlContext acc = AccessController.getContext();
+    Subject subject = Subject.getSubject(acc);
+    Set<JMXPrincipal> principals = subject.getPrincipals(JMXPrincipal.class);
+    if (principals == null || principals.isEmpty()) {
+      throw new SecurityException(ACCESS_DENIED_MESSAGE);
+    }
+    Principal principal = principals.iterator().next();
+    AccessControl accessControl = getAccessControl(principal, true);
+    if (!accessControl.authorizeOperation(null, context)) {
+      throw new SecurityException(ACCESS_DENIED_MESSAGE);
+    }
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f04b6695/geode-core/src/main/java/com/gemstone/gemfire/internal/security/shiro/JMXShiroAuthenticator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/security/shiro/JMXShiroAuthenticator.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/security/shiro/JMXShiroAuthenticator.java
new file mode 100644
index 0000000..4a4cc28
--- /dev/null
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/security/shiro/JMXShiroAuthenticator.java
@@ -0,0 +1,69 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.internal.security.shiro;
+
+import static com.gemstone.gemfire.management.internal.security.ResourceConstants.*;
+
+import java.util.Collections;
+import java.util.Properties;
+import javax.management.Notification;
+import javax.management.NotificationListener;
+import javax.management.remote.JMXAuthenticator;
+import javax.management.remote.JMXConnectionNotification;
+import javax.management.remote.JMXPrincipal;
+import javax.security.auth.Subject;
+
+import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
+import com.gemstone.gemfire.management.internal.security.ResourceConstants;
+
+/**
+ * this will make JMX authentication to use Shiro for Authentication
+ */
+
+public class JMXShiroAuthenticator implements JMXAuthenticator, NotificationListener {
+
+  @Override
+  public Subject authenticate(Object credentials) {
+    String username = null, password = null;
+    if (credentials instanceof String[]) {
+      final String[] aCredentials = (String[]) credentials;
+      username = aCredentials[0];
+      password = aCredentials[1];
+    } else if (credentials instanceof Properties) {
+      username = ((Properties) credentials).getProperty(ResourceConstants.USER_NAME);
+      password = ((Properties) credentials).getProperty(ResourceConstants.PASSWORD);
+    } else {
+      throw new SecurityException(WRONGE_CREDENTIALS_MESSAGE);
+    }
+
+    GeodeSecurityUtil.login(username, password);
+
+    return new Subject(true, Collections.singleton(new JMXPrincipal(username)), Collections.EMPTY_SET,
+      Collections.EMPTY_SET);
+  }
+
+  @Override
+  public void handleNotification(Notification notification, Object handback) {
+    if (notification instanceof JMXConnectionNotification) {
+      JMXConnectionNotification cxNotification = (JMXConnectionNotification) notification;
+      String type = cxNotification.getType();
+      if (JMXConnectionNotification.CLOSED.equals(type)) {
+        GeodeSecurityUtil.logout();
+      }
+    }
+  }
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f04b6695/geode-core/src/main/java/com/gemstone/gemfire/management/internal/ManagementAgent.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/ManagementAgent.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/ManagementAgent.java
index d6c18df..adc69c4 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/ManagementAgent.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/ManagementAgent.java
@@ -61,7 +61,7 @@ import com.gemstone.gemfire.management.internal.security.AccessControlMBean;
 import com.gemstone.gemfire.management.internal.security.MBeanServerWrapper;
 import com.gemstone.gemfire.management.internal.security.ResourceConstants;
 import com.gemstone.gemfire.management.internal.unsafe.ReadOpFileAccessController;
-import com.gemstone.gemfire.security.JMXShiroAuthenticator;
+import com.gemstone.gemfire.internal.security.shiro.JMXShiroAuthenticator;
 
 import org.apache.logging.log4j.Logger;
 import org.eclipse.jetty.server.Server;

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f04b6695/geode-core/src/main/java/com/gemstone/gemfire/management/internal/SystemManagementService.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/SystemManagementService.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/SystemManagementService.java
index 7fec9b7..dac016e 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/SystemManagementService.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/SystemManagementService.java
@@ -54,7 +54,7 @@ import com.gemstone.gemfire.management.RegionMXBean;
 import com.gemstone.gemfire.management.internal.beans.ManagementAdapter;
 import com.gemstone.gemfire.management.membership.MembershipEvent;
 import com.gemstone.gemfire.management.membership.MembershipListener;
-import com.gemstone.gemfire.security.CustomAuthRealm;
+import com.gemstone.gemfire.internal.security.shiro.CustomAuthRealm;
 import org.apache.logging.log4j.Logger;
 import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.config.IniSecurityManagerFactory;

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f04b6695/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DataCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DataCommands.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DataCommands.java
index 61803fe..fafea9a 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DataCommands.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/commands/DataCommands.java
@@ -73,7 +73,7 @@ import com.gemstone.gemfire.management.internal.cli.result.ResultBuilder;
 import com.gemstone.gemfire.management.internal.cli.result.TabularResultData;
 import com.gemstone.gemfire.management.internal.cli.shell.Gfsh;
 import com.gemstone.gemfire.management.internal.security.ResourceOperation;
-import com.gemstone.gemfire.security.GeodeSecurityUtil;
+import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
 
 import org.springframework.shell.core.CommandMarker;
 import org.springframework.shell.core.annotation.CliAvailabilityIndicator;

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f04b6695/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/remote/CommandProcessor.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/remote/CommandProcessor.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/remote/CommandProcessor.java
index c3b0b7f..7edc3e4 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/remote/CommandProcessor.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/cli/remote/CommandProcessor.java
@@ -31,7 +31,7 @@ import com.gemstone.gemfire.management.internal.cli.result.ResultBuilder;
 import com.gemstone.gemfire.management.internal.cli.util.CommentSkipHelper;
 import com.gemstone.gemfire.management.internal.security.ResourceOperation;
 import com.gemstone.gemfire.security.GemFireSecurityException;
-import com.gemstone.gemfire.security.GeodeSecurityUtil;
+import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
 
 import org.springframework.shell.core.Parser;
 import org.springframework.shell.event.ParseResult;

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f04b6695/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/AccessControlMBean.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/AccessControlMBean.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/AccessControlMBean.java
index 33b80e2..1a7191b 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/AccessControlMBean.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/AccessControlMBean.java
@@ -17,7 +17,7 @@
 package com.gemstone.gemfire.management.internal.security;
 
 import com.gemstone.gemfire.security.GemFireSecurityException;
-import com.gemstone.gemfire.security.GeodeSecurityUtil;
+import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
 
 /**
  * AccessControlMBean Implementation. This retrieves JMXPrincipal from AccessController

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f04b6695/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
index 8d1031a..99cbe2e 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
@@ -46,7 +46,7 @@ import javax.management.remote.MBeanServerForwarder;
 
 import com.gemstone.gemfire.management.internal.ManagementConstants;
 import com.gemstone.gemfire.security.GemFireSecurityException;
-import com.gemstone.gemfire.security.GeodeSecurityUtil;
+import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
 
 /**
  * This class intercepts all MBean requests for GemFire MBeans and passed it to

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f04b6695/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java
index 08865b4..c411972 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/AbstractCommandsController.java
@@ -50,7 +50,7 @@ import com.gemstone.gemfire.management.internal.cli.util.CommandStringBuilder;
 import com.gemstone.gemfire.management.internal.web.controllers.support.LoginHandlerInterceptor;
 import com.gemstone.gemfire.management.internal.web.controllers.support.MemberMXBeanAdapter;
 import com.gemstone.gemfire.management.internal.web.util.UriUtils;
-import com.gemstone.gemfire.security.GeodeSecurityUtil;
+import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
 
 import org.apache.logging.log4j.Logger;
 import org.springframework.beans.propertyeditors.StringArrayPropertyEditor;

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f04b6695/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/LoginHandlerInterceptor.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/LoginHandlerInterceptor.java b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/LoginHandlerInterceptor.java
index 5465ea3..e6cdbee 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/LoginHandlerInterceptor.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/web/controllers/support/LoginHandlerInterceptor.java
@@ -27,7 +27,7 @@ import com.gemstone.gemfire.cache.Cache;
 import com.gemstone.gemfire.internal.logging.LogService;
 import com.gemstone.gemfire.management.internal.security.ResourceConstants;
 import com.gemstone.gemfire.security.Authenticator;
-import com.gemstone.gemfire.security.GeodeSecurityUtil;
+import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
 
 import org.apache.logging.log4j.Logger;
 import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f04b6695/geode-core/src/main/java/com/gemstone/gemfire/security/CustomAuthRealm.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/security/CustomAuthRealm.java b/geode-core/src/main/java/com/gemstone/gemfire/security/CustomAuthRealm.java
deleted file mode 100644
index 706a7cc..0000000
--- a/geode-core/src/main/java/com/gemstone/gemfire/security/CustomAuthRealm.java
+++ /dev/null
@@ -1,174 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.security;
-
-import static com.gemstone.gemfire.management.internal.security.ResourceConstants.*;
-
-import java.lang.reflect.Method;
-import java.security.AccessControlContext;
-import java.security.AccessController;
-import java.security.Principal;
-import java.util.Properties;
-import java.util.Set;
-import java.util.concurrent.ConcurrentHashMap;
-import java.util.concurrent.ConcurrentMap;
-import javax.management.remote.JMXPrincipal;
-import javax.security.auth.Subject;
-
-import com.gemstone.gemfire.cache.operations.OperationContext;
-import com.gemstone.gemfire.distributed.internal.DistributionConfig;
-import com.gemstone.gemfire.internal.ClassLoadUtil;
-import com.gemstone.gemfire.internal.i18n.LocalizedStrings;
-import com.gemstone.gemfire.internal.lang.StringUtils;
-import com.gemstone.gemfire.management.internal.security.ResourceConstants;
-
-import org.apache.logging.log4j.LogManager;
-import org.apache.logging.log4j.Logger;
-import org.apache.shiro.authc.AuthenticationException;
-import org.apache.shiro.authc.AuthenticationInfo;
-import org.apache.shiro.authc.AuthenticationToken;
-import org.apache.shiro.authc.SimpleAuthenticationInfo;
-import org.apache.shiro.authc.UsernamePasswordToken;
-import org.apache.shiro.authz.AuthorizationInfo;
-import org.apache.shiro.authz.Permission;
-import org.apache.shiro.realm.AuthorizingRealm;
-import org.apache.shiro.subject.PrincipalCollection;
-
-public class CustomAuthRealm extends AuthorizingRealm{
-  public static final String REALM_NAME = "CUSTOMAUTHREALM";
-
-  private static final Logger logger = LogManager.getLogger(CustomAuthRealm.class);
-  private String authzFactoryName;
-  private String postAuthzFactoryName;
-  private String authenticatorFactoryName;
-  private Properties securityProps = null;
-  private ConcurrentMap<Principal, AccessControl> cachedAuthZCallback;
-  private ConcurrentMap<Principal, AccessControl> cachedPostAuthZCallback;
-
-  public CustomAuthRealm(Properties securityProps) {
-    this.securityProps = securityProps;
-    this.authzFactoryName = securityProps.getProperty(DistributionConfig.SECURITY_CLIENT_ACCESSOR_NAME);
-    this.postAuthzFactoryName = securityProps.getProperty(DistributionConfig.SECURITY_CLIENT_ACCESSOR_PP_NAME);
-    this.authenticatorFactoryName = securityProps.getProperty(DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME);
-    this.cachedAuthZCallback = new ConcurrentHashMap<>();
-    this.cachedPostAuthZCallback = new ConcurrentHashMap<>();
-  }
-
-  @Override
-  protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
-    UsernamePasswordToken authToken = (UsernamePasswordToken) token;
-    String username = authToken.getUsername();
-    String password = new String(authToken.getPassword());
-
-    Properties credentialProps = new Properties();
-    credentialProps.put(ResourceConstants.USER_NAME, username);
-    credentialProps.put(ResourceConstants.PASSWORD, password);
-
-    Principal principal  = getAuthenticator(securityProps).authenticate(credentialProps);
-
-    return new SimpleAuthenticationInfo(principal, authToken.getPassword(), REALM_NAME);
-  }
-
-
-  @Override
-  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
-    // we intercepted the call to this method by overriding the isPermitted call
-    return null;
-  }
-
-  @Override
-  public boolean isPermitted(PrincipalCollection principals, Permission permission) {
-    OperationContext context =(OperationContext)permission;
-    Principal principal = (Principal)principals.getPrimaryPrincipal();
-    // if no access control is specified, then we allow all
-    if(StringUtils.isBlank(authzFactoryName))
-      return true;
-    AccessControl accessControl = getAccessControl(principal, false);
-    return accessControl.authorizeOperation(context.getRegionName(), context);
-  }
-
-  public AccessControl getAccessControl(Principal principal, boolean isPost) {
-    if (!isPost) {
-      if (cachedAuthZCallback.containsKey(principal)) {
-        return cachedAuthZCallback.get(principal);
-      } else if (!StringUtils.isBlank(authzFactoryName)) {
-        try {
-          Method authzMethod = ClassLoadUtil.methodFromName(authzFactoryName);
-          AccessControl authzCallback = (AccessControl) authzMethod.invoke(null, (Object[]) null);
-          authzCallback.init(principal, null);
-          cachedAuthZCallback.put(principal, authzCallback);
-          return authzCallback;
-        } catch (Exception ex) {
-          throw new AuthenticationFailedException(
-              LocalizedStrings.HandShake_FAILED_TO_ACQUIRE_AUTHENTICATOR_OBJECT.toLocalizedString(), ex);
-        }
-      }
-    } else {
-      if (cachedPostAuthZCallback.containsKey(principal)) {
-        return cachedPostAuthZCallback.get(principal);
-      } else if (!StringUtils.isBlank(postAuthzFactoryName)) {
-        try {
-          Method authzMethod = ClassLoadUtil.methodFromName(postAuthzFactoryName);
-          AccessControl postAuthzCallback = (AccessControl) authzMethod.invoke(null, (Object[]) null);
-          postAuthzCallback.init(principal, null);
-          cachedPostAuthZCallback.put(principal, postAuthzCallback);
-          return postAuthzCallback;
-        } catch (Exception ex) {
-          throw new AuthenticationFailedException(
-              LocalizedStrings.HandShake_FAILED_TO_ACQUIRE_AUTHENTICATOR_OBJECT.toLocalizedString(), ex);
-        }
-      }
-    }
-    return null;
-  }
-
-  private Authenticator getAuthenticator(Properties gfSecurityProperties) throws AuthenticationFailedException {
-    Authenticator auth;
-    try {
-      Method instanceGetter = ClassLoadUtil.methodFromName(this.authenticatorFactoryName);
-      auth = (Authenticator) instanceGetter.invoke(null, (Object[]) null);
-    } catch (Exception ex) {
-      throw new AuthenticationFailedException(
-          LocalizedStrings.HandShake_FAILED_TO_ACQUIRE_AUTHENTICATOR_OBJECT.toLocalizedString(), ex);
-    }
-    if (auth == null) {
-      throw new AuthenticationFailedException(
-          LocalizedStrings.HandShake_AUTHENTICATOR_INSTANCE_COULD_NOT_BE_OBTAINED.toLocalizedString());
-    }
-    auth.init(gfSecurityProperties);
-    return auth;
-  }
-
-  public void postAuthorize(OperationContext context) {
-    if (StringUtils.isBlank(postAuthzFactoryName)){
-      return ;
-    }
-
-    AccessControlContext acc = AccessController.getContext();
-    Subject subject = Subject.getSubject(acc);
-    Set<JMXPrincipal> principals = subject.getPrincipals(JMXPrincipal.class);
-    if (principals == null || principals.isEmpty()) {
-      throw new SecurityException(ACCESS_DENIED_MESSAGE);
-    }
-    Principal principal = principals.iterator().next();
-    AccessControl accessControl = getAccessControl(principal, true);
-    if (!accessControl.authorizeOperation(null, context)) {
-      throw new SecurityException(ACCESS_DENIED_MESSAGE);
-    }
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f04b6695/geode-core/src/main/java/com/gemstone/gemfire/security/GeodeSecurityUtil.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/security/GeodeSecurityUtil.java b/geode-core/src/main/java/com/gemstone/gemfire/security/GeodeSecurityUtil.java
deleted file mode 100644
index 148a963..0000000
--- a/geode-core/src/main/java/com/gemstone/gemfire/security/GeodeSecurityUtil.java
+++ /dev/null
@@ -1,163 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.gemstone.gemfire.security;
-
-import java.util.concurrent.Callable;
-
-import com.gemstone.gemfire.cache.operations.OperationContext;
-import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
-import com.gemstone.gemfire.cache.operations.OperationContext.Resource;
-import com.gemstone.gemfire.internal.logging.LogService;
-import com.gemstone.gemfire.management.internal.security.ResourceOperation;
-import com.gemstone.gemfire.management.internal.security.ResourceOperationContext;
-
-import org.apache.commons.lang.StringUtils;
-import org.apache.logging.log4j.Logger;
-import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.ShiroException;
-import org.apache.shiro.UnavailableSecurityManagerException;
-import org.apache.shiro.authc.UsernamePasswordToken;
-import org.apache.shiro.subject.Subject;
-import org.apache.shiro.util.ThreadContext;
-
-public class GeodeSecurityUtil {
-
-  private static Logger logger = LogService.getLogger();
-
-  public static void login(String username, String password){
-    if(!isShiroConfigured())
-      return;
-
-    Subject currentUser = SecurityUtils.getSubject();
-
-    UsernamePasswordToken token =
-        new UsernamePasswordToken(username, password);
-    try {
-      logger.info("Logging in "+username+"/"+password);
-      currentUser.login(token);
-    } catch (ShiroException e) {
-      throw new AuthenticationFailedException(e.getMessage(), e);
-    }
-  }
-
-  public static void logout(){
-    if(!isShiroConfigured())
-      return;
-
-    Subject currentUser = SecurityUtils.getSubject();
-    try {
-      logger.info("Logging out "+currentUser.getPrincipal());
-      currentUser.logout();
-    }
-    catch(ShiroException e){
-      throw new AuthenticationFailedException(e.getMessage(), e);
-    }
-    // clean out Shiro's thread local content
-    ThreadContext.remove();
-  }
-
-  public static Callable associateWith(Callable callable){
-    if(!isShiroConfigured())
-      return callable;
-
-    Subject currentUser = SecurityUtils.getSubject();
-    return currentUser.associateWith(callable);
-  }
-
-  public static void authorize(ResourceOperation resourceOperation) {
-    if(resourceOperation==null)
-      return;
-
-    authorize(resourceOperation.resource().name(),
-      resourceOperation.operation().name(),
-      null);
-  }
-
-  public static void authorizeClusterManage(){
-    authorize("CLUSTER", "MANAGE");
-  }
-
-  public static void authorizeClusterWrite(){
-    authorize("CLUSTER", "WRITE");
-  }
-
-  public static void authorizeClusterRead(){
-    authorize("CLUSTER", "READ");
-  }
-
-  public static void authorizeDataManage(){
-    authorize("DATA", "MANAGE");
-  }
-
-  public static void authorizeDataWrite(){
-    authorize("DATA", "WRITE");
-  }
-
-  public static void authorizeDataRead(){
-    authorize("DATA", "READ");
-  }
-
-  public static void authorizeRegionWrite(String regionName){
-    authorize("DATA", "WRITE", regionName);
-  }
-
-  public static void authorizeRegionRead(String regionName){
-    authorize("DATA", "READ", regionName);
-  }
-
-  public static void authorize(String resource, String operation){
-    authorize(resource, operation, null);
-  }
-
-  private static void authorize(String resource, String operation, String regionName){
-    regionName = StringUtils.stripStart(regionName, "/");
-    authorize(new ResourceOperationContext(resource, operation, regionName));
-  }
-
-  public static void authorize(OperationContext context) {
-    if(context==null)
-      return;
-
-    if(context.getResource()== Resource.NULL && context.getOperationCode()== OperationCode.NULL)
-      return;
-
-    if(!isShiroConfigured())
-      return;
-
-
-    Subject currentUser = SecurityUtils.getSubject();
-    try {
-      currentUser.checkPermission(context);
-    }
-    catch(ShiroException e){
-      logger.info(currentUser.getPrincipal() + " not authorized for " + context);
-      throw new GemFireSecurityException(e.getMessage(), e);
-    }
-  }
-
-  private static boolean isShiroConfigured(){
-    try{
-      SecurityUtils.getSecurityManager();
-    }
-    catch(UnavailableSecurityManagerException e){
-      return false;
-    }
-    return true;
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f04b6695/geode-core/src/main/java/com/gemstone/gemfire/security/JMXShiroAuthenticator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/security/JMXShiroAuthenticator.java b/geode-core/src/main/java/com/gemstone/gemfire/security/JMXShiroAuthenticator.java
deleted file mode 100644
index c55e700..0000000
--- a/geode-core/src/main/java/com/gemstone/gemfire/security/JMXShiroAuthenticator.java
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.security;
-
-import static com.gemstone.gemfire.management.internal.security.ResourceConstants.*;
-
-import java.util.Collections;
-import java.util.Properties;
-import javax.management.Notification;
-import javax.management.NotificationListener;
-import javax.management.remote.JMXAuthenticator;
-import javax.management.remote.JMXConnectionNotification;
-import javax.management.remote.JMXPrincipal;
-import javax.security.auth.Subject;
-
-import com.gemstone.gemfire.management.internal.security.ResourceConstants;
-
-/**
- * this will make JMX authentication to use Shiro for Authentication
- */
-
-public class JMXShiroAuthenticator implements JMXAuthenticator, NotificationListener {
-
-  @Override
-  public Subject authenticate(Object credentials) {
-    String username = null, password = null;
-    if (credentials instanceof String[]) {
-      final String[] aCredentials = (String[]) credentials;
-      username = aCredentials[0];
-      password = aCredentials[1];
-    } else if (credentials instanceof Properties) {
-      username = ((Properties) credentials).getProperty(ResourceConstants.USER_NAME);
-      password = ((Properties) credentials).getProperty(ResourceConstants.PASSWORD);
-    } else {
-      throw new SecurityException(WRONGE_CREDENTIALS_MESSAGE);
-    }
-
-    GeodeSecurityUtil.login(username, password);
-
-    return new Subject(true, Collections.singleton(new JMXPrincipal(username)), Collections.EMPTY_SET,
-      Collections.EMPTY_SET);
-  }
-
-  @Override
-  public void handleNotification(Notification notification, Object handback) {
-    if (notification instanceof JMXConnectionNotification) {
-      JMXConnectionNotification cxNotification = (JMXConnectionNotification) notification;
-      String type = cxNotification.getType();
-      if (JMXConnectionNotification.CLOSED.equals(type)) {
-        GeodeSecurityUtil.logout();
-      }
-    }
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f04b6695/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilCustomRealmJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilCustomRealmJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilCustomRealmJUnitTest.java
index cc6af0e..0bf3cab 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilCustomRealmJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilCustomRealmJUnitTest.java
@@ -20,7 +20,7 @@ package com.gemstone.gemfire.management.internal.security;
 import java.util.Properties;
 
 import com.gemstone.gemfire.distributed.internal.DistributionConfig;
-import com.gemstone.gemfire.security.CustomAuthRealm;
+import com.gemstone.gemfire.internal.security.shiro.CustomAuthRealm;
 import com.gemstone.gemfire.test.junit.categories.UnitTest;
 
 import org.apache.shiro.SecurityUtils;

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f04b6695/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
index 4ad390d..fe80180 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
@@ -21,7 +21,7 @@ import static org.assertj.core.api.Assertions.*;
 
 import com.gemstone.gemfire.cache.operations.OperationContext;
 import com.gemstone.gemfire.security.GemFireSecurityException;
-import com.gemstone.gemfire.security.GeodeSecurityUtil;
+import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
 import com.gemstone.gemfire.test.junit.categories.UnitTest;
 
 import org.apache.shiro.SecurityUtils;

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f04b6695/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Server.java
----------------------------------------------------------------------
diff --git a/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Server.java b/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Server.java
index 0ae5d26..3759895 100644
--- a/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Server.java
+++ b/geode-pulse/src/test/java/com/vmware/gemfire/tools/pulse/tests/Server.java
@@ -42,8 +42,8 @@ import com.gemstone.gemfire.management.internal.security.AccessControlMBean;
 import com.gemstone.gemfire.management.internal.security.JSONAuthorization;
 import com.gemstone.gemfire.management.internal.security.MBeanServerWrapper;
 import com.gemstone.gemfire.management.internal.security.ResourceConstants;
-import com.gemstone.gemfire.security.CustomAuthRealm;
-import com.gemstone.gemfire.security.JMXShiroAuthenticator;
+import com.gemstone.gemfire.internal.security.shiro.CustomAuthRealm;
+import com.gemstone.gemfire.internal.security.shiro.JMXShiroAuthenticator;
 import com.vmware.gemfire.tools.pulse.internal.data.PulseConstants;
 
 import org.apache.shiro.SecurityUtils;


Mime
View raw message