geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jinmeil...@apache.org
Subject [22/26] incubator-geode git commit: GEODE-1571: post process for get, query, cq and register interest.
Date Thu, 30 Jun 2016 19:23:27 GMT
GEODE-1571: post process for get, query, cq and register interest.


Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/39c56843
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/39c56843
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/39c56843

Branch: refs/heads/feature/GEODE-1571
Commit: 39c56843bdaa67f0df4dbbb9edc096e8cb4e12e6
Parents: beb50ad
Author: Jinmei Liao <jiliao@pivotal.io>
Authored: Thu Jun 30 11:58:42 2016 -0700
Committer: Jinmei Liao <jiliao@pivotal.io>
Committed: Thu Jun 30 11:58:42 2016 -0700

----------------------------------------------------------------------
 .../cache/tier/sockets/BaseCommandQuery.java    |  28 +++++
 .../cache/tier/sockets/CacheClientNotifier.java |  29 ++---
 .../cache/tier/sockets/CacheClientProxy.java    | 110 ++++++++++++++----
 .../cache/tier/sockets/ClientUserAuths.java     |   6 -
 .../cache/tier/sockets/ServerConnection.java    |   9 --
 .../internal/security/GeodeSecurityUtil.java    |   3 +-
 .../gemfire/security/PostProcessor.java         |   2 +-
 .../security/templates/SamplePostProcessor.java |   4 +-
 ...CacheServerMBeanAuthenticationJUnitTest.java |   9 +-
 .../JsonAuthorizationCacheStartRule.java        |  16 +--
 ...ractIntegratedClientAuthDistributedTest.java |   4 +
 ...tegratedClientGetPutAuthDistributedTest.java |  32 ++---
 ...urityNoShowValue1PostProcessorDUnitTest.java |  84 ++++++++++++++
 ...ntegratedSecurityPostProcessorDUnitTest.java | 116 +++++++++++++++++++
 .../security/NoShowValue1PostProcessor.java     |  43 +++++++
 .../security/CQPostProcessorDunitTest.java      |  88 ++++++++++++++
 ...ntegratedClientQueryAuthDistributedTest.java |  25 +++-
 .../cli/commands/CommandOverHttpDUnitTest.java  |  17 +--
 18 files changed, 515 insertions(+), 110 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/39c56843/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/BaseCommandQuery.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/BaseCommandQuery.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/BaseCommandQuery.java
index 8a95cf8..3f79873 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/BaseCommandQuery.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/BaseCommandQuery.java
@@ -156,6 +156,34 @@ public abstract class BaseCommandQuery extends BaseCommand {
 
       if (result instanceof SelectResults) {
         SelectResults selectResults = (SelectResults)result;
+
+        // post process, iterate through the result for post processing
+        List list = selectResults.asList();
+        for(Iterator<Object> valItr = list.iterator(); valItr.hasNext();){
+          Object value = valItr.next();
+          Object newValue = value;
+          if(value instanceof CqEntry){
+            CqEntry cqEntry = (CqEntry)value;
+            Object cqNewValue = GeodeSecurityUtil.postProcess(null, cqEntry.getKey(), cqEntry.getValue());
+            if(!cqEntry.getValue().equals(cqNewValue)){
+              selectResults.remove(value);
+              if(cqNewValue!=null){
+                selectResults.add(new CqEntry(cqEntry.getKey(), cqNewValue));
+              }
+            }
+          }
+          else {
+            newValue = GeodeSecurityUtil.postProcess(null, null, value);
+            if(!value.equals(newValue)){
+              selectResults.remove(value);
+              // only add the newValue back if it's not null
+              if(newValue!=null){
+                selectResults.add(newValue);
+              }
+            }
+          }
+        }
+
         if (logger.isDebugEnabled()) {
           logger.debug("Query Result size for : {} is {}", query.getQueryString(), selectResults.size());
         }

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/39c56843/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/CacheClientNotifier.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/CacheClientNotifier.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/CacheClientNotifier.java
index 11dc204..c5b742c 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/CacheClientNotifier.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/CacheClientNotifier.java
@@ -46,6 +46,7 @@ import java.util.concurrent.ScheduledThreadPoolExecutor;
 import java.util.concurrent.TimeUnit;
 
 import org.apache.logging.log4j.Logger;
+import org.apache.shiro.subject.Subject;
 
 import com.gemstone.gemfire.CancelException;
 import com.gemstone.gemfire.DataSerializer;
@@ -394,12 +395,14 @@ public class CacheClientNotifier {
               new IllegalArgumentException("Invalid conflation byte"), clientVersion);
           return;
       }
-      
+
+      proxy = registerClient(socket, proxyID, proxy, isPrimary, clientConflation,
+        clientVersion, acceptorId, notifyBySubscription);
       
       //TODO:hitesh
       Properties credentials = HandShake.readCredentials(dis, dos,
           authenticator, system);
-      if (credentials != null) {
+      if (credentials != null && proxy!=null) {
         if (securityLogWriter.fineEnabled()) {
           securityLogWriter.fine("CacheClientNotifier: verifying credentials for proxyID: " + proxyID);
         }
@@ -424,11 +427,14 @@ public class CacheClientNotifier {
             authzCallback = (AccessControl) authzMethod.invoke(null, (Object[]) null);
             authzCallback.init(principal, member, this.getCache());
           }
+          proxy.setPostAuthzCallback(authzCallback);
+        }
+        else if(subject instanceof Subject){
+          proxy.setSubject((Subject)subject);
         }
       }
     }
     catch (ClassNotFoundException e) {
-
       throw new IOException(LocalizedStrings.CacheClientNotifier_CLIENTPROXYMEMBERSHIPID_OBJECT_COULD_NOT_BE_CREATED_EXCEPTION_OCCURRED_WAS_0.toLocalizedString(e));
     }
     catch (AuthenticationRequiredException ex) {
@@ -441,24 +447,19 @@ public class CacheClientNotifier {
       writeException(dos, HandShake.REPLY_EXCEPTION_AUTHENTICATION_FAILED, ex, clientVersion);
       return;
     }
-    catch (Exception ex) {
-      logger.warn(LocalizedMessage.create(LocalizedStrings.CacheClientNotifier_AN_EXCEPTION_WAS_THROWN_FOR_CLIENT_0_1, new Object[] {proxyID, ""}), ex);
-      writeException(dos, Acceptor.UNSUCCESSFUL_SERVER_TO_CLIENT, ex, clientVersion);
-      return;
-    }
-    try {
-      proxy = registerClient(socket, proxyID, proxy, isPrimary, clientConflation,
-		  clientVersion, acceptorId, notifyBySubscription);
-    }
     catch (CacheException e) {
       logger.warn(LocalizedMessage.create(LocalizedStrings.CacheClientNotifier_0_REGISTERCLIENT_EXCEPTION_ENCOUNTERED_IN_REGISTRATION_1, new Object[] {this, e}), e);
       IOException io = new IOException(LocalizedStrings.CacheClientNotifier_EXCEPTION_OCCURRED_WHILE_TRYING_TO_REGISTER_INTEREST_DUE_TO_0.toLocalizedString(e.getMessage()));
       io.initCause(e);
       throw io;
     }
-    if (authzCallback != null && proxy != null) {
-      proxy.setPostAuthzCallback(authzCallback);
+    catch (Exception ex) {
+      logger.warn(LocalizedMessage.create(LocalizedStrings.CacheClientNotifier_AN_EXCEPTION_WAS_THROWN_FOR_CLIENT_0_1, new Object[] {proxyID, ""}), ex);
+      writeException(dos, Acceptor.UNSUCCESSFUL_SERVER_TO_CLIENT, ex, clientVersion);
+      return;
     }
+
+
     this._statistics.endClientRegistration(startTime);
   }
 

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/39c56843/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/CacheClientProxy.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/CacheClientProxy.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/CacheClientProxy.java
index c4b48f4..23b7bde 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/CacheClientProxy.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/CacheClientProxy.java
@@ -17,12 +17,55 @@
 
 package com.gemstone.gemfire.internal.cache.tier.sockets;
 
+import java.io.ByteArrayInputStream;
+import java.io.DataInputStream;
+import java.io.IOException;
+import java.net.Socket;
+import java.net.SocketException;
+import java.nio.ByteBuffer;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.concurrent.ConcurrentLinkedQueue;
+import java.util.concurrent.atomic.AtomicBoolean;
+import java.util.concurrent.atomic.AtomicInteger;
+import java.util.concurrent.atomic.AtomicReference;
+import java.util.concurrent.locks.Lock;
+import java.util.concurrent.locks.ReadWriteLock;
+import java.util.concurrent.locks.ReentrantReadWriteLock;
+import java.util.regex.Pattern;
+
+import org.apache.logging.log4j.Logger;
+import org.apache.shiro.subject.Subject;
+import org.apache.shiro.util.ThreadState;
+
 import com.gemstone.gemfire.CancelException;
 import com.gemstone.gemfire.DataSerializer;
 import com.gemstone.gemfire.StatisticsFactory;
-import com.gemstone.gemfire.cache.*;
+import com.gemstone.gemfire.cache.Cache;
+import com.gemstone.gemfire.cache.CacheClosedException;
+import com.gemstone.gemfire.cache.CacheException;
+import com.gemstone.gemfire.cache.ClientSession;
+import com.gemstone.gemfire.cache.DynamicRegionFactory;
+import com.gemstone.gemfire.cache.InterestRegistrationEvent;
+import com.gemstone.gemfire.cache.InterestResultPolicy;
+import com.gemstone.gemfire.cache.Region;
+import com.gemstone.gemfire.cache.RegionDestroyedException;
+import com.gemstone.gemfire.cache.RegionExistsException;
 import com.gemstone.gemfire.cache.client.internal.RegisterInterestTracker;
-import com.gemstone.gemfire.cache.operations.*;
+import com.gemstone.gemfire.cache.operations.DestroyOperationContext;
+import com.gemstone.gemfire.cache.operations.InvalidateOperationContext;
+import com.gemstone.gemfire.cache.operations.OperationContext;
+import com.gemstone.gemfire.cache.operations.PutOperationContext;
+import com.gemstone.gemfire.cache.operations.RegionClearOperationContext;
+import com.gemstone.gemfire.cache.operations.RegionCreateOperationContext;
+import com.gemstone.gemfire.cache.operations.RegionDestroyOperationContext;
 import com.gemstone.gemfire.cache.query.CqException;
 import com.gemstone.gemfire.cache.query.internal.cq.CqService;
 import com.gemstone.gemfire.cache.query.internal.cq.InternalCqQuery;
@@ -34,8 +77,21 @@ import com.gemstone.gemfire.i18n.StringId;
 import com.gemstone.gemfire.internal.SystemTimer;
 import com.gemstone.gemfire.internal.SystemTimer.SystemTimerTask;
 import com.gemstone.gemfire.internal.Version;
-import com.gemstone.gemfire.internal.cache.*;
+import com.gemstone.gemfire.internal.cache.CacheDistributionAdvisee;
 import com.gemstone.gemfire.internal.cache.CacheDistributionAdvisor.InitialImageAdvice;
+import com.gemstone.gemfire.internal.cache.ClientServerObserver;
+import com.gemstone.gemfire.internal.cache.ClientServerObserverHolder;
+import com.gemstone.gemfire.internal.cache.Conflatable;
+import com.gemstone.gemfire.internal.cache.DistributedRegion;
+import com.gemstone.gemfire.internal.cache.EntryEventImpl;
+import com.gemstone.gemfire.internal.cache.EnumListenerEvent;
+import com.gemstone.gemfire.internal.cache.EventID;
+import com.gemstone.gemfire.internal.cache.FilterProfile;
+import com.gemstone.gemfire.internal.cache.GemFireCacheImpl;
+import com.gemstone.gemfire.internal.cache.InterestRegistrationEventImpl;
+import com.gemstone.gemfire.internal.cache.LocalRegion;
+import com.gemstone.gemfire.internal.cache.PartitionedRegion;
+import com.gemstone.gemfire.internal.cache.StateFlushOperation;
 import com.gemstone.gemfire.internal.cache.ha.HAContainerWrapper;
 import com.gemstone.gemfire.internal.cache.ha.HARegionQueue;
 import com.gemstone.gemfire.internal.cache.ha.HARegionQueueAttributes;
@@ -51,24 +107,8 @@ import com.gemstone.gemfire.internal.logging.LoggingThreadGroup;
 import com.gemstone.gemfire.internal.logging.log4j.LocalizedMessage;
 import com.gemstone.gemfire.internal.logging.log4j.LogMarker;
 import com.gemstone.gemfire.internal.security.AuthorizeRequestPP;
+import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
 import com.gemstone.gemfire.security.AccessControl;
-import org.apache.logging.log4j.Logger;
-
-import java.io.ByteArrayInputStream;
-import java.io.DataInputStream;
-import java.io.IOException;
-import java.net.Socket;
-import java.net.SocketException;
-import java.nio.ByteBuffer;
-import java.util.*;
-import java.util.concurrent.ConcurrentLinkedQueue;
-import java.util.concurrent.atomic.AtomicBoolean;
-import java.util.concurrent.atomic.AtomicInteger;
-import java.util.concurrent.atomic.AtomicReference;
-import java.util.concurrent.locks.Lock;
-import java.util.concurrent.locks.ReadWriteLock;
-import java.util.concurrent.locks.ReentrantReadWriteLock;
-import java.util.regex.Pattern;
 
 /**
  * Class <code>CacheClientProxy</code> represents the server side of the
@@ -223,6 +263,7 @@ public class CacheClientProxy implements ClientSession {
   boolean keepalive = false;
 
   private AccessControl postAuthzCallback;
+  private Subject subject;
 
   /**
    * For multiuser environment..
@@ -362,6 +403,16 @@ public class CacheClientProxy implements ClientSession {
       this.postAuthzCallback = authzCallback;
     }
   }
+
+  public void setSubject(Subject subject) {
+    //TODO:hitesh synchronization
+    synchronized (this.clientUserAuthsLock) {
+      if (this.subject != null) {
+        subject.logout();
+      }
+      this.subject = subject;
+    }
+  }
   
   public void setCQVsUserAuth(String cqName, long uniqueId, boolean isDurable)
   {
@@ -1591,6 +1642,7 @@ public class CacheClientProxy implements ClientSession {
    */
   protected void deliverMessage(Conflatable conflatable)
   {
+    ThreadState state = GeodeSecurityUtil.bindSubject(this.subject);
     ClientUpdateMessage clientMessage = null;
     if(conflatable instanceof HAEventWrapper) {
       clientMessage = ((HAEventWrapper)conflatable).getClientUpdateMessage();
@@ -1600,6 +1652,21 @@ public class CacheClientProxy implements ClientSession {
 
     this._statistics.incMessagesReceived();
 
+    // post process
+    Object oldValue = clientMessage.getValue();
+    if(oldValue instanceof byte[]){
+      EntryEventImpl.deserialize((byte[])oldValue);
+      Object newValue = GeodeSecurityUtil.postProcess(clientMessage.getRegionName(),
+        clientMessage.getKeyOfInterest(),
+        EntryEventImpl.deserialize((byte[])oldValue));
+      clientMessage.setLatestValue(EntryEventImpl.serialize(newValue));
+    }
+    else{
+      Object newValue = GeodeSecurityUtil.postProcess(clientMessage.getRegionName(),
+        clientMessage.getKeyOfInterest(), oldValue);
+      clientMessage.setLatestValue(newValue);
+    }
+
     if (clientMessage.needsNoAuthorizationCheck() || postDeliverAuthCheckPassed(clientMessage)) {
       // If dispatcher is getting initialized, add the event to temporary queue.
       if (this.messageDispatcherInit) {
@@ -1625,6 +1692,9 @@ public class CacheClientProxy implements ClientSession {
     } else {
       this._statistics.incMessagesFailedQueued();
     }
+
+    if(state!=null)
+      state.clear();
   }
 
   protected void sendMessageDirectly(ClientMessage message) {

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/39c56843/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/ClientUserAuths.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/ClientUserAuths.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/ClientUserAuths.java
index 27f7fa8..8d24491 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/ClientUserAuths.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/ClientUserAuths.java
@@ -27,7 +27,6 @@ import org.apache.shiro.subject.Subject;
 import com.gemstone.gemfire.internal.logging.LogService;
 import com.gemstone.gemfire.internal.security.AuthorizeRequest;
 import com.gemstone.gemfire.internal.security.AuthorizeRequestPP;
-import com.gemstone.gemfire.security.NotAuthorizedException;
 
 public class ClientUserAuths
 {
@@ -133,11 +132,6 @@ public class ClientUserAuths
         }
       }
     }
-    else
-    {
-      //TODO:throw not authorized exception? will this ever happen??
-      throw new NotAuthorizedException("User is not authorized for CQ");
-    }
   }
   
   public void removeUserAuthAttributesForCq(String cqName, boolean isDurable)

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/39c56843/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/ServerConnection.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/ServerConnection.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/ServerConnection.java
index 7c650b9..37c6034 100755
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/ServerConnection.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/ServerConnection.java
@@ -630,15 +630,6 @@ public class ServerConnection implements Runnable {
     }
     return true;
   }
-
-//  public static AuthorizeRequestPP getPostAuthorizeCallback(ClientProxyMembershipID proxyId, String cqName)
-//  {
-//    ClientUserAuths cua = proxyIdVsClientUserAuths.get(proxyId);
-//    UserAuthAttributes uaa =  cua.getUserAuthAttributes(cqName);
-//    if (uaa != null)
-//      return uaa.getPostAuthzRequest();
-//    return null;
-//  }
   
   public void setCq(String cqName, boolean isDurable) throws Exception
   {

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/39c56843/geode-core/src/main/java/com/gemstone/gemfire/internal/security/GeodeSecurityUtil.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/internal/security/GeodeSecurityUtil.java b/geode-core/src/main/java/com/gemstone/gemfire/internal/security/GeodeSecurityUtil.java
index 0ae3f7d..af1788a 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/internal/security/GeodeSecurityUtil.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/internal/security/GeodeSecurityUtil.java
@@ -343,7 +343,8 @@ public class GeodeSecurityUtil {
     if(subject == null)
       return result;
 
-    return postProcessor.processRegionValue((Principal)subject.getPrincipal(), regionPath, key,  result);
+    String regionName = StringUtils.stripStart(regionPath, "/");
+    return postProcessor.processRegionValue((Principal)subject.getPrincipal(), regionName, key,  result);
   }
 
   public static Object getObject(String factoryName) {

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/39c56843/geode-core/src/main/java/com/gemstone/gemfire/security/PostProcessor.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/security/PostProcessor.java b/geode-core/src/main/java/com/gemstone/gemfire/security/PostProcessor.java
index 7f959e9..1331081 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/security/PostProcessor.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/security/PostProcessor.java
@@ -22,5 +22,5 @@ import java.util.Properties;
 
 public interface PostProcessor {
   void init(Properties securityProps);
-  Object processRegionValue(Principal principal, String regionPath, Object key,  Object value);
+  Object processRegionValue(Principal principal, String regionName, Object key,  Object value);
 }

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/39c56843/geode-core/src/main/java/com/gemstone/gemfire/security/templates/SamplePostProcessor.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/security/templates/SamplePostProcessor.java b/geode-core/src/main/java/com/gemstone/gemfire/security/templates/SamplePostProcessor.java
index 87a4e3c..8f13deb 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/security/templates/SamplePostProcessor.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/security/templates/SamplePostProcessor.java
@@ -36,9 +36,9 @@ public class SamplePostProcessor implements PostProcessor{
 
   @Override
   public Object processRegionValue(Principal principal,
-                                   String regionPath,
+                                   String regionName,
                                    Object key,
                                    Object value) {
-    return principal.getName()+"/"+regionPath+"/"+key+"/"+value;
+    return principal.getName()+"/"+regionName+"/"+key+"/"+value;
   }
 }

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/39c56843/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanAuthenticationJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanAuthenticationJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanAuthenticationJUnitTest.java
index cf2a739..f38f2fc 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanAuthenticationJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanAuthenticationJUnitTest.java
@@ -16,15 +16,16 @@
  */
 package com.gemstone.gemfire.management.internal.security;
 
-import com.gemstone.gemfire.internal.AvailablePort;
-import com.gemstone.gemfire.management.CacheServerMXBean;
-import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
 import org.junit.Before;
 import org.junit.ClassRule;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;
 
+import com.gemstone.gemfire.internal.AvailablePort;
+import com.gemstone.gemfire.management.CacheServerMXBean;
+import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
+
 @Category(IntegrationTest.class)
 public class CacheServerMBeanAuthenticationJUnitTest {
   private static int jmxManagerPort = AvailablePort.getRandomAvailablePort(AvailablePort.SOCKET);
@@ -33,7 +34,7 @@ public class CacheServerMBeanAuthenticationJUnitTest {
 
   @ClassRule
   public static JsonAuthorizationCacheStartRule serverRule = new JsonAuthorizationCacheStartRule(
-      jmxManagerPort, "cacheServer.json", false);
+      jmxManagerPort, "cacheServer.json");
 
   @Rule
   public MBeanServerConnectionRule connectionRule = new MBeanServerConnectionRule(jmxManagerPort);

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/39c56843/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JsonAuthorizationCacheStartRule.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JsonAuthorizationCacheStartRule.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JsonAuthorizationCacheStartRule.java
index 4714016..00a9d7f 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JsonAuthorizationCacheStartRule.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JsonAuthorizationCacheStartRule.java
@@ -31,12 +31,10 @@ public class JsonAuthorizationCacheStartRule extends ExternalResource {
   private int httpPort = 0;
   private String jsonFile;
   private Class postProcessor;
-  private boolean doAuthorization;
 
   public JsonAuthorizationCacheStartRule(int jmxManagerPort, String jsonFile, Class postProcessor) {
     this.jmxManagerPort = jmxManagerPort;
     this.jsonFile = jsonFile;
-    this.doAuthorization = true;
     this.postProcessor = postProcessor;
   }
 
@@ -44,20 +42,12 @@ public class JsonAuthorizationCacheStartRule extends ExternalResource {
   public JsonAuthorizationCacheStartRule(int jmxManagerPort, String jsonFile) {
     this.jmxManagerPort = jmxManagerPort;
     this.jsonFile = jsonFile;
-    this.doAuthorization = true;
   }
 
   public JsonAuthorizationCacheStartRule(int jmxManagerPort, int httpPort, String jsonFile) {
     this.jmxManagerPort = jmxManagerPort;
     this.httpPort = httpPort;
     this.jsonFile = jsonFile;
-    this.doAuthorization = true;
-  }
-
-  public JsonAuthorizationCacheStartRule(int jmxManagerPort, String jsonFile, boolean doAuthorization) {
-    this.jmxManagerPort = jmxManagerPort;
-    this.jsonFile = jsonFile;
-    this.doAuthorization = doAuthorization;
   }
 
   protected void before() throws Throwable {
@@ -71,9 +61,7 @@ public class JsonAuthorizationCacheStartRule extends ExternalResource {
     properties.put(HTTP_SERVICE_PORT, String.valueOf(httpPort));
     properties.put(SECURITY_CLIENT_AUTHENTICATOR,
         JSONAuthorization.class.getName() + ".create");
-    if (doAuthorization) {
-      properties.put(SECURITY_CLIENT_ACCESSOR, JSONAuthorization.class.getName() + ".create");
-    }
+
     if(postProcessor!=null){
       properties.put(SECURITY_CLIENT_ACCESSOR_PP, postProcessor.getName()+".create");
     }
@@ -82,8 +70,6 @@ public class JsonAuthorizationCacheStartRule extends ExternalResource {
 
     cache = new CacheFactory(properties).create();
     cache.addCacheServer().start();
-
-    cache.createRegionFactory().create("region1");
   }
 
   public Cache getCache(){

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/39c56843/geode-core/src/test/java/com/gemstone/gemfire/security/AbstractIntegratedClientAuthDistributedTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/AbstractIntegratedClientAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/AbstractIntegratedClientAuthDistributedTest.java
index a7ecb25..50d33ef 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/AbstractIntegratedClientAuthDistributedTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/AbstractIntegratedClientAuthDistributedTest.java
@@ -47,6 +47,7 @@ public class AbstractIntegratedClientAuthDistributedTest extends JUnit4CacheTest
   protected VM client2 = null;
   protected VM client3 = null;
   protected int serverPort;
+  protected Class postProcessor = null;
 
   @Before
   public void before() throws Exception{
@@ -59,6 +60,9 @@ public class AbstractIntegratedClientAuthDistributedTest extends JUnit4CacheTest
 
     Properties props = new Properties();
     props.setProperty(SECURITY_CLIENT_AUTHENTICATOR, JSONAuthorization.class.getName()+".create");
+    if(postProcessor!=null){
+      props.setProperty(SECURITY_CLIENT_ACCESSOR_PP, postProcessor.getName()+".create");
+    }
     props.setProperty(MCAST_PORT, "0");
     props.setProperty(LOCATORS, "");
     props.setProperty(SECURITY_LOG_LEVEL, "finest");

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/39c56843/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetPutAuthDistributedTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetPutAuthDistributedTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetPutAuthDistributedTest.java
index 37f9e80..0630ecf 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetPutAuthDistributedTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedClientGetPutAuthDistributedTest.java
@@ -24,16 +24,14 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
 import com.gemstone.gemfire.cache.Region;
 import com.gemstone.gemfire.cache.client.ClientCache;
-import com.gemstone.gemfire.cache.client.ClientCacheFactory;
-import com.gemstone.gemfire.cache.client.ClientRegionShortcut;
 import com.gemstone.gemfire.test.dunit.AsyncInvocation;
 import com.gemstone.gemfire.test.junit.categories.DistributedTest;
 
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
 @Category(DistributedTest.class)
 public class IntegratedClientGetPutAuthDistributedTest extends AbstractIntegratedClientAuthDistributedTest {
 
@@ -49,12 +47,8 @@ public class IntegratedClientGetPutAuthDistributedTest extends AbstractIntegrate
 
     // client1 connects to server as a user not authorized to do any operations
     AsyncInvocation ai1 =  client1.invokeAsync(()->{
-      ClientCache cache = new ClientCacheFactory(createClientProperties("stranger", "1234567"))
-        .setPoolSubscriptionEnabled(true)
-        .addPoolServer("localhost", serverPort)
-        .create();
-
-      Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME);
+      ClientCache cache = createClientCache("stranger", "1234567", serverPort);
+      Region region = cache.getRegion(REGION_NAME);
 
       assertNotAuthorized(()->region.put("key3", "value3"), "DATA:WRITE:AuthRegion:key3");
       assertNotAuthorized(()->region.get("key3"), "DATA:READ:AuthRegion:key3");
@@ -72,12 +66,8 @@ public class IntegratedClientGetPutAuthDistributedTest extends AbstractIntegrate
 
     // client2 connects to user as a user authorized to use AuthRegion region
     AsyncInvocation ai2 =  client2.invokeAsync(()->{
-      ClientCache cache = new ClientCacheFactory(createClientProperties("authRegionUser", "1234567"))
-        .setPoolSubscriptionEnabled(true)
-        .addPoolServer("localhost", serverPort)
-        .create();
-
-      Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME);
+      ClientCache cache = createClientCache("authRegionUser", "1234567", serverPort);
+      Region region = cache.getRegion(REGION_NAME);
 
       region.put("key3", "value3");
       assertEquals("value3", region.get("key3"));
@@ -96,12 +86,8 @@ public class IntegratedClientGetPutAuthDistributedTest extends AbstractIntegrate
 
     // client3 connects to user as a user authorized to use key1 in AuthRegion region
     AsyncInvocation ai3 =  client3.invokeAsync(()->{
-      ClientCache cache = new ClientCacheFactory(createClientProperties("key1User", "1234567"))
-        .setPoolSubscriptionEnabled(true)
-        .addPoolServer("localhost", serverPort)
-        .create();
-
-      Region region = cache.createClientRegionFactory(ClientRegionShortcut.PROXY).create(REGION_NAME);
+      ClientCache cache = createClientCache("key1User", "1234567", serverPort);
+      Region region = cache.getRegion(REGION_NAME);
 
       assertNotAuthorized(()->region.put("key2", "value1"), "DATA:WRITE:AuthRegion:key2");
       assertNotAuthorized(()->region.get("key2"), "DATA:READ:AuthRegion:key2");

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/39c56843/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityNoShowValue1PostProcessorDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityNoShowValue1PostProcessorDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityNoShowValue1PostProcessorDUnitTest.java
new file mode 100644
index 0000000..98a62df
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityNoShowValue1PostProcessorDUnitTest.java
@@ -0,0 +1,84 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.gemstone.gemfire.security;
+
+import static org.junit.Assert.*;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+import org.junit.Test;
+
+import com.gemstone.gemfire.cache.Region;
+import com.gemstone.gemfire.cache.client.ClientCache;
+import com.gemstone.gemfire.cache.client.Pool;
+import com.gemstone.gemfire.cache.client.PoolManager;
+import com.gemstone.gemfire.cache.query.SelectResults;
+
+public class IntegratedSecurityNoShowValue1PostProcessorDUnitTest extends AbstractIntegratedClientAuthDistributedTest {
+
+  public IntegratedSecurityNoShowValue1PostProcessorDUnitTest(){
+    this.postProcessor = NoShowValue1PostProcessor.class;
+  }
+
+  @Test
+  public void testPostProcess(){
+    List<String> keys = new ArrayList<>();
+    keys.add("key1");
+    keys.add("key2");
+
+    client1.invoke(()->{
+      ClientCache cache = createClientCache("super-user", "1234567", serverPort);
+      Region region = cache.getRegion(REGION_NAME);
+
+      // post process for get
+      assertEquals("value3", region.get("key3"));
+
+      assertNull(region.get("key1"));
+
+      // post processs for getAll
+      Map values = region.getAll(keys);
+      assertEquals(2, values.size());
+      assertEquals("value2", values.get("key2"));
+      assertNull(values.get("key1"));
+
+      // post process for query
+      String query = "select * from /AuthRegion";
+      SelectResults result = region.query(query);
+      System.out.println("query result: "+result);
+      assertEquals(4, result.size());
+      assertTrue(result.contains("value0"));
+      assertFalse(result.contains("value1"));
+      assertTrue(result.contains("value2"));
+      assertTrue(result.contains("value3"));
+      assertTrue(result.contains("value4"));
+
+      Pool pool = PoolManager.find(region);
+      result =  (SelectResults)pool.getQueryService().newQuery(query).execute();
+      System.out.println("query result: "+result);
+      assertTrue(result.contains("value0"));
+      assertFalse(result.contains("value1"));
+      assertTrue(result.contains("value2"));
+      assertTrue(result.contains("value3"));
+      assertTrue(result.contains("value4"));
+
+    });
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/39c56843/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPostProcessorDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPostProcessorDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPostProcessorDUnitTest.java
new file mode 100644
index 0000000..9f3e8b7
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPostProcessorDUnitTest.java
@@ -0,0 +1,116 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.gemstone.gemfire.security;
+
+import static org.junit.Assert.*;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+import org.junit.Test;
+
+import com.gemstone.gemfire.cache.EntryEvent;
+import com.gemstone.gemfire.cache.Region;
+import com.gemstone.gemfire.cache.client.ClientCache;
+import com.gemstone.gemfire.cache.client.ClientCacheFactory;
+import com.gemstone.gemfire.cache.client.ClientRegionFactory;
+import com.gemstone.gemfire.cache.client.ClientRegionShortcut;
+import com.gemstone.gemfire.cache.client.Pool;
+import com.gemstone.gemfire.cache.client.PoolManager;
+import com.gemstone.gemfire.cache.query.SelectResults;
+import com.gemstone.gemfire.cache.util.CacheListenerAdapter;
+import com.gemstone.gemfire.security.templates.SamplePostProcessor;
+
+public class IntegratedSecurityPostProcessorDUnitTest extends AbstractIntegratedClientAuthDistributedTest {
+
+  public IntegratedSecurityPostProcessorDUnitTest(){
+    this.postProcessor = SamplePostProcessor.class;
+  }
+
+  @Test
+  public void testPostProcess(){
+    List<String> keys = new ArrayList<>();
+    keys.add("key1");
+    keys.add("key2");
+
+    client1.invoke(()->{
+      ClientCache cache = createClientCache("super-user", "1234567", serverPort);
+      Region region = cache.getRegion(REGION_NAME);
+
+      // post process for get
+      Object value = region.get("key3");
+      assertEquals("super-user/AuthRegion/key3/value3", value);
+
+      // post processs for getAll
+      Map values = region.getAll(keys);
+      assertEquals(2, values.size());
+      assertEquals("super-user/AuthRegion/key1/value1", values.get("key1"));
+      assertEquals("super-user/AuthRegion/key2/value2", values.get("key2"));
+
+      // post process for query
+      String query = "select * from /AuthRegion";
+      SelectResults result = region.query(query);
+      assertEquals(5, result.size());
+
+      assertTrue(result.contains("super-user/null/null/value0"));
+      assertTrue(result.contains("super-user/null/null/value1"));
+      assertTrue(result.contains("super-user/null/null/value2"));
+      assertTrue(result.contains("super-user/null/null/value3"));
+      assertTrue(result.contains("super-user/null/null/value4"));
+
+      Pool pool = PoolManager.find(region);
+      result =  (SelectResults)pool.getQueryService().newQuery(query).execute();
+      assertTrue(result.contains("super-user/null/null/value0"));
+      assertTrue(result.contains("super-user/null/null/value1"));
+      assertTrue(result.contains("super-user/null/null/value2"));
+      assertTrue(result.contains("super-user/null/null/value3"));
+      assertTrue(result.contains("super-user/null/null/value4"));
+
+    });
+  }
+
+  @Test
+  public void testRegisterInterestPostProcess(){
+    client1.invoke(()->{
+      ClientCache cache = new ClientCacheFactory(createClientProperties("super-user", "1234567"))
+        .setPoolSubscriptionEnabled(true)
+        .addPoolServer("localhost", serverPort)
+        .create();
+
+      ClientRegionFactory factory =  cache.createClientRegionFactory(ClientRegionShortcut.PROXY);
+      factory.addCacheListener(new CacheListenerAdapter() {
+        @Override
+        public void afterUpdate(EntryEvent event) {
+          assertEquals("super-user/AuthRegion/key1/value2", event.getSerializedNewValue().getDeserializedValue());
+        }
+      });
+
+      Region region = factory.create(REGION_NAME);
+      region.put("key1", "value1");
+      region.registerInterest("key1");
+    });
+
+    client2.invoke(()->{
+      ClientCache cache = createClientCache("dataUser", "1234567", serverPort);
+      Region region = cache.getRegion(REGION_NAME);
+      region.put("key1", "value2");
+    });
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/39c56843/geode-core/src/test/java/com/gemstone/gemfire/security/NoShowValue1PostProcessor.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/NoShowValue1PostProcessor.java b/geode-core/src/test/java/com/gemstone/gemfire/security/NoShowValue1PostProcessor.java
new file mode 100644
index 0000000..bca9717
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/NoShowValue1PostProcessor.java
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.gemstone.gemfire.security;
+
+import java.security.Principal;
+import java.util.Properties;
+
+public class NoShowValue1PostProcessor implements PostProcessor {
+
+  public static NoShowValue1PostProcessor create(){
+    return new NoShowValue1PostProcessor();
+  }
+
+  @Override
+  public void init(final Properties securityProps) {
+  }
+
+  @Override
+  public Object processRegionValue(final Principal principal,
+                                   final String regionName,
+                                   final Object key,
+                                   final Object value) {
+    if(value.equals("value1"))
+      return null;
+    else
+      return value;
+  }
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/39c56843/geode-cq/src/test/java/com/gemstone/gemfire/security/CQPostProcessorDunitTest.java
----------------------------------------------------------------------
diff --git a/geode-cq/src/test/java/com/gemstone/gemfire/security/CQPostProcessorDunitTest.java b/geode-cq/src/test/java/com/gemstone/gemfire/security/CQPostProcessorDunitTest.java
new file mode 100644
index 0000000..54f2e1a
--- /dev/null
+++ b/geode-cq/src/test/java/com/gemstone/gemfire/security/CQPostProcessorDunitTest.java
@@ -0,0 +1,88 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.gemstone.gemfire.security;
+
+import static org.junit.Assert.*;
+
+import org.junit.Test;
+
+import com.gemstone.gemfire.cache.Region;
+import com.gemstone.gemfire.cache.client.ClientCache;
+import com.gemstone.gemfire.cache.client.Pool;
+import com.gemstone.gemfire.cache.client.PoolManager;
+import com.gemstone.gemfire.cache.query.CqAttributes;
+import com.gemstone.gemfire.cache.query.CqAttributesFactory;
+import com.gemstone.gemfire.cache.query.CqEvent;
+import com.gemstone.gemfire.cache.query.CqQuery;
+import com.gemstone.gemfire.cache.query.CqResults;
+import com.gemstone.gemfire.cache.query.QueryService;
+import com.gemstone.gemfire.cache.query.internal.cq.CqListenerImpl;
+import com.gemstone.gemfire.security.templates.SamplePostProcessor;
+
+public class CQPostProcessorDunitTest extends AbstractIntegratedClientAuthDistributedTest {
+
+  public CQPostProcessorDunitTest(){
+    this.postProcessor = SamplePostProcessor.class;
+  }
+
+  @Test
+  public void testPostProcess(){
+    String query = "select * from /AuthRegion";
+    client1.invoke(()-> {
+      ClientCache cache = createClientCache("super-user", "1234567", serverPort);
+      Region region = cache.getRegion(REGION_NAME);
+
+
+
+      Pool pool = PoolManager.find(region);
+      QueryService qs = pool.getQueryService();
+
+      CqAttributesFactory factory = new CqAttributesFactory();
+
+      factory.addCqListener(new CqListenerImpl() {
+        @Override
+        public void onEvent(final CqEvent aCqEvent) {
+          assertEquals("key6", aCqEvent.getKey());
+          assertEquals("super-user/AuthRegion/key6/value6", aCqEvent.getNewValue());
+        }
+      });
+
+
+      CqAttributes cqa = factory.create();
+
+      // Create the CqQuery
+      CqQuery cq = qs.newCq("CQ1", query, cqa);
+      CqResults results = cq.executeWithInitialResults();
+      assertEquals(5, results.size());
+      String resultString = results.toString();
+      assertTrue(resultString, resultString.contains("key:key0,value:super-user/null/key0/value0"));
+      assertTrue(resultString.contains("key:key1,value:super-user/null/key1/value1"));
+      assertTrue(resultString.contains("key:key2,value:super-user/null/key2/value2"));
+      assertTrue(resultString.contains("key:key3,value:super-user/null/key3/value3"));
+      assertTrue(resultString.contains("key:key4,value:super-user/null/key4/value4"));
+    });
+
+    client2.invoke(()-> {
+      ClientCache cache = createClientCache("authRegionUser", "1234567", serverPort);
+      Region region = cache.getRegion(REGION_NAME);
+      region.put("key6", "value6");
+    });
+
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/39c56843/geode-cq/src/test/java/com/gemstone/gemfire/security/IntegratedClientQueryAuthDistributedTest.java
----------------------------------------------------------------------
diff --git a/geode-cq/src/test/java/com/gemstone/gemfire/security/IntegratedClientQueryAuthDistributedTest.java b/geode-cq/src/test/java/com/gemstone/gemfire/security/IntegratedClientQueryAuthDistributedTest.java
index ad219cf..0b22146 100644
--- a/geode-cq/src/test/java/com/gemstone/gemfire/security/IntegratedClientQueryAuthDistributedTest.java
+++ b/geode-cq/src/test/java/com/gemstone/gemfire/security/IntegratedClientQueryAuthDistributedTest.java
@@ -25,6 +25,8 @@ import com.gemstone.gemfire.cache.client.Pool;
 import com.gemstone.gemfire.cache.client.PoolManager;
 import com.gemstone.gemfire.cache.query.CqAttributes;
 import com.gemstone.gemfire.cache.query.CqAttributesFactory;
+import com.gemstone.gemfire.cache.query.CqEvent;
+import com.gemstone.gemfire.cache.query.CqListener;
 import com.gemstone.gemfire.cache.query.CqQuery;
 import com.gemstone.gemfire.cache.query.QueryService;
 import com.gemstone.gemfire.test.junit.categories.DistributedTest;
@@ -87,11 +89,30 @@ public class IntegratedClientQueryAuthDistributedTest extends AbstractIntegrated
       Pool pool = PoolManager.find(region);
       QueryService qs = pool.getQueryService();
 
-      CqAttributes cqa = new CqAttributesFactory().create();
+      CqAttributesFactory factory = new CqAttributesFactory();
+      factory.addCqListener(new CqListener() {
+        @Override
+        public void onEvent(final CqEvent aCqEvent) {
+          System.out.println(aCqEvent);
+        }
+
+        @Override
+        public void onError(final CqEvent aCqEvent) {
+
+        }
+
+        @Override
+        public void close() {
+
+        }
+      });
+
+
+      CqAttributes cqa = factory.create();
 
       // Create the CqQuery
       CqQuery cq = qs.newCq("CQ1", query, cqa);
-      cq.execute();
+      System.out.println("query result: "+cq.executeWithInitialResults());
 
       cq.stop();
     });

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/39c56843/geode-web/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-web/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpDUnitTest.java b/geode-web/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpDUnitTest.java
index 14a48c7..2f5348f 100644
--- a/geode-web/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpDUnitTest.java
+++ b/geode-web/src/test/java/com/gemstone/gemfire/management/internal/cli/commands/CommandOverHttpDUnitTest.java
@@ -16,25 +16,16 @@
  */
 package com.gemstone.gemfire.management.internal.cli.commands;
 
-import org.junit.experimental.categories.Category;
-import org.junit.Test;
-
-import static org.junit.Assert.*;
-
-import com.gemstone.gemfire.test.dunit.cache.internal.JUnit4CacheTestCase;
-import com.gemstone.gemfire.test.dunit.internal.JUnit4DistributedTestCase;
-import com.gemstone.gemfire.test.junit.categories.DistributedTest;
-
-import com.gemstone.gemfire.test.junit.categories.DistributedTest;
-import com.gemstone.gemfire.test.junit.categories.SecurityTest;
-import com.gemstone.gemfire.test.junit.runner.SuiteRunner;
-
 import org.junit.ClassRule;
 import org.junit.contrib.java.lang.system.ProvideSystemProperty;
 import org.junit.experimental.categories.Category;
 import org.junit.runner.RunWith;
 import org.junit.runners.Suite;
 
+import com.gemstone.gemfire.test.junit.categories.DistributedTest;
+import com.gemstone.gemfire.test.junit.categories.SecurityTest;
+import com.gemstone.gemfire.test.junit.runner.SuiteRunner;
+
 @Category({ DistributedTest.class, SecurityTest.class })
 @RunWith(SuiteRunner.class)
 @Suite.SuiteClasses({


Mime
View raw message