Return-Path: <commits-return-11226-archive-asf-public=cust-asf.ponee.io@geode.incubator.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 4C0C4200B65
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Wed, 13 Jul 2016 02:25:22 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id 4AA63160A75; Wed, 13 Jul 2016 00:25:22 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id C4D2B160A56
	for <archive-asf-public@cust-asf.ponee.io>; Wed, 13 Jul 2016 02:25:20 +0200 (CEST)
Received: (qmail 48443 invoked by uid 500); 13 Jul 2016 00:25:20 -0000
Mailing-List: contact commits-help@geode.incubator.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@geode.incubator.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@geode.incubator.apache.org>
List-Post: <mailto:commits@geode.incubator.apache.org>
List-Id: <commits.geode.incubator.apache.org>
Reply-To: dev@geode.incubator.apache.org
Delivered-To: mailing list commits@geode.incubator.apache.org
Received: (qmail 48432 invoked by uid 99); 13 Jul 2016 00:25:20 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 13 Jul 2016 00:25:19 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id 8D72018397F
	for <commits@geode.apache.org>; Wed, 13 Jul 2016 00:25:19 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -4.646
X-Spam-Level: 
X-Spam-Status: No, score=-4.646 tagged_above=-999 required=6.31
	tests=[KAM_ASCII_DIVIDERS=0.8, KAM_LAZY_DOMAIN_SECURITY=1,
	RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01,
	RP_MATCHES_RCVD=-1.426] autolearn=disabled
Received: from mx1-lw-eu.apache.org ([10.40.0.8])
	by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024)
	with ESMTP id wfb-5fbTJO1o for <commits@geode.apache.org>;
	Wed, 13 Jul 2016 00:25:15 +0000 (UTC)
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with SMTP id CB9F860D25
	for <commits@geode.incubator.apache.org>; Wed, 13 Jul 2016 00:25:13 +0000 (UTC)
Received: (qmail 48361 invoked by uid 99); 13 Jul 2016 00:25:13 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 13 Jul 2016 00:25:13 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33)
	id DBC0BE1021; Wed, 13 Jul 2016 00:25:12 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: klund@apache.org
To: commits@geode.incubator.apache.org
Date: Wed, 13 Jul 2016 00:25:12 -0000
Message-Id: <d75e988f5b734b8ba950a178f7057514@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: [1/2] incubator-geode git commit: GEODE-1646: repackage new Security
 classes in org.apache.geode.security
archived-at: Wed, 13 Jul 2016 00:25:22 -0000

Repository: incubator-geode
Updated Branches:
  refs/heads/develop 435283357 -> c7667075a


http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c7667075/geode-core/src/main/java/org/apache/geode/security/templates/SampleSecurityManager.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/org/apache/geode/security/templates/SampleSecurityManager.java b/geode-core/src/main/java/org/apache/geode/security/templates/SampleSecurityManager.java
new file mode 100644
index 0000000..55a2079
--- /dev/null
+++ b/geode-core/src/main/java/org/apache/geode/security/templates/SampleSecurityManager.java
@@ -0,0 +1,256 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.geode.security.templates;
+
+import java.io.File;
+import java.io.FileReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.StringWriter;
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Properties;
+import java.util.Set;
+import java.util.stream.Collectors;
+import java.util.stream.StreamSupport;
+
+import javax.management.remote.JMXPrincipal;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.apache.commons.io.IOUtils;
+import org.apache.shiro.authz.Permission;
+
+import com.gemstone.gemfire.management.internal.security.ResourceConstants;
+import com.gemstone.gemfire.security.AuthenticationFailedException;
+import org.apache.geode.security.SecurityManager;
+import org.apache.geode.security.GeodePermission;
+import com.gemstone.gemfire.security.NotAuthorizedException;
+
+/**
+ * This class provides a sample implementation for authentication and authorization via the {@link SecurityManager}
+ *
+ * In order to use it, a Geode member must be started with the following properties:
+ * <p/>
+ * <code>
+ *   security-manager = com.gemstone.gemfire.security.examples.SampleSecurityManager.create
+ * </code>
+ * <p/>
+ * The class is initialized with a JSON file called {@code security.json}. This file must exist on the classpath,
+ * so members should be started with an appropriate {@code --classpath} option.
+ * <p/>
+ * The format of the file is as follows:
+ * <pre>
+ * {
+ *   "roles": [
+ *     {
+ *       "name": "admin",
+ *       "operationsAllowed": [
+ *         "CLUSTER:MANAGE",
+ *         "DATA:MANAGE"
+ *       ]
+ *     },
+ *     {
+ *       "name": "readRegionA",
+ *       "operationsAllowed": [
+ *         "DATA:READ"
+ *       ],
+ *       "regions": ["RegionA", "RegionB"]
+ *     }
+ *   ]
+ *   "users": [
+ *     {
+ *       "name": "admin",
+ *       "password": "secret".
+ *       "roles": ["admin"]
+ *     },
+ *     {
+ *       "name": "guest",
+ *       "password": "guest",
+ *       "roles": ["readRegionA"]
+ *     }
+ *   ]
+ * }
+ * </pre>
+ */
+public class SampleSecurityManager implements SecurityManager {
+
+  public static class Role {
+    List<GeodePermission> permissions = new ArrayList<>();
+    String name;
+    String serverGroup;
+  }
+
+  public static class User {
+    String name;
+    Set<Role> roles = new HashSet<>();
+    String pwd;
+  }
+
+  private static Map<String, User> acl = null;
+
+  public static SampleSecurityManager create() throws IOException {
+    if (acl == null) {
+      setUpWithJsonFile("security.json");
+    }
+    return new SampleSecurityManager();
+  }
+
+  public static void setUpWithJsonFile(String jsonFileName) throws IOException {
+    InputStream input = ClassLoader.getSystemResourceAsStream(jsonFileName);
+    if (input == null) {
+      throw new RuntimeException("Could not find the required JSON security file on the classpath: " + jsonFileName);
+    }
+
+    StringWriter writer = new StringWriter();
+    IOUtils.copy(input, writer, "UTF-8");
+    String json = writer.toString();
+    readSecurityDescriptor(json);
+  }
+
+  protected static void readSecurityDescriptor(String json) throws IOException {
+    ObjectMapper mapper = new ObjectMapper();
+    JsonNode jsonNode = mapper.readTree(json);
+    acl = new HashMap<>();
+    Map<String, Role> roleMap = readRoles(jsonNode);
+    readUsers(acl, jsonNode, roleMap);
+  }
+
+  private static void readUsers(Map<String, User> acl, JsonNode node, Map<String, Role> roleMap) {
+    for (JsonNode u : node.get("users")) {
+      User user = new User();
+      user.name = u.get("name").asText();
+
+      if (u.has("password")) {
+        user.pwd = u.get("password").asText();
+      } else {
+        user.pwd = user.name;
+      }
+
+      for (JsonNode r : u.get("roles")) {
+        user.roles.add(roleMap.get(r.asText()));
+      }
+
+      acl.put(user.name, user);
+    }
+  }
+
+  private static Map<String, Role> readRoles(JsonNode jsonNode) {
+    Map<String, Role> roleMap = new HashMap<>();
+    for (JsonNode r : jsonNode.get("roles")) {
+      Role role = new Role();
+      role.name = r.get("name").asText();
+      String regionNames = null;
+      String keys = null;
+
+      JsonNode regions = r.get("regions");
+      if (regions != null) {
+        if (regions.isArray()) {
+          regionNames = StreamSupport.stream(regions.spliterator(), false)
+              .map(JsonNode::asText)
+              .collect(Collectors.joining(","));
+        } else {
+          regionNames = regions.asText();
+        }
+      }
+
+      for (JsonNode op : r.get("operationsAllowed")) {
+        String[] parts = op.asText().split(":");
+        String resourcePart = (parts.length > 0) ? parts[0] : null;
+        String operationPart = (parts.length > 1) ? parts[1] : null;
+        if(parts.length>2){
+          regionNames = parts[2];
+        }
+        if(parts.length>3){
+          keys = parts[3];
+        }
+        String regionPart = (regionNames != null) ? regionNames : "*";
+        String keyPart = (keys !=null) ? keys : "*";
+
+        role.permissions.add(new GeodePermission(resourcePart, operationPart, regionPart, keyPart));
+      }
+
+      roleMap.put(role.name, role);
+
+      if (r.has("serverGroup")) {
+        role.serverGroup = r.get("serverGroup").asText();
+      }
+    }
+
+    return roleMap;
+  }
+  public static Map<String, User> getAcl() {
+    return acl;
+  }
+
+  private Principal principal = null;
+
+
+  @Override
+  public boolean authorize(Principal principal, GeodePermission context) {
+    if (principal == null) return false;
+
+    User user = acl.get(principal.getName());
+    if (user == null) return false; // this user is not authorized to do anything
+
+    // check if the user has this permission defined in the context
+    for (Role role : acl.get(user.name).roles) {
+      for (Permission permitted : role.permissions) {
+        if (permitted.implies(context)) {
+          return true;
+        }
+      }
+    }
+
+    return false;
+  }
+
+  @Override
+  public void init(Properties props) throws NotAuthorizedException {
+  }
+
+  @Override
+  public Principal authenticate(Properties props) throws AuthenticationFailedException {
+    String user = props.getProperty(ResourceConstants.USER_NAME);
+    String pwd = props.getProperty(ResourceConstants.PASSWORD);
+
+    User userObj = acl.get(user);
+    if (userObj == null) {
+      throw new AuthenticationFailedException("Wrong username/password");
+    }
+
+    if (user != null && !userObj.pwd.equals(pwd) && !"".equals(user)) {
+      throw new AuthenticationFailedException("Wrong username/password");
+    }
+
+    return new JMXPrincipal(user);
+  }
+
+  protected static String readFile(String name) throws IOException {
+    File file = new File(name);
+    FileReader reader = new FileReader(file);
+    char[] buffer = new char[(int) file.length()];
+    reader.read(buffer);
+    String json = new String(buffer);
+    reader.close();
+    return json;
+  }
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c7667075/geode-core/src/test/java/com/gemstone/gemfire/codeAnalysis/AnalyzeSerializablesJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/codeAnalysis/AnalyzeSerializablesJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/codeAnalysis/AnalyzeSerializablesJUnitTest.java
index fc45a79..1c9b8c4 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/codeAnalysis/AnalyzeSerializablesJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/codeAnalysis/AnalyzeSerializablesJUnitTest.java
@@ -42,18 +42,14 @@ import com.gemstone.gemfire.codeAnalysis.decode.CompiledMethod;
 import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
 import com.gemstone.gemfire.util.test.TestUtil;
 
-/**
- * 
- */
 @Category(IntegrationTest.class)
 public class AnalyzeSerializablesJUnitTest {
+
   /** all loaded classes */
   protected static Map<String, CompiledClass> classes = new HashMap<String, CompiledClass>();
+
   private static boolean ClassesNotFound;
   
-  public AnalyzeSerializablesJUnitTest() {
-  }
-  
   @Before
   public void loadClasses() throws Exception {
     String version = System.getProperty("java.runtime.version");
@@ -155,8 +151,7 @@ public class AnalyzeSerializablesJUnitTest {
       classes.remove(exclusion);
     }
   }
-  
-  
+
   @Test
   public void testDataSerializables() throws Exception {
     System.out.println("testDataSerializables starting");
@@ -250,8 +245,7 @@ public class AnalyzeSerializablesJUnitTest {
     removeExclusions(newClasses, excludedClasses);
     classes.putAll(newClasses);
   }
-  
-  
+
   public static void loadClassesFromBuild(File buildDir, List<String> excludedClasses) {
     Map<String, CompiledClass> newClasses = CompiledClassUtils.parseClassFilesInDir(buildDir);
     removeExclusions(newClasses, excludedClasses);
@@ -298,8 +292,7 @@ public class AnalyzeSerializablesJUnitTest {
     Collections.sort(result);
     return result;
   }
-  
-  
+
   public List<ClassAndVariables> findSerializables() {
     List<ClassAndVariables> result = new ArrayList<ClassAndVariables>(2000);
     for (Map.Entry<String, CompiledClass> entry: classes.entrySet()) {

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c7667075/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/extension/mock/MockExtensionCommands.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/extension/mock/MockExtensionCommands.java b/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/extension/mock/MockExtensionCommands.java
index de57807..8355152 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/extension/mock/MockExtensionCommands.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/extension/mock/MockExtensionCommands.java
@@ -36,8 +36,8 @@ import com.gemstone.gemfire.management.internal.cli.result.TabularResultData;
 import com.gemstone.gemfire.management.internal.configuration.SharedConfigurationWriter;
 import com.gemstone.gemfire.management.internal.configuration.domain.XmlEntity;
 import com.gemstone.gemfire.management.internal.security.ResourceOperation;
-import com.gemstone.gemfire.security.GeodePermission.Operation;
-import com.gemstone.gemfire.security.GeodePermission.Resource;
+import org.apache.geode.security.GeodePermission.Operation;
+import org.apache.geode.security.GeodePermission.Resource;
 
 import org.springframework.shell.core.CommandMarker;
 import org.springframework.shell.core.annotation.CliCommand;

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c7667075/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/CommandManagerJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/CommandManagerJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/CommandManagerJUnitTest.java
index dc2f497..ea7f7b9 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/CommandManagerJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/CommandManagerJUnitTest.java
@@ -33,8 +33,8 @@ import com.gemstone.gemfire.management.internal.cli.parser.AvailabilityTarget;
 import com.gemstone.gemfire.management.internal.cli.parser.CommandTarget;
 import com.gemstone.gemfire.management.internal.cli.parser.Option;
 import com.gemstone.gemfire.management.internal.security.ResourceOperation;
-import com.gemstone.gemfire.security.GeodePermission.Operation;
-import com.gemstone.gemfire.security.GeodePermission.Resource;
+import org.apache.geode.security.GeodePermission.Operation;
+import org.apache.geode.security.GeodePermission.Resource;
 import com.gemstone.gemfire.test.junit.categories.UnitTest;
 
 import org.junit.After;

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c7667075/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/GfshParserJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/GfshParserJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/GfshParserJUnitTest.java
index 852c230..55e6bd7 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/GfshParserJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/GfshParserJUnitTest.java
@@ -48,8 +48,8 @@ import com.gemstone.gemfire.management.internal.cli.i18n.CliStrings;
 import com.gemstone.gemfire.management.internal.cli.parser.SyntaxConstants;
 import com.gemstone.gemfire.management.internal.cli.result.ResultBuilder;
 import com.gemstone.gemfire.management.internal.security.ResourceOperation;
-import com.gemstone.gemfire.security.GeodePermission.Operation;
-import com.gemstone.gemfire.security.GeodePermission.Resource;
+import org.apache.geode.security.GeodePermission.Operation;
+import org.apache.geode.security.GeodePermission.Resource;
 import com.gemstone.gemfire.test.junit.categories.UnitTest;
 
 /**

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c7667075/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/shell/GfshExecutionStrategyJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/shell/GfshExecutionStrategyJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/shell/GfshExecutionStrategyJUnitTest.java
index c6ec2db..fff8890 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/shell/GfshExecutionStrategyJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/cli/shell/GfshExecutionStrategyJUnitTest.java
@@ -28,8 +28,8 @@ import com.gemstone.gemfire.management.internal.cli.GfshParser;
 import com.gemstone.gemfire.management.internal.cli.annotation.CliArgument;
 import com.gemstone.gemfire.management.internal.cli.result.ResultBuilder;
 import com.gemstone.gemfire.management.internal.security.ResourceOperation;
-import com.gemstone.gemfire.security.GeodePermission.Operation;
-import com.gemstone.gemfire.security.GeodePermission.Resource;
+import org.apache.geode.security.GeodePermission.Operation;
+import org.apache.geode.security.GeodePermission.Resource;
 import com.gemstone.gemfire.test.junit.categories.UnitTest;
 
 import org.junit.After;

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c7667075/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodePermissionJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodePermissionJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodePermissionJUnitTest.java
index 1a74865..a955dae 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodePermissionJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodePermissionJUnitTest.java
@@ -19,9 +19,9 @@ package com.gemstone.gemfire.management.internal.security;
 
 import static org.junit.Assert.*;
 
-import com.gemstone.gemfire.security.GeodePermission;
-import com.gemstone.gemfire.security.GeodePermission.Operation;
-import com.gemstone.gemfire.security.GeodePermission.Resource;
+import org.apache.geode.security.GeodePermission;
+import org.apache.geode.security.GeodePermission.Operation;
+import org.apache.geode.security.GeodePermission.Resource;
 import com.gemstone.gemfire.test.junit.categories.UnitTest;
 
 import org.apache.shiro.authz.permission.WildcardPermission;

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c7667075/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
index 487548d..6496076 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
@@ -28,7 +28,7 @@ import org.junit.experimental.categories.Category;
 
 import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
 import com.gemstone.gemfire.security.GemFireSecurityException;
-import com.gemstone.gemfire.security.GeodePermission;
+import org.apache.geode.security.GeodePermission;
 import com.gemstone.gemfire.test.junit.categories.SecurityTest;
 import com.gemstone.gemfire.test.junit.categories.UnitTest;
 

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c7667075/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GfshCommandsPostProcessorTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GfshCommandsPostProcessorTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GfshCommandsPostProcessorTest.java
index d651b9a..07bd1c1 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GfshCommandsPostProcessorTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GfshCommandsPostProcessorTest.java
@@ -27,7 +27,7 @@ import org.junit.experimental.categories.Category;
 
 import com.gemstone.gemfire.internal.AvailablePortHelper;
 import com.gemstone.gemfire.management.internal.cli.HeadlessGfsh;
-import com.gemstone.gemfire.security.templates.SamplePostProcessor;
+import org.apache.geode.security.templates.SamplePostProcessor;
 import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
 
 @Category(IntegrationTest.class)

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c7667075/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
index 31cb03e..7e6f226 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
@@ -18,7 +18,7 @@ package com.gemstone.gemfire.management.internal.security;
 
 import java.io.IOException;
 
-import com.gemstone.gemfire.security.templates.SampleSecurityManager;
+import org.apache.geode.security.templates.SampleSecurityManager;
 import com.gemstone.gemfire.util.test.TestUtil;
 
 public class JSONAuthorization extends SampleSecurityManager {

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c7667075/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/TestCommand.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/TestCommand.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/TestCommand.java
index f7ee8bb..d6bae35 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/TestCommand.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/TestCommand.java
@@ -20,7 +20,7 @@ package com.gemstone.gemfire.management.internal.security;
 import java.util.ArrayList;
 import java.util.List;
 
-import com.gemstone.gemfire.security.GeodePermission;
+import org.apache.geode.security.GeodePermission;
 
 import org.apache.shiro.authz.Permission;
 

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c7667075/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleIntegrationTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleIntegrationTest.java
index 0b97888..6be88d3 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleIntegrationTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleIntegrationTest.java
@@ -28,6 +28,8 @@ import com.gemstone.gemfire.cache.CacheFactory;
 import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
 import com.gemstone.gemfire.test.junit.categories.SecurityTest;
 
+import org.apache.geode.security.GeodePermission;
+import org.apache.geode.security.SecurityManager;
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c7667075/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPostProcessorDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPostProcessorDUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPostProcessorDUnitTest.java
index ceae94c..f573073 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPostProcessorDUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityPostProcessorDUnitTest.java
@@ -36,7 +36,7 @@ import com.gemstone.gemfire.cache.client.Pool;
 import com.gemstone.gemfire.cache.client.PoolManager;
 import com.gemstone.gemfire.cache.query.SelectResults;
 import com.gemstone.gemfire.cache.util.CacheListenerAdapter;
-import com.gemstone.gemfire.security.templates.SamplePostProcessor;
+import org.apache.geode.security.templates.SamplePostProcessor;
 import com.gemstone.gemfire.test.junit.categories.DistributedTest;
 import com.gemstone.gemfire.test.junit.categories.SecurityTest;
 

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c7667075/geode-core/src/test/java/com/gemstone/gemfire/security/NoShowValue1PostProcessor.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/NoShowValue1PostProcessor.java b/geode-core/src/test/java/com/gemstone/gemfire/security/NoShowValue1PostProcessor.java
index bca9717..7feece7 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/NoShowValue1PostProcessor.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/NoShowValue1PostProcessor.java
@@ -20,6 +20,8 @@ package com.gemstone.gemfire.security;
 import java.security.Principal;
 import java.util.Properties;
 
+import org.apache.geode.security.PostProcessor;
+
 public class NoShowValue1PostProcessor implements PostProcessor {
 
   public static NoShowValue1PostProcessor create(){

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c7667075/geode-core/src/test/resources/com/gemstone/gemfire/codeAnalysis/excludedClasses.txt
----------------------------------------------------------------------
diff --git a/geode-core/src/test/resources/com/gemstone/gemfire/codeAnalysis/excludedClasses.txt b/geode-core/src/test/resources/com/gemstone/gemfire/codeAnalysis/excludedClasses.txt
index 0ebf1c9..10701fe 100644
--- a/geode-core/src/test/resources/com/gemstone/gemfire/codeAnalysis/excludedClasses.txt
+++ b/geode-core/src/test/resources/com/gemstone/gemfire/codeAnalysis/excludedClasses.txt
@@ -113,6 +113,7 @@ com/gemstone/gemfire/internal/cache/tier/sockets/ClientUpdateMessageImpl$ClientC
 com/gemstone/gemfire/internal/cache/tier/sockets/ClientUpdateMessageImpl$CqNameToOpHashMap
 com/gemstone/gemfire/internal/datasource/FacetsJCAConnectionManagerImpl
 com/gemstone/gemfire/internal/process/ClusterConfigurationNotAvailableException
+com/gemstone/gemfire/internal/security/GeodeSecurityUtil
 com/gemstone/org/apache/logging/log4j/core/config/xml/GemFireXmlConfiguration
 com/gemstone/org/apache/logging/log4j/core/config/xml/GemFireXmlConfiguration$ErrorType
 com/gemstone/gemfire/internal/ra/GFConnectionFactoryImpl
@@ -144,6 +145,6 @@ com/gemstone/gemfire/cache/operations/StopCQOperationContext
 com/gemstone/gemfire/cache/operations/UnregisterInterestOperationContext
 com/gemstone/gemfire/cache/operations/internal/GetOperationContextImpl
 com/gemstone/gemfire/internal/cache/operations/ContainsKeyOperationContext
-com/gemstone/gemfire/security/GeodePermission
-com/gemstone/gemfire/security/GeodePermission$Operation
-com/gemstone/gemfire/security/GeodePermission$Resource
\ No newline at end of file
+org/apache/geode/security/GeodePermission
+org/apache/geode/security/GeodePermission$Operation
+org/apache/geode/security/GeodePermission$Resource

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c7667075/geode-core/src/test/resources/com/gemstone/gemfire/codeAnalysis/sanctionedSerializables.txt
----------------------------------------------------------------------
diff --git a/geode-core/src/test/resources/com/gemstone/gemfire/codeAnalysis/sanctionedSerializables.txt b/geode-core/src/test/resources/com/gemstone/gemfire/codeAnalysis/sanctionedSerializables.txt
index e799195..6fc4898 100755
--- a/geode-core/src/test/resources/com/gemstone/gemfire/codeAnalysis/sanctionedSerializables.txt
+++ b/geode-core/src/test/resources/com/gemstone/gemfire/codeAnalysis/sanctionedSerializables.txt
@@ -129,7 +129,6 @@ com/gemstone/gemfire/cache/execute/FunctionAdapter,false
 com/gemstone/gemfire/cache/execute/FunctionException,true,4893171227542647452
 com/gemstone/gemfire/cache/execute/FunctionInvocationTargetException,true,1,id:com/gemstone/gemfire/distributed/DistributedMember
 com/gemstone/gemfire/cache/operations/OperationContext$OperationCode,false
-com/gemstone/gemfire/cache/operations/OperationContext$Resource,false
 com/gemstone/gemfire/cache/partition/PartitionNotAvailableException,true,1
 com/gemstone/gemfire/cache/persistence/ConflictingPersistentDataException,true,-2629287782021455875
 com/gemstone/gemfire/cache/persistence/PartitionOfflineException,true,-6471045959318795870,offlineMembers:java/util/Set

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c7667075/geode-cq/src/test/java/com/gemstone/gemfire/security/CQPostProcessorDunitTest.java
----------------------------------------------------------------------
diff --git a/geode-cq/src/test/java/com/gemstone/gemfire/security/CQPostProcessorDunitTest.java b/geode-cq/src/test/java/com/gemstone/gemfire/security/CQPostProcessorDunitTest.java
index 00b8e33..c099893 100644
--- a/geode-cq/src/test/java/com/gemstone/gemfire/security/CQPostProcessorDunitTest.java
+++ b/geode-cq/src/test/java/com/gemstone/gemfire/security/CQPostProcessorDunitTest.java
@@ -33,7 +33,7 @@ import com.gemstone.gemfire.cache.query.CqQuery;
 import com.gemstone.gemfire.cache.query.CqResults;
 import com.gemstone.gemfire.cache.query.QueryService;
 import com.gemstone.gemfire.cache.query.internal.cq.CqListenerImpl;
-import com.gemstone.gemfire.security.templates.SamplePostProcessor;
+import org.apache.geode.security.templates.SamplePostProcessor;
 import com.gemstone.gemfire.test.junit.categories.DistributedTest;
 import com.gemstone.gemfire.test.junit.categories.SecurityTest;
 

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c7667075/geode-lucene/src/main/java/com/gemstone/gemfire/cache/lucene/internal/cli/LuceneIndexCommands.java
----------------------------------------------------------------------
diff --git a/geode-lucene/src/main/java/com/gemstone/gemfire/cache/lucene/internal/cli/LuceneIndexCommands.java b/geode-lucene/src/main/java/com/gemstone/gemfire/cache/lucene/internal/cli/LuceneIndexCommands.java
index 796d9f7..4715389 100755
--- a/geode-lucene/src/main/java/com/gemstone/gemfire/cache/lucene/internal/cli/LuceneIndexCommands.java
+++ b/geode-lucene/src/main/java/com/gemstone/gemfire/cache/lucene/internal/cli/LuceneIndexCommands.java
@@ -16,8 +16,6 @@
  */
 package com.gemstone.gemfire.cache.lucene.internal.cli;
 
-import static com.gemstone.gemfire.cache.operations.OperationContext.*;
-
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -25,9 +23,13 @@ import java.util.Set;
 import java.util.TreeSet;
 import java.util.stream.Collectors;
 
+import org.apache.geode.security.GeodePermission.Operation;
+import org.apache.geode.security.GeodePermission.Resource;
+import org.springframework.shell.core.annotation.CliCommand;
+import org.springframework.shell.core.annotation.CliOption;
+
 import com.gemstone.gemfire.SystemFailure;
 import com.gemstone.gemfire.cache.Cache;
-import com.gemstone.gemfire.cache.CacheFactory;
 import com.gemstone.gemfire.cache.execute.Execution;
 import com.gemstone.gemfire.cache.execute.FunctionInvocationTargetException;
 import com.gemstone.gemfire.cache.execute.ResultCollector;
@@ -41,8 +43,6 @@ import com.gemstone.gemfire.management.cli.ConverterHint;
 import com.gemstone.gemfire.management.cli.Result;
 import com.gemstone.gemfire.management.internal.cli.CliUtil;
 import com.gemstone.gemfire.management.internal.cli.commands.AbstractCommandsSupport;
-
-import com.gemstone.gemfire.management.internal.cli.domain.IndexInfo;
 import com.gemstone.gemfire.management.internal.cli.functions.CliFunctionResult;
 import com.gemstone.gemfire.management.internal.cli.i18n.CliStrings;
 import com.gemstone.gemfire.management.internal.cli.result.CommandResultException;
@@ -50,14 +50,8 @@ import com.gemstone.gemfire.management.internal.cli.result.ErrorResultData;
 import com.gemstone.gemfire.management.internal.cli.result.InfoResultData;
 import com.gemstone.gemfire.management.internal.cli.result.ResultBuilder;
 import com.gemstone.gemfire.management.internal.cli.result.TabularResultData;
-import com.gemstone.gemfire.management.internal.configuration.SharedConfigurationWriter;
 import com.gemstone.gemfire.management.internal.configuration.domain.XmlEntity;
 import com.gemstone.gemfire.management.internal.security.ResourceOperation;
-import com.gemstone.gemfire.security.GeodePermission.Operation;
-import com.gemstone.gemfire.security.GeodePermission.Resource;
-
-import org.springframework.shell.core.annotation.CliCommand;
-import org.springframework.shell.core.annotation.CliOption;
 
 /**
  * The LuceneIndexCommands class encapsulates all Geode shell (Gfsh) commands related to Lucene indexes defined in Geode.

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/c7667075/geode-lucene/src/main/java/com/gemstone/gemfire/cache/lucene/internal/management/LuceneServiceMXBean.java
----------------------------------------------------------------------
diff --git a/geode-lucene/src/main/java/com/gemstone/gemfire/cache/lucene/internal/management/LuceneServiceMXBean.java b/geode-lucene/src/main/java/com/gemstone/gemfire/cache/lucene/internal/management/LuceneServiceMXBean.java
index cc6c045..b307645 100644
--- a/geode-lucene/src/main/java/com/gemstone/gemfire/cache/lucene/internal/management/LuceneServiceMXBean.java
+++ b/geode-lucene/src/main/java/com/gemstone/gemfire/cache/lucene/internal/management/LuceneServiceMXBean.java
@@ -16,10 +16,9 @@
  */
 package com.gemstone.gemfire.cache.lucene.internal.management;
 
-import com.gemstone.gemfire.cache.operations.OperationContext;
 import com.gemstone.gemfire.management.internal.security.ResourceOperation;
-import com.gemstone.gemfire.security.GeodePermission.Operation;
-import com.gemstone.gemfire.security.GeodePermission.Resource;
+import org.apache.geode.security.GeodePermission.Operation;
+import org.apache.geode.security.GeodePermission.Resource;
 
 /**
  * MBean that provides access to the {@link com.gemstone.gemfire.cache.lucene.LuceneService}.