geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kl...@apache.org
Subject [01/10] incubator-geode git commit: GEODE-1712: introduce SecurityService interface for mocking
Date Thu, 04 Aug 2016 16:57:30 GMT
Repository: incubator-geode
Updated Branches:
  refs/heads/develop 88247e321 -> ccb4fd0df


http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f93b7485/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RegisterInterestList61Test.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RegisterInterestList61Test.java b/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RegisterInterestList61Test.java
new file mode 100644
index 0000000..4d4b6bb
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RegisterInterestList61Test.java
@@ -0,0 +1,186 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.internal.cache.tier.sockets.command;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Matchers.*;
+import static org.mockito.Mockito.*;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.mockito.ArgumentCaptor;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+
+import com.gemstone.gemfire.CancelCriterion;
+import com.gemstone.gemfire.cache.Cache;
+import com.gemstone.gemfire.cache.operations.RegisterInterestOperationContext;
+import com.gemstone.gemfire.internal.Version;
+import com.gemstone.gemfire.internal.cache.LocalRegion;
+import com.gemstone.gemfire.internal.cache.tier.CachedRegionHelper;
+import com.gemstone.gemfire.internal.cache.tier.sockets.AcceptorImpl;
+import com.gemstone.gemfire.internal.cache.tier.sockets.ChunkedMessage;
+import com.gemstone.gemfire.internal.cache.tier.sockets.Message;
+import com.gemstone.gemfire.internal.cache.tier.sockets.Part;
+import com.gemstone.gemfire.internal.cache.tier.sockets.ServerConnection;
+import com.gemstone.gemfire.internal.security.AuthorizeRequest;
+import com.gemstone.gemfire.internal.security.SecurityService;
+import com.gemstone.gemfire.security.NotAuthorizedException;
+import com.gemstone.gemfire.test.junit.categories.UnitTest;
+
+@Category(UnitTest.class)
+public class RegisterInterestList61Test {
+  private static final String REGION_NAME = "region1";
+  private static final String KEY = "key1";
+  private static final byte[] DURABLE = new byte[8];
+
+
+  @Mock
+  private SecurityService securityService;
+  @Mock
+  private Message message;
+  @Mock
+  private ServerConnection serverConnection;
+  @Mock
+  private AuthorizeRequest authzRequest;
+  @Mock
+  private Cache cache;
+  @Mock
+  private Part regionNamePart;
+  @Mock
+  private Part interestTypePart;
+  @Mock
+  private Part durablePart;
+  @Mock
+  private Part keyPart;
+  @Mock
+  private Part numberOfKeysPart;
+  @Mock
+  private Part notifyPart;
+  @Mock
+  private RegisterInterestOperationContext registerInterestOperationContext;
+  @Mock
+  private ChunkedMessage chunkedResponseMessage;
+
+  @InjectMocks
+  private RegisterInterestList61 registerInterestList61;
+
+  @Before
+  public void setUp() throws Exception {
+    this.registerInterestList61 = new RegisterInterestList61();
+    MockitoAnnotations.initMocks(this);
+
+
+    when(this.authzRequest.registerInterestListAuthorize(eq(REGION_NAME), any(), any())).thenReturn(this.registerInterestOperationContext);
+
+    when(this.cache.getRegion(isA(String.class))).thenReturn(mock(LocalRegion.class));
+    when(this.cache.getCancelCriterion()).thenReturn(mock(CancelCriterion.class));
+
+    when(this.durablePart.getObject()).thenReturn(DURABLE);
+
+    when(this.interestTypePart.getInt()).thenReturn(0);
+
+    when(this.keyPart.getStringOrObject()).thenReturn(KEY);
+
+    when(this.message.getNumberOfParts()).thenReturn(6);
+    when(this.message.getPart(eq(0))).thenReturn(this.regionNamePart);
+    when(this.message.getPart(eq(1))).thenReturn(this.interestTypePart);
+    when(this.message.getPart(eq(2))).thenReturn(this.durablePart);
+    when(this.message.getPart(eq(3))).thenReturn(this.numberOfKeysPart);
+    when(this.message.getPart(eq(4))).thenReturn(this.keyPart);
+    when(this.message.getPart(eq(5))).thenReturn(this.notifyPart);
+
+    when(this.notifyPart.getObject()).thenReturn(DURABLE);
+
+    when(this.numberOfKeysPart.getInt()).thenReturn(1);
+
+    when(this.regionNamePart.getString()).thenReturn(REGION_NAME);
+
+    when(this.registerInterestOperationContext.getKey()).thenReturn(KEY);
+
+    when(this.serverConnection.getCache()).thenReturn(this.cache);
+    when(this.serverConnection.getAuthzRequest()).thenReturn(this.authzRequest);
+    when(this.serverConnection.getCachedRegionHelper()).thenReturn(mock(CachedRegionHelper.class));
+    when(this.serverConnection.getChunkedResponseMessage()).thenReturn(this.chunkedResponseMessage);
+    when(this.serverConnection.getClientVersion()).thenReturn(Version.GFE_80);
+    when(this.serverConnection.getAcceptor()).thenReturn(mock(AcceptorImpl.class));
+  }
+
+  @Test
+  public void noSecurityShouldSucceed() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(false);
+
+    this.registerInterestList61.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
+  }
+
+  @Test
+  public void integratedSecurityShouldSucceedIfAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(true);
+
+    this.registerInterestList61.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.securityService).authorizeRegionRead(eq(REGION_NAME));
+    verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
+  }
+
+  @Test
+  public void integratedSecurityShouldThrowIfNotAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(true);
+    doThrow(new NotAuthorizedException("")).when(this.securityService).authorizeRegionRead(eq(REGION_NAME));
+
+    this.registerInterestList61.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.securityService).authorizeRegionRead(eq(REGION_NAME));
+    verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
+  }
+
+  @Test
+  public void oldSecurityShouldSucceedIfAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(false);
+
+    this.registerInterestList61.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.authzRequest).registerInterestListAuthorize(eq(REGION_NAME),any(), any());
+    verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
+  }
+
+  @Test
+  public void oldSecurityShouldFailIfNotAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(false);
+
+    doThrow(new NotAuthorizedException("")).when(this.authzRequest).registerInterestListAuthorize(eq(REGION_NAME), any(), any());
+
+    this.registerInterestList61.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.authzRequest).registerInterestListAuthorize(eq(REGION_NAME), any(), any());
+
+    ArgumentCaptor<NotAuthorizedException> argument = ArgumentCaptor.forClass(NotAuthorizedException.class);
+    verify(this.chunkedResponseMessage).addObjPart(argument.capture());
+
+    assertThat(argument.getValue()).isExactlyInstanceOf(NotAuthorizedException.class);
+    verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f93b7485/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RegisterInterestList66Test.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RegisterInterestList66Test.java b/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RegisterInterestList66Test.java
new file mode 100644
index 0000000..cc54d08
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RegisterInterestList66Test.java
@@ -0,0 +1,192 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.internal.cache.tier.sockets.command;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Matchers.*;
+import static org.mockito.Mockito.*;
+
+import java.util.ArrayList;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.mockito.ArgumentCaptor;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+
+import com.gemstone.gemfire.CancelCriterion;
+import com.gemstone.gemfire.cache.Cache;
+import com.gemstone.gemfire.cache.operations.RegisterInterestOperationContext;
+import com.gemstone.gemfire.internal.Version;
+import com.gemstone.gemfire.internal.cache.LocalRegion;
+import com.gemstone.gemfire.internal.cache.tier.CachedRegionHelper;
+import com.gemstone.gemfire.internal.cache.tier.sockets.AcceptorImpl;
+import com.gemstone.gemfire.internal.cache.tier.sockets.ChunkedMessage;
+import com.gemstone.gemfire.internal.cache.tier.sockets.Message;
+import com.gemstone.gemfire.internal.cache.tier.sockets.Part;
+import com.gemstone.gemfire.internal.cache.tier.sockets.ServerConnection;
+import com.gemstone.gemfire.internal.security.AuthorizeRequest;
+import com.gemstone.gemfire.internal.security.SecurityService;
+import com.gemstone.gemfire.security.NotAuthorizedException;
+import com.gemstone.gemfire.test.junit.categories.UnitTest;
+
+@Category(UnitTest.class)
+public class RegisterInterestList66Test {
+  private static final String REGION_NAME = "region1";
+  private static final String KEY = "key1";
+  private static final byte[] DURABLE = new byte[8];
+  private static final byte[] DATA_POLICY = new byte[]{0x01,0x01};
+
+
+  @Mock
+  private SecurityService securityService;
+  @Mock
+  private Message message;
+  @Mock
+  private ServerConnection serverConnection;
+  @Mock
+  private AuthorizeRequest authzRequest;
+  @Mock
+  private Cache cache;
+  @Mock
+  private Part regionNamePart;
+  @Mock
+  private Part interestTypePart;
+  @Mock
+  private Part durablePart;
+  @Mock
+  private Part keyPart;
+  @Mock
+  private Part numberOfKeysPart;
+  @Mock
+  private Part notifyPart;
+  @Mock
+  private Part regionDataPolicyPart;
+  @Mock
+  private RegisterInterestOperationContext registerInterestOperationContext;
+  @Mock
+  private ChunkedMessage chunkedResponseMessage;
+
+  @InjectMocks
+  private RegisterInterestList66 registerInterestList66;
+
+  @Before
+  public void setUp() throws Exception {
+    this.registerInterestList66 = new RegisterInterestList66();
+    MockitoAnnotations.initMocks(this);
+
+
+    when(this.authzRequest.registerInterestListAuthorize(eq(REGION_NAME), any(), any())).thenReturn(this.registerInterestOperationContext);
+
+    when(this.cache.getRegion(isA(String.class))).thenReturn(mock(LocalRegion.class));
+    when(this.cache.getCancelCriterion()).thenReturn(mock(CancelCriterion.class));
+
+    when(this.durablePart.getObject()).thenReturn(DURABLE);
+
+    when(this.interestTypePart.getInt()).thenReturn(0);
+
+    when(this.keyPart.getObject()).thenReturn(mock(ArrayList.class));
+
+    when(this.message.getNumberOfParts()).thenReturn(6);
+    when(this.message.getPart(eq(0))).thenReturn(this.regionNamePart);
+    when(this.message.getPart(eq(1))).thenReturn(this.interestTypePart);
+    when(this.message.getPart(eq(2))).thenReturn(this.durablePart);
+    when(this.message.getPart(eq(3))).thenReturn(this.keyPart);
+    when(this.message.getPart(eq(4))).thenReturn(this.notifyPart);
+    when(this.message.getPart(eq(5))).thenReturn(this.regionDataPolicyPart);
+
+    when(this.notifyPart.getObject()).thenReturn(DURABLE);
+
+    when(this.numberOfKeysPart.getInt()).thenReturn(1);
+
+    when(this.regionDataPolicyPart.getObject()).thenReturn(DATA_POLICY);
+
+    when(this.regionNamePart.getString()).thenReturn(REGION_NAME);
+
+    when(this.registerInterestOperationContext.getKey()).thenReturn(KEY);
+
+    when(this.serverConnection.getCache()).thenReturn(this.cache);
+    when(this.serverConnection.getAuthzRequest()).thenReturn(this.authzRequest);
+    when(this.serverConnection.getCachedRegionHelper()).thenReturn(mock(CachedRegionHelper.class));
+    when(this.serverConnection.getChunkedResponseMessage()).thenReturn(this.chunkedResponseMessage);
+    when(this.serverConnection.getClientVersion()).thenReturn(Version.GFE_80);
+    when(this.serverConnection.getAcceptor()).thenReturn(mock(AcceptorImpl.class));
+  }
+
+  @Test
+  public void noSecurityShouldSucceed() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(false);
+
+    this.registerInterestList66.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
+  }
+
+  @Test
+  public void integratedSecurityShouldSucceedIfAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(true);
+
+    this.registerInterestList66.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.securityService).authorizeRegionRead(eq(REGION_NAME));
+    verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
+  }
+
+  @Test
+  public void integratedSecurityShouldThrowIfNotAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(true);
+    doThrow(new NotAuthorizedException("")).when(this.securityService).authorizeRegionRead(eq(REGION_NAME));
+
+    this.registerInterestList66.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.securityService).authorizeRegionRead(eq(REGION_NAME));
+    verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
+  }
+
+  @Test
+  public void oldSecurityShouldSucceedIfAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(false);
+
+    this.registerInterestList66.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.authzRequest).registerInterestListAuthorize(eq(REGION_NAME),any(), any());
+    verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
+  }
+
+  @Test
+  public void oldSecurityShouldFailIfNotAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(false);
+
+    doThrow(new NotAuthorizedException("")).when(this.authzRequest).registerInterestListAuthorize(eq(REGION_NAME), any(), any());
+
+    this.registerInterestList66.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.authzRequest).registerInterestListAuthorize(eq(REGION_NAME), any(), any());
+
+    ArgumentCaptor<NotAuthorizedException> argument = ArgumentCaptor.forClass(NotAuthorizedException.class);
+    verify(this.chunkedResponseMessage).addObjPart(argument.capture());
+
+    assertThat(argument.getValue()).isExactlyInstanceOf(NotAuthorizedException.class);
+    verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
+  }
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f93b7485/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RegisterInterestListTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RegisterInterestListTest.java b/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RegisterInterestListTest.java
new file mode 100644
index 0000000..abca0a0
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RegisterInterestListTest.java
@@ -0,0 +1,186 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.internal.cache.tier.sockets.command;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Matchers.*;
+import static org.mockito.Mockito.*;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.mockito.ArgumentCaptor;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+
+import com.gemstone.gemfire.CancelCriterion;
+import com.gemstone.gemfire.cache.Cache;
+import com.gemstone.gemfire.cache.operations.RegisterInterestOperationContext;
+import com.gemstone.gemfire.internal.Version;
+import com.gemstone.gemfire.internal.cache.LocalRegion;
+import com.gemstone.gemfire.internal.cache.tier.CachedRegionHelper;
+import com.gemstone.gemfire.internal.cache.tier.sockets.AcceptorImpl;
+import com.gemstone.gemfire.internal.cache.tier.sockets.ChunkedMessage;
+import com.gemstone.gemfire.internal.cache.tier.sockets.Message;
+import com.gemstone.gemfire.internal.cache.tier.sockets.Part;
+import com.gemstone.gemfire.internal.cache.tier.sockets.ServerConnection;
+import com.gemstone.gemfire.internal.security.AuthorizeRequest;
+import com.gemstone.gemfire.internal.security.SecurityService;
+import com.gemstone.gemfire.security.NotAuthorizedException;
+import com.gemstone.gemfire.test.junit.categories.UnitTest;
+
+@Category(UnitTest.class)
+public class RegisterInterestListTest {
+  private static final String REGION_NAME = "region1";
+  private static final String KEY = "key1";
+  private static final byte[] DURABLE = new byte[8];
+
+
+  @Mock
+  private SecurityService securityService;
+  @Mock
+  private Message message;
+  @Mock
+  private ServerConnection serverConnection;
+  @Mock
+  private AuthorizeRequest authzRequest;
+  @Mock
+  private Cache cache;
+  @Mock
+  private Part regionNamePart;
+  @Mock
+  private Part interestTypePart;
+  @Mock
+  private Part durablePart;
+  @Mock
+  private Part keyPart;
+  @Mock
+  private Part numberOfKeysPart;
+  @Mock
+  private Part notifyPart;
+  @Mock
+  private RegisterInterestOperationContext registerInterestOperationContext;
+  @Mock
+  private ChunkedMessage chunkedResponseMessage;
+
+  @InjectMocks
+  private RegisterInterestList registerInterestList;
+
+  @Before
+  public void setUp() throws Exception {
+    this.registerInterestList = new RegisterInterestList();
+    MockitoAnnotations.initMocks(this);
+
+
+    when(this.authzRequest.registerInterestListAuthorize(eq(REGION_NAME), any(), any())).thenReturn(this.registerInterestOperationContext);
+
+    when(this.cache.getRegion(isA(String.class))).thenReturn(mock(LocalRegion.class));
+    when(this.cache.getCancelCriterion()).thenReturn(mock(CancelCriterion.class));
+
+    when(this.durablePart.getObject()).thenReturn(DURABLE);
+
+    when(this.interestTypePart.getInt()).thenReturn(0);
+
+    when(this.keyPart.getStringOrObject()).thenReturn(KEY);
+
+    when(this.message.getNumberOfParts()).thenReturn(6);
+    when(this.message.getPart(eq(0))).thenReturn(this.regionNamePart);
+    when(this.message.getPart(eq(1))).thenReturn(this.interestTypePart);
+    when(this.message.getPart(eq(2))).thenReturn(this.durablePart);
+    when(this.message.getPart(eq(3))).thenReturn(this.numberOfKeysPart);
+    when(this.message.getPart(eq(4))).thenReturn(this.keyPart);
+    when(this.message.getPart(eq(5))).thenReturn(this.notifyPart);
+
+    when(this.notifyPart.getObject()).thenReturn(DURABLE);
+
+    when(this.numberOfKeysPart.getInt()).thenReturn(1);
+
+    when(this.regionNamePart.getString()).thenReturn(REGION_NAME);
+
+    when(this.registerInterestOperationContext.getKey()).thenReturn(KEY);
+
+    when(this.serverConnection.getCache()).thenReturn(this.cache);
+    when(this.serverConnection.getAuthzRequest()).thenReturn(this.authzRequest);
+    when(this.serverConnection.getCachedRegionHelper()).thenReturn(mock(CachedRegionHelper.class));
+    when(this.serverConnection.getChunkedResponseMessage()).thenReturn(this.chunkedResponseMessage);
+    when(this.serverConnection.getClientVersion()).thenReturn(Version.GFE_80);
+    when(this.serverConnection.getAcceptor()).thenReturn(mock(AcceptorImpl.class));
+  }
+
+  @Test
+  public void noSecurityShouldSucceed() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(false);
+
+    this.registerInterestList.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
+  }
+
+  @Test
+  public void integratedSecurityShouldSucceedIfAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(true);
+
+    this.registerInterestList.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.securityService).authorizeRegionRead(eq(REGION_NAME));
+    verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
+  }
+
+  @Test
+  public void integratedSecurityShouldThrowIfNotAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(true);
+    doThrow(new NotAuthorizedException("")).when(this.securityService).authorizeRegionRead(eq(REGION_NAME));
+
+    this.registerInterestList.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.securityService).authorizeRegionRead(eq(REGION_NAME));
+    verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
+  }
+
+  @Test
+  public void oldSecurityShouldSucceedIfAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(false);
+
+    this.registerInterestList.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.authzRequest).registerInterestListAuthorize(eq(REGION_NAME),any(), any());
+    verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
+  }
+
+  @Test
+  public void oldSecurityShouldFailIfNotAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(false);
+
+    doThrow(new NotAuthorizedException("")).when(this.authzRequest).registerInterestListAuthorize(eq(REGION_NAME), any(), any());
+
+    this.registerInterestList.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.authzRequest).registerInterestListAuthorize(eq(REGION_NAME), any(), any());
+
+    ArgumentCaptor<NotAuthorizedException> argument = ArgumentCaptor.forClass(NotAuthorizedException.class);
+    verify(this.chunkedResponseMessage).addObjPart(argument.capture());
+
+    assertThat(argument.getValue()).isExactlyInstanceOf(NotAuthorizedException.class);
+    verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f93b7485/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RegisterInterestTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RegisterInterestTest.java b/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RegisterInterestTest.java
new file mode 100644
index 0000000..ef8e85b
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RegisterInterestTest.java
@@ -0,0 +1,185 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.internal.cache.tier.sockets.command;
+
+import static org.assertj.core.api.Assertions.*;
+import static org.mockito.Matchers.*;
+import static org.mockito.Mockito.*;
+
+import java.util.Properties;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.mockito.ArgumentCaptor;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+
+import com.gemstone.gemfire.CancelCriterion;
+import com.gemstone.gemfire.cache.Cache;
+import com.gemstone.gemfire.cache.InterestResultPolicy;
+import com.gemstone.gemfire.cache.operations.GetOperationContext;
+import com.gemstone.gemfire.cache.operations.RegisterInterestOperationContext;
+import com.gemstone.gemfire.internal.cache.LocalRegion;
+import com.gemstone.gemfire.internal.cache.tier.CachedRegionHelper;
+import com.gemstone.gemfire.internal.cache.tier.sockets.AcceptorImpl;
+import com.gemstone.gemfire.internal.cache.tier.sockets.CacheClientNotifier;
+import com.gemstone.gemfire.internal.cache.tier.sockets.CacheClientProxy;
+import com.gemstone.gemfire.internal.cache.tier.sockets.CacheServerStats;
+import com.gemstone.gemfire.internal.cache.tier.sockets.ChunkedMessage;
+import com.gemstone.gemfire.internal.cache.tier.sockets.ClientProxyMembershipID;
+import com.gemstone.gemfire.internal.cache.tier.sockets.Message;
+import com.gemstone.gemfire.internal.cache.tier.sockets.ObjectPartList;
+import com.gemstone.gemfire.internal.cache.tier.sockets.Part;
+import com.gemstone.gemfire.internal.cache.tier.sockets.ServerConnection;
+import com.gemstone.gemfire.internal.security.AuthorizeRequest;
+import com.gemstone.gemfire.internal.security.SecurityService;
+import com.gemstone.gemfire.security.NotAuthorizedException;
+import com.gemstone.gemfire.test.junit.categories.UnitTest;
+
+@Category(UnitTest.class)
+public class RegisterInterestTest {
+
+  private static final String REGION_NAME = "region1";
+  private static final String KEY = "key1";
+  private static final byte[] DURABLE = new byte[8];
+
+
+  @Mock
+  private SecurityService securityService;
+  @Mock
+  private Message message;
+  @Mock
+  private ServerConnection serverConnection;
+  @Mock
+  private AuthorizeRequest authzRequest;
+  @Mock
+  private Cache cache;
+  @Mock
+  private Part regionNamePart;
+  @Mock
+  private Part interestTypePart;
+  @Mock
+  private Part durablePart;
+  @Mock
+  private Part keyPart;
+  @Mock
+  private Part notifyPart;
+  @Mock
+  private ChunkedMessage chunkedResponseMessage;
+
+  @InjectMocks
+  private RegisterInterest registerInterest;
+
+  @Before
+  public void setUp() throws Exception {
+    this.registerInterest = new RegisterInterest();
+    MockitoAnnotations.initMocks(this);
+
+
+    when(this.authzRequest.registerInterestAuthorize(eq(REGION_NAME), eq(KEY), anyInt(), any())).thenReturn(mock(RegisterInterestOperationContext.class));
+
+    when(this.cache.getRegion(isA(String.class))).thenReturn(mock(LocalRegion.class));
+    when(this.cache.getCancelCriterion()).thenReturn(mock(CancelCriterion.class));
+
+    when(this.durablePart.getObject()).thenReturn(DURABLE);
+
+    when(this.interestTypePart.getInt()).thenReturn(0);
+
+    when(this.keyPart.getStringOrObject()).thenReturn(KEY);
+
+    when(this.message.getNumberOfParts()).thenReturn(6);
+    when(this.message.getPart(eq(0))).thenReturn(this.regionNamePart);
+    when(this.message.getPart(eq(1))).thenReturn(this.interestTypePart);
+    when(this.message.getPart(eq(2))).thenReturn(mock(Part.class));
+    when(this.message.getPart(eq(3))).thenReturn(this.durablePart);
+    when(this.message.getPart(eq(4))).thenReturn(this.keyPart);
+    when(this.message.getPart(eq(5))).thenReturn(this.notifyPart);
+
+    when(this.notifyPart.getObject()).thenReturn(DURABLE);
+
+    when(this.regionNamePart.getString()).thenReturn(REGION_NAME);
+
+    when(this.serverConnection.getCache()).thenReturn(this.cache);
+    when(this.serverConnection.getAuthzRequest()).thenReturn(this.authzRequest);
+    when(this.serverConnection.getCachedRegionHelper()).thenReturn(mock(CachedRegionHelper.class));
+    when(this.serverConnection.getChunkedResponseMessage()).thenReturn(this.chunkedResponseMessage);
+  }
+
+  @Test
+  public void noSecurityShouldSucceed() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(false);
+
+    this.registerInterest.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
+  }
+
+  @Test
+  public void integratedSecurityShouldSucceedIfAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(true);
+
+    this.registerInterest.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.securityService).authorizeRegionRead(eq(REGION_NAME), eq(KEY));
+    verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
+  }
+
+  @Test
+  public void integratedSecurityShouldThrowIfNotAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(true);
+    doThrow(new NotAuthorizedException("")).when(this.securityService).authorizeRegionRead(eq(REGION_NAME), eq(KEY));
+
+    this.registerInterest.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.securityService).authorizeRegionRead(eq(REGION_NAME), eq(KEY));
+    verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
+  }
+
+  @Test
+  public void oldSecurityShouldSucceedIfAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(false);
+
+    this.registerInterest.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.authzRequest).registerInterestAuthorize(eq(REGION_NAME), eq(KEY), anyInt(), any());
+    verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
+  }
+
+  @Test
+  public void oldSecurityShouldFailIfNotAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(false);
+
+    doThrow(new NotAuthorizedException("")).when(this.authzRequest).registerInterestAuthorize(eq(REGION_NAME), eq(KEY), anyInt(), any());
+
+    this.registerInterest.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.authzRequest).registerInterestAuthorize(eq(REGION_NAME), eq(KEY), anyInt(), any());
+
+    ArgumentCaptor<NotAuthorizedException> argument = ArgumentCaptor.forClass(NotAuthorizedException.class);
+    verify(this.chunkedResponseMessage).addObjPart(argument.capture());
+
+    assertThat(argument.getValue()).isExactlyInstanceOf(NotAuthorizedException.class);
+    verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f93b7485/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RemoveAllTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RemoveAllTest.java b/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RemoveAllTest.java
new file mode 100644
index 0000000..2f0cb6a
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RemoveAllTest.java
@@ -0,0 +1,199 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.internal.cache.tier.sockets.command;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Matchers.*;
+import static org.mockito.Mockito.*;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.mockito.ArgumentCaptor;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+
+import com.gemstone.gemfire.CancelCriterion;
+import com.gemstone.gemfire.cache.Cache;
+import com.gemstone.gemfire.cache.operations.GetOperationContext;
+import com.gemstone.gemfire.cache.operations.RemoveAllOperationContext;
+import com.gemstone.gemfire.internal.cache.LocalRegion;
+import com.gemstone.gemfire.internal.cache.PartitionedRegion;
+import com.gemstone.gemfire.internal.cache.tier.CachedRegionHelper;
+import com.gemstone.gemfire.internal.cache.tier.sockets.CacheServerStats;
+import com.gemstone.gemfire.internal.cache.tier.sockets.ChunkedMessage;
+import com.gemstone.gemfire.internal.cache.tier.sockets.Message;
+import com.gemstone.gemfire.internal.cache.tier.sockets.ObjectPartList;
+import com.gemstone.gemfire.internal.cache.tier.sockets.Part;
+import com.gemstone.gemfire.internal.cache.tier.sockets.ServerConnection;
+import com.gemstone.gemfire.internal.cache.tier.sockets.VersionedObjectList;
+import com.gemstone.gemfire.internal.security.AuthorizeRequest;
+import com.gemstone.gemfire.internal.security.SecurityService;
+import com.gemstone.gemfire.security.NotAuthorizedException;
+import com.gemstone.gemfire.test.junit.categories.UnitTest;
+
+@Category(UnitTest.class)
+public class RemoveAllTest {
+
+  private static final String REGION_NAME = "region1";
+  private static final Object[] KEYS = new Object[] { "key1", "key2", "key3" };
+  private static final byte[] EVENT = new byte[8];
+  private static final Object CALLBACK_ARG = "arg";
+
+  @Mock
+  private SecurityService securityService;
+  @Mock
+  private Message message;
+  @Mock
+  private ServerConnection serverConnection;
+  @Mock
+  private AuthorizeRequest authzRequest;
+  @Mock
+  private Cache cache;
+  @Mock
+  private Part regionNamePart;
+  @Mock
+  private Part callbackArgPart;
+  @Mock
+  private Part numberofKeysPart;
+  @Mock
+  private Part flagsPart;
+  @Mock
+  private Part eventPart;
+  @Mock
+  private Part keyPart;
+  @Mock
+  private Part timeoutPart;
+  @Mock
+  private ChunkedMessage chunkedResponseMessage;
+
+  @InjectMocks
+  private RemoveAll removeAll;
+
+  @Before
+  public void setUp() throws Exception {
+    this.removeAll = new RemoveAll();
+    MockitoAnnotations.initMocks(this);
+
+    when(this.authzRequest.removeAllAuthorize(any(), any(), any())).thenReturn(mock(RemoveAllOperationContext.class));
+
+    when(this.cache.getRegion(isA(String.class))).thenReturn(mock(PartitionedRegion.class));
+    when(this.cache.getCancelCriterion()).thenReturn(mock(CancelCriterion.class));
+
+    when(this.callbackArgPart.getObject()).thenReturn(CALLBACK_ARG);
+
+    when(this.eventPart.getSerializedForm()).thenReturn(EVENT);
+
+    when(this.flagsPart.getInt()).thenReturn(0);
+
+    when(this.keyPart.getStringOrObject()).thenReturn(KEYS);
+
+    when(this.message.getPart(eq(0))).thenReturn(this.regionNamePart);
+    when(this.message.getPart(eq(1))).thenReturn(this.eventPart);
+    when(this.message.getPart(eq(2))).thenReturn(this.flagsPart);
+    when(this.message.getPart(eq(3))).thenReturn(this.callbackArgPart);
+    when(this.message.getPart(eq(4))).thenReturn(this.numberofKeysPart);
+    when(this.message.getPart(eq(5))).thenReturn(this.keyPart);
+    when(this.message.getPart(eq(6))).thenReturn(this.timeoutPart);
+
+    when(this.numberofKeysPart.getInt()).thenReturn(1);
+
+    when(this.regionNamePart.getString()).thenReturn(REGION_NAME);
+
+    when(this.serverConnection.getCache()).thenReturn(this.cache);
+    when(this.serverConnection.getCacheServerStats()).thenReturn(mock(CacheServerStats.class));
+    when(this.serverConnection.getAuthzRequest()).thenReturn(this.authzRequest);
+    when(this.serverConnection.getCachedRegionHelper()).thenReturn(mock(CachedRegionHelper.class));
+    when(this.serverConnection.getChunkedResponseMessage()).thenReturn(this.chunkedResponseMessage);
+
+    when(this.timeoutPart.getInt()).thenReturn(5);
+  }
+
+  @Test
+  public void noSecurityShouldSucceed() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(false);
+
+    this.removeAll.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.chunkedResponseMessage).sendChunk(eq(this.serverConnection));
+  }
+
+  @Test
+  public void integratedSecurityShouldSucceedIfAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(true);
+
+    this.removeAll.cmdExecute(this.message, this.serverConnection, 0);
+
+    for (Object key : KEYS) {
+      verify(this.securityService).authorizeRegionWrite(eq(REGION_NAME));
+    }
+
+    verify(this.chunkedResponseMessage).sendChunk(eq(this.serverConnection));
+  }
+
+  @Test
+  public void integratedSecurityShouldFailIfNotAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(true);
+
+    for (Object key : KEYS) {
+      doThrow(new NotAuthorizedException("")).when(this.securityService).authorizeRegionRead(eq(REGION_NAME), eq(key.toString()));
+    }
+
+    this.removeAll.cmdExecute(this.message, this.serverConnection, 0);
+
+    for (Object key : KEYS) {
+      verify(this.securityService).authorizeRegionWrite(eq(REGION_NAME));
+    }
+
+    verify(this.chunkedResponseMessage).sendChunk(eq(this.serverConnection));
+  }
+
+  @Test
+  public void oldSecurityShouldSucceedIfAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(false);
+
+    this.removeAll.cmdExecute(this.message, this.serverConnection, 0);
+
+    for (Object key: KEYS) {
+      verify(this.authzRequest).removeAllAuthorize(eq(REGION_NAME), any(), any());
+    }
+
+    verify(this.chunkedResponseMessage).sendChunk(eq(this.serverConnection));
+  }
+
+  @Test
+  public void oldSecurityShouldFailIfNotAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(false);
+
+    for (Object key : KEYS) {
+      doThrow(new NotAuthorizedException("")).when(this.authzRequest).getAuthorize(eq(REGION_NAME), eq(key.toString()), eq(null));
+    }
+    this.removeAll.cmdExecute(this.message, this.serverConnection, 0);
+
+    for (Object key: KEYS) {
+      verify(this.authzRequest).removeAllAuthorize(eq(REGION_NAME), any(), any());
+    }
+    verify(this.chunkedResponseMessage).sendChunk(eq(this.serverConnection));
+  }
+
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f93b7485/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RequestTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RequestTest.java b/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RequestTest.java
new file mode 100644
index 0000000..fee12f4
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/RequestTest.java
@@ -0,0 +1,164 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.internal.cache.tier.sockets.command;
+
+import static org.mockito.Matchers.*;
+import static org.mockito.Mockito.*;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+
+import com.gemstone.gemfire.CancelCriterion;
+import com.gemstone.gemfire.cache.Cache;
+import com.gemstone.gemfire.cache.operations.GetOperationContext;
+import com.gemstone.gemfire.internal.cache.LocalRegion;
+import com.gemstone.gemfire.internal.cache.tier.CachedRegionHelper;
+import com.gemstone.gemfire.internal.cache.tier.sockets.CacheServerStats;
+import com.gemstone.gemfire.internal.cache.tier.sockets.Message;
+import com.gemstone.gemfire.internal.cache.tier.sockets.Part;
+import com.gemstone.gemfire.internal.cache.tier.sockets.ServerConnection;
+import com.gemstone.gemfire.internal.security.AuthorizeRequest;
+import com.gemstone.gemfire.internal.security.SecurityService;
+import com.gemstone.gemfire.security.NotAuthorizedException;
+import com.gemstone.gemfire.test.junit.categories.UnitTest;
+
+@Category(UnitTest.class)
+public class RequestTest {
+  private static final String REGION_NAME = "region1";
+  private static final String KEY = "key1";
+  private static final Object CALLBACK_ARG = "arg";
+  private static final byte[] EVENT = new byte[8];
+
+  @Mock
+  private SecurityService securityService;
+  @Mock
+  private Message message;
+  @Mock
+  private ServerConnection serverConnection;
+  @Mock
+  private AuthorizeRequest authzRequest;
+  @Mock
+  private LocalRegion region;
+  @Mock
+  private Cache cache;
+  @Mock
+  private CacheServerStats cacheServerStats;
+  @Mock
+  private Message responseMessage;
+  @Mock
+  private Message errorResponseMessage;
+  @Mock
+  private Part regionNamePart;
+  @Mock
+  private Part keyPart;
+  @Mock
+  private Part valuePart;
+  @Mock
+  private GetOperationContext getOperationContext;
+  @InjectMocks
+  private Request request;
+
+  @Before
+  public void setUp() throws Exception {
+    this.request = new Request();
+    MockitoAnnotations.initMocks(this);
+
+    when(this.authzRequest.getAuthorize(any(), any(), any())).thenReturn(this.getOperationContext);
+
+    when(this.cache.getRegion(isA(String.class))).thenReturn(this.region);
+    when(this.cache.getCancelCriterion()).thenReturn(mock(CancelCriterion.class));
+
+    when(this.getOperationContext.getCallbackArg()).thenReturn(CALLBACK_ARG);
+
+    when(this.keyPart.getStringOrObject()).thenReturn(KEY);
+
+    when(this.message.getNumberOfParts()).thenReturn(3);
+    when(this.message.getPart(eq(0))).thenReturn(this.regionNamePart);
+    when(this.message.getPart(eq(1))).thenReturn(this.keyPart);
+    when(this.message.getPart(eq(2))).thenReturn(this.valuePart);
+
+    when(this.regionNamePart.getString()).thenReturn(REGION_NAME);
+
+    when(this.serverConnection.getCache()).thenReturn(this.cache);
+    when(this.serverConnection.getCacheServerStats()).thenReturn(this.cacheServerStats);
+    when(this.serverConnection.getAuthzRequest()).thenReturn(this.authzRequest);
+    when(this.serverConnection.getResponseMessage()).thenReturn(this.responseMessage);
+    when(this.serverConnection.getCachedRegionHelper()).thenReturn(mock(CachedRegionHelper.class));
+    when(this.serverConnection.getErrorResponseMessage()).thenReturn(this.errorResponseMessage);
+
+    when(this.valuePart.getObject()).thenReturn(CALLBACK_ARG);
+  }
+
+  @Test
+  public void noSecurityShouldSucceed() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(false);
+
+    this.request.cmdExecute(this.message, this.serverConnection, 0);
+    verify(this.responseMessage).send(this.serverConnection);
+  }
+
+  @Test
+  public void integratedSecurityShouldSucceedIfAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(true);
+
+    this.request.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.securityService).authorizeRegionRead(eq(REGION_NAME), eq(KEY));
+    verify(this.responseMessage).send(this.serverConnection);
+  }
+
+  @Test
+  public void integratedSecurityShouldFailIfNotAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(true);
+    doThrow(new NotAuthorizedException("")).when(this.securityService).authorizeRegionRead(eq(REGION_NAME), eq(KEY));
+
+    this.request.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.securityService).authorizeRegionRead(eq(REGION_NAME), eq(KEY));
+    verify(this.errorResponseMessage).send(eq(this.serverConnection));
+  }
+
+  @Test
+  public void oldSecurityShouldSucceedIfAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(false);
+
+    this.request.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.authzRequest).getAuthorize(eq(REGION_NAME), eq(KEY), eq(CALLBACK_ARG));
+    verify(this.responseMessage).send(this.serverConnection);
+  }
+
+  @Test
+  public void oldSecurityShouldFailIfNotAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(false);
+    doThrow(new NotAuthorizedException("")).when(this.authzRequest).getAuthorize(eq(REGION_NAME), eq(KEY), eq(CALLBACK_ARG));
+
+    this.request.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.authzRequest).getAuthorize(eq(REGION_NAME), eq(KEY), eq(CALLBACK_ARG));
+    verify(this.errorResponseMessage).send(eq(this.serverConnection));
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f93b7485/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/UnregisterInterestTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/UnregisterInterestTest.java b/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/UnregisterInterestTest.java
new file mode 100644
index 0000000..0298e34
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/UnregisterInterestTest.java
@@ -0,0 +1,200 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.internal.cache.tier.sockets.command;
+
+import static org.mockito.Matchers.*;
+import static org.mockito.Mockito.*;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.junit.runner.RunWith;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.mockito.MockitoAnnotations;
+import org.powermock.api.mockito.PowerMockito;
+import org.powermock.core.classloader.annotations.PowerMockIgnore;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.powermock.modules.junit4.PowerMockRunner;
+
+import com.gemstone.gemfire.CancelCriterion;
+import com.gemstone.gemfire.cache.Cache;
+import com.gemstone.gemfire.cache.operations.UnregisterInterestOperationContext;
+import com.gemstone.gemfire.internal.cache.LocalRegion;
+import com.gemstone.gemfire.internal.cache.tier.CachedRegionHelper;
+import com.gemstone.gemfire.internal.cache.tier.sockets.AcceptorImpl;
+import com.gemstone.gemfire.internal.cache.tier.sockets.CacheClientNotifier;
+import com.gemstone.gemfire.internal.cache.tier.sockets.CacheServerStats;
+import com.gemstone.gemfire.internal.cache.tier.sockets.Message;
+import com.gemstone.gemfire.internal.cache.tier.sockets.Part;
+import com.gemstone.gemfire.internal.cache.tier.sockets.ServerConnection;
+import com.gemstone.gemfire.internal.offheap.ReferenceCountHelper;
+import com.gemstone.gemfire.internal.security.AuthorizeRequest;
+import com.gemstone.gemfire.internal.security.SecurityService;
+import com.gemstone.gemfire.security.NotAuthorizedException;
+import com.gemstone.gemfire.test.junit.categories.UnitTest;
+
+@RunWith(PowerMockRunner.class)
+@PowerMockIgnore({ "*.UnitTest" })
+@PrepareForTest({ CacheClientNotifier.class })
+@Category(UnitTest.class)
+public class UnregisterInterestTest {
+  private static final String REGION_NAME = "region1";
+  private static final String KEY = "key1";
+  private static final Object CALLBACK_ARG = "arg";
+  private static final byte[] BYTE_ARRAY = new byte[8];
+
+  @Mock
+  private SecurityService securityService;
+  @Mock
+  private Message message;
+  @Mock
+  private ServerConnection serverConnection;
+  @Mock
+  private AuthorizeRequest authzRequest;
+  @Mock
+  private LocalRegion region;
+  @Mock
+  private Cache cache;
+  @Mock
+  private CacheServerStats cacheServerStats;
+  @Mock
+  private Message replyMessage;
+  @Mock
+  private Message errorResponseMessage;
+  @Mock
+  private Part regionNamePart;
+  @Mock
+  private Part keyPart;
+  @Mock
+  private Part keepAlivePart;
+  @Mock
+  private Part isClosingPart;
+  @Mock
+  private Part interestTypePart;
+  @Mock
+  private Part valuePart;
+  @Mock
+  private AcceptorImpl acceptor;
+  @Mock
+  private UnregisterInterestOperationContext unregisterInterestOperationContext;
+  @InjectMocks
+  private UnregisterInterest unregisterInterest;
+
+  @Before
+  public void setUp() throws Exception {
+    this.unregisterInterest = new UnregisterInterest();
+    MockitoAnnotations.initMocks(this);
+
+    when(this.authzRequest.unregisterInterestAuthorize(eq(REGION_NAME), eq(KEY), eq(0))).thenReturn(this.unregisterInterestOperationContext);
+
+    when(this.cache.getRegion(isA(String.class))).thenReturn(this.region);
+    when(this.cache.getCancelCriterion()).thenReturn(mock(CancelCriterion.class));
+
+    when(this.interestTypePart.getInt()).thenReturn(0);
+
+    when(this.isClosingPart.getObject()).thenReturn(BYTE_ARRAY);
+
+    when(this.keyPart.getStringOrObject()).thenReturn(KEY);
+
+    when(this.keepAlivePart.getObject()).thenReturn(BYTE_ARRAY);
+
+    when(this.message.getNumberOfParts()).thenReturn(5);
+    when(this.message.getPart(eq(0))).thenReturn(this.regionNamePart);
+    when(this.message.getPart(eq(1))).thenReturn(this.interestTypePart);
+    when(this.message.getPart(eq(2))).thenReturn(this.keyPart);
+    when(this.message.getPart(eq(3))).thenReturn(this.isClosingPart);
+    when(this.message.getPart(eq(4))).thenReturn(this.keepAlivePart);
+
+    when(this.regionNamePart.getString()).thenReturn(REGION_NAME);
+
+    when(this.serverConnection.getCache()).thenReturn(this.cache);
+    when(this.serverConnection.getCacheServerStats()).thenReturn(this.cacheServerStats);
+    when(this.serverConnection.getAuthzRequest()).thenReturn(this.authzRequest);
+    when(this.serverConnection.getReplyMessage()).thenReturn(this.replyMessage);
+    when(this.serverConnection.getCachedRegionHelper()).thenReturn(mock(CachedRegionHelper.class));
+    when(this.serverConnection.getErrorResponseMessage()).thenReturn(this.errorResponseMessage);
+    when(this.serverConnection.getAcceptor()).thenReturn(this.acceptor);
+
+
+    when(this.valuePart.getObject()).thenReturn(CALLBACK_ARG);
+
+    when(this.unregisterInterestOperationContext.getKey()).thenReturn(KEY);
+
+    CacheClientNotifier ccn = mock(CacheClientNotifier.class);
+    PowerMockito.mockStatic(CacheClientNotifier.class, Mockito.CALLS_REAL_METHODS);
+    PowerMockito.when(CacheClientNotifier.getInstance()).thenReturn(ccn);
+
+    when(this.acceptor.getCacheClientNotifier()).thenReturn(ccn);
+  }
+
+  @Test
+  public void noSecurityShouldSucceed() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(false);
+
+    this.unregisterInterest.cmdExecute(this.message, this.serverConnection, 0);
+    verify(this.replyMessage).send(this.serverConnection);
+  }
+
+  @Test
+  public void integratedSecurityShouldSucceedIfAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(true);
+
+    this.unregisterInterest.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.securityService).authorizeRegionRead(eq(REGION_NAME), eq(KEY));
+    verify(this.replyMessage).send(this.serverConnection);
+  }
+
+  @Test
+  public void integratedSecurityShouldFailIfNotAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(true);
+    doThrow(new NotAuthorizedException("")).when(this.securityService).authorizeRegionRead(eq(REGION_NAME), eq(KEY));
+
+    this.unregisterInterest.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.securityService).authorizeRegionRead(eq(REGION_NAME), eq(KEY));
+    verify(this.errorResponseMessage).send(eq(this.serverConnection));
+  }
+
+  @Test
+  public void oldSecurityShouldSucceedIfAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(false);
+
+    this.unregisterInterest.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.authzRequest).unregisterInterestAuthorize(eq(REGION_NAME), eq(KEY), anyInt());
+    verify(this.replyMessage).send(this.serverConnection);
+  }
+
+  @Test
+  public void oldSecurityShouldFailIfNotAuthorized() throws Exception {
+    when(this.securityService.isClientSecurityRequired()).thenReturn(true);
+    when(this.securityService.isIntegratedSecurity()).thenReturn(false);
+    doThrow(new NotAuthorizedException("")).when(this.authzRequest).getAuthorize(eq(REGION_NAME), eq(KEY), any());
+
+    this.unregisterInterest.cmdExecute(this.message, this.serverConnection, 0);
+
+    verify(this.authzRequest).unregisterInterestAuthorize(eq(REGION_NAME), eq(KEY), anyInt());
+    verify(this.replyMessage).send(eq(this.serverConnection));
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f93b7485/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilCustomRealmJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilCustomRealmJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilCustomRealmJUnitTest.java
index 78168bf..625e48f 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilCustomRealmJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilCustomRealmJUnitTest.java
@@ -23,6 +23,7 @@ import org.junit.BeforeClass;
 import org.junit.experimental.categories.Category;
 
 import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
+import com.gemstone.gemfire.internal.security.IntegratedSecurityService;
 import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
 import com.gemstone.gemfire.test.junit.categories.SecurityTest;
 
@@ -38,7 +39,7 @@ public class GeodeSecurityUtilCustomRealmJUnitTest extends GeodeSecurityUtilWith
   public static void beforeClass() throws Exception {
     props.put(SampleSecurityManager.SECURITY_JSON, "com/gemstone/gemfire/management/internal/security/shiro-ini.json");
     props.put(SECURITY_MANAGER, SampleSecurityManager.class.getName());
-    GeodeSecurityUtil.initSecurity(props);
+    IntegratedSecurityService.getSecurityService().initSecurity(props);
   }
 
 }

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f93b7485/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
index 88c487e..3a7b4de 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/GeodeSecurityUtilWithIniFileJUnitTest.java
@@ -27,6 +27,8 @@ import org.junit.Test;
 import org.junit.experimental.categories.Category;
 
 import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
+import com.gemstone.gemfire.internal.security.IntegratedSecurityService;
+import com.gemstone.gemfire.internal.security.SecurityService;
 import com.gemstone.gemfire.security.GemFireSecurityException;
 import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
 import com.gemstone.gemfire.test.junit.categories.SecurityTest;
@@ -39,6 +41,8 @@ public class GeodeSecurityUtilWithIniFileJUnitTest {
 
   protected static Properties props = new Properties();
 
+  private SecurityService securityService = IntegratedSecurityService.getSecurityService();
+
   @BeforeClass
   public static void beforeClass() throws Exception{
     props.setProperty(SECURITY_SHIRO_INIT, "shiro.ini");
@@ -47,22 +51,22 @@ public class GeodeSecurityUtilWithIniFileJUnitTest {
 
   @Test
   public void testRoot(){
-    GeodeSecurityUtil.login("root", "secret");
-    GeodeSecurityUtil.authorize(TestCommand.none);
-    GeodeSecurityUtil.authorize(TestCommand.everyOneAllowed);
-    GeodeSecurityUtil.authorize(TestCommand.dataRead);
-    GeodeSecurityUtil.authorize(TestCommand.dataWrite);
-    GeodeSecurityUtil.authorize(TestCommand.regionARead);
-    GeodeSecurityUtil.authorize(TestCommand.regionAWrite);
-    GeodeSecurityUtil.authorize(TestCommand.clusterWrite);
-    GeodeSecurityUtil.authorize(TestCommand.clusterRead);
+    this.securityService.login("root", "secret");
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+    this.securityService.authorize(TestCommand.dataRead);
+    this.securityService.authorize(TestCommand.dataWrite);
+    this.securityService.authorize(TestCommand.regionARead);
+    this.securityService.authorize(TestCommand.regionAWrite);
+    this.securityService.authorize(TestCommand.clusterWrite);
+    this.securityService.authorize(TestCommand.clusterRead);
   }
 
   @Test
   public void testGuest(){
-    GeodeSecurityUtil.login("guest", "guest");
-    GeodeSecurityUtil.authorize(TestCommand.none);
-    GeodeSecurityUtil.authorize(TestCommand.everyOneAllowed);
+    this.securityService.login("guest", "guest");
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
 
     assertNotAuthorized(TestCommand.dataRead);
     assertNotAuthorized(TestCommand.dataWrite);
@@ -70,70 +74,70 @@ public class GeodeSecurityUtilWithIniFileJUnitTest {
     assertNotAuthorized(TestCommand.regionAWrite);
     assertNotAuthorized(TestCommand.clusterRead);
     assertNotAuthorized(TestCommand.clusterWrite);
-    GeodeSecurityUtil.logout();
+    this.securityService.logout();
   }
 
   @Test
   public void testRegionAReader(){
-    GeodeSecurityUtil.login("regionAReader", "password");
-    GeodeSecurityUtil.authorize(TestCommand.none);
-    GeodeSecurityUtil.authorize(TestCommand.everyOneAllowed);
-    GeodeSecurityUtil.authorize(TestCommand.regionARead);
+    this.securityService.login("regionAReader", "password");
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+    this.securityService.authorize(TestCommand.regionARead);
 
     assertNotAuthorized(TestCommand.regionAWrite);
     assertNotAuthorized(TestCommand.dataRead);
     assertNotAuthorized(TestCommand.dataWrite);
     assertNotAuthorized(TestCommand.clusterRead);
     assertNotAuthorized(TestCommand.clusterWrite);
-    GeodeSecurityUtil.logout();
+    this.securityService.logout();
   }
 
   @Test
   public void testRegionAUser(){
-    GeodeSecurityUtil.login("regionAUser", "password");
-    GeodeSecurityUtil.authorize(TestCommand.none);
-    GeodeSecurityUtil.authorize(TestCommand.everyOneAllowed);
-    GeodeSecurityUtil.authorize(TestCommand.regionAWrite);
-    GeodeSecurityUtil.authorize(TestCommand.regionARead);
+    this.securityService.login("regionAUser", "password");
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+    this.securityService.authorize(TestCommand.regionAWrite);
+    this.securityService.authorize(TestCommand.regionARead);
 
     assertNotAuthorized(TestCommand.dataRead);
     assertNotAuthorized(TestCommand.dataWrite);
     assertNotAuthorized(TestCommand.clusterRead);
     assertNotAuthorized(TestCommand.clusterWrite);
-    GeodeSecurityUtil.logout();
+    this.securityService.logout();
   }
 
   @Test
   public void testDataReader(){
-    GeodeSecurityUtil.login("dataReader", "12345");
-    GeodeSecurityUtil.authorize(TestCommand.none);
-    GeodeSecurityUtil.authorize(TestCommand.everyOneAllowed);
-    GeodeSecurityUtil.authorize(TestCommand.regionARead);
-    GeodeSecurityUtil.authorize(TestCommand.dataRead);
+    this.securityService.login("dataReader", "12345");
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+    this.securityService.authorize(TestCommand.regionARead);
+    this.securityService.authorize(TestCommand.dataRead);
 
     assertNotAuthorized(TestCommand.regionAWrite);
     assertNotAuthorized(TestCommand.dataWrite);
     assertNotAuthorized(TestCommand.clusterRead);
     assertNotAuthorized(TestCommand.clusterWrite);
-    GeodeSecurityUtil.logout();
+    this.securityService.logout();
   }
 
   @Test
   public void testReader(){
-    GeodeSecurityUtil.login("reader", "12345");
-    GeodeSecurityUtil.authorize(TestCommand.none);
-    GeodeSecurityUtil.authorize(TestCommand.everyOneAllowed);
-    GeodeSecurityUtil.authorize(TestCommand.regionARead);
-    GeodeSecurityUtil.authorize(TestCommand.dataRead);
-    GeodeSecurityUtil.authorize(TestCommand.clusterRead);
+    this.securityService.login("reader", "12345");
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+    this.securityService.authorize(TestCommand.regionARead);
+    this.securityService.authorize(TestCommand.dataRead);
+    this.securityService.authorize(TestCommand.clusterRead);
 
     assertNotAuthorized(TestCommand.regionAWrite);
     assertNotAuthorized(TestCommand.dataWrite);
     assertNotAuthorized(TestCommand.clusterWrite);
-    GeodeSecurityUtil.logout();
+    this.securityService.logout();
   }
 
   private void assertNotAuthorized(ResourcePermission context){
-    assertThatThrownBy(()-> GeodeSecurityUtil.authorize(context)).isInstanceOf(GemFireSecurityException.class).hasMessageContaining(context.toString());
+    assertThatThrownBy(()-> this.securityService.authorize(context)).isInstanceOf(GemFireSecurityException.class).hasMessageContaining(context.toString());
   }
 }

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f93b7485/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleIntegrationTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleIntegrationTest.java
index 5eabe7a..228a8d6 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleIntegrationTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/security/IntegratedSecurityCacheLifecycleIntegrationTest.java
@@ -18,6 +18,7 @@ package com.gemstone.gemfire.security;
 
 import static com.gemstone.gemfire.distributed.ConfigurationProperties.*;
 import static org.assertj.core.api.Assertions.*;
+import static org.mockito.Mockito.*;
 
 import java.util.Properties;
 

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f93b7485/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/CloseCQ.java
----------------------------------------------------------------------
diff --git a/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/CloseCQ.java b/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/CloseCQ.java
index 0908783..c33ba71 100644
--- a/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/CloseCQ.java
+++ b/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/CloseCQ.java
@@ -33,7 +33,6 @@ import com.gemstone.gemfire.internal.cache.tier.sockets.Message;
 import com.gemstone.gemfire.internal.cache.tier.sockets.ServerConnection;
 import com.gemstone.gemfire.internal.i18n.LocalizedStrings;
 import com.gemstone.gemfire.internal.security.AuthorizeRequest;
-import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
 
 
 public class CloseCQ extends BaseCQCommand {
@@ -75,7 +74,7 @@ public class CloseCQ extends BaseCQCommand {
       return;
     }
 
-    GeodeSecurityUtil.authorizeDataManage();
+    this.securityService.authorizeDataManage();
 
     // Process CQ close request
     try {

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f93b7485/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/GetCQStats.java
----------------------------------------------------------------------
diff --git a/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/GetCQStats.java b/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/GetCQStats.java
index 6b82913..6e18d04 100644
--- a/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/GetCQStats.java
+++ b/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/GetCQStats.java
@@ -27,7 +27,6 @@ import com.gemstone.gemfire.internal.cache.tier.MessageType;
 import com.gemstone.gemfire.internal.cache.tier.sockets.CacheServerStats;
 import com.gemstone.gemfire.internal.cache.tier.sockets.Message;
 import com.gemstone.gemfire.internal.cache.tier.sockets.ServerConnection;
-import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
 
 
 public class GetCQStats extends BaseCQCommand {
@@ -71,7 +70,7 @@ public class GetCQStats extends BaseCQCommand {
       return;
     }
 
-    GeodeSecurityUtil.authorizeClusterRead();
+    this.securityService.authorizeClusterRead();
     // Process the cq request
     try {
       // make sure the cqservice has been created

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f93b7485/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/GetDurableCQs.java
----------------------------------------------------------------------
diff --git a/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/GetDurableCQs.java b/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/GetDurableCQs.java
index dc1d461..8773a08 100755
--- a/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/GetDurableCQs.java
+++ b/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/GetDurableCQs.java
@@ -35,7 +35,6 @@ import com.gemstone.gemfire.internal.cache.tier.sockets.ClientProxyMembershipID;
 import com.gemstone.gemfire.internal.cache.tier.sockets.Message;
 import com.gemstone.gemfire.internal.cache.tier.sockets.ServerConnection;
 import com.gemstone.gemfire.internal.security.AuthorizeRequest;
-import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
 
 
 public class GetDurableCQs extends BaseCQCommand {
@@ -71,7 +70,7 @@ public class GetDurableCQs extends BaseCQCommand {
       qService = (DefaultQueryService) ((GemFireCacheImpl) crHelper.getCache())
           .getLocalQueryService();
 
-      GeodeSecurityUtil.authorizeClusterRead();
+      this.securityService.authorizeClusterRead();
 
       // Authorization check
       AuthorizeRequest authzRequest = servConn.getAuthzRequest();

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f93b7485/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/MonitorCQ.java
----------------------------------------------------------------------
diff --git a/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/MonitorCQ.java b/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/MonitorCQ.java
index f9ca140..0da9091 100644
--- a/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/MonitorCQ.java
+++ b/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/MonitorCQ.java
@@ -27,7 +27,6 @@ import com.gemstone.gemfire.internal.cache.tier.MessageType;
 import com.gemstone.gemfire.internal.cache.tier.sockets.Message;
 import com.gemstone.gemfire.internal.cache.tier.sockets.ServerConnection;
 import com.gemstone.gemfire.internal.i18n.LocalizedStrings;
-import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
 
 public class MonitorCQ extends BaseCQCommand {
 
@@ -74,7 +73,7 @@ public class MonitorCQ extends BaseCQCommand {
       logger.debug("{}: Received MonitorCq request from {} op: {}{}", servConn.getName(), servConn.getSocketString(), op, (regionName != null) ? " RegionName: " + regionName : "");
     }
 
-    GeodeSecurityUtil.authorizeClusterRead();
+    this.securityService.authorizeClusterRead();
 
     try {
       CqService cqService = crHelper.getCache().getCqService();

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f93b7485/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/StopCQ.java
----------------------------------------------------------------------
diff --git a/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/StopCQ.java b/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/StopCQ.java
index 9231bfc..0d2c82c 100644
--- a/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/StopCQ.java
+++ b/geode-cq/src/main/java/com/gemstone/gemfire/internal/cache/tier/sockets/command/StopCQ.java
@@ -34,7 +34,6 @@ import com.gemstone.gemfire.internal.cache.tier.sockets.Message;
 import com.gemstone.gemfire.internal.cache.tier.sockets.ServerConnection;
 import com.gemstone.gemfire.internal.i18n.LocalizedStrings;
 import com.gemstone.gemfire.internal.security.AuthorizeRequest;
-import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
 
 
 public class StopCQ extends BaseCQCommand {
@@ -89,7 +88,7 @@ public class StopCQ extends BaseCQCommand {
       }
       InternalCqQuery cqQuery = cqService.getCq(serverCqName);
 
-      GeodeSecurityUtil.authorizeDataManage();
+      this.securityService.authorizeDataManage();
 
       AuthorizeRequest authzRequest = servConn.getAuthzRequest();
       if (authzRequest != null) {

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/f93b7485/geode-lucene/src/main/java/com/gemstone/gemfire/cache/lucene/internal/cli/LuceneIndexCommands.java
----------------------------------------------------------------------
diff --git a/geode-lucene/src/main/java/com/gemstone/gemfire/cache/lucene/internal/cli/LuceneIndexCommands.java b/geode-lucene/src/main/java/com/gemstone/gemfire/cache/lucene/internal/cli/LuceneIndexCommands.java
index 6984f58..e25f7dd 100755
--- a/geode-lucene/src/main/java/com/gemstone/gemfire/cache/lucene/internal/cli/LuceneIndexCommands.java
+++ b/geode-lucene/src/main/java/com/gemstone/gemfire/cache/lucene/internal/cli/LuceneIndexCommands.java
@@ -38,7 +38,8 @@ import com.gemstone.gemfire.cache.lucene.internal.cli.functions.LuceneListIndexF
 import com.gemstone.gemfire.cache.lucene.internal.cli.functions.LuceneSearchIndexFunction;
 import com.gemstone.gemfire.distributed.DistributedMember;
 import com.gemstone.gemfire.internal.cache.execute.AbstractExecution;
-import com.gemstone.gemfire.internal.security.GeodeSecurityUtil;
+import com.gemstone.gemfire.internal.security.IntegratedSecurityService;
+import com.gemstone.gemfire.internal.security.SecurityService;
 import com.gemstone.gemfire.management.cli.CliMetaData;
 import com.gemstone.gemfire.management.cli.ConverterHint;
 import com.gemstone.gemfire.management.cli.Result;
@@ -68,6 +69,8 @@ public class LuceneIndexCommands extends AbstractCommandsSupport {
   private static final LuceneSearchIndexFunction searchIndexFunction = new LuceneSearchIndexFunction();
   private List<LuceneSearchResults> searchResults=null;
 
+  private SecurityService securityService = IntegratedSecurityService.getSecurityService();
+
   @CliCommand(value = LuceneCliStrings.LUCENE_LIST_INDEX, help = LuceneCliStrings.LUCENE_LIST_INDEX__HELP)
   @CliMetaData(shellOnly = false, relatedTopic={CliStrings.TOPIC_GEODE_REGION, CliStrings.TOPIC_GEODE_DATA })
   @ResourceOperation(resource = Resource.CLUSTER, operation = Operation.READ)
@@ -180,7 +183,7 @@ public class LuceneIndexCommands extends AbstractCommandsSupport {
     Result result = null;
     XmlEntity xmlEntity = null;
 
-    GeodeSecurityUtil.authorizeRegionManage(regionPath);
+    this.securityService.authorizeRegionManage(regionPath);
     try {
       final Cache cache = getCache();
       LuceneIndexInfo indexInfo = new LuceneIndexInfo(indexName, regionPath, fields, analyzers);
@@ -250,7 +253,7 @@ public class LuceneIndexCommands extends AbstractCommandsSupport {
 
   @SuppressWarnings("unchecked")
   protected List<LuceneIndexDetails> getIndexDetails(LuceneIndexInfo indexInfo) throws Exception {
-    GeodeSecurityUtil.authorizeRegionManage(indexInfo.getRegionPath());
+    this.securityService.authorizeRegionManage(indexInfo.getRegionPath());
     final ResultCollector<?, ?> rc = this.executeFunctionOnGroups(describeIndexFunction, new String[] {}, indexInfo);
     final List<LuceneIndexDetails> funcResults = (List<LuceneIndexDetails>) rc.getResult();
     return funcResults.stream().filter(indexDetails -> indexDetails != null).collect(Collectors.toList());
@@ -399,7 +402,8 @@ public class LuceneIndexCommands extends AbstractCommandsSupport {
   }
 
   private List<LuceneSearchResults> getSearchResults(final LuceneQueryInfo queryInfo) throws Exception {
-    GeodeSecurityUtil.authorizeRegionManage(queryInfo.getRegionPath());
+    securityService.authorizeRegionManage(queryInfo.getRegionPath());
+
     final String[] groups = {};
     final ResultCollector<?, ?> rc = this.executeSearch(queryInfo);
     final List<Set<LuceneSearchResults>> functionResults = (List<Set<LuceneSearchResults>>) rc.getResult();


Mime
View raw message