geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From hiteshkhame...@apache.org
Subject [09/15] incubator-geode git commit: GEODE-37 Renamed security related stuff
Date Tue, 13 Sep 2016 22:56:11 GMT
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/generator/CredentialGenerator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/generator/CredentialGenerator.java b/geode-core/src/test/java/com/gemstone/gemfire/security/generator/CredentialGenerator.java
deleted file mode 100755
index 90584cd..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/generator/CredentialGenerator.java
+++ /dev/null
@@ -1,333 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.security.generator;
-
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Properties;
-
-import org.apache.logging.log4j.Logger;
-
-import com.gemstone.gemfire.internal.logging.LogService;
-import com.gemstone.gemfire.security.AuthInitialize;
-import com.gemstone.gemfire.security.Authenticator;
-import com.gemstone.gemfire.security.templates.DummyAuthenticator;
-import com.gemstone.gemfire.security.templates.LdapUserAuthenticator;
-import com.gemstone.gemfire.security.templates.PKCSAuthenticator;
-
-/**
- * Encapsulates obtaining valid and invalid credentials. Implementations will be
- * for different kinds of authentication schemes.
- * 
- * @since GemFire 5.5
- */
-public abstract class CredentialGenerator {
-
-  private static final Logger logger = LogService.getLogger();
-
-  /**
-   * A set of properties that should be added to the Gemfire system properties
-   * before using the authentication module.
-   */
-  private Properties systemProperties = null;
-
-  /**
-   * A set of properties that should be added to the java system properties
-   * before using the authentication module.
-   */
-  protected Properties javaProperties = null;
-
-  /**
-   * A factory method to create a new instance of an {@link CredentialGenerator}
-   * for the given {@link ClassCode}. Caller is supposed to invoke
-   * {@link CredentialGenerator#init} immediately after obtaining the instance.
-   * 
-   * @param  classCode
-   *         the {@code ClassCode} of the {@code CredentialGenerator}
-   *         implementation
-   * 
-   * @return an instance of {@code CredentialGenerator} for the given class
-   *         code
-   */
-  public static CredentialGenerator create(final ClassCode classCode) {
-    switch (classCode.classType) {
-      // Removing dummy one to reduce test run times
-      // case ClassCode.ID_DUMMY:
-      // return new DummyCredentialGenerator();
-      case ClassCode.ID_LDAP:
-        return new LdapUserCredentialGenerator();
-        // case ClassCode.ID_SSL:ΓΈ
-        // return new SSLCredentialGenerator();
-      case ClassCode.ID_PKCS:
-        return new PKCSCredentialGenerator();
-      default:
-        return null;
-    }
-  }
-
-  /**
-   * Initialize the credential generator.
-   *
-   * @throws IllegalArgumentException when there is a problem during
-   *         initialization
-   */
-  public void init() throws IllegalArgumentException {
-    this.systemProperties = initialize();
-    logger.info("Generating CredentialGenerator with {}", this.systemProperties);
-  }
-
-  /**
-   * @return A set of extra properties that should be added to Gemfire system
-   *         properties when not null.
-   */
-  public Properties getSystemProperties() {
-    return this.systemProperties;
-  }
-
-  /**
-   * @return A set of extra properties that should be added to Gemfire system
-   *         properties when not null.
-   */
-  public Properties getJavaProperties() {
-    return this.javaProperties;
-  }
-
-  /**
-   * The {@link ClassCode} of this particular implementation.
-   * 
-   * @return the {@code ClassCode}
-   */
-  public abstract ClassCode classCode();
-
-  /**
-   * The name of the {@link AuthInitialize} factory function that should be used
-   * in conjunction with the credentials generated by this generator.
-   * 
-   * @return name of the {@code AuthInitialize} factory function
-   */
-  public abstract String getAuthInit();
-
-  /**
-   * The name of the {@link Authenticator} factory function that should be used
-   * in conjunction with the credentials generated by this generator.
-   * 
-   * @return name of the {@code Authenticator} factory function
-   */
-  public abstract String getAuthenticator();
-
-  /**
-   * Get a set of valid credentials generated using the given index.
-   */
-  public abstract Properties getValidCredentials(final int index);
-
-  /**
-   * Get a set of valid credentials for the given {@link Principal}.
-   * 
-   * @return credentials for the given {@code Principal} or null if none
-   *         possible.
-   */
-  public abstract Properties getValidCredentials(final Principal principal);
-
-  /**
-   * Get a set of invalid credentials generated using the given index.
-   */
-  public abstract Properties getInvalidCredentials(final int index);
-
-  /**
-   * Initialize the credential generator. This is provided separately from the
-   * {@link #init()} method for convenience of implementations so that they do not
-   * need to store in {@link #systemProperties}. The latter is convenient for the users
-   * who do not need to store these properties rather can obtain it later by
-   * invoking {@link #getSystemProperties()}
-   *
-   * <p>Required to be implemented by concrete classes that implement this abstract
-   * class.
-   *
-   * @return A set of extra properties that should be added to Gemfire system
-   *         properties when not null.
-   *
-   * @throws IllegalArgumentException when there is a problem during
-   *         initialization
-   */
-  protected abstract Properties initialize() throws IllegalArgumentException;
-
-  /**
-   * Enumeration for various {@link CredentialGenerator} implementations.
-   *
-   * <p>The following schemes are supported as of now:
-   * {@code DummyAuthenticator}, {@code LdapUserAuthenticator},
-   * {@code PKCSAuthenticator}. In addition SSL socket mode with mutual
-   * authentication is also supported.
-   *
-   * <p>To add a new authentication scheme the following needs to be done:
-   * <ul>
-   * <li>Add implementations for {@link AuthInitialize} and
-   * {@link Authenticator} classes for clients/peers.</li>
-   * <li>Add a new enumeration value for the scheme in this class. Notice the
-   * size of {@code VALUES} array and increase that if it is getting
-   * overflowed. Note the methods and fields for existing schemes and add for
-   * the new one in a similar manner.</li>
-   * <li>Add an implementation for {@link CredentialGenerator}.</li>
-   * <li>Modify the CredentialGenerator.Factory#create [no such Factory exists] method to add
-   * creation of an instance of the new implementation for the
-   * {@code ClassCode} enumeration value.</li>
-   * </ul>
-   *
-   * <p>All security dunit tests will automagically start testing the new
-   * implementation after this.
-   *
-   * @since GemFire 5.5
-   */
-  public static final class ClassCode {
-
-    private static byte nextOrdinal = 0;
-
-    private static final byte ID_DUMMY = 1;
-    private static final byte ID_LDAP = 2;
-    private static final byte ID_PKCS = 3;
-    private static final byte ID_SSL = 4;
-
-    private static final ClassCode[] VALUES = new ClassCode[10];
-    private static final Map CODE_NAME_MAP = new HashMap();
-
-    public static final ClassCode DUMMY = new ClassCode(DummyAuthenticator.class.getName() + ".create", ID_DUMMY);
-    public static final ClassCode LDAP = new ClassCode(LdapUserAuthenticator.class.getName() + ".create", ID_LDAP);
-    public static final ClassCode PKCS = new ClassCode(PKCSAuthenticator.class.getName() + ".create", ID_PKCS);
-    public static final ClassCode SSL = new ClassCode("SSL", ID_SSL);
-
-    /** The name of this class. */
-    private final String name;
-
-    /** byte used as ordinal to represent this class */
-    private final byte ordinal;
-
-    /**
-     * One of the following: ID_DUMMY, ID_LDAP, ID_PKCS
-     */
-    private final byte classType;
-
-    /** Creates a new instance of class code. */
-    private ClassCode(final String name, final byte classType) {
-      this.name = name;
-      this.classType = classType;
-      this.ordinal = nextOrdinal++;
-      VALUES[this.ordinal] = this;
-      CODE_NAME_MAP.put(name, this);
-    }
-
-    public boolean isDummy() {
-      return this.classType == ID_DUMMY;
-    }
-
-    public boolean isLDAP() {
-      return this.classType == ID_LDAP;
-    }
-
-    public boolean isPKCS() {
-      return this.classType == ID_PKCS;
-    }
-
-    public boolean isSSL() {
-      return this.classType == ID_SSL;
-    }
-
-    /**
-     * Returns the {@code ClassCode} represented by specified ordinal.
-     */
-    public static ClassCode fromOrdinal(final byte ordinal) {
-      return VALUES[ordinal];
-    }
-
-    /**
-     * Returns the {@code ClassCode} represented by specified string.
-     */
-    public static ClassCode parse(final String operationName) {
-      return (ClassCode) CODE_NAME_MAP.get(operationName);
-    }
-
-    /**
-     * Returns all the possible values.
-     */
-    public static List getAll() {
-      final List codes = new ArrayList();
-      for (Iterator iter = CODE_NAME_MAP.values().iterator(); iter.hasNext();) {
-        codes.add(iter.next());
-      }
-      return codes;
-    }
-
-    /**
-     * Returns the ordinal for this operation code.
-     *
-     * @return the ordinal of this operation.
-     */
-    public byte toOrdinal() {
-      return this.ordinal;
-    }
-
-    /**
-     * Returns a string representation for this operation.
-     *
-     * @return the name of this operation.
-     */
-    @Override
-    public final String toString() {
-      return this.name;
-    }
-
-    /**
-     * Indicates whether other object is same as this one.
-     *
-     * @return true if other object is same as this one.
-     */
-    @Override
-    public final boolean equals(final Object obj) {
-      if (obj == this) {
-        return true;
-      }
-      if (!(obj instanceof ClassCode)) {
-        return false;
-      }
-      final ClassCode other = (ClassCode)obj;
-      return other.ordinal == this.ordinal;
-    }
-
-    /**
-     * Indicates whether other {@code ClassCode} is same as this one.
-     *
-     * @return true if other {@code ClassCode} is same as this one.
-     */
-    public final boolean equals(final ClassCode opCode) {
-      return opCode != null && opCode.ordinal == this.ordinal;
-    }
-
-    /**
-     * Returns a hash code value for this {@code ClassCode} which is the
-     * same as its ordinal.
-     *
-     * @return the ordinal of this operation.
-     */
-    @Override
-    public final int hashCode() {
-      return this.ordinal;
-    }
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/generator/DummyAuthzCredentialGenerator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/generator/DummyAuthzCredentialGenerator.java b/geode-core/src/test/java/com/gemstone/gemfire/security/generator/DummyAuthzCredentialGenerator.java
deleted file mode 100755
index 64fb84a..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/generator/DummyAuthzCredentialGenerator.java
+++ /dev/null
@@ -1,129 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.security.generator;
-
-import java.security.Principal;
-import java.util.HashSet;
-import java.util.Properties;
-import java.util.Set;
-
-import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
-import com.gemstone.gemfire.security.templates.DummyAuthorization;
-import com.gemstone.gemfire.security.templates.UsernamePrincipal;
-
-public class DummyAuthzCredentialGenerator extends AuthzCredentialGenerator {
-
-  public static final byte READER_ROLE = 1;
-  public static final byte WRITER_ROLE = 2;
-  public static final byte ADMIN_ROLE = 3;
-
-  private static Set readerOpsSet;
-  private static Set writerOpsSet;
-
-  static {
-    readerOpsSet = new HashSet();
-    for (int index = 0; index < DummyAuthorization.READER_OPS.length; index++) {
-      readerOpsSet.add(DummyAuthorization.READER_OPS[index]);
-    }
-
-    writerOpsSet = new HashSet();
-    for (int index = 0; index < DummyAuthorization.WRITER_OPS.length; index++) {
-      writerOpsSet.add(DummyAuthorization.WRITER_OPS[index]);
-    }
-  }
-
-  public static byte getRequiredRole(final OperationCode[] opCodes) {
-    byte roleType = ADMIN_ROLE;
-    boolean requiresReader = true;
-    boolean requiresWriter = true;
-
-    for (int opNum = 0; opNum < opCodes.length; opNum++) {
-      if (requiresReader && !readerOpsSet.contains(opCodes[opNum])) {
-        requiresReader = false;
-      }
-      if (requiresWriter && !writerOpsSet.contains(opCodes[opNum])) {
-        requiresWriter = false;
-      }
-    }
-    if (requiresReader) {
-      roleType = READER_ROLE;
-    }
-    else if (requiresWriter) {
-      roleType = WRITER_ROLE;
-    }
-    return roleType;
-  }
-
-  @Override
-  protected Properties init() throws IllegalArgumentException {
-    if (!this.generator.classCode().isDummy()) {
-      throw new IllegalArgumentException("DummyAuthorization module only works with DummyAuthenticator");
-    }
-    return null;
-  }
-
-  @Override
-  public ClassCode classCode() {
-    return ClassCode.DUMMY;
-  }
-
-  @Override
-  public String getAuthorizationCallback() {
-    return DummyAuthorization.class.getName() + ".create";
-  }
-
-  @Override
-  protected Principal getAllowedPrincipal(final OperationCode[] opCodes, final String[] regionNames, final int index) {
-    final byte roleType = getRequiredRole(opCodes);
-    return getPrincipal(roleType, index);
-  }
-
-  @Override
-  protected Principal getDisallowedPrincipal(final OperationCode[] opCodes, final String[] regionNames, final int index) {
-    byte roleType = getRequiredRole(opCodes);
-    byte disallowedRoleType;
-    switch (roleType) {
-      case READER_ROLE:
-        disallowedRoleType = WRITER_ROLE;
-        break;
-      case WRITER_ROLE:
-        disallowedRoleType = READER_ROLE;
-        break;
-      default:
-        disallowedRoleType = READER_ROLE;
-        break;
-    }
-    return getPrincipal(disallowedRoleType, index);
-  }
-
-  @Override
-  protected int getNumPrincipalTries(final OperationCode[] opCodes,  final String[] regionNames) {
-    return 5;
-  }
-
-  private Principal getPrincipal(final byte roleType, final int index) {
-    String[] admins = new String[] { "root", "admin", "administrator" };
-    switch (roleType) {
-      case READER_ROLE:
-        return new UsernamePrincipal("reader" + index);
-      case WRITER_ROLE:
-        return new UsernamePrincipal("writer" + index);
-      default:
-        return new UsernamePrincipal(admins[index % admins.length]);
-    }
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/generator/DummyCredentialGenerator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/generator/DummyCredentialGenerator.java b/geode-core/src/test/java/com/gemstone/gemfire/security/generator/DummyCredentialGenerator.java
deleted file mode 100755
index 77ffbd9..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/generator/DummyCredentialGenerator.java
+++ /dev/null
@@ -1,89 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.security.generator;
-
-import java.security.Principal;
-import java.util.Properties;
-
-import com.gemstone.gemfire.security.templates.DummyAuthenticator;
-import com.gemstone.gemfire.security.templates.UserPasswordAuthInit;
-
-public class DummyCredentialGenerator extends CredentialGenerator {
-
-  @Override
-  protected Properties initialize() throws IllegalArgumentException {
-    return null;
-  }
-
-  @Override
-  public ClassCode classCode() {
-    return ClassCode.DUMMY;
-  }
-
-  @Override
-  public String getAuthInit() {
-    return UserPasswordAuthInit.class.getName() + ".create";
-  }
-
-  @Override
-  public String getAuthenticator() {
-    return DummyAuthenticator.class.getName() + ".create";
-  }
-
-  @Override
-  public Properties getValidCredentials(final int index) {
-    final String[] validGroups = new String[] { "admin", "user", "reader", "writer" };
-    final String[] admins = new String[] { "root", "admin", "administrator" };
-
-    final Properties props = new Properties();
-    final int groupNum = index % validGroups.length;
-
-    String userName;
-    if (groupNum == 0) {
-      userName = admins[index % admins.length];
-    } else {
-      userName = validGroups[groupNum] + (index / validGroups.length);
-    }
-
-    props.setProperty(UserPasswordAuthInit.USER_NAME, userName);
-    props.setProperty(UserPasswordAuthInit.PASSWORD, userName);
-    return props;
-  }
-
-  @Override
-  public Properties getValidCredentials(final Principal principal) {
-    final String userName = principal.getName();
-
-    if (DummyAuthenticator.checkValidName(userName)) {
-      Properties props = new Properties();
-      props.setProperty(UserPasswordAuthInit.USER_NAME, userName);
-      props.setProperty(UserPasswordAuthInit.PASSWORD, userName);
-      return props;
-
-    } else {
-      throw new IllegalArgumentException("Dummy: [" + userName + "] is not a valid user");
-    }
-  }
-
-  @Override
-  public Properties getInvalidCredentials(int index) {
-    Properties props = new Properties();
-    props.setProperty(UserPasswordAuthInit.USER_NAME, "invalid" + index);
-    props.setProperty(UserPasswordAuthInit.PASSWORD, "none");
-    return props;
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/generator/LdapUserCredentialGenerator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/generator/LdapUserCredentialGenerator.java b/geode-core/src/test/java/com/gemstone/gemfire/security/generator/LdapUserCredentialGenerator.java
deleted file mode 100755
index 7cde86d..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/generator/LdapUserCredentialGenerator.java
+++ /dev/null
@@ -1,165 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.security.generator;
-
-import com.gemstone.gemfire.distributed.internal.DistributionConfig;
-import com.gemstone.gemfire.internal.cache.tier.sockets.HandShake;
-import com.gemstone.gemfire.internal.logging.LogService;
-import com.gemstone.gemfire.security.templates.LdapUserAuthenticator;
-import com.gemstone.gemfire.security.templates.UserPasswordAuthInit;
-import com.gemstone.gemfire.test.dunit.Assert;
-import com.gemstone.gemfire.util.test.TestUtil;
-import org.apache.logging.log4j.Logger;
-
-import java.security.Principal;
-import java.util.Properties;
-import java.util.Random;
-
-import static com.gemstone.gemfire.distributed.ConfigurationProperties.*;
-
-public class LdapUserCredentialGenerator extends CredentialGenerator {
-
-  private static final Logger logger = LogService.getLogger();
-
-  private static final String USER_PREFIX = "gemfire";
-  private static final Random RANDOM = new Random();
-  private static final String[] CIPHERS = new String[] { "", "DESede", "AES:128", "Blowfish:128" };
-
-  private static boolean enableServerAuthentication = false;
-
-  private boolean serverAuthEnabled = false;
-
-  public LdapUserCredentialGenerator() {
-    // Toggle server authentication enabled for each test
-    // This is done instead of running all the tests with both
-    // server auth enabled/disabled to reduce test run time.
-    enableServerAuthentication = !enableServerAuthentication;
-    this.serverAuthEnabled = enableServerAuthentication;
-  }
-
-  @Override
-  protected Properties initialize() throws IllegalArgumentException {
-    final String ldapServer = System.getProperty("gf.ldap.server", "ldap");
-    final String ldapBaseDN = System.getProperty("gf.ldap.basedn", "ou=ldapTesting,dc=pune,dc=gemstone,dc=com");
-    final String ldapUseSSL = System.getProperty("gf.ldap.usessl");
-
-    final Properties extraProps = new Properties();
-    extraProps.setProperty(LdapUserAuthenticator.LDAP_SERVER_NAME, ldapServer);
-    extraProps.setProperty(LdapUserAuthenticator.LDAP_BASEDN_NAME, ldapBaseDN);
-
-    if (ldapUseSSL != null && ldapUseSSL.length() > 0) {
-      extraProps.setProperty(LdapUserAuthenticator.LDAP_SSL_NAME, ldapUseSSL);
-    }
-
-    if (serverAuthEnabled) {
-      String keyStoreFile = TestUtil.getResourcePath(LdapUserCredentialGenerator.class, PKCSCredentialGenerator.keyStoreDir + "/gemfire1.keystore");
-      extraProps.setProperty(HandShake.PRIVATE_KEY_FILE_PROP, keyStoreFile);
-      extraProps.setProperty(HandShake.PRIVATE_KEY_ALIAS_PROP, DistributionConfig.GEMFIRE_PREFIX);
-      extraProps.setProperty(HandShake.PRIVATE_KEY_PASSWD_PROP, "gemfire");
-    }
-
-    Assert.assertNotNull(extraProps.getProperty(LdapUserAuthenticator.LDAP_BASEDN_NAME));
-
-    logger.info("Generating LdapUserCredentialGenerator with {}", extraProps);
-
-    return extraProps;
-  }
-
-  @Override
-  public ClassCode classCode() {
-    return ClassCode.LDAP;
-  }
-
-  @Override
-  public String getAuthInit() {
-    return UserPasswordAuthInit.class.getName() + ".create";
-  }
-
-  @Override
-  public String getAuthenticator() {
-    return LdapUserAuthenticator.class.getName() + ".create";
-  }
-
-  @Override
-  public Properties getValidCredentials(final int index) {
-    final Properties props = new Properties();
-    props.setProperty(UserPasswordAuthInit.USER_NAME, USER_PREFIX + ((index % 10) + 1));
-    props.setProperty(UserPasswordAuthInit.PASSWORD, USER_PREFIX + ((index % 10) + 1));
-    props.setProperty(SECURITY_CLIENT_DHALGO, CIPHERS[RANDOM.nextInt(CIPHERS.length)]);
-
-    if (serverAuthEnabled) {
-      final String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, PKCSCredentialGenerator.keyStoreDir + "/publickeyfile");
-      props.setProperty(HandShake.PUBLIC_KEY_FILE_PROP, keyStoreFile);
-      props.setProperty(HandShake.PUBLIC_KEY_PASSWD_PROP, "gemfire");
-    }
-
-    return props;
-  }
-
-  @Override
-  public Properties getValidCredentials(final Principal principal) {
-    Properties props = null;
-    final String userName = principal.getName();
-
-    if (userName != null && userName.startsWith(USER_PREFIX)) {
-      boolean isValid;
-
-      try {
-        final int suffix = Integer.parseInt(userName.substring(USER_PREFIX.length()));
-        isValid = (suffix >= 1 && suffix <= 10);
-      } catch (Exception ex) {
-        isValid = false;
-      }
-
-      if (isValid) {
-        props = new Properties();
-        props.setProperty(UserPasswordAuthInit.USER_NAME, userName);
-        props.setProperty(UserPasswordAuthInit.PASSWORD, userName);
-      }
-    }
-
-    if (props == null) {
-      throw new IllegalArgumentException("LDAP: [" + userName + "] not a valid user");
-    }
-
-    props.setProperty(SECURITY_CLIENT_DHALGO, CIPHERS[RANDOM.nextInt(CIPHERS.length)]);
-
-    if (serverAuthEnabled) {
-      final String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, PKCSCredentialGenerator.keyStoreDir + "/publickeyfile");
-      props.setProperty(HandShake.PUBLIC_KEY_FILE_PROP, keyStoreFile);
-      props.setProperty(HandShake.PUBLIC_KEY_PASSWD_PROP, "gemfire");
-    }
-
-    return props;
-  }
-
-  @Override
-  public Properties getInvalidCredentials(final int index) {
-    final Properties props = new Properties();
-    props.setProperty(UserPasswordAuthInit.USER_NAME, "invalid" + index);
-    props.setProperty(UserPasswordAuthInit.PASSWORD, "none");
-    props.setProperty(SECURITY_CLIENT_DHALGO, CIPHERS[RANDOM.nextInt(CIPHERS.length)]);
-
-    if (serverAuthEnabled) {
-      final String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, PKCSCredentialGenerator.keyStoreDir + "/publickeyfile");
-      props.setProperty(HandShake.PUBLIC_KEY_FILE_PROP, keyStoreFile);
-      props.setProperty(HandShake.PUBLIC_KEY_PASSWD_PROP, "gemfire");
-    }
-
-    return props;
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/generator/PKCSCredentialGenerator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/generator/PKCSCredentialGenerator.java b/geode-core/src/test/java/com/gemstone/gemfire/security/generator/PKCSCredentialGenerator.java
deleted file mode 100755
index 09381b8..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/generator/PKCSCredentialGenerator.java
+++ /dev/null
@@ -1,115 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.security.generator;
-
-import java.security.Principal;
-import java.security.Provider;
-import java.security.Security;
-import java.util.Properties;
-
-import com.gemstone.gemfire.security.templates.PKCSAuthInit;
-import com.gemstone.gemfire.security.templates.PKCSAuthenticator;
-import com.gemstone.gemfire.util.test.TestUtil;
-
-public class PKCSCredentialGenerator extends CredentialGenerator {
-
-  public static String keyStoreDir = getKeyStoreDir();
-  public static boolean usesIBMJSSE;
-
-  // Checks if the current JVM uses only IBM JSSE providers.
-  private static boolean usesIBMProviders() {
-    final Provider[] providers = Security.getProviders();
-    for (int index = 0; index < providers.length; ++index) {
-      if (!providers[index].getName().toLowerCase().startsWith("ibm")) {
-        return false;
-      }
-    }
-    return true;
-  }
-
-  private static String getKeyStoreDir() {
-    usesIBMJSSE = usesIBMProviders();
-    if (usesIBMJSSE) {
-      return "/com/gemstone/gemfire/security/generator/keys/ibm";
-    } else {
-      return "/com/gemstone/gemfire/security/generator/keys";
-    }
-  }
-
-  @Override
-  protected Properties initialize() throws IllegalArgumentException {
-    final String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, keyStoreDir + "/publickeyfile");
-
-    final Properties props = new Properties();
-    props.setProperty(PKCSAuthenticator.PUBLIC_KEY_FILE, keyStoreFile);
-    props.setProperty(PKCSAuthenticator.PUBLIC_KEYSTORE_PASSWORD, "gemfire");
-
-    return props;
-  }
-
-  @Override
-  public ClassCode classCode() {
-    return ClassCode.PKCS;
-  }
-
-  @Override
-  public String getAuthInit() {
-    return PKCSAuthInit.class.getName() + ".create";
-  }
-
-  @Override
-  public String getAuthenticator() {
-    return PKCSAuthenticator.class.getName() + ".create";
-  }
-
-  @Override
-  public Properties getInvalidCredentials(int index) {
-    final String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, keyStoreDir + "/gemfire11.keystore");
-
-    final Properties props = new Properties();
-    props.setProperty(PKCSAuthInit.KEYSTORE_FILE_PATH, keyStoreFile);
-    props.setProperty(PKCSAuthInit.KEYSTORE_ALIAS, "gemfire11");
-    props.setProperty(PKCSAuthInit.KEYSTORE_PASSWORD, "gemfire");
-
-    return props;
-  }
-
-  @Override
-  public Properties getValidCredentials(int index) {
-    final int aliasnum = (index % 10) + 1;
-    final String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, keyStoreDir + "/gemfire" + aliasnum + ".keystore");
-
-    final Properties props = new Properties();
-    props.setProperty(PKCSAuthInit.KEYSTORE_FILE_PATH, keyStoreFile);
-    props.setProperty(PKCSAuthInit.KEYSTORE_ALIAS, "gemfire" + aliasnum);
-    props.setProperty(PKCSAuthInit.KEYSTORE_PASSWORD, "gemfire");
-
-    return props;
-  }
-
-  @Override
-  public Properties getValidCredentials(Principal principal) {
-    final String keyStoreFile = TestUtil.getResourcePath(PKCSCredentialGenerator.class, keyStoreDir + principal.getName() + ".keystore");
-
-    final Properties props = new Properties();
-    props.setProperty(PKCSAuthInit.KEYSTORE_FILE_PATH, keyStoreFile);
-    props.setProperty(PKCSAuthInit.KEYSTORE_ALIAS, principal.getName());
-    props.setProperty(PKCSAuthInit.KEYSTORE_PASSWORD, "gemfire");
-
-    return props;
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/generator/SSLCredentialGenerator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/generator/SSLCredentialGenerator.java b/geode-core/src/test/java/com/gemstone/gemfire/security/generator/SSLCredentialGenerator.java
deleted file mode 100755
index 6b6e3de..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/generator/SSLCredentialGenerator.java
+++ /dev/null
@@ -1,123 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.security.generator;
-
-import com.gemstone.gemfire.internal.logging.LogService;
-import com.gemstone.gemfire.security.AuthenticationFailedException;
-import org.apache.logging.log4j.Logger;
-
-import java.io.File;
-import java.io.IOException;
-import java.security.Principal;
-import java.util.Properties;
-
-import static com.gemstone.gemfire.distributed.ConfigurationProperties.*;
-
-public class SSLCredentialGenerator extends CredentialGenerator {
-
-  private static final Logger logger = LogService.getLogger();
-
-  @Override
-  protected Properties initialize() throws IllegalArgumentException {
-    this.javaProperties = getValidJavaSSLProperties();
-    return getSSLProperties();
-  }
-
-  @Override
-  public ClassCode classCode() {
-    return ClassCode.SSL;
-  }
-
-  @Override
-  public String getAuthInit() {
-    return null;
-  }
-
-  @Override
-  public String getAuthenticator() {
-    return null;
-  }
-
-  @Override
-  public Properties getValidCredentials(int index) {
-    this.javaProperties = getValidJavaSSLProperties();
-    return getSSLProperties();
-  }
-
-  @Override
-  public Properties getValidCredentials(final Principal principal) {
-    this.javaProperties = getValidJavaSSLProperties();
-    return getSSLProperties();
-  }
-
-  @Override
-  public Properties getInvalidCredentials(final int index) {
-    this.javaProperties = getInvalidJavaSSLProperties();
-    return getSSLProperties();
-  }
-
-  private File findTrustedJKS() {
-    final File ssldir = new File(System.getProperty("JTESTS") + "/ssl");
-    return new File(ssldir, "trusted.keystore");
-  }
-
-  private File findUntrustedJKS() {
-    final File ssldir = new File(System.getProperty("JTESTS") + "/ssl");
-    return new File(ssldir, "untrusted.keystore");
-  }
-
-  private Properties getValidJavaSSLProperties() {
-    final File jks = findTrustedJKS();
-
-    try {
-      final Properties props = new Properties();
-      props.setProperty("javax.net.ssl.trustStore", jks.getCanonicalPath());
-      props.setProperty("javax.net.ssl.trustStorePassword", "password");
-      props.setProperty("javax.net.ssl.keyStore", jks.getCanonicalPath());
-      props.setProperty("javax.net.ssl.keyStorePassword", "password");
-      return props;
-
-    } catch (IOException ex) {
-      throw new AuthenticationFailedException("SSL: Exception while opening the key store: " + ex.getMessage(), ex);
-    }
-  }
-
-  private Properties getInvalidJavaSSLProperties() {
-    final File jks = findUntrustedJKS();
-
-    try {
-      final Properties props = new Properties();
-      props.setProperty("javax.net.ssl.trustStore", jks.getCanonicalPath());
-      props.setProperty("javax.net.ssl.trustStorePassword", "password");
-      props.setProperty("javax.net.ssl.keyStore", jks.getCanonicalPath());
-      props.setProperty("javax.net.ssl.keyStorePassword", "password");
-      return props;
-
-    } catch (IOException ex) {
-      throw new AuthenticationFailedException("SSL: Exception while opening the key store: " + ex.getMessage(), ex);
-    }
-  }
-
-  private Properties getSSLProperties() {
-    Properties props = new Properties();
-    props.setProperty(CLUSTER_SSL_CIPHERS, "true");
-    props.setProperty(CLUSTER_SSL_REQUIRE_AUTHENTICATION, "true");
-    props.setProperty(CLUSTER_SSL_CIPHERS, "SSL_RSA_WITH_3DES_EDE_CBC_SHA");
-    props.setProperty(CLUSTER_SSL_PROTOCOLS, "TLSv1");
-    return props;
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/generator/UserPasswordWithExtraPropsAuthInit.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/generator/UserPasswordWithExtraPropsAuthInit.java b/geode-core/src/test/java/com/gemstone/gemfire/security/generator/UserPasswordWithExtraPropsAuthInit.java
deleted file mode 100755
index 1240533..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/generator/UserPasswordWithExtraPropsAuthInit.java
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.security.generator;
-
-import com.gemstone.gemfire.distributed.DistributedMember;
-import com.gemstone.gemfire.distributed.internal.DistributionConfig;
-import com.gemstone.gemfire.security.AuthInitialize;
-import com.gemstone.gemfire.security.AuthenticationFailedException;
-import com.gemstone.gemfire.security.templates.UserPasswordAuthInit;
-
-import java.util.Iterator;
-import java.util.Properties;
-
-/**
- * An {@link AuthInitialize} implementation that obtains the user name and
- * password as the credentials from the given set of properties. If 
- * keep-extra-props property exits, it will copy rest of the
- * properties provided in getCredential props argument will also be 
- * copied as new credentials.
- * 
- * @since GemFire 5.5
- */
-public class UserPasswordWithExtraPropsAuthInit extends UserPasswordAuthInit {
-
-  public static final String SECURITY_PREFIX = DistributionConfig.SECURITY_PREFIX_NAME;
-  public static final String EXTRA_PROPS = "security-keep-extra-props";
-
-  public static AuthInitialize create() {
-    return new UserPasswordWithExtraPropsAuthInit();
-  }
-
-  public UserPasswordWithExtraPropsAuthInit() {
-    super();
-  }
-
-  @Override
-  public Properties getCredentials(final Properties securityProperties, final DistributedMember server, final boolean isPeer) throws AuthenticationFailedException {
-    final Properties securityPropertiesCopy = super.getCredentials(securityProperties, server, isPeer);
-    final String extraProps = securityProperties.getProperty(EXTRA_PROPS);
-
-    if (extraProps != null) {
-    	for (Iterator it = securityProperties.keySet().iterator(); it.hasNext();) {
-    		final String key = (String) it.next();
-    		if (key.startsWith(SECURITY_PREFIX) &&
-    		    key.equalsIgnoreCase(USER_NAME) == false &&
-    		    key.equalsIgnoreCase(PASSWORD) == false &&
-    		    key.equalsIgnoreCase(EXTRA_PROPS) == false) {
-    			securityPropertiesCopy.setProperty(key, securityProperties.getProperty(key));
-    		}
-    	}
-    	this.securityLogWriter.fine("got everything and now have: " + securityPropertiesCopy.keySet().toString());
-    }
-
-    return securityPropertiesCopy;
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/generator/XmlAuthzCredentialGenerator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/generator/XmlAuthzCredentialGenerator.java b/geode-core/src/test/java/com/gemstone/gemfire/security/generator/XmlAuthzCredentialGenerator.java
deleted file mode 100755
index 7dcf5ae..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/generator/XmlAuthzCredentialGenerator.java
+++ /dev/null
@@ -1,257 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.security.generator;
-
-import java.security.Principal;
-import java.util.HashSet;
-import java.util.Properties;
-import java.util.Set;
-
-import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
-import com.gemstone.gemfire.security.templates.UsernamePrincipal;
-import com.gemstone.gemfire.security.templates.XmlAuthorization;
-import com.gemstone.gemfire.util.test.TestUtil;
-
-public class XmlAuthzCredentialGenerator extends AuthzCredentialGenerator {
-
-  private static final String dummyXml = "authz-dummy.xml";
-  private static final String ldapXml = "authz-ldap.xml";
-  private static final String pkcsXml = "authz-pkcs.xml";
-  private static final String sslXml = "authz-ssl.xml";
-
-  private static final String[] QUERY_REGIONS = { "/Portfolios", "/Positions", "/AuthRegion" };
-
-  public static OperationCode[] READER_OPS = {
-      OperationCode.GET,
-      OperationCode.REGISTER_INTEREST,
-      OperationCode.UNREGISTER_INTEREST,
-      OperationCode.KEY_SET,
-      OperationCode.CONTAINS_KEY,
-      OperationCode.EXECUTE_FUNCTION };
-
-  public static OperationCode[] WRITER_OPS = {
-      OperationCode.PUT,
-      OperationCode.DESTROY,
-      OperationCode.INVALIDATE,
-      OperationCode.REGION_CLEAR };
-
-  public static OperationCode[] QUERY_OPS = {
-      OperationCode.QUERY,
-      OperationCode.EXECUTE_CQ,
-      OperationCode.STOP_CQ,
-      OperationCode.CLOSE_CQ };
-
-  private static final byte READER_ROLE = 1;
-  private static final byte WRITER_ROLE = 2;
-  private static final byte QUERY_ROLE = 3;
-  private static final byte ADMIN_ROLE = 4;
-
-  private static Set readerOpsSet;
-  private static Set writerOpsSet;
-  private static Set queryOpsSet;
-  private static Set queryRegionSet;
-
-  static {
-    readerOpsSet = new HashSet();
-    for (int index = 0; index < READER_OPS.length; index++) {
-      readerOpsSet.add(READER_OPS[index]);
-    }
-
-    writerOpsSet = new HashSet();
-    for (int index = 0; index < WRITER_OPS.length; index++) {
-      writerOpsSet.add(WRITER_OPS[index]);
-    }
-
-    queryOpsSet = new HashSet();
-    for (int index = 0; index < QUERY_OPS.length; index++) {
-      queryOpsSet.add(QUERY_OPS[index]);
-    }
-
-    queryRegionSet = new HashSet();
-    for (int index = 0; index < QUERY_REGIONS.length; index++) {
-      queryRegionSet.add(QUERY_REGIONS[index]);
-    }
-  }
-
-  @Override
-  protected Properties init() throws IllegalArgumentException {
-    final Properties sysProps = new Properties();
-    final String dirName = "/com/gemstone/gemfire/security/generator/";
-
-    if (this.generator.classCode().isDummy()) {
-      final String xmlFilename = TestUtil.getResourcePath(XmlAuthzCredentialGenerator.class, dirName + dummyXml);
-      sysProps.setProperty(XmlAuthorization.DOC_URI_PROP_NAME, xmlFilename);
-
-    } else if (this.generator.classCode().isLDAP()) {
-      final String xmlFilename = TestUtil.getResourcePath(XmlAuthzCredentialGenerator.class, dirName + ldapXml);
-      sysProps.setProperty(XmlAuthorization.DOC_URI_PROP_NAME, xmlFilename);
-
-      // } else if (this.generator.classCode().isPKCS()) {
-      //   sysProps.setProperty(XmlAuthorization.DOC_URI_PROP_NAME, dirName + pkcsXml);
-      // }
-      // } else if (this.generator.classCode().isSSL()) {
-      //   sysProps.setProperty(XmlAuthorization.DOC_URI_PROP_NAME, dirName + sslXml);
-      // }
-
-    } else {
-      throw new IllegalArgumentException("No XML defined for XmlAuthorization module to work with " + this.generator.getAuthenticator());
-    }
-    return sysProps;
-  }
-
-  @Override
-  public ClassCode classCode() {
-    return ClassCode.XML;
-  }
-
-  @Override
-  public String getAuthorizationCallback() {
-    return XmlAuthorization.class.getName() + ".create";
-  }
-
-  private Principal getDummyPrincipal(final byte roleType, final int index) {
-    final String[] admins = new String[] { "root", "admin", "administrator" };
-    final int numReaders = 3;
-    final int numWriters = 3;
-
-    switch (roleType) {
-      case READER_ROLE:
-        return new UsernamePrincipal("reader" + (index % numReaders));
-      case WRITER_ROLE:
-        return new UsernamePrincipal("writer" + (index % numWriters));
-      case QUERY_ROLE:
-        return new UsernamePrincipal("reader" + ((index % 2) + 3));
-      default:
-        return new UsernamePrincipal(admins[index % admins.length]);
-    }
-  }
-
-  @Override
-  protected Principal getAllowedPrincipal(final OperationCode[] opCodes, final String[] regionNames, final int index) {
-    if (this.generator.classCode().isDummy()) {
-      final byte roleType = getRequiredRole(opCodes, regionNames);
-      return getDummyPrincipal(roleType, index);
-
-    } else if (this.generator.classCode().isLDAP()) {
-      final byte roleType = getRequiredRole(opCodes, regionNames);
-      return getLdapPrincipal(roleType, index);
-    }
-
-    return null;
-  }
-
-  @Override
-  protected Principal getDisallowedPrincipal(final OperationCode[] opCodes, final String[] regionNames, final int index) {
-    final byte roleType = getRequiredRole(opCodes, regionNames);
-
-    byte disallowedRoleType = READER_ROLE;
-    switch (roleType) {
-      case READER_ROLE:
-        disallowedRoleType = WRITER_ROLE;
-        break;
-      case WRITER_ROLE:
-        disallowedRoleType = READER_ROLE;
-        break;
-      case QUERY_ROLE:
-        disallowedRoleType = READER_ROLE;
-        break;
-      case ADMIN_ROLE:
-        disallowedRoleType = READER_ROLE;
-        break;
-    }
-
-    if (this.generator.classCode().isDummy()) {
-      return getDummyPrincipal(disallowedRoleType, index);
-
-    } else if (this.generator.classCode().isLDAP()) {
-      return getLdapPrincipal(disallowedRoleType, index);
-    }
-
-    return null;
-  }
-
-  @Override
-  protected int getNumPrincipalTries(final OperationCode[] opCodes, final String[] regionNames) {
-    return 5;
-  }
-
-  private Principal getLdapPrincipal(final byte roleType, final int index) {
-    final String userPrefix = "gemfire";
-    final int[] readerIndices = { 3, 4, 5 };
-    final int[] writerIndices = { 6, 7, 8 };
-    final int[] queryIndices = { 9, 10 };
-    final int[] adminIndices = { 1, 2 };
-
-    switch (roleType) {
-      case READER_ROLE:
-        int readerIndex = readerIndices[index % readerIndices.length];
-        return new UsernamePrincipal(userPrefix + readerIndex);
-      case WRITER_ROLE:
-        int writerIndex = writerIndices[index % writerIndices.length];
-        return new UsernamePrincipal(userPrefix + writerIndex);
-      case QUERY_ROLE:
-        int queryIndex = queryIndices[index % queryIndices.length];
-        return new UsernamePrincipal(userPrefix + queryIndex);
-      default:
-        int adminIndex = adminIndices[index % adminIndices.length];
-        return new UsernamePrincipal(userPrefix + adminIndex);
-    }
-  }
-
-  private byte getRequiredRole(final OperationCode[] opCodes, final String[] regionNames) {
-    byte roleType = ADMIN_ROLE;
-    boolean requiresReader = true;
-    boolean requiresWriter = true;
-    boolean requiresQuery = true;
-
-    for (int opNum = 0; opNum < opCodes.length; opNum++) {
-      final OperationCode opCode = opCodes[opNum];
-      if (requiresReader && !readerOpsSet.contains(opCode)) {
-        requiresReader = false;
-      }
-      if (requiresWriter && !writerOpsSet.contains(opCode)) {
-        requiresWriter = false;
-      }
-      if (requiresQuery && !queryOpsSet.contains(opCode)) {
-        requiresQuery = false;
-      }
-    }
-
-    if (requiresReader) {
-      roleType = READER_ROLE;
-
-    } else if (requiresWriter) {
-      roleType = WRITER_ROLE;
-
-    } else if (requiresQuery) {
-      if (regionNames != null && regionNames.length > 0) {
-        for (int index = 0; index < regionNames.length; index++) {
-          final String regionName = XmlAuthorization.normalizeRegionName(regionNames[index]);
-          if (requiresQuery && !queryRegionSet.contains(regionName)) {
-            requiresQuery = false;
-            break;
-          }
-        }
-        if (requiresQuery) {
-          roleType = QUERY_ROLE;
-        }
-      }
-    }
-
-    return roleType;
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/templates/DummyAuthenticator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/DummyAuthenticator.java b/geode-core/src/test/java/com/gemstone/gemfire/security/templates/DummyAuthenticator.java
deleted file mode 100755
index f086b67..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/DummyAuthenticator.java
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.security.templates;
-
-import java.security.Principal;
-import java.util.Properties;
-
-import com.gemstone.gemfire.LogWriter;
-import com.gemstone.gemfire.distributed.DistributedMember;
-import com.gemstone.gemfire.security.AuthenticationFailedException;
-import com.gemstone.gemfire.security.Authenticator;
-
-/**
- * A dummy implementation of the {@link Authenticator} interface that expects a
- * user name and password allowing authentication depending on the format of the
- * user name.
- *
- * @since GemFire 5.5
- */
-public class DummyAuthenticator implements Authenticator {
-
-  public static Authenticator create() {
-    return new DummyAuthenticator();
-  }
-
-  public static boolean checkValidName(final String userName) {
-    return userName.startsWith("user") ||
-           userName.startsWith("reader") ||
-           userName.startsWith("writer") ||
-           userName.equals("admin") ||
-           userName.equals("root") ||
-           userName.equals("administrator");
-  }
-
-  @Override
-  public void init(final Properties securityProperties, final LogWriter systemLogWriter, final LogWriter securityLogWriter) throws AuthenticationFailedException {
-  }
-
-  @Override
-  public Principal authenticate(final Properties credentials, final DistributedMember member) throws AuthenticationFailedException {
-    final String userName = credentials.getProperty(UserPasswordAuthInit.USER_NAME);
-    if (userName == null) {
-      throw new AuthenticationFailedException("DummyAuthenticator: user name property [" + UserPasswordAuthInit.USER_NAME + "] not provided");
-    }
-
-    final String password = credentials.getProperty(UserPasswordAuthInit.PASSWORD);
-    if (password == null) {
-      throw new AuthenticationFailedException( "DummyAuthenticator: password property [" + UserPasswordAuthInit.PASSWORD + "] not provided");
-    }
-
-    if (userName.equals(password) && checkValidName(userName)) {
-      return new UsernamePrincipal(userName);
-    } else {
-      throw new AuthenticationFailedException("DummyAuthenticator: Invalid user name [" + userName + "], password supplied.");
-    }
-  }
-
-  @Override
-  public void close() {
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/templates/DummyAuthorization.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/DummyAuthorization.java b/geode-core/src/test/java/com/gemstone/gemfire/security/templates/DummyAuthorization.java
deleted file mode 100755
index df08676..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/DummyAuthorization.java
+++ /dev/null
@@ -1,122 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.security.templates;
-
-import java.security.Principal;
-import java.util.HashSet;
-import java.util.Set;
-
-import com.gemstone.gemfire.LogWriter;
-import com.gemstone.gemfire.cache.Cache;
-import com.gemstone.gemfire.cache.operations.OperationContext;
-import com.gemstone.gemfire.cache.operations.OperationContext.OperationCode;
-import com.gemstone.gemfire.distributed.DistributedMember;
-import com.gemstone.gemfire.security.AccessControl;
-import com.gemstone.gemfire.security.NotAuthorizedException;
-
-/**
- * A dummy implementation of the {@code AccessControl} interface that
- * allows authorization depending on the format of the {@code Principal}
- * string.
- * 
- * @since GemFire 5.5
- */
-public class DummyAuthorization implements AccessControl {
-
-  private Set allowedOps;
-  private DistributedMember remoteMember;
-  private LogWriter securityLogWriter;
-
-  public static final OperationCode[] READER_OPS = {
-      OperationCode.GET,
-      OperationCode.QUERY,
-      OperationCode.EXECUTE_CQ,
-      OperationCode.CLOSE_CQ,
-      OperationCode.STOP_CQ,
-      OperationCode.REGISTER_INTEREST,
-      OperationCode.UNREGISTER_INTEREST,
-      OperationCode.KEY_SET,
-      OperationCode.CONTAINS_KEY,
-      OperationCode.EXECUTE_FUNCTION };
-
-  public static final OperationCode[] WRITER_OPS = {
-      OperationCode.PUT,
-      OperationCode.PUTALL,
-      OperationCode.DESTROY,
-      OperationCode.INVALIDATE,
-      OperationCode.REGION_CLEAR };
-
-  public static AccessControl create() {
-    return new DummyAuthorization();
-  }
-
-  public DummyAuthorization() {
-    this.allowedOps = new HashSet(20);
-  }
-
-  @Override
-  public void init(final Principal principal, final DistributedMember remoteMember, final Cache cache) throws NotAuthorizedException {
-    if (principal != null) {
-
-      final String name = principal.getName().toLowerCase();
-
-      if (name != null) {
-
-        if (name.equals("root") || name.equals("admin") || name.equals("administrator")) {
-          addReaderOps();
-          addWriterOps();
-          this.allowedOps.add(OperationCode.REGION_CREATE);
-          this.allowedOps.add(OperationCode.REGION_DESTROY);
-
-        } else if (name.startsWith("writer")) {
-          addWriterOps();
-
-        } else if (name.startsWith("reader")) {
-          addReaderOps();
-        }
-
-      }
-    }
-
-    this.remoteMember = remoteMember;
-    this.securityLogWriter = cache.getSecurityLogger();
-  }
-
-  @Override
-  public boolean authorizeOperation(String regionName, OperationContext context) {
-    final OperationCode opCode = context.getOperationCode();
-    this.securityLogWriter.fine("Invoked authorize operation for [" + opCode + "] in region [" + regionName + "] for client: " + remoteMember);
-    return this.allowedOps.contains(opCode);
-  }
-
-  @Override
-  public void close() {
-    this.allowedOps.clear();
-  }
-
-  private void addReaderOps() {
-    for (int index = 0; index < READER_OPS.length; index++) {
-      this.allowedOps.add(READER_OPS[index]);
-    }
-  }
-
-  private void addWriterOps() {
-    for (int index = 0; index < WRITER_OPS.length; index++) {
-      this.allowedOps.add(WRITER_OPS[index]);
-    }
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/templates/FunctionSecurityPrmsHolder.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/FunctionSecurityPrmsHolder.java b/geode-core/src/test/java/com/gemstone/gemfire/security/templates/FunctionSecurityPrmsHolder.java
deleted file mode 100755
index 275a4ad..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/FunctionSecurityPrmsHolder.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.security.templates;
-
-import java.util.Set;
-
-/**
- * This is a sample class for objects which hold information of the authorized
- * function names and authorized value for the {@code optimizeForWrite}.
- * 
- * @since GemFire 6.0
- */
-public class FunctionSecurityPrmsHolder {
-
-  private final Boolean optimizeForWrite;
-  private final Set<String> functionIds;
-  private final Set<String> keySet;
-
-  public FunctionSecurityPrmsHolder(final Boolean optimizeForWrite, final Set<String> functionIds, final Set<String> keySet) {
-    this.optimizeForWrite = optimizeForWrite;
-    this.functionIds = functionIds;
-    this.keySet = keySet;
-  }
-
-  public Boolean isOptimizeForWrite() {
-    return this.optimizeForWrite;
-  }
-
-  public Set<String> getFunctionIds() {
-    return this.functionIds;
-  }
-
-  public Set<String> getKeySet() {
-    return this.keySet;
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/templates/LdapUserAuthenticator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/LdapUserAuthenticator.java b/geode-core/src/test/java/com/gemstone/gemfire/security/templates/LdapUserAuthenticator.java
deleted file mode 100755
index a9e875e..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/LdapUserAuthenticator.java
+++ /dev/null
@@ -1,107 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.security.templates;
-
-import java.security.Principal;
-import java.util.Properties;
-import javax.naming.Context;
-import javax.naming.directory.DirContext;
-import javax.naming.directory.InitialDirContext;
-
-import org.apache.logging.log4j.Logger;
-
-import com.gemstone.gemfire.LogWriter;
-import com.gemstone.gemfire.distributed.DistributedMember;
-import com.gemstone.gemfire.internal.logging.LogService;
-import com.gemstone.gemfire.security.AuthenticationFailedException;
-import com.gemstone.gemfire.security.Authenticator;
-
-/**
- * An implementation of {@link Authenticator} that uses LDAP.
- *
- * @since GemFire 5.5
- */
-public class LdapUserAuthenticator implements Authenticator {
-
-  private static final Logger logger = LogService.getLogger();
-
-  public static final String LDAP_SERVER_NAME = "security-ldap-server";
-  public static final String LDAP_BASEDN_NAME = "security-ldap-basedn";
-  public static final String LDAP_SSL_NAME = "security-ldap-usessl";
-
-  private String ldapServer = null;
-  private String baseDomainName = null;
-  private String ldapUrlScheme = null;
-
-  public static Authenticator create() {
-    return new LdapUserAuthenticator();
-  }
-
-  @Override
-  public void init(final Properties securityProps, final LogWriter systemLogWriter, final LogWriter securityLogWriter) throws AuthenticationFailedException {
-    logger.info("Initializing LdapUserAuthenticator with {}", securityProps);
-
-    this.ldapServer = securityProps.getProperty(LDAP_SERVER_NAME);
-    if (this.ldapServer == null || this.ldapServer.length() == 0) {
-      throw new AuthenticationFailedException("LdapUserAuthenticator: LDAP server property [" + LDAP_SERVER_NAME + "] not specified");
-    }
-
-    this.baseDomainName = securityProps.getProperty(LDAP_BASEDN_NAME);
-    if (this.baseDomainName == null || this.baseDomainName.length() == 0) {
-      throw new AuthenticationFailedException("LdapUserAuthenticator: LDAP base DN property [" + LDAP_BASEDN_NAME + "] not specified");
-    }
-
-    final String sslName = securityProps.getProperty(LDAP_SSL_NAME);
-    if (sslName != null && sslName.toLowerCase().equals("true")) {
-      this.ldapUrlScheme = "ldaps://";
-    } else {
-      this.ldapUrlScheme = "ldap://";
-    }
-  }
-
-  @Override
-  public Principal authenticate(final Properties credentials, final DistributedMember member) {
-    final String userName = credentials.getProperty(UserPasswordAuthInit.USER_NAME);
-    if (userName == null) {
-      throw new AuthenticationFailedException("LdapUserAuthenticator: user name property [" + UserPasswordAuthInit.USER_NAME + "] not provided");
-    }
-
-    String password = credentials.getProperty(UserPasswordAuthInit.PASSWORD);
-    if (password == null) {
-      password = "";
-    }
-
-    final Properties env = new Properties();
-    env.put(Context.INITIAL_CONTEXT_FACTORY, com.sun.jndi.ldap.LdapCtxFactory.class.getName());
-    env.put(Context.PROVIDER_URL, this.ldapUrlScheme + this.ldapServer + '/' + this.baseDomainName);
-    env.put(Context.SECURITY_PRINCIPAL, "uid=" + userName + "," + this.baseDomainName);
-    env.put(Context.SECURITY_CREDENTIALS, password);
-
-    try {
-      final DirContext ctx = new InitialDirContext(env);
-      ctx.close();
-    } catch (Exception e) {
-      throw new AuthenticationFailedException("LdapUserAuthenticator: Failure with provided username, password combination for user name: " + userName, e);
-    }
-
-    return new UsernamePrincipal(userName);
-  }
-
-  @Override
-  public void close() {
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/templates/PKCSAuthInit.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/PKCSAuthInit.java b/geode-core/src/test/java/com/gemstone/gemfire/security/templates/PKCSAuthInit.java
deleted file mode 100755
index f58d305..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/PKCSAuthInit.java
+++ /dev/null
@@ -1,120 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.security.templates;
-
-import java.io.FileInputStream;
-import java.security.Key;
-import java.security.KeyStore;
-import java.security.PrivateKey;
-import java.security.Signature;
-import java.security.cert.X509Certificate;
-import java.util.Properties;
-
-import org.apache.logging.log4j.Logger;
-
-import com.gemstone.gemfire.LogWriter;
-import com.gemstone.gemfire.distributed.DistributedMember;
-import com.gemstone.gemfire.internal.logging.LogService;
-import com.gemstone.gemfire.security.AuthInitialize;
-import com.gemstone.gemfire.security.AuthenticationFailedException;
-
-/**
- * An {@link AuthInitialize} implementation that obtains the digital signature
- * for use with PKCS scheme on server from the given set of properties.
- * 
- * To use this class the {@code security-client-auth-init} property should be
- * set to the fully qualified name the static {@code create} function
- * viz. {@code com.gemstone.gemfire.security.templates.PKCSAuthInit.create}
- * 
- * @since GemFire 5.5
- */
-public class PKCSAuthInit implements AuthInitialize {
-
-  private static final Logger logger = LogService.getLogger();
-
-  public static final String KEYSTORE_FILE_PATH = "security-keystorepath";
-  public static final String KEYSTORE_ALIAS = "security-alias";
-  public static final String KEYSTORE_PASSWORD = "security-keystorepass";
-  public static final String SIGNATURE_DATA = "security-signature";
-
-  protected LogWriter systemLogWriter;
-  protected LogWriter securityLogWriter;
-
-  public static AuthInitialize create() {
-    return new PKCSAuthInit();
-  }
-
-  @Override
-  public void init(final LogWriter systemLogWriter, final LogWriter securityLogWriter) throws AuthenticationFailedException {
-    this.systemLogWriter = systemLogWriter;
-    this.securityLogWriter = securityLogWriter;
-  }
-
-  @Override
-  public Properties getCredentials(final Properties securityProperties, final DistributedMember server, final boolean isPeer) throws AuthenticationFailedException {
-    final String keyStorePath = securityProperties.getProperty(KEYSTORE_FILE_PATH);
-    if (keyStorePath == null) {
-      throw new AuthenticationFailedException("PKCSAuthInit: key-store file path property [" + KEYSTORE_FILE_PATH + "] not set.");
-    }
-
-    final String alias = securityProperties.getProperty(KEYSTORE_ALIAS);
-    if (alias == null) {
-      throw new AuthenticationFailedException("PKCSAuthInit: key alias name property [" + KEYSTORE_ALIAS + "] not set.");
-    }
-
-    final String keyStorePass = securityProperties.getProperty(KEYSTORE_PASSWORD);
-
-    try {
-      final KeyStore ks = KeyStore.getInstance("PKCS12");
-      final char[] passPhrase = (keyStorePass != null ? keyStorePass.toCharArray() : null);
-      final FileInputStream certificatefile = new FileInputStream(keyStorePath);
-
-      try {
-        ks.load(certificatefile, passPhrase);
-      } finally {
-        certificatefile.close();
-      }
-
-      final Key key = ks.getKey(alias, passPhrase);
-
-      if (key instanceof PrivateKey) {
-        final PrivateKey privKey = (PrivateKey)key;
-        final X509Certificate cert = (X509Certificate)ks.getCertificate(alias);
-        final Signature sig = Signature.getInstance(cert.getSigAlgName());
-
-        sig.initSign(privKey);
-        sig.update(alias.getBytes("UTF-8"));
-        final byte[] signatureBytes = sig.sign();
-
-        final Properties newprops = new Properties();
-        newprops.put(KEYSTORE_ALIAS, alias);
-        newprops.put(SIGNATURE_DATA, signatureBytes);
-        return newprops;
-
-      } else {
-        throw new AuthenticationFailedException("PKCSAuthInit: " + "Failed to load private key from the given file: " + keyStorePath);
-      }
-
-    } catch (Exception ex) {
-      throw new AuthenticationFailedException("PKCSAuthInit: Exception while getting credentials: " + ex, ex);
-    }
-  }
-
-  @Override
-  public void close() {
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/templates/PKCSAuthenticator.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/PKCSAuthenticator.java b/geode-core/src/test/java/com/gemstone/gemfire/security/templates/PKCSAuthenticator.java
deleted file mode 100755
index ac5939d..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/PKCSAuthenticator.java
+++ /dev/null
@@ -1,158 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.security.templates;
-
-import java.io.FileInputStream;
-import java.security.KeyStore;
-import java.security.NoSuchAlgorithmException;
-import java.security.Principal;
-import java.security.Signature;
-import java.security.cert.Certificate;
-import java.security.cert.X509Certificate;
-import java.security.spec.InvalidKeySpecException;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Properties;
-
-import org.apache.logging.log4j.Logger;
-
-import com.gemstone.gemfire.LogWriter;
-import com.gemstone.gemfire.distributed.DistributedMember;
-import com.gemstone.gemfire.internal.logging.LogService;
-import com.gemstone.gemfire.security.AuthenticationFailedException;
-import com.gemstone.gemfire.security.Authenticator;
-
-/**
- * An implementation of {@link Authenticator} that uses PKCS.
- */
-public class PKCSAuthenticator implements Authenticator {
-
-  private static final Logger logger = LogService.getLogger();
-
-  public static final String PUBLIC_KEY_FILE = "security-publickey-filepath";
-  public static final String PUBLIC_KEYSTORE_PASSWORD = "security-publickey-pass";
-
-  private String pubKeyFilePath;
-  private String pubKeyPass;
-  private Map aliasCertificateMap;
-
-  private LogWriter systemLogWriter;
-  private LogWriter securityLogWriter;
-
-  public static Authenticator create() {
-    return new PKCSAuthenticator();
-  }
-
-  @Override
-  public void init(final Properties securityProperties, final LogWriter systemLogWriter, final LogWriter securityLogWriter) throws AuthenticationFailedException {
-    this.systemLogWriter = systemLogWriter;
-    this.securityLogWriter = securityLogWriter;
-
-    this.pubKeyFilePath = securityProperties.getProperty(PUBLIC_KEY_FILE);
-    if (this.pubKeyFilePath == null) {
-      throw new AuthenticationFailedException("PKCSAuthenticator: property " + PUBLIC_KEY_FILE + " not specified as the public key file.");
-    }
-
-    this.pubKeyPass = securityProperties.getProperty(PUBLIC_KEYSTORE_PASSWORD);
-    this.aliasCertificateMap = new HashMap();
-
-    populateMap();
-  }
-
-  @Override
-  public Principal authenticate(final Properties credentials, final DistributedMember member) throws AuthenticationFailedException {
-    final String alias = (String)credentials.get(PKCSAuthInit.KEYSTORE_ALIAS);
-    if (alias == null || alias.length() <= 0) {
-      throw new AuthenticationFailedException("No alias received");
-    }
-
-    try {
-      final X509Certificate cert = getCertificate(alias);
-      if (cert == null) {
-        throw newException("No certificate found for alias:" + alias);
-      }
-
-      final byte[] signatureBytes = (byte[])credentials.get(PKCSAuthInit.SIGNATURE_DATA);
-      if (signatureBytes == null) {
-        throw newException("signature data property [" + PKCSAuthInit.SIGNATURE_DATA + "] not provided");
-      }
-
-      final Signature sig = Signature.getInstance(cert.getSigAlgName());
-      sig.initVerify(cert);
-      sig.update(alias.getBytes("UTF-8"));
-
-      if (!sig.verify(signatureBytes)) {
-        throw newException("verification of client signature failed");
-      }
-
-      return new PKCSPrincipal(alias);
-
-    } catch (Exception ex) {
-      throw newException(ex.toString(), ex);
-    }
-  }
-
-  @Override
-  public void close() {
-  }
-
-  private void populateMap() {
-    try {
-      final KeyStore keyStore = KeyStore.getInstance("JKS");
-      final char[] passPhrase = this.pubKeyPass != null ? this.pubKeyPass.toCharArray() : null;
-      final FileInputStream keyStoreFile = new FileInputStream(this.pubKeyFilePath);
-
-      try {
-        keyStore.load(keyStoreFile, passPhrase);
-      } finally {
-        keyStoreFile.close();
-      }
-
-      for (Enumeration e = keyStore.aliases(); e.hasMoreElements();) {
-        final Object alias = e.nextElement();
-        final Certificate cert = keyStore.getCertificate((String)alias);
-        if (cert instanceof X509Certificate) {
-          this.aliasCertificateMap.put(alias, cert);
-        }
-      }
-
-    } catch (Exception e) {
-      throw new AuthenticationFailedException("Exception while getting public keys: " + e.getMessage(), e);
-    }
-  }
-
-  private AuthenticationFailedException newException(final String message, final Exception cause) {
-    final String fullMessage = "PKCSAuthenticator: Authentication of client failed due to: " + message;
-    if (cause != null) {
-      return new AuthenticationFailedException(fullMessage, cause);
-    } else {
-      return new AuthenticationFailedException(fullMessage);
-    }
-  }
-
-  private AuthenticationFailedException newException(final String message) {
-    return newException(message, null);
-  }
-
-  private X509Certificate getCertificate(final String alias) throws NoSuchAlgorithmException, InvalidKeySpecException {
-    if (this.aliasCertificateMap.containsKey(alias)) {
-      return (X509Certificate) this.aliasCertificateMap.get(alias);
-    }
-    return null;
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/templates/PKCSPrincipal.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/PKCSPrincipal.java b/geode-core/src/test/java/com/gemstone/gemfire/security/templates/PKCSPrincipal.java
deleted file mode 100755
index 4a6c45e..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/PKCSPrincipal.java
+++ /dev/null
@@ -1,40 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.gemstone.gemfire.security.templates;
-
-import java.io.Serializable;
-import java.security.Principal;
-
-public class PKCSPrincipal implements Principal, Serializable {
-
-  private final String alias;
-
-  public PKCSPrincipal(final String alias) {
-    this.alias = alias;
-  }
-
-  @Override
-  public String getName() {
-    return this.alias;
-  }
-
-  @Override
-  public String toString() {
-    return this.alias;
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/templates/PKCSPrincipalTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/PKCSPrincipalTest.java b/geode-core/src/test/java/com/gemstone/gemfire/security/templates/PKCSPrincipalTest.java
deleted file mode 100644
index 95cd99c..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/PKCSPrincipalTest.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.security.templates;
-
-import static org.assertj.core.api.Assertions.*;
-
-import java.io.Serializable;
-
-import org.apache.commons.lang.SerializationUtils;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-import com.gemstone.gemfire.test.junit.categories.SecurityTest;
-import com.gemstone.gemfire.test.junit.categories.UnitTest;
-
-/**
- * Unit tests for {@link PKCSPrincipal}
- */
-@Category({ UnitTest.class, SecurityTest.class })
-public class PKCSPrincipalTest {
-
-  @Test
-  public void isSerializable() throws Exception {
-    assertThat(PKCSPrincipal.class).isInstanceOf(Serializable.class);
-  }
-
-  @Test
-  public void canBeSerialized() throws Exception {
-    String name = "jsmith";
-    PKCSPrincipal instance = new PKCSPrincipal(name);
-
-    PKCSPrincipal cloned = (PKCSPrincipal) SerializationUtils.clone(instance);
-
-    assertThat(cloned.getName()).isEqualTo(name);
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/templates/UserPasswordAuthInit.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/UserPasswordAuthInit.java b/geode-core/src/test/java/com/gemstone/gemfire/security/templates/UserPasswordAuthInit.java
deleted file mode 100755
index 76c6987..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/UserPasswordAuthInit.java
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.security.templates;
-
-import java.util.Properties;
-
-import com.gemstone.gemfire.LogWriter;
-import com.gemstone.gemfire.distributed.DistributedMember;
-import com.gemstone.gemfire.security.AuthInitialize;
-import com.gemstone.gemfire.security.AuthenticationFailedException;
-
-/**
- * An {@link AuthInitialize} implementation that obtains the user name and
- * password as the credentials from the given set of properties.
- * 
- * To use this class the {@code security-client-auth-init} property should be
- * set to the fully qualified name the static {@code create} method
- * viz. {@code com.gemstone.gemfire.security.templates.UserPasswordAuthInit.create}
- * 
- * @since GemFire 5.5
- */
-public class UserPasswordAuthInit implements AuthInitialize {
-
-  public static final String USER_NAME = "security-username";
-  public static final String PASSWORD = "security-password";
-
-  protected LogWriter systemLogWriter;
-  protected LogWriter securityLogWriter;
-
-  public static AuthInitialize create() {
-    return new UserPasswordAuthInit();
-  }
-
-  @Override
-  public void init(final LogWriter systemLogWriter, final LogWriter securityLogWriter) throws AuthenticationFailedException {
-    this.systemLogWriter = systemLogWriter;
-    this.securityLogWriter = securityLogWriter;
-  }
-
-  @Override
-  public Properties getCredentials(final Properties securityProperties, final DistributedMember server, final boolean isPeer) throws AuthenticationFailedException {
-    String userName = securityProperties.getProperty(USER_NAME);
-    if (userName == null) {
-      throw new AuthenticationFailedException("UserPasswordAuthInit: user name property [" + USER_NAME + "] not set.");
-    }
-
-    String password = securityProperties.getProperty(PASSWORD);
-    if (password == null) {
-      password = "";
-    }
-
-    Properties securityPropertiesCopy = new Properties();
-    securityPropertiesCopy.setProperty(USER_NAME, userName);
-    securityPropertiesCopy.setProperty(PASSWORD, password);
-    return securityPropertiesCopy;
-  }
-
-  @Override
-  public void close() {
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/9d7a6960/geode-core/src/test/java/com/gemstone/gemfire/security/templates/UsernamePrincipal.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/UsernamePrincipal.java b/geode-core/src/test/java/com/gemstone/gemfire/security/templates/UsernamePrincipal.java
deleted file mode 100755
index 4eefe46..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/security/templates/UsernamePrincipal.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.security.templates;
-
-import java.io.Serializable;
-import java.security.Principal;
-
-/**
- * An implementation of {@link Principal} class for a simple user name.
- * 
- * @since GemFire 5.5
- */
-public class UsernamePrincipal implements Principal, Serializable {
-
-  private final String userName;
-
-  public UsernamePrincipal(final String userName) {
-    this.userName = userName;
-  }
-
-  @Override
-  public String getName() {
-    return this.userName;
-  }
-
-  @Override
-  public String toString() {
-    return this.userName;
-  }
-}



Mime
View raw message