Return-Path: <commits-return-21022-archive-asf-public=cust-asf.ponee.io@geode.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 401E7200CBD
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Thu,  1 Jun 2017 01:15:05 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id 3E99C160BDB; Wed, 31 May 2017 23:15:05 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id E641D160BF6
	for <archive-asf-public@cust-asf.ponee.io>; Thu,  1 Jun 2017 01:15:02 +0200 (CEST)
Received: (qmail 85380 invoked by uid 500); 31 May 2017 23:15:01 -0000
Mailing-List: contact commits-help@geode.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@geode.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@geode.apache.org>
List-Post: <mailto:commits@geode.apache.org>
List-Id: <commits.geode.apache.org>
Reply-To: dev@geode.apache.org
Delivered-To: mailing list commits@geode.apache.org
Received: (qmail 84800 invoked by uid 99); 31 May 2017 23:15:01 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 31 May 2017 23:15:01 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33)
	id E83BDE03B3; Wed, 31 May 2017 23:15:00 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: klund@apache.org
To: commits@geode.apache.org
Date: Wed, 31 May 2017 23:15:30 -0000
Message-Id: <88f3172c43fd4008810fe0fc873e3111@git.apache.org>
In-Reply-To: <8ff2a823186449a69fab942e32084a45@git.apache.org>
References: <8ff2a823186449a69fab942e32084a45@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: [31/35] geode git commit: milestone
archived-at: Wed, 31 May 2017 23:15:05 -0000

http://git-wip-us.apache.org/repos/asf/geode/blob/d5dc97c8/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceFactoryTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceFactoryTest.java b/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceFactoryTest.java
new file mode 100644
index 0000000..9bb81ac
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceFactoryTest.java
@@ -0,0 +1,226 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.geode.internal.security;
+
+import static org.apache.geode.distributed.ConfigurationProperties.*;
+import static org.assertj.core.api.Assertions.*;
+import static org.mockito.Mockito.*;
+
+import java.util.Properties;
+
+import org.apache.geode.security.PostProcessor;
+import org.apache.geode.security.SecurityManager;
+import org.apache.geode.test.junit.categories.UnitTest;
+
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+@Category(UnitTest.class)
+public class SecurityServiceFactoryTest {
+
+  @Test
+  public void getPostProcessor_null_throwsNPE() throws Exception {
+    assertThatThrownBy(() -> SecurityServiceFactory.getPostProcessor(null, null)).isExactlyInstanceOf(NullPointerException.class);
+  }
+
+  @Test
+  public void getPostProcessor_returnsPostProcessor() throws Exception {
+    PostProcessor mockPostProcessor = mock(PostProcessor.class);
+
+    assertThat(SecurityServiceFactory.getPostProcessor(mockPostProcessor, null)).isSameAs(mockPostProcessor);
+  }
+
+  @Test
+  public void getPostProcessor_SecurityConfig_initsPostProcessor() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_POST_PROCESSOR, FakePostProcessor.class.getName());
+
+    PostProcessor postProcessor = SecurityServiceFactory.getPostProcessor(null, securityConfig);
+
+    assertThat(postProcessor).isInstanceOf(FakePostProcessor.class);
+
+    FakePostProcessor fakePostProcessor = (FakePostProcessor) postProcessor;
+
+    assertThat(fakePostProcessor.getInitInvocations()).isEqualTo(1);
+    assertThat(fakePostProcessor.getSecurityProps()).isSameAs(securityConfig);
+  }
+
+  @Test
+  public void getPostProcessor_prefersPostProcessorOverSecurityConfig() throws Exception {
+    PostProcessor mockPostProcessor = mock(PostProcessor.class);
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_POST_PROCESSOR, FakePostProcessor.class.getName());
+
+    assertThat(SecurityServiceFactory.getPostProcessor(mockPostProcessor, securityConfig)).isSameAs(mockPostProcessor);
+  }
+
+  @Test
+  public void getSecurityManager_null_throwsNPE() throws Exception {
+    assertThatThrownBy(() -> SecurityServiceFactory.getSecurityManager(null, null)).isExactlyInstanceOf(NullPointerException.class);
+  }
+
+  @Test
+  public void getSecurityManager_returnsSecurityManager() throws Exception {
+    SecurityManager mockSecurityManager = mock(SecurityManager.class);
+
+    assertThat(SecurityServiceFactory.getSecurityManager(mockSecurityManager, null)).isSameAs(mockSecurityManager);
+  }
+
+  @Test
+  public void getSecurityManager_SecurityConfig_initsSecurityManager() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_MANAGER, FakeSecurityManager.class.getName());
+
+    SecurityManager securityManager = SecurityServiceFactory.getSecurityManager(null, securityConfig);
+
+    assertThat(securityManager).isInstanceOf(FakeSecurityManager.class);
+
+    FakeSecurityManager fakeSecurityManager = (FakeSecurityManager) securityManager;
+
+    assertThat(fakeSecurityManager.getInitInvocations()).isEqualTo(1);
+    assertThat(fakeSecurityManager.getSecurityProps()).isSameAs(securityConfig);
+  }
+
+  @Test
+  public void getSecurityManager_prefersSecurityManagerOverSecurityConfig() throws Exception {
+    SecurityManager mockSecurityManager = mock(SecurityManager.class);
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_MANAGER, FakePostProcessor.class.getName());
+
+    assertThat(SecurityServiceFactory.getSecurityManager(mockSecurityManager, securityConfig)).isSameAs(mockSecurityManager);
+  }
+
+  @Test
+  public void determineType_null_throwsNPE() throws Exception {
+    assertThatThrownBy(() -> SecurityServiceFactory.determineType(null, null)).isExactlyInstanceOf(NullPointerException.class);
+  }
+
+  @Test
+  public void determineType_shiro_returnsCUSTOM() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_SHIRO_INIT, "value");
+
+    assertThat(SecurityServiceFactory.determineType(securityConfig, null)).isSameAs(SecurityServiceType.CUSTOM);
+  }
+
+  @Test
+  public void determineType_securityManager_returnsENABLED() throws Exception {
+    Properties securityConfig = new Properties();
+    SecurityManager mockSecurityManager = mock(SecurityManager.class);
+
+    assertThat(SecurityServiceFactory.determineType(securityConfig, mockSecurityManager)).isSameAs(SecurityServiceType.ENABLED);
+  }
+
+  @Test
+  public void determineType_prefersCUSTOM() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_SHIRO_INIT, "value");
+    securityConfig.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "value");
+    securityConfig.setProperty(SECURITY_PEER_AUTHENTICATOR, "value");
+    SecurityManager mockSecurityManager = mock(SecurityManager.class);
+
+    assertThat(SecurityServiceFactory.determineType(securityConfig, mockSecurityManager)).isSameAs(SecurityServiceType.CUSTOM);
+  }
+
+  @Test
+  public void determineType_clientAuthenticator_returnsLEGACY() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "value");
+
+    assertThat(SecurityServiceFactory.determineType(securityConfig, null)).isSameAs(SecurityServiceType.LEGACY);
+  }
+
+  @Test
+  public void determineType_peerAuthenticator_returnsLEGACY() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_PEER_AUTHENTICATOR, "value");
+
+    assertThat(SecurityServiceFactory.determineType(securityConfig, null)).isSameAs(SecurityServiceType.LEGACY);
+  }
+
+  @Test
+  public void determineType_authenticators_returnsLEGACY() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "value");
+    securityConfig.setProperty(SECURITY_PEER_AUTHENTICATOR, "value");
+
+    assertThat(SecurityServiceFactory.determineType(securityConfig, null)).isSameAs(SecurityServiceType.LEGACY);
+  }
+
+  @Test
+  public void determineType_empty_returnsDISABLED() throws Exception {
+    Properties securityConfig = new Properties();
+
+    assertThat(SecurityServiceFactory.determineType(securityConfig, null)).isSameAs(SecurityServiceType.DISABLED);
+  }
+
+  @Test
+  @Ignore("Move to IntegrationTest with shiro config")
+  public void create_shiro_createsCustomSecurityService() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_SHIRO_INIT, "value");
+
+    assertThat(SecurityServiceFactory.create(securityConfig, null, null)).isInstanceOf(CustomSecurityService.class);
+  }
+
+  @Test
+  public void create_clientAuthenticator_createsLegacySecurityService() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "value");
+
+    assertThat(SecurityServiceFactory.create(securityConfig, null, null)).isInstanceOf(LegacySecurityService.class);
+  }
+
+  @Test
+  public void create_peerAuthenticator_createsLegacySecurityService() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_PEER_AUTHENTICATOR, "value");
+
+    assertThat(SecurityServiceFactory.create(securityConfig, null, null)).isInstanceOf(LegacySecurityService.class);
+  }
+
+  @Test
+  public void create_authenticators_createsLegacySecurityService() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "value");
+    securityConfig.setProperty(SECURITY_PEER_AUTHENTICATOR, "value");
+
+    assertThat(SecurityServiceFactory.create(securityConfig, null, null)).isInstanceOf(LegacySecurityService.class);
+  }
+
+  @Test
+  @Ignore("Move to IntegrationTest with shiro config")
+  public void create_all_createsCustomSecurityService() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_SHIRO_INIT, "value");
+    securityConfig.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "value");
+    securityConfig.setProperty(SECURITY_PEER_AUTHENTICATOR, "value");
+
+    SecurityManager mockSecurityManager = mock(SecurityManager.class);
+    PostProcessor mockPostProcessor = mock(PostProcessor.class);
+
+    assertThat(SecurityServiceFactory.create(securityConfig, mockSecurityManager, mockPostProcessor)).isInstanceOf(CustomSecurityService.class);
+  }
+
+  @Test
+  public void create_none_createsDisabledSecurityService() throws Exception {
+    Properties securityConfig = new Properties();
+
+    assertThat(SecurityServiceFactory.create(securityConfig, null, null)).isInstanceOf(DisabledSecurityService.class);
+  }
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/geode/blob/d5dc97c8/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/CloseCQ.java
----------------------------------------------------------------------
diff --git a/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/CloseCQ.java b/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/CloseCQ.java
index 18929eb..5a6c3c4 100644
--- a/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/CloseCQ.java
+++ b/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/CloseCQ.java
@@ -31,6 +31,7 @@ import org.apache.geode.internal.cache.tier.sockets.Message;
 import org.apache.geode.internal.cache.tier.sockets.ServerConnection;
 import org.apache.geode.internal.i18n.LocalizedStrings;
 import org.apache.geode.internal.security.AuthorizeRequest;
+import org.apache.geode.internal.security.SecurityService;
 
 
 public class CloseCQ extends BaseCQCommand {
@@ -44,7 +45,7 @@ public class CloseCQ extends BaseCQCommand {
   private CloseCQ() {}
 
   @Override
-  public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start)
+  public void cmdExecute(final Message clientMessage, final ServerConnection serverConnection, final SecurityService securityService, long start)
       throws IOException {
     CachedRegionHelper crHelper = serverConnection.getCachedRegionHelper();
     ClientProxyMembershipID id = serverConnection.getProxyID();

http://git-wip-us.apache.org/repos/asf/geode/blob/d5dc97c8/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/ExecuteCQ.java
----------------------------------------------------------------------
diff --git a/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/ExecuteCQ.java b/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/ExecuteCQ.java
index 86d53f5..026134f 100644
--- a/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/ExecuteCQ.java
+++ b/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/ExecuteCQ.java
@@ -39,6 +39,7 @@ import org.apache.geode.internal.cache.tier.sockets.ServerConnection;
 import org.apache.geode.internal.i18n.LocalizedStrings;
 import org.apache.geode.internal.logging.LogService;
 import org.apache.geode.internal.security.AuthorizeRequest;
+import org.apache.geode.internal.security.SecurityService;
 
 public class ExecuteCQ extends BaseCQCommand {
   protected static final Logger logger = LogService.getLogger();
@@ -52,7 +53,7 @@ public class ExecuteCQ extends BaseCQCommand {
   private ExecuteCQ() {}
 
   @Override
-  public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start)
+  public void cmdExecute(final Message clientMessage, final ServerConnection serverConnection, final SecurityService securityService, long start)
       throws IOException, InterruptedException {
     AcceptorImpl acceptor = serverConnection.getAcceptor();
     CachedRegionHelper crHelper = serverConnection.getCachedRegionHelper();

http://git-wip-us.apache.org/repos/asf/geode/blob/d5dc97c8/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/ExecuteCQ61.java
----------------------------------------------------------------------
diff --git a/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/ExecuteCQ61.java b/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/ExecuteCQ61.java
index fcc45de..f15046a 100755
--- a/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/ExecuteCQ61.java
+++ b/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/ExecuteCQ61.java
@@ -44,6 +44,7 @@ import org.apache.geode.internal.cache.vmotion.VMotionObserverHolder;
 import org.apache.geode.internal.i18n.LocalizedStrings;
 import org.apache.geode.internal.logging.LogService;
 import org.apache.geode.internal.security.AuthorizeRequest;
+import org.apache.geode.internal.security.SecurityService;
 
 /**
  * @since GemFire 6.1
@@ -60,7 +61,7 @@ public class ExecuteCQ61 extends BaseCQCommand {
   private ExecuteCQ61() {}
 
   @Override
-  public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start)
+  public void cmdExecute(final Message clientMessage, final ServerConnection serverConnection, final SecurityService securityService, long start)
       throws IOException, InterruptedException {
     AcceptorImpl acceptor = serverConnection.getAcceptor();
     CachedRegionHelper crHelper = serverConnection.getCachedRegionHelper();

http://git-wip-us.apache.org/repos/asf/geode/blob/d5dc97c8/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/GetCQStats.java
----------------------------------------------------------------------
diff --git a/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/GetCQStats.java b/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/GetCQStats.java
index 0fab303..42b5602 100644
--- a/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/GetCQStats.java
+++ b/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/GetCQStats.java
@@ -24,6 +24,7 @@ import org.apache.geode.internal.cache.tier.MessageType;
 import org.apache.geode.internal.cache.tier.sockets.CacheServerStats;
 import org.apache.geode.internal.cache.tier.sockets.Message;
 import org.apache.geode.internal.cache.tier.sockets.ServerConnection;
+import org.apache.geode.internal.security.SecurityService;
 
 public class GetCQStats extends BaseCQCommand {
 
@@ -36,7 +37,7 @@ public class GetCQStats extends BaseCQCommand {
   private GetCQStats() {}
 
   @Override
-  public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start)
+  public void cmdExecute(final Message clientMessage, final ServerConnection serverConnection, final SecurityService securityService, long start)
       throws IOException {
     CachedRegionHelper crHelper = serverConnection.getCachedRegionHelper();
 

http://git-wip-us.apache.org/repos/asf/geode/blob/d5dc97c8/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/GetDurableCQs.java
----------------------------------------------------------------------
diff --git a/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/GetDurableCQs.java b/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/GetDurableCQs.java
index c14bd72..c44d7d2 100755
--- a/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/GetDurableCQs.java
+++ b/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/GetDurableCQs.java
@@ -32,6 +32,7 @@ import org.apache.geode.internal.cache.tier.sockets.ClientProxyMembershipID;
 import org.apache.geode.internal.cache.tier.sockets.Message;
 import org.apache.geode.internal.cache.tier.sockets.ServerConnection;
 import org.apache.geode.internal.security.AuthorizeRequest;
+import org.apache.geode.internal.security.SecurityService;
 
 public class GetDurableCQs extends BaseCQCommand {
 
@@ -44,7 +45,7 @@ public class GetDurableCQs extends BaseCQCommand {
   private GetDurableCQs() {}
 
   @Override
-  public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start)
+  public void cmdExecute(final Message clientMessage, final ServerConnection serverConnection, final SecurityService securityService, long start)
       throws IOException, InterruptedException {
     AcceptorImpl acceptor = serverConnection.getAcceptor();
     CachedRegionHelper crHelper = serverConnection.getCachedRegionHelper();

http://git-wip-us.apache.org/repos/asf/geode/blob/d5dc97c8/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/MonitorCQ.java
----------------------------------------------------------------------
diff --git a/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/MonitorCQ.java b/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/MonitorCQ.java
index 5f0118b..7c003e5 100644
--- a/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/MonitorCQ.java
+++ b/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/MonitorCQ.java
@@ -24,6 +24,7 @@ import org.apache.geode.internal.cache.tier.MessageType;
 import org.apache.geode.internal.cache.tier.sockets.Message;
 import org.apache.geode.internal.cache.tier.sockets.ServerConnection;
 import org.apache.geode.internal.i18n.LocalizedStrings;
+import org.apache.geode.internal.security.SecurityService;
 
 public class MonitorCQ extends BaseCQCommand {
 
@@ -36,7 +37,7 @@ public class MonitorCQ extends BaseCQCommand {
   private MonitorCQ() {}
 
   @Override
-  public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start)
+  public void cmdExecute(final Message clientMessage, final ServerConnection serverConnection, final SecurityService securityService, long start)
       throws IOException {
     CachedRegionHelper crHelper = serverConnection.getCachedRegionHelper();
     serverConnection.setAsTrue(REQUIRES_RESPONSE);

http://git-wip-us.apache.org/repos/asf/geode/blob/d5dc97c8/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/StopCQ.java
----------------------------------------------------------------------
diff --git a/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/StopCQ.java b/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/StopCQ.java
index 99fbef1..ba5a962 100644
--- a/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/StopCQ.java
+++ b/geode-cq/src/main/java/org/apache/geode/internal/cache/tier/sockets/command/StopCQ.java
@@ -32,6 +32,7 @@ import org.apache.geode.internal.cache.tier.sockets.Message;
 import org.apache.geode.internal.cache.tier.sockets.ServerConnection;
 import org.apache.geode.internal.i18n.LocalizedStrings;
 import org.apache.geode.internal.security.AuthorizeRequest;
+import org.apache.geode.internal.security.SecurityService;
 
 public class StopCQ extends BaseCQCommand {
 
@@ -44,7 +45,7 @@ public class StopCQ extends BaseCQCommand {
   private StopCQ() {}
 
   @Override
-  public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start)
+  public void cmdExecute(final Message clientMessage, final ServerConnection serverConnection, final SecurityService securityService, long start)
       throws IOException {
     CachedRegionHelper crHelper = serverConnection.getCachedRegionHelper();
     ClientProxyMembershipID id = serverConnection.getProxyID();

http://git-wip-us.apache.org/repos/asf/geode/blob/d5dc97c8/geode-lucene/src/main/java/org/apache/geode/cache/lucene/internal/cli/LuceneIndexCommands.java
----------------------------------------------------------------------
diff --git a/geode-lucene/src/main/java/org/apache/geode/cache/lucene/internal/cli/LuceneIndexCommands.java b/geode-lucene/src/main/java/org/apache/geode/cache/lucene/internal/cli/LuceneIndexCommands.java
index 2fa9356..c96bc7b 100755
--- a/geode-lucene/src/main/java/org/apache/geode/cache/lucene/internal/cli/LuceneIndexCommands.java
+++ b/geode-lucene/src/main/java/org/apache/geode/cache/lucene/internal/cli/LuceneIndexCommands.java
@@ -29,8 +29,6 @@ import org.apache.geode.cache.lucene.internal.cli.functions.LuceneSearchIndexFun
 import org.apache.geode.distributed.DistributedMember;
 import org.apache.geode.internal.cache.InternalCache;
 import org.apache.geode.internal.cache.execute.AbstractExecution;
-import org.apache.geode.internal.security.IntegratedSecurityService;
-import org.apache.geode.internal.security.SecurityService;
 import org.apache.geode.management.cli.CliMetaData;
 import org.apache.geode.management.cli.ConverterHint;
 import org.apache.geode.management.cli.Result;
@@ -80,8 +78,6 @@ public class LuceneIndexCommands extends AbstractCommandsSupport {
       new LuceneDestroyIndexFunction();
   private List<LuceneSearchResults> searchResults = null;
 
-  private SecurityService securityService = IntegratedSecurityService.getSecurityService();
-
   @CliCommand(value = LuceneCliStrings.LUCENE_LIST_INDEX,
       help = LuceneCliStrings.LUCENE_LIST_INDEX__HELP)
   @CliMetaData(relatedTopic = {CliStrings.TOPIC_GEODE_REGION, CliStrings.TOPIC_GEODE_DATA})
@@ -182,7 +178,7 @@ public class LuceneIndexCommands extends AbstractCommandsSupport {
     Result result;
     XmlEntity xmlEntity = null;
 
-    this.securityService.authorizeRegionManage(regionPath);
+    getCache().getSecurityService().authorizeRegionManage(regionPath);
     try {
       final InternalCache cache = getCache();
       // trim fields for any leading trailing spaces.
@@ -328,7 +324,7 @@ public class LuceneIndexCommands extends AbstractCommandsSupport {
           CliStrings.format(LuceneCliStrings.LUCENE_DESTROY_INDEX__MSG__INDEX_CANNOT_BE_EMPTY));
     }
 
-    this.securityService.authorizeRegionManage(regionPath);
+    getCache().getSecurityService().authorizeRegionManage(regionPath);
 
     Result result;
     try {

http://git-wip-us.apache.org/repos/asf/geode/blob/d5dc97c8/geode-pulse/src/test/java/org/apache/geode/tools/pulse/tests/Server.java
----------------------------------------------------------------------
diff --git a/geode-pulse/src/test/java/org/apache/geode/tools/pulse/tests/Server.java b/geode-pulse/src/test/java/org/apache/geode/tools/pulse/tests/Server.java
index 087aff4..856cc09 100644
--- a/geode-pulse/src/test/java/org/apache/geode/tools/pulse/tests/Server.java
+++ b/geode-pulse/src/test/java/org/apache/geode/tools/pulse/tests/Server.java
@@ -36,6 +36,7 @@ import javax.management.remote.JMXConnectorServer;
 import javax.management.remote.JMXConnectorServerFactory;
 import javax.management.remote.JMXServiceURL;
 
+import org.apache.geode.internal.security.DisabledSecurityService;
 import org.apache.geode.tools.pulse.internal.data.PulseConstants;
 import org.apache.geode.security.TestSecurityManager;
 import org.apache.shiro.SecurityUtils;
@@ -79,7 +80,7 @@ public class Server {
       SecurityUtils.setSecurityManager(securityManager);
 
       // register the AccessControll bean
-      AccessControlMBean acc = new AccessControlMBean();
+      AccessControlMBean acc = new AccessControlMBean(new DisabledSecurityService());
       ObjectName accessControlMBeanON = new ObjectName(ResourceConstants.OBJECT_NAME_ACCESSCONTROL);
       MBeanServer platformMBeanServer = ManagementFactory.getPlatformMBeanServer();
       platformMBeanServer.registerMBean(acc, accessControlMBeanON);

http://git-wip-us.apache.org/repos/asf/geode/blob/d5dc97c8/geode-rebalancer/src/main/java/org/apache/geode/cache/util/AutoBalancer.java
----------------------------------------------------------------------
diff --git a/geode-rebalancer/src/main/java/org/apache/geode/cache/util/AutoBalancer.java b/geode-rebalancer/src/main/java/org/apache/geode/cache/util/AutoBalancer.java
index 0f1a995..4cc52b2 100644
--- a/geode-rebalancer/src/main/java/org/apache/geode/cache/util/AutoBalancer.java
+++ b/geode-rebalancer/src/main/java/org/apache/geode/cache/util/AutoBalancer.java
@@ -53,7 +53,7 @@ import org.apache.geode.internal.logging.LogService;
  * re-balancing request. Auto-Balancing is expected to prevent failures and data loss.
  * 
  * <P>
- * This implementation is based on {@code Initializer} implementation. By default auto-balancing is
+ * This implementation is based on {@code ConfigInitialization} implementation. By default auto-balancing is
  * disabled. A user needs to configure {@link AutoBalancer} during cache initialization
  * {@link GemFireCache#getInitializer()}
  * 

http://git-wip-us.apache.org/repos/asf/geode/blob/d5dc97c8/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/GeodeAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/GeodeAuthenticationProvider.java b/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/GeodeAuthenticationProvider.java
index 06c0fb1..6d7363f 100644
--- a/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/GeodeAuthenticationProvider.java
+++ b/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/GeodeAuthenticationProvider.java
@@ -16,6 +16,9 @@
 
 package org.apache.geode.rest.internal.web.security;
 
+import org.apache.geode.internal.cache.GemFireCacheImpl;
+import org.apache.geode.internal.cache.InternalCache;
+import org.apache.geode.internal.security.DisabledSecurityService;
 import org.apache.geode.internal.security.SecurityService;
 import org.apache.geode.management.internal.security.ResourceConstants;
 import org.apache.geode.security.GemFireSecurityException;
@@ -32,7 +35,26 @@ import java.util.Properties;
 
 @Component
 public class GeodeAuthenticationProvider implements AuthenticationProvider {
-  private SecurityService securityService = SecurityService.getSecurityService();
+
+  private final SecurityService securityService;
+
+  public GeodeAuthenticationProvider() {
+    // TODO: can we pass SecurityService in?
+    this.securityService = findSecurityService();
+  }
+
+  private static SecurityService findSecurityService() {
+    InternalCache cache = GemFireCacheImpl.getInstance();
+    if (cache != null) {
+      return cache.getSecurityService();
+    } else {
+      return new DisabledSecurityService();
+    }
+  }
+
+  public SecurityService getSecurityService() {
+    return this.securityService;
+  }
 
   @Override
   public Authentication authenticate(Authentication authentication) throws AuthenticationException {

http://git-wip-us.apache.org/repos/asf/geode/blob/d5dc97c8/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/RestSecurityConfiguration.java
----------------------------------------------------------------------
diff --git a/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/RestSecurityConfiguration.java b/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/RestSecurityConfiguration.java
index f0491b7..632f837 100644
--- a/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/RestSecurityConfiguration.java
+++ b/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/RestSecurityConfiguration.java
@@ -35,8 +35,6 @@ import org.springframework.security.config.http.SessionCreationPolicy;
 @ComponentScan("org.apache.geode.rest.internal.web")
 public class RestSecurityConfiguration extends WebSecurityConfigurerAdapter {
 
-  private SecurityService securityService = IntegratedSecurityService.getSecurityService();
-
   @Autowired
   private GeodeAuthenticationProvider authProvider;
 
@@ -58,7 +56,7 @@ public class RestSecurityConfiguration extends WebSecurityConfigurerAdapter {
             "/webjars/springfox-swagger-ui/**", "/swagger-resources/**")
         .permitAll().anyRequest().authenticated().and().csrf().disable();
 
-    if (securityService.isIntegratedSecurity()) {
+    if (this.authProvider.getSecurityService().isIntegratedSecurity()) {
       http.httpBasic();
     } else {
       http.authorizeRequests().anyRequest().permitAll();

http://git-wip-us.apache.org/repos/asf/geode/blob/d5dc97c8/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/SecurityServiceProvider.java
----------------------------------------------------------------------
diff --git a/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/SecurityServiceProvider.java b/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/SecurityServiceProvider.java
new file mode 100644
index 0000000..6bfb28f
--- /dev/null
+++ b/geode-web-api/src/main/java/org/apache/geode/rest/internal/web/security/SecurityServiceProvider.java
@@ -0,0 +1,20 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.geode.rest.internal.web.security;
+
+public class SecurityServiceProvider {
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/d5dc97c8/geode-web/src/test/java/org/apache/geode/management/internal/web/controllers/support/LoginHandlerInterceptorRequestHeaderJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-web/src/test/java/org/apache/geode/management/internal/web/controllers/support/LoginHandlerInterceptorRequestHeaderJUnitTest.java b/geode-web/src/test/java/org/apache/geode/management/internal/web/controllers/support/LoginHandlerInterceptorRequestHeaderJUnitTest.java
index 00156cd..a58bcba 100644
--- a/geode-web/src/test/java/org/apache/geode/management/internal/web/controllers/support/LoginHandlerInterceptorRequestHeaderJUnitTest.java
+++ b/geode-web/src/test/java/org/apache/geode/management/internal/web/controllers/support/LoginHandlerInterceptorRequestHeaderJUnitTest.java
@@ -41,8 +41,7 @@ public class LoginHandlerInterceptorRequestHeaderJUnitTest {
   public void before() {
     LoginHandlerInterceptor.getEnvironment().clear();
     securityService = Mockito.mock(SecurityService.class);
-    interceptor = new LoginHandlerInterceptor();
-    interceptor.setSecurityService(securityService);
+    interceptor = new LoginHandlerInterceptor(securityService);
   }
 
   @After