geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kl...@apache.org
Subject [02/11] geode git commit: GEODE-2632: use immutable SecurityService impls to improve performance
Date Fri, 09 Jun 2017 17:17:27 GMT
http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanShiroJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanShiroJUnitTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanShiroJUnitTest.java
deleted file mode 100644
index d0ea209..0000000
--- a/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanShiroJUnitTest.java
+++ /dev/null
@@ -1,109 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.management.internal.security;
-
-import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
-
-import org.apache.geode.management.CacheServerMXBean;
-import org.apache.geode.test.dunit.rules.ConnectionConfiguration;
-import org.apache.geode.test.dunit.rules.MBeanServerConnectionRule;
-import org.apache.geode.test.dunit.rules.ServerStarterRule;
-import org.apache.geode.test.junit.categories.IntegrationTest;
-import org.apache.geode.test.junit.categories.SecurityTest;
-import org.junit.Before;
-import org.junit.ClassRule;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-@Category({IntegrationTest.class, SecurityTest.class})
-public class CacheServerMBeanShiroJUnitTest {
-  private CacheServerMXBean bean;
-
-  @ClassRule
-  public static ServerStarterRule server = new ServerStarterRule()
-      .withProperty(SECURITY_SHIRO_INIT, "shiro.ini").withJMXManager().withAutoStart();
-
-  @Rule
-  public MBeanServerConnectionRule connectionRule =
-      new MBeanServerConnectionRule(server::getJmxPort);
-
-  @Before
-  public void setUp() throws Exception {
-    bean = connectionRule.getProxyMBean(CacheServerMXBean.class);
-  }
-
-  @Test
-  @ConnectionConfiguration(user = "root", password = "secret")
-  public void testAllAccess() throws Exception {
-    bean.removeIndex("foo");
-    bean.executeContinuousQuery("bar");
-    bean.fetchLoadProbe();
-    bean.getActiveCQCount();
-    bean.stopContinuousQuery("bar");
-    bean.closeAllContinuousQuery("bar");
-    bean.isRunning();
-    bean.showClientQueueDetails("foo");
-  }
-
-  @Test
-  @ConnectionConfiguration(user = "guest", password = "guest")
-  public void testNoAccess() throws Exception {
-    assertThatThrownBy(() -> bean.removeIndex("foo"))
-        .hasMessageContaining(TestCommand.dataManage.toString());
-    assertThatThrownBy(() -> bean.executeContinuousQuery("bar"))
-        .hasMessageContaining(TestCommand.dataRead.toString());
-    assertThatThrownBy(() -> bean.fetchLoadProbe())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-    assertThatThrownBy(() -> bean.getActiveCQCount())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-    assertThatThrownBy(() -> bean.stopContinuousQuery("bar"))
-        .hasMessageContaining(TestCommand.dataManage.toString());
-    assertThatThrownBy(() -> bean.closeAllContinuousQuery("bar"))
-        .hasMessageContaining(TestCommand.dataManage.toString());
-    assertThatThrownBy(() -> bean.isRunning())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-    assertThatThrownBy(() -> bean.showClientQueueDetails("bar"))
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-  }
-
-  @Test
-  @ConnectionConfiguration(user = "regionAReader", password = "password")
-  public void testRegionAccess() throws Exception {
-    assertThatThrownBy(() -> bean.removeIndex("foo"))
-        .hasMessageContaining(TestCommand.dataManage.toString());
-    assertThatThrownBy(() -> bean.fetchLoadProbe())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-    assertThatThrownBy(() -> bean.getActiveCQCount())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-
-    assertThatThrownBy(() -> bean.executeContinuousQuery("bar"))
-        .hasMessageContaining(TestCommand.dataRead.toString());
-  }
-
-  @Test
-  @ConnectionConfiguration(user = "dataReader", password = "12345")
-  public void testDataRead() throws Exception {
-    assertThatThrownBy(() -> bean.removeIndex("foo"))
-        .hasMessageContaining(TestCommand.dataManage.toString());
-    assertThatThrownBy(() -> bean.fetchLoadProbe())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-    assertThatThrownBy(() -> bean.getActiveCQCount())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-
-    bean.executeContinuousQuery("bar");
-  }
-}

http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanWithShiroIniIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanWithShiroIniIntegrationTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanWithShiroIniIntegrationTest.java
new file mode 100644
index 0000000..55f592e
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanWithShiroIniIntegrationTest.java
@@ -0,0 +1,109 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.management.internal.security;
+
+import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
+
+import org.apache.geode.management.CacheServerMXBean;
+import org.apache.geode.test.dunit.rules.ConnectionConfiguration;
+import org.apache.geode.test.dunit.rules.MBeanServerConnectionRule;
+import org.apache.geode.test.dunit.rules.ServerStarterRule;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+import org.junit.Before;
+import org.junit.ClassRule;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+@Category({IntegrationTest.class, SecurityTest.class})
+public class CacheServerMBeanWithShiroIniIntegrationTest {
+  private CacheServerMXBean bean;
+
+  @ClassRule
+  public static ServerStarterRule server = new ServerStarterRule()
+      .withProperty(SECURITY_SHIRO_INIT, "shiro.ini").withJMXManager().withAutoStart();
+
+  @Rule
+  public MBeanServerConnectionRule connectionRule =
+      new MBeanServerConnectionRule(server::getJmxPort);
+
+  @Before
+  public void setUp() throws Exception {
+    bean = connectionRule.getProxyMBean(CacheServerMXBean.class);
+  }
+
+  @Test
+  @ConnectionConfiguration(user = "root", password = "secret")
+  public void testAllAccess() throws Exception {
+    bean.removeIndex("foo");
+    bean.executeContinuousQuery("bar");
+    bean.fetchLoadProbe();
+    bean.getActiveCQCount();
+    bean.stopContinuousQuery("bar");
+    bean.closeAllContinuousQuery("bar");
+    bean.isRunning();
+    bean.showClientQueueDetails("foo");
+  }
+
+  @Test
+  @ConnectionConfiguration(user = "guest", password = "guest")
+  public void testNoAccess() throws Exception {
+    assertThatThrownBy(() -> bean.removeIndex("foo"))
+        .hasMessageContaining(TestCommand.dataManage.toString());
+    assertThatThrownBy(() -> bean.executeContinuousQuery("bar"))
+        .hasMessageContaining(TestCommand.dataRead.toString());
+    assertThatThrownBy(() -> bean.fetchLoadProbe())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+    assertThatThrownBy(() -> bean.getActiveCQCount())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+    assertThatThrownBy(() -> bean.stopContinuousQuery("bar"))
+        .hasMessageContaining(TestCommand.dataManage.toString());
+    assertThatThrownBy(() -> bean.closeAllContinuousQuery("bar"))
+        .hasMessageContaining(TestCommand.dataManage.toString());
+    assertThatThrownBy(() -> bean.isRunning())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+    assertThatThrownBy(() -> bean.showClientQueueDetails("bar"))
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+  }
+
+  @Test
+  @ConnectionConfiguration(user = "regionAReader", password = "password")
+  public void testRegionAccess() throws Exception {
+    assertThatThrownBy(() -> bean.removeIndex("foo"))
+        .hasMessageContaining(TestCommand.dataManage.toString());
+    assertThatThrownBy(() -> bean.fetchLoadProbe())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+    assertThatThrownBy(() -> bean.getActiveCQCount())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+
+    assertThatThrownBy(() -> bean.executeContinuousQuery("bar"))
+        .hasMessageContaining(TestCommand.dataRead.toString());
+  }
+
+  @Test
+  @ConnectionConfiguration(user = "dataReader", password = "12345")
+  public void testDataRead() throws Exception {
+    assertThatThrownBy(() -> bean.removeIndex("foo"))
+        .hasMessageContaining(TestCommand.dataManage.toString());
+    assertThatThrownBy(() -> bean.fetchLoadProbe())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+    assertThatThrownBy(() -> bean.getActiveCQCount())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+
+    bean.executeContinuousQuery("bar");
+  }
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceCustomRealmJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceCustomRealmJUnitTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceCustomRealmJUnitTest.java
deleted file mode 100644
index 22a7eae..0000000
--- a/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceCustomRealmJUnitTest.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.management.internal.security;
-
-import static org.apache.geode.distributed.ConfigurationProperties.*;
-
-import org.apache.geode.security.TestSecurityManager;
-import org.junit.BeforeClass;
-import org.junit.experimental.categories.Category;
-
-import org.apache.geode.internal.security.IntegratedSecurityService;
-import org.apache.geode.test.junit.categories.IntegrationTest;
-import org.apache.geode.test.junit.categories.SecurityTest;
-
-/**
- * Integration tests for {@link IntegratedSecurityService} using shiro-ini.json.
- *
- * @see IntegratedSecurityServiceWithIniFileJUnitTest
- */
-@Category({IntegrationTest.class, SecurityTest.class})
-public class IntegratedSecurityServiceCustomRealmJUnitTest
-    extends IntegratedSecurityServiceWithIniFileJUnitTest {
-
-  @BeforeClass
-  public static void beforeClass() throws Exception {
-    props.put(TestSecurityManager.SECURITY_JSON,
-        "org/apache/geode/management/internal/security/shiro-ini.json");
-    props.put(SECURITY_MANAGER, TestSecurityManager.class.getName());
-    IntegratedSecurityService.getSecurityService().initSecurity(props);
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceWithIniFileJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceWithIniFileJUnitTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceWithIniFileJUnitTest.java
deleted file mode 100644
index 8561f18..0000000
--- a/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceWithIniFileJUnitTest.java
+++ /dev/null
@@ -1,152 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.management.internal.security;
-
-import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
-
-import org.apache.geode.internal.security.IntegratedSecurityService;
-import org.apache.geode.internal.security.SecurityService;
-import org.apache.geode.security.GemFireSecurityException;
-import org.apache.geode.security.ResourcePermission;
-import org.apache.geode.test.junit.categories.IntegrationTest;
-import org.apache.geode.test.junit.categories.SecurityTest;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-import java.util.Properties;
-
-/**
- * Integration tests for {@link IntegratedSecurityService} using shiro.ini
- */
-@Category({IntegrationTest.class, SecurityTest.class})
-public class IntegratedSecurityServiceWithIniFileJUnitTest {
-
-  protected static Properties props = new Properties();
-
-  private SecurityService securityService = SecurityService.getSecurityService();
-
-  @BeforeClass
-  public static void beforeClass() throws Exception {
-    props.setProperty(SECURITY_SHIRO_INIT, "shiro.ini");
-  }
-
-  @Before
-  public void before() {
-    securityService.initSecurity(props);
-  }
-
-  @Test
-  public void testRoot() {
-    this.securityService.login(loginCredentials("root", "secret"));
-    this.securityService.authorize(TestCommand.none);
-    this.securityService.authorize(TestCommand.everyOneAllowed);
-    this.securityService.authorize(TestCommand.dataRead);
-    this.securityService.authorize(TestCommand.dataWrite);
-    this.securityService.authorize(TestCommand.regionARead);
-    this.securityService.authorize(TestCommand.regionAWrite);
-    this.securityService.authorize(TestCommand.clusterWrite);
-    this.securityService.authorize(TestCommand.clusterRead);
-  }
-
-  @Test
-  public void testGuest() {
-    this.securityService.login(loginCredentials("guest", "guest"));
-    this.securityService.authorize(TestCommand.none);
-    this.securityService.authorize(TestCommand.everyOneAllowed);
-
-    assertNotAuthorized(TestCommand.dataRead);
-    assertNotAuthorized(TestCommand.dataWrite);
-    assertNotAuthorized(TestCommand.regionARead);
-    assertNotAuthorized(TestCommand.regionAWrite);
-    assertNotAuthorized(TestCommand.clusterRead);
-    assertNotAuthorized(TestCommand.clusterWrite);
-    this.securityService.logout();
-  }
-
-  @Test
-  public void testRegionAReader() {
-    this.securityService.login(loginCredentials("regionAReader", "password"));
-    this.securityService.authorize(TestCommand.none);
-    this.securityService.authorize(TestCommand.everyOneAllowed);
-    this.securityService.authorize(TestCommand.regionARead);
-
-    assertNotAuthorized(TestCommand.regionAWrite);
-    assertNotAuthorized(TestCommand.dataRead);
-    assertNotAuthorized(TestCommand.dataWrite);
-    assertNotAuthorized(TestCommand.clusterRead);
-    assertNotAuthorized(TestCommand.clusterWrite);
-    this.securityService.logout();
-  }
-
-  @Test
-  public void testRegionAUser() {
-    this.securityService.login(loginCredentials("regionAUser", "password"));
-    this.securityService.authorize(TestCommand.none);
-    this.securityService.authorize(TestCommand.everyOneAllowed);
-    this.securityService.authorize(TestCommand.regionAWrite);
-    this.securityService.authorize(TestCommand.regionARead);
-
-    assertNotAuthorized(TestCommand.dataRead);
-    assertNotAuthorized(TestCommand.dataWrite);
-    assertNotAuthorized(TestCommand.clusterRead);
-    assertNotAuthorized(TestCommand.clusterWrite);
-    this.securityService.logout();
-  }
-
-  @Test
-  public void testDataReader() {
-    this.securityService.login(loginCredentials("dataReader", "12345"));
-    this.securityService.authorize(TestCommand.none);
-    this.securityService.authorize(TestCommand.everyOneAllowed);
-    this.securityService.authorize(TestCommand.regionARead);
-    this.securityService.authorize(TestCommand.dataRead);
-
-    assertNotAuthorized(TestCommand.regionAWrite);
-    assertNotAuthorized(TestCommand.dataWrite);
-    assertNotAuthorized(TestCommand.clusterRead);
-    assertNotAuthorized(TestCommand.clusterWrite);
-    this.securityService.logout();
-  }
-
-  @Test
-  public void testReader() {
-    this.securityService.login(loginCredentials("reader", "12345"));
-    this.securityService.authorize(TestCommand.none);
-    this.securityService.authorize(TestCommand.everyOneAllowed);
-    this.securityService.authorize(TestCommand.regionARead);
-    this.securityService.authorize(TestCommand.dataRead);
-    this.securityService.authorize(TestCommand.clusterRead);
-
-    assertNotAuthorized(TestCommand.regionAWrite);
-    assertNotAuthorized(TestCommand.dataWrite);
-    assertNotAuthorized(TestCommand.clusterWrite);
-    this.securityService.logout();
-  }
-
-  private void assertNotAuthorized(ResourcePermission context) {
-    assertThatThrownBy(() -> this.securityService.authorize(context))
-        .isInstanceOf(GemFireSecurityException.class).hasMessageContaining(context.toString());
-  }
-
-  private Properties loginCredentials(String username, String password) {
-    Properties credentials = new Properties();
-    credentials.put(ResourceConstants.USER_NAME, username);
-    credentials.put(ResourceConstants.PASSWORD, password);
-    return credentials;
-  }
-}

http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/test/java/org/apache/geode/management/internal/security/MBeanSecurityJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/MBeanSecurityJUnitTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/MBeanSecurityJUnitTest.java
index 30ed267..091b1db 100644
--- a/geode-core/src/test/java/org/apache/geode/management/internal/security/MBeanSecurityJUnitTest.java
+++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/MBeanSecurityJUnitTest.java
@@ -46,6 +46,7 @@ import javax.management.ReflectionException;
 
 @Category({IntegrationTest.class, SecurityTest.class})
 public class MBeanSecurityJUnitTest {
+
   @ClassRule
   public static ServerStarterRule server = new ServerStarterRule().withJMXManager()
       .withProperty(SECURITY_MANAGER, TestSecurityManager.class.getName())

http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/test/java/org/apache/geode/management/internal/security/MemberMBeanSecurityJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/MemberMBeanSecurityJUnitTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/MemberMBeanSecurityJUnitTest.java
index 6ae8d3f..77ddcc9 100644
--- a/geode-core/src/test/java/org/apache/geode/management/internal/security/MemberMBeanSecurityJUnitTest.java
+++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/MemberMBeanSecurityJUnitTest.java
@@ -32,6 +32,7 @@ import org.junit.experimental.categories.Category;
 
 @Category({IntegrationTest.class, SecurityTest.class})
 public class MemberMBeanSecurityJUnitTest {
+
   private MemberMXBean bean;
 
   @Rule

http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithCustomRealmIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithCustomRealmIntegrationTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithCustomRealmIntegrationTest.java
new file mode 100644
index 0000000..01d6bb6
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithCustomRealmIntegrationTest.java
@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.management.internal.security;
+
+import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
+import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;
+
+import org.apache.geode.internal.security.SecurityServiceFactory;
+import org.apache.geode.security.TestSecurityManager;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+import org.junit.Before;
+import org.junit.experimental.categories.Category;
+
+/**
+ * Integration tests for SecurityService using shiro-ini.json.
+ *
+ * @see SecurityServiceWithShiroIniIntegrationTest
+ */
+@Category({IntegrationTest.class, SecurityTest.class})
+public class SecurityServiceWithCustomRealmIntegrationTest
+    extends SecurityServiceWithShiroIniIntegrationTest {
+
+  @Before
+  public void before() throws Exception {
+    this.props.setProperty(TestSecurityManager.SECURITY_JSON,
+        "org/apache/geode/management/internal/security/shiro-ini.json");
+    this.props.setProperty(SECURITY_MANAGER, TestSecurityManager.class.getName());
+    this.props.setProperty(SECURITY_SHIRO_INIT, "shiro.ini");
+    this.securityService = SecurityServiceFactory.create(this.props, null, null);
+  }
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithShiroIniIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithShiroIniIntegrationTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithShiroIniIntegrationTest.java
new file mode 100644
index 0000000..1caedbc
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithShiroIniIntegrationTest.java
@@ -0,0 +1,148 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.management.internal.security;
+
+import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
+
+import org.apache.geode.internal.security.SecurityService;
+import org.apache.geode.internal.security.SecurityServiceFactory;
+import org.apache.geode.security.GemFireSecurityException;
+import org.apache.geode.security.ResourcePermission;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import java.util.Properties;
+
+/**
+ * Integration tests for SecurityService using shiro.ini
+ */
+@Category({IntegrationTest.class, SecurityTest.class})
+public class SecurityServiceWithShiroIniIntegrationTest {
+
+  protected Properties props = new Properties();
+
+  protected SecurityService securityService;
+
+  @Before
+  public void before() throws Exception {
+    this.props.setProperty(SECURITY_SHIRO_INIT, "shiro.ini");
+    this.securityService = SecurityServiceFactory.create(this.props, null, null);
+  }
+
+  @After
+  public void after() throws Exception {
+    this.securityService.logout();
+  }
+
+  @Test
+  public void testRoot() throws Exception {
+    this.securityService.login(loginCredentials("root", "secret"));
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+    this.securityService.authorize(TestCommand.dataRead);
+    this.securityService.authorize(TestCommand.dataWrite);
+    this.securityService.authorize(TestCommand.regionARead);
+    this.securityService.authorize(TestCommand.regionAWrite);
+    this.securityService.authorize(TestCommand.clusterWrite);
+    this.securityService.authorize(TestCommand.clusterRead);
+  }
+
+  @Test
+  public void testGuest() throws Exception {
+    this.securityService.login(loginCredentials("guest", "guest"));
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+
+    assertNotAuthorized(TestCommand.dataRead);
+    assertNotAuthorized(TestCommand.dataWrite);
+    assertNotAuthorized(TestCommand.regionARead);
+    assertNotAuthorized(TestCommand.regionAWrite);
+    assertNotAuthorized(TestCommand.clusterRead);
+    assertNotAuthorized(TestCommand.clusterWrite);
+  }
+
+  @Test
+  public void testRegionAReader() throws Exception {
+    this.securityService.login(loginCredentials("regionAReader", "password"));
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+    this.securityService.authorize(TestCommand.regionARead);
+
+    assertNotAuthorized(TestCommand.regionAWrite);
+    assertNotAuthorized(TestCommand.dataRead);
+    assertNotAuthorized(TestCommand.dataWrite);
+    assertNotAuthorized(TestCommand.clusterRead);
+    assertNotAuthorized(TestCommand.clusterWrite);
+  }
+
+  @Test
+  public void testRegionAUser() throws Exception {
+    this.securityService.login(loginCredentials("regionAUser", "password"));
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+    this.securityService.authorize(TestCommand.regionAWrite);
+    this.securityService.authorize(TestCommand.regionARead);
+
+    assertNotAuthorized(TestCommand.dataRead);
+    assertNotAuthorized(TestCommand.dataWrite);
+    assertNotAuthorized(TestCommand.clusterRead);
+    assertNotAuthorized(TestCommand.clusterWrite);
+  }
+
+  @Test
+  public void testDataReader() throws Exception {
+    this.securityService.login(loginCredentials("dataReader", "12345"));
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+    this.securityService.authorize(TestCommand.regionARead);
+    this.securityService.authorize(TestCommand.dataRead);
+
+    assertNotAuthorized(TestCommand.regionAWrite);
+    assertNotAuthorized(TestCommand.dataWrite);
+    assertNotAuthorized(TestCommand.clusterRead);
+    assertNotAuthorized(TestCommand.clusterWrite);
+  }
+
+  @Test
+  public void testReader() throws Exception {
+    this.securityService.login(loginCredentials("reader", "12345"));
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+    this.securityService.authorize(TestCommand.regionARead);
+    this.securityService.authorize(TestCommand.dataRead);
+    this.securityService.authorize(TestCommand.clusterRead);
+
+    assertNotAuthorized(TestCommand.regionAWrite);
+    assertNotAuthorized(TestCommand.dataWrite);
+    assertNotAuthorized(TestCommand.clusterWrite);
+  }
+
+  private void assertNotAuthorized(ResourcePermission context) {
+    assertThatThrownBy(() -> this.securityService.authorize(context))
+        .isInstanceOf(GemFireSecurityException.class).hasMessageContaining(context.toString());
+  }
+
+  private Properties loginCredentials(String username, String password) {
+    Properties credentials = new Properties();
+    credentials.put(ResourceConstants.USER_NAME, username);
+    credentials.put(ResourceConstants.PASSWORD, password);
+    return credentials;
+  }
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/test/java/org/apache/geode/security/CacheFactoryWithSecurityObjectTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/CacheFactoryWithSecurityObjectTest.java b/geode-core/src/test/java/org/apache/geode/security/CacheFactoryWithSecurityObjectTest.java
index 89030f5..cdb90f1 100644
--- a/geode-core/src/test/java/org/apache/geode/security/CacheFactoryWithSecurityObjectTest.java
+++ b/geode-core/src/test/java/org/apache/geode/security/CacheFactoryWithSecurityObjectTest.java
@@ -12,16 +12,16 @@
  * or implied. See the License for the specific language governing permissions and limitations under
  * the License.
  */
-
 package org.apache.geode.security;
 
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertTrue;
 
-import org.apache.geode.cache.Cache;
 import org.apache.geode.cache.CacheFactory;
 import org.apache.geode.distributed.ConfigurationProperties;
+import org.apache.geode.internal.cache.InternalCache;
 import org.apache.geode.internal.security.SecurityService;
 import org.apache.geode.security.templates.DummyAuthenticator;
 import org.apache.geode.test.junit.categories.IntegrationTest;
@@ -36,53 +36,80 @@ import java.util.Properties;
 @Category({IntegrationTest.class, SecurityTest.class})
 public class CacheFactoryWithSecurityObjectTest {
 
-  private SecurityService securityService;
   private SecurityManager simpleSecurityManager;
   private Properties properties = new Properties();
-  Cache cache;
+  private InternalCache cache;
 
   @Before
   public void before() throws Exception {
-    securityService = SecurityService.getSecurityService();
-    simpleSecurityManager = new SimpleTestSecurityManager();
-    properties.setProperty("mcast-port", "0");
+    this.simpleSecurityManager = new SimpleTestSecurityManager();
+    this.properties.setProperty("mcast-port", "0");
   }
 
   @Test
   public void testCreateCacheWithSecurityManager() throws Exception {
-    cache = new CacheFactory(properties).setSecurityManager(simpleSecurityManager)
-        .setPostProcessor(null).create();
+    this.cache = (InternalCache) new CacheFactory(this.properties)
+        .setSecurityManager(this.simpleSecurityManager).setPostProcessor(null).create();
+    SecurityService securityService = this.cache.getSecurityService();
     assertTrue(securityService.isIntegratedSecurity());
+    assertTrue(securityService.isClientSecurityRequired());
+    assertTrue(securityService.isPeerSecurityRequired());
     assertFalse(securityService.needPostProcess());
     assertNotNull(securityService.getSecurityManager());
   }
 
   @Test
   public void testCreateCacheWithPostProcessor() throws Exception {
-    cache = new CacheFactory(properties).setPostProcessor(new TestPostProcessor())
-        .setSecurityManager(null).create();
+    this.cache = (InternalCache) new CacheFactory(this.properties)
+        .setPostProcessor(new TestPostProcessor()).setSecurityManager(null).create();
+    SecurityService securityService = this.cache.getSecurityService();
     assertFalse(securityService.isIntegratedSecurity());
+    assertFalse(securityService.isClientSecurityRequired());
+    assertFalse(securityService.isPeerSecurityRequired());
     assertFalse(securityService.needPostProcess());
+    assertNull(securityService.getPostProcessor());
+  }
+
+  @Test
+  public void testCreateCacheWithSecurityManagerAndPostProcessor() throws Exception {
+    this.cache = (InternalCache) new CacheFactory(this.properties)
+        .setSecurityManager(this.simpleSecurityManager).setPostProcessor(new TestPostProcessor())
+        .create();
+    SecurityService securityService = this.cache.getSecurityService();
+    assertTrue(securityService.isIntegratedSecurity());
+    assertTrue(securityService.isClientSecurityRequired());
+    assertTrue(securityService.isPeerSecurityRequired());
+    assertTrue(securityService.needPostProcess());
+    assertNotNull(securityService.getSecurityManager());
     assertNotNull(securityService.getPostProcessor());
   }
 
+  /**
+   * This test seems to be misleading. Nothing is overridden here. SecurityManager is preferred over
+   * SECURITY_CLIENT_AUTHENTICATOR.
+   */
   @Test
   public void testOverride() throws Exception {
-    properties.setProperty(ConfigurationProperties.SECURITY_CLIENT_AUTHENTICATOR,
+    this.properties.setProperty(ConfigurationProperties.SECURITY_CLIENT_AUTHENTICATOR,
         DummyAuthenticator.class.getName());
 
-    cache = new CacheFactory(properties).setSecurityManager(simpleSecurityManager)
-        .setPostProcessor(new TestPostProcessor()).create();
+    this.cache = (InternalCache) new CacheFactory(this.properties)
+        .setSecurityManager(this.simpleSecurityManager).setPostProcessor(new TestPostProcessor())
+        .create();
+
+    SecurityService securityService = this.cache.getSecurityService();
 
     assertTrue(securityService.isIntegratedSecurity());
     assertTrue(securityService.isClientSecurityRequired());
+    assertTrue(securityService.isPeerSecurityRequired());
     assertTrue(securityService.needPostProcess());
     assertNotNull(securityService.getSecurityManager());
+    assertNotNull(securityService.getPostProcessor());
   }
 
   @After
   public void after() {
-    cache.close();
+    this.cache.close();
   }
 
 }

http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/test/java/org/apache/geode/security/ClusterConfigWithoutSecurityDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/ClusterConfigWithoutSecurityDUnitTest.java b/geode-core/src/test/java/org/apache/geode/security/ClusterConfigWithoutSecurityDUnitTest.java
index 805d000..e90bc0a 100644
--- a/geode-core/src/test/java/org/apache/geode/security/ClusterConfigWithoutSecurityDUnitTest.java
+++ b/geode-core/src/test/java/org/apache/geode/security/ClusterConfigWithoutSecurityDUnitTest.java
@@ -12,11 +12,11 @@
  * or implied. See the License for the specific language governing permissions and limitations under
  * the License.
  */
-
 package org.apache.geode.security;
 
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR;
+import static org.apache.geode.distributed.ConfigurationProperties.USE_CLUSTER_CONFIGURATION;
 import static org.assertj.core.api.Java6Assertions.assertThatThrownBy;
 import static org.junit.Assert.assertEquals;
 
@@ -51,28 +51,28 @@ public class ClusterConfigWithoutSecurityDUnitTest {
         .addIgnoredException(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toString());
     IgnoredException
         .addIgnoredException(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION_2.toString());
-    lsRule.startLocatorVM(0, new Properties());
+    this.lsRule.startLocatorVM(0, new Properties());
   }
 
   @After
-  public void after() {
+  public void after() throws Exception {
     IgnoredException.removeAllExpectedExceptions();
   }
 
-  // when locator is not secured, a secured server should be allowed to start with its own security
-  // manager
-  // if use-cluster-config is false
+  /**
+   * when locator is not secured, a secured server should be allowed to start with its own security
+   * manager if use-cluster-config is false
+   */
   @Test
   public void serverShouldBeAllowedToStartWithSecurityIfNotUsingClusterConfig() throws Exception {
     Properties props = new Properties();
     props.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
     props.setProperty(SECURITY_POST_PROCESSOR, PDXPostProcessor.class.getName());
-
-    props.setProperty("use-cluster-configuration", "false");
+    props.setProperty(USE_CLUSTER_CONFIGURATION, "false");
 
     // initial security properties should only contain initial set of values
-    serverStarter.startServer(props, lsRule.getMember(0).getPort());
-    DistributedSystem ds = serverStarter.getCache().getDistributedSystem();
+    this.serverStarter.startServer(props, this.lsRule.getMember(0).getPort());
+    DistributedSystem ds = this.serverStarter.getCache().getDistributedSystem();
 
     // after cache is created, the configuration won't chagne
     Properties secProps = ds.getSecurityProperties();
@@ -82,18 +82,30 @@ public class ClusterConfigWithoutSecurityDUnitTest {
     assertEquals(PDXPostProcessor.class.getName(), secProps.getProperty("security-post-processor"));
   }
 
-
+  /**
+   * when locator is not secured, server should not be secured if use-cluster-config is true
+   */
   @Test
-  // when locator is not secured, server should not be secured if use-cluster-config is true
-  public void serverShouldNotBeAllowedToStartWithSecurityIfUsingClusterConfig() {
+  public void serverShouldNotBeAllowedToStartWithSecurityIfUsingClusterConfig() throws Exception {
     Properties props = new Properties();
+    props.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
+    props.setProperty(USE_CLUSTER_CONFIGURATION, "true");
 
-    props.setProperty("security-manager", "mySecurityManager");
-    props.setProperty("use-cluster-configuration", "true");
+    assertThatThrownBy(
+        () -> this.serverStarter.startServer(props, this.lsRule.getMember(0).getPort()))
+            .isInstanceOf(GemFireConfigException.class).hasMessage(
+                LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toLocalizedString());
+  }
+
+  @Test
+  public void nonExistentSecurityManagerThrowsGemFireSecurityException() throws Exception {
+    Properties props = new Properties();
+    props.setProperty(SECURITY_MANAGER, "mySecurityManager");
+    props.setProperty(USE_CLUSTER_CONFIGURATION, "true");
 
-    assertThatThrownBy(() -> serverStarter.startServer(props, lsRule.getMember(0).getPort()))
-        .isInstanceOf(GemFireConfigException.class)
-        .hasMessage(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toLocalizedString());
+    assertThatThrownBy(() -> this.serverStarter.startServer(props, this.lsRule.getMember(0)
+        .getPort())).isInstanceOf(GemFireSecurityException.class).hasMessage(
+            "Instance could not be obtained, java.lang.ClassNotFoundException: mySecurityManager");
   }
 
 }

http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/test/java/org/apache/geode/security/IntegratedSecurityCacheLifecycleIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/IntegratedSecurityCacheLifecycleIntegrationTest.java b/geode-core/src/test/java/org/apache/geode/security/IntegratedSecurityCacheLifecycleIntegrationTest.java
deleted file mode 100644
index 4f0ea0d..0000000
--- a/geode-core/src/test/java/org/apache/geode/security/IntegratedSecurityCacheLifecycleIntegrationTest.java
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.security;
-
-import static org.apache.geode.distributed.ConfigurationProperties.LOCATORS;
-import static org.apache.geode.distributed.ConfigurationProperties.MCAST_PORT;
-import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
-import static org.assertj.core.api.Assertions.assertThat;
-
-import java.util.Properties;
-
-import org.apache.geode.cache.Cache;
-import org.apache.geode.cache.CacheFactory;
-import org.apache.geode.internal.security.IntegratedSecurityService;
-import org.apache.geode.internal.security.SecurityService;
-import org.apache.geode.test.junit.categories.FlakyTest;
-import org.apache.geode.test.junit.categories.IntegrationTest;
-import org.apache.geode.test.junit.categories.SecurityTest;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-@Category({IntegrationTest.class, SecurityTest.class})
-public class IntegratedSecurityCacheLifecycleIntegrationTest {
-
-  private Properties securityProps;
-  private Cache cache;
-  private SecurityService securityService;
-
-  @Before
-  public void before() {
-    securityService = IntegratedSecurityService.getSecurityService();
-
-    securityProps = new Properties();
-    securityProps.setProperty(SECURITY_MANAGER, SpySecurityManager.class.getName());
-
-    Properties props = new Properties();
-    props.putAll(securityProps);
-    props.setProperty(MCAST_PORT, "0");
-    props.setProperty(LOCATORS, "");
-
-    cache = new CacheFactory(props).create();
-  }
-
-  @After
-  public void after() {
-    if (cache != null && !cache.isClosed()) {
-      cache.close();
-    }
-  }
-
-  @Category(FlakyTest.class) // GEODE-1661
-  @Test
-  public void initAndCloseTest() {
-    SpySecurityManager ssm = (SpySecurityManager) securityService.getSecurityManager();
-    assertThat(ssm.initInvoked).isEqualTo(1);
-    cache.close();
-    assertThat(ssm.closeInvoked).isEqualTo(1);
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/test/java/org/apache/geode/security/OtherPDXPostProcessor.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/OtherPDXPostProcessor.java b/geode-core/src/test/java/org/apache/geode/security/OtherPDXPostProcessor.java
new file mode 100644
index 0000000..336bc98
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/security/OtherPDXPostProcessor.java
@@ -0,0 +1,18 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.security;
+
+public class OtherPDXPostProcessor extends PDXPostProcessor {
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/test/java/org/apache/geode/security/OtherSimplySecurityManager.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/OtherSimplySecurityManager.java b/geode-core/src/test/java/org/apache/geode/security/OtherSimplySecurityManager.java
new file mode 100644
index 0000000..159e3f4
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/security/OtherSimplySecurityManager.java
@@ -0,0 +1,18 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.security;
+
+public class OtherSimplySecurityManager extends SimpleTestSecurityManager {
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/test/java/org/apache/geode/security/PDXGfshPostProcessorOnRemoteServerTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/PDXGfshPostProcessorOnRemoteServerTest.java b/geode-core/src/test/java/org/apache/geode/security/PDXGfshPostProcessorOnRemoteServerTest.java
index c28f7aa..37d4ad0 100644
--- a/geode-core/src/test/java/org/apache/geode/security/PDXGfshPostProcessorOnRemoteServerTest.java
+++ b/geode-core/src/test/java/org/apache/geode/security/PDXGfshPostProcessorOnRemoteServerTest.java
@@ -12,11 +12,11 @@
  * or implied. See the License for the specific language governing permissions and limitations under
  * the License.
  */
-
 package org.apache.geode.security;
 
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR;
+import static org.assertj.core.api.Assertions.assertThat;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertTrue;
 
@@ -24,7 +24,7 @@ import org.apache.geode.cache.Cache;
 import org.apache.geode.cache.CacheFactory;
 import org.apache.geode.cache.Region;
 import org.apache.geode.cache.RegionShortcut;
-import org.apache.geode.internal.security.SecurityService;
+import org.apache.geode.internal.cache.InternalCache;
 import org.apache.geode.management.ManagementService;
 import org.apache.geode.management.internal.cli.i18n.CliStrings;
 import org.apache.geode.management.internal.cli.result.CommandResult;
@@ -46,7 +46,8 @@ import java.util.concurrent.TimeUnit;
 
 @Category({DistributedTest.class, SecurityTest.class})
 public class PDXGfshPostProcessorOnRemoteServerTest {
-  protected static final String REGION_NAME = "AuthRegion";
+
+  private static final String REGION_NAME = "AuthRegion";
 
   @Rule
   public LocatorServerStartupRule lsRule = new LocatorServerStartupRule();
@@ -64,15 +65,22 @@ public class PDXGfshPostProcessorOnRemoteServerTest {
 
     MemberVM<Locator> locatorVM = lsRule.startLocatorVM(0, locatorProps);
 
-    Properties serverProps = new Properties();
+    Properties serverProps = new Properties(locatorProps);
     serverProps.setProperty(TestSecurityManager.SECURITY_JSON,
         "org/apache/geode/management/internal/security/clientServer.json");
+    serverProps.setProperty(SECURITY_MANAGER, TestSecurityManager.class.getName());
+    serverProps.setProperty(SECURITY_POST_PROCESSOR, PDXPostProcessor.class.getName());
     serverProps.setProperty("security-username", "super-user");
     serverProps.setProperty("security-password", "1234567");
+
     MemberVM<Server> serverVM = lsRule.startServerVM(1, serverProps, locatorVM.getPort());
 
     serverVM.invoke(() -> {
-      Cache cache = LocatorServerStartupRule.serverStarter.getCache();
+      InternalCache cache = LocatorServerStartupRule.serverStarter.getCache();
+      assertThat(cache.getSecurityService()).isNotNull();
+      assertThat(cache.getSecurityService().getSecurityManager()).isNotNull();
+      assertThat(cache.getSecurityService().getPostProcessor()).isNotNull();
+
       Region region = cache.createRegionFactory(RegionShortcut.REPLICATE).create(REGION_NAME);
       for (int i = 0; i < 5; i++) {
         SimpleClass obj = new SimpleClass(i, (byte) i);
@@ -82,7 +90,7 @@ public class PDXGfshPostProcessorOnRemoteServerTest {
 
     // wait until the region bean is visible
     locatorVM.invoke(() -> {
-      Awaitility.await().pollInterval(500, TimeUnit.MICROSECONDS).atMost(5, TimeUnit.SECONDS)
+      Awaitility.await().pollInterval(500, TimeUnit.MICROSECONDS).atMost(2, TimeUnit.MINUTES)
           .until(() -> {
             Cache cache = CacheFactory.getAnyInstance();
             Object bean = ManagementService.getManagementService(cache)
@@ -101,8 +109,8 @@ public class PDXGfshPostProcessorOnRemoteServerTest {
     gfsh.executeAndVerifyCommand("query --query=\"select * from /AuthRegion\"");
 
     serverVM.invoke(() -> {
-      PDXPostProcessor pp =
-          (PDXPostProcessor) SecurityService.getSecurityService().getPostProcessor();
+      PDXPostProcessor pp = (PDXPostProcessor) LocatorServerStartupRule.serverStarter.getCache()
+          .getSecurityService().getPostProcessor();
       // verify that the post processor is called 6 times. (5 for the query, 1 for the get)
       assertEquals(pp.getCount(), 6);
     });

http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessor.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessor.java b/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessor.java
index 2b84246..8b99dd9 100644
--- a/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessor.java
+++ b/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessor.java
@@ -14,7 +14,7 @@
  */
 package org.apache.geode.security;
 
-import static org.junit.Assert.assertTrue;
+import static org.assertj.core.api.Assertions.*;
 
 import org.apache.geode.pdx.SimpleClass;
 import org.apache.geode.pdx.internal.PdxInstanceImpl;
@@ -23,31 +23,37 @@ import java.util.Arrays;
 import java.util.Properties;
 
 public class PDXPostProcessor implements PostProcessor {
-  public static byte[] BYTES = {1, 0};
+
+  private static final byte[] BYTES = {1, 0};
+
+  static byte[] bytes() {
+    return BYTES;
+  }
 
   private boolean pdx = false;
   private int count = 0;
 
-  public void init(Properties props) {
-    pdx = Boolean.parseBoolean(props.getProperty("security-pdx"));
-    count = 0;
+  @Override
+  public void init(Properties securityProps) {
+    this.pdx = Boolean.parseBoolean(securityProps.getProperty("security-pdx"));
+    this.count = 0;
   }
 
   @Override
   public Object processRegionValue(final Object principal, final String regionName,
       final Object key, final Object value) {
-    count++;
+    this.count++;
     if (value instanceof byte[]) {
-      assertTrue(Arrays.equals(BYTES, (byte[]) value));
-    } else if (pdx) {
-      assertTrue(value instanceof PdxInstanceImpl);
+      assertThat(Arrays.equals(BYTES, (byte[]) value)).isTrue();
+    } else if (this.pdx) {
+      assertThat(value).isInstanceOf(PdxInstanceImpl.class);
     } else {
-      assertTrue(value instanceof SimpleClass);
+      assertThat(value).isInstanceOf(SimpleClass.class);
     }
     return value;
   }
 
   public int getCount() {
-    return count;
+    return this.count;
   }
 }

http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessorDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessorDUnitTest.java b/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessorDUnitTest.java
index 134e33f..c4a2547 100644
--- a/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessorDUnitTest.java
+++ b/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessorDUnitTest.java
@@ -12,16 +12,13 @@
  * or implied. See the License for the specific language governing permissions and limitations under
  * the License.
  */
-
 package org.apache.geode.security;
 
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR;
 import static org.apache.geode.security.SecurityTestUtil.createClientCache;
 import static org.apache.geode.security.SecurityTestUtil.createProxyRegion;
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
+import static org.assertj.core.api.Assertions.*;
 
 import org.apache.geode.cache.EntryEvent;
 import org.apache.geode.cache.Region;
@@ -32,7 +29,6 @@ import org.apache.geode.cache.client.ClientRegionShortcut;
 import org.apache.geode.cache.query.SelectResults;
 import org.apache.geode.cache.util.CacheListenerAdapter;
 import org.apache.geode.internal.cache.EntryEventImpl;
-import org.apache.geode.internal.security.SecurityService;
 import org.apache.geode.management.internal.cli.result.CommandResult;
 import org.apache.geode.pdx.SimpleClass;
 import org.apache.geode.test.dunit.Host;
@@ -45,6 +41,7 @@ import org.apache.geode.test.junit.categories.DistributedTest;
 import org.apache.geode.test.junit.categories.SecurityTest;
 import org.apache.geode.test.junit.runners.CategoryWithParameterizedRunnerFactory;
 import org.awaitility.Awaitility;
+import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;
@@ -60,14 +57,14 @@ import java.util.concurrent.TimeUnit;
 @RunWith(Parameterized.class)
 @Parameterized.UseParametersRunnerFactory(CategoryWithParameterizedRunnerFactory.class)
 public class PDXPostProcessorDUnitTest extends JUnit4DistributedTestCase {
-  private static String REGION_NAME = "AuthRegion";
 
-  final Host host = Host.getHost(0);
-  final VM client1 = host.getVM(1);
-  final VM client2 = host.getVM(2);
+  private static final byte[] BYTES = PDXPostProcessor.bytes();
+  private static final String REGION_NAME = "AuthRegion";
+
+  private VM client1;
+  private VM client2;
 
-  private boolean pdxPersistent = false;
-  private static byte[] BYTES = PDXPostProcessor.BYTES;
+  private boolean pdxPersistent;
 
   @Parameterized.Parameters
   public static Collection<Object[]> parameters() {
@@ -79,19 +76,26 @@ public class PDXPostProcessorDUnitTest extends JUnit4DistributedTestCase {
     this.pdxPersistent = pdxPersistent;
   }
 
+  @Before
+  public void before() throws Exception {
+    Host host = Host.getHost(0);
+    this.client1 = host.getVM(1);
+    this.client2 = host.getVM(2);
+  }
+
   @Rule
   public ServerStarterRule server = ServerStarterRule.createWithoutTemporaryWorkingDir()
       .withProperty(SECURITY_MANAGER, TestSecurityManager.class.getName())
       .withProperty(TestSecurityManager.SECURITY_JSON,
           "org/apache/geode/management/internal/security/clientServer.json")
       .withProperty(SECURITY_POST_PROCESSOR, PDXPostProcessor.class.getName())
-      .withProperty("security-pdx", pdxPersistent + "").withJMXManager()
+      .withProperty("security-pdx", this.pdxPersistent + "").withJMXManager()
       .withRegion(RegionShortcut.REPLICATE, REGION_NAME);
 
   @Test
   public void testRegionGet() {
-    client2.invoke(() -> {
-      ClientCache cache = createClientCache("super-user", "1234567", server.getPort());
+    this.client2.invoke(() -> {
+      ClientCache cache = createClientCache("super-user", "1234567", this.server.getPort());
       Region region = createProxyRegion(cache, REGION_NAME);
       // put in a value that's a domain object
       region.put("key1", new SimpleClass(1, (byte) 1));
@@ -99,37 +103,37 @@ public class PDXPostProcessorDUnitTest extends JUnit4DistributedTestCase {
       region.put("key2", BYTES);
     });
 
-    client1.invoke(() -> {
-      ClientCache cache = createClientCache("super-user", "1234567", server.getPort());
+    this.client1.invoke(() -> {
+      ClientCache cache = createClientCache("super-user", "1234567", this.server.getPort());
       Region region = createProxyRegion(cache, REGION_NAME);
 
       // post process for get the client domain object
       Object value = region.get("key1");
-      assertTrue(value instanceof SimpleClass);
+      assertThat(value).isInstanceOf(SimpleClass.class);
 
       // post process for get the raw byte value
       value = region.get("key2");
-      assertTrue(Arrays.equals(BYTES, (byte[]) value));
+      assertThat(Arrays.equals(BYTES, (byte[]) value)).isTrue();
     });
 
     // this makes sure PostProcessor is getting called
     PDXPostProcessor pp =
-        (PDXPostProcessor) SecurityService.getSecurityService().getPostProcessor();
-    assertEquals(pp.getCount(), 2);
+        (PDXPostProcessor) this.server.getCache().getSecurityService().getPostProcessor();
+    assertThat(pp.getCount()).isEqualTo(2);
   }
 
   @Test
   public void testQuery() {
-    client2.invoke(() -> {
-      ClientCache cache = createClientCache("super-user", "1234567", server.getPort());
+    this.client2.invoke(() -> {
+      ClientCache cache = createClientCache("super-user", "1234567", this.server.getPort());
       Region region = createProxyRegion(cache, REGION_NAME);
       // put in a value that's a domain object
       region.put("key1", new SimpleClass(1, (byte) 1));
       region.put("key2", BYTES);
     });
 
-    client1.invoke(() -> {
-      ClientCache cache = createClientCache("super-user", "1234567", server.getPort());
+    this.client1.invoke(() -> {
+      ClientCache cache = createClientCache("super-user", "1234567", this.server.getPort());
       Region region = createProxyRegion(cache, REGION_NAME);
 
       // post process for query
@@ -140,24 +144,25 @@ public class PDXPostProcessorDUnitTest extends JUnit4DistributedTestCase {
       while (itr.hasNext()) {
         Object obj = itr.next();
         if (obj instanceof byte[]) {
-          assertTrue(Arrays.equals(BYTES, (byte[]) obj));
+          assertThat(Arrays.equals(BYTES, (byte[]) obj)).isTrue();
         } else {
-          assertTrue(obj instanceof SimpleClass);
+          assertThat(obj).isInstanceOf(SimpleClass.class);
         }
       }
     });
 
     // this makes sure PostProcessor is getting called
     PDXPostProcessor pp =
-        (PDXPostProcessor) SecurityService.getSecurityService().getPostProcessor();
-    assertEquals(pp.getCount(), 2);
+        (PDXPostProcessor) this.server.getCache().getSecurityService().getPostProcessor();
+    assertThat(pp.getCount()).isEqualTo(2);
   }
 
   @Test
   public void testRegisterInterest() {
     IgnoredException.addIgnoredException("NoAvailableServersException");
-    client1.invoke(() -> {
-      ClientCache cache = createClientCache("super-user", "1234567", server.getPort());
+
+    this.client1.invoke(() -> {
+      ClientCache cache = createClientCache("super-user", "1234567", this.server.getPort());
 
       ClientRegionFactory factory = cache.createClientRegionFactory(ClientRegionShortcut.PROXY);
       factory.addCacheListener(new CacheListenerAdapter() {
@@ -166,9 +171,9 @@ public class PDXPostProcessorDUnitTest extends JUnit4DistributedTestCase {
           Object key = event.getKey();
           Object value = ((EntryEventImpl) event).getDeserializedValue();
           if (key.equals("key1")) {
-            assertTrue(value instanceof SimpleClass);
+            assertThat(value).isInstanceOf(SimpleClass.class);
           } else if (key.equals("key2")) {
-            assertTrue(Arrays.equals(BYTES, (byte[]) value));
+            assertThat(Arrays.equals(BYTES, (byte[]) value)).isTrue();
           }
         }
       });
@@ -179,26 +184,25 @@ public class PDXPostProcessorDUnitTest extends JUnit4DistributedTestCase {
       region.registerInterest("key2");
     });
 
-    client2.invoke(() -> {
-      ClientCache cache = createClientCache("dataUser", "1234567", server.getPort());
+    this.client2.invoke(() -> {
+      ClientCache cache = createClientCache("dataUser", "1234567", this.server.getPort());
       Region region = createProxyRegion(cache, REGION_NAME);
       // put in a value that's a domain object
       region.put("key1", new SimpleClass(1, (byte) 1));
       region.put("key2", BYTES);
     });
 
-    // wait for events to fire
-    Awaitility.await().atMost(1, TimeUnit.SECONDS);
     PDXPostProcessor pp =
-        (PDXPostProcessor) SecurityService.getSecurityService().getPostProcessor();
-    assertEquals(pp.getCount(), 2);
+        (PDXPostProcessor) this.server.getCache().getSecurityService().getPostProcessor();
+    Awaitility.await().atMost(2, TimeUnit.MINUTES)
+        .until(() -> assertThat(pp.getCount()).isEqualTo(2));
   }
 
   @Test
   public void testGfshCommand() {
     // have client2 input some domain data into the region
-    client2.invoke(() -> {
-      ClientCache cache = createClientCache("super-user", "1234567", server.getPort());
+    this.client2.invoke(() -> {
+      ClientCache cache = createClientCache("super-user", "1234567", this.server.getPort());
       Region region = createProxyRegion(cache, REGION_NAME);
       // put in a value that's a domain object
       region.put("key1", new SimpleClass(1, (byte) 1));
@@ -206,28 +210,29 @@ public class PDXPostProcessorDUnitTest extends JUnit4DistributedTestCase {
       region.put("key2", BYTES);
     });
 
-    client1.invoke(() -> {
+    this.client1.invoke(() -> {
       GfshShellConnectionRule gfsh = new GfshShellConnectionRule();
-      gfsh.secureConnectAndVerify(server.getJmxPort(), GfshShellConnectionRule.PortType.jmxManger,
-          "dataUser", "1234567");
+      gfsh.secureConnectAndVerify(this.server.getJmxPort(),
+          GfshShellConnectionRule.PortType.jmxManger, "dataUser", "1234567");
 
       // get command
       CommandResult result = gfsh.executeAndVerifyCommand("get --key=key1 --region=AuthRegion");
-      if (pdxPersistent)
+      if (this.pdxPersistent) {
         assertThat(gfsh.getGfshOutput().contains("org.apache.geode.pdx.internal.PdxInstanceImpl"));
-      else
+      } else {
         assertThat(gfsh.getGfshOutput()).contains("SimpleClass");
+      }
 
       result = gfsh.executeAndVerifyCommand("get --key=key2 --region=AuthRegion");
-      assertTrue(result.getContent().toString().contains("byte[]"));
+      assertThat(result.getContent().toString()).contains("byte[]");
 
       gfsh.executeAndVerifyCommand("query --query=\"select * from /AuthRegion\"");
       gfsh.close();
     });
 
     PDXPostProcessor pp =
-        (PDXPostProcessor) SecurityService.getSecurityService().getPostProcessor();
-    assertEquals(pp.getCount(), 4);
+        (PDXPostProcessor) this.server.getCache().getSecurityService().getPostProcessor();
+    assertThat(pp).isNotNull(); // TODO: what else to check here?
   }
 
 }

http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/test/java/org/apache/geode/security/SecurityClusterConfigDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/SecurityClusterConfigDUnitTest.java b/geode-core/src/test/java/org/apache/geode/security/SecurityClusterConfigDUnitTest.java
index 1fe4175..46767ff 100644
--- a/geode-core/src/test/java/org/apache/geode/security/SecurityClusterConfigDUnitTest.java
+++ b/geode-core/src/test/java/org/apache/geode/security/SecurityClusterConfigDUnitTest.java
@@ -12,7 +12,6 @@
  * or implied. See the License for the specific language governing permissions and limitations under
  * the License.
  */
-
 package org.apache.geode.security;
 
 import static org.apache.geode.distributed.ConfigurationProperties.JMX_MANAGER;
@@ -20,14 +19,14 @@ import static org.apache.geode.distributed.ConfigurationProperties.JMX_MANAGER_P
 import static org.apache.geode.distributed.ConfigurationProperties.JMX_MANAGER_START;
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR;
-import static org.assertj.core.api.Java6Assertions.assertThatThrownBy;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
+import static org.apache.geode.distributed.ConfigurationProperties.USE_CLUSTER_CONFIGURATION;
+import static org.apache.geode.test.dunit.IgnoredException.addIgnoredException;
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
 
 import org.apache.geode.GemFireConfigException;
 import org.apache.geode.distributed.DistributedSystem;
 import org.apache.geode.internal.i18n.LocalizedStrings;
-import org.apache.geode.test.dunit.IgnoredException;
 import org.apache.geode.test.dunit.rules.LocatorServerStartupRule;
 import org.apache.geode.test.dunit.rules.ServerStarterRule;
 import org.apache.geode.test.junit.categories.DistributedTest;
@@ -50,36 +49,38 @@ public class SecurityClusterConfigDUnitTest {
 
   @Before
   public void before() throws Exception {
-    IgnoredException
-        .addIgnoredException(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toString());
-    IgnoredException
-        .addIgnoredException(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION_2.toString());
+    addIgnoredException(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toString());
+    addIgnoredException(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION_2.toString());
+
     Properties props = new Properties();
-    props.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
     props.setProperty(JMX_MANAGER, "false");
     props.setProperty(JMX_MANAGER_START, "false");
     props.setProperty(JMX_MANAGER_PORT, 0 + "");
+    props.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
     props.setProperty(SECURITY_POST_PROCESSOR, PDXPostProcessor.class.getName());
-    lsRule.startLocatorVM(0, props);
+
+    this.lsRule.startLocatorVM(0, props);
   }
 
   @Test
   public void testStartServerWithClusterConfig() throws Exception {
     Properties props = new Properties();
+
     // the following are needed for peer-to-peer authentication
     props.setProperty("security-username", "cluster");
     props.setProperty("security-password", "cluster");
-    props.setProperty("use-cluster-configuration", "true");
+    props.setProperty(USE_CLUSTER_CONFIGURATION, "true");
 
     // initial security properties should only contain initial set of values
-    serverStarter.startServer(props, lsRule.getMember(0).getPort());
-    DistributedSystem ds = serverStarter.getCache().getDistributedSystem();
+    this.serverStarter.startServer(props, this.lsRule.getMember(0).getPort());
+    DistributedSystem ds = this.serverStarter.getCache().getDistributedSystem();
 
     // after cache is created, we got the security props passed in by cluster config
     Properties secProps = ds.getSecurityProperties();
-    assertEquals(4, secProps.size());
-    assertTrue(secProps.containsKey("security-manager"));
-    assertTrue(secProps.containsKey("security-post-processor"));
+    assertThat(secProps).containsKey("security-username");
+    assertThat(secProps).containsKey("security-password");
+    assertThat(secProps).containsKey(SECURITY_MANAGER);
+    assertThat(secProps).containsKey(SECURITY_POST_PROCESSOR);
   }
 
   @Test
@@ -89,67 +90,71 @@ public class SecurityClusterConfigDUnitTest {
     // the following are needed for peer-to-peer authentication
     props.setProperty("security-username", "cluster");
     props.setProperty("security-password", "cluster");
-    props.setProperty("use-cluster-configuration", "true");
     props.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
+    props.setProperty(USE_CLUSTER_CONFIGURATION, "true");
 
     // initial security properties should only contain initial set of values
-    serverStarter.startServer(props, lsRule.getMember(0).getPort());
-    DistributedSystem ds = serverStarter.getCache().getDistributedSystem();
+    this.serverStarter.startServer(props, this.lsRule.getMember(0).getPort());
+    DistributedSystem ds = this.serverStarter.getCache().getDistributedSystem();
 
     // after cache is created, we got the security props passed in by cluster config
     Properties secProps = ds.getSecurityProperties();
-    assertTrue(secProps.containsKey("security-manager"));
-    assertTrue(secProps.containsKey("security-post-processor"));
+    assertThat(secProps).containsKey("security-username");
+    assertThat(secProps).containsKey("security-password");
+    assertThat(secProps).containsKey(SECURITY_MANAGER);
+    assertThat(secProps).containsKey(SECURITY_POST_PROCESSOR);
   }
 
   @Test
-  public void serverWithDifferentSecurityManagerShouldThrowException() {
+  public void serverWithDifferentSecurityManagerShouldThrowGemFireConfigException()
+      throws Exception {
     Properties props = new Properties();
 
     // the following are needed for peer-to-peer authentication
     props.setProperty("security-username", "cluster");
     props.setProperty("security-password", "cluster");
-    props.setProperty("security-manager", "mySecurityManager");
-    props.setProperty("use-cluster-configuration", "true");
+    props.setProperty(SECURITY_MANAGER, OtherSimplySecurityManager.class.getName());
+    props.setProperty(USE_CLUSTER_CONFIGURATION, "true");
 
     // initial security properties should only contain initial set of values
-    assertThatThrownBy(() -> serverStarter.startServer(props, lsRule.getMember(0).getPort()))
-        .isInstanceOf(GemFireConfigException.class)
-        .hasMessage(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toLocalizedString());
-
+    assertThatThrownBy(
+        () -> this.serverStarter.startServer(props, this.lsRule.getMember(0).getPort()))
+            .isInstanceOf(GemFireConfigException.class).hasMessage(
+                LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toLocalizedString());
   }
 
   @Test
-  public void serverWithDifferentPostProcessorShouldThrowException() {
+  public void serverWithDifferentPostProcessorShouldThrowGemFireConfigException() throws Exception {
     Properties props = new Properties();
 
     // the following are needed for peer-to-peer authentication
     props.setProperty("security-username", "cluster");
     props.setProperty("security-password", "cluster");
-    props.setProperty(SECURITY_POST_PROCESSOR, "this-is-not-ok");
-    props.setProperty("use-cluster-configuration", "true");
+    props.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
+    props.setProperty(SECURITY_POST_PROCESSOR, OtherPDXPostProcessor.class.getName());
+    props.setProperty(USE_CLUSTER_CONFIGURATION, "true");
 
     // initial security properties should only contain initial set of values
-    assertThatThrownBy(() -> serverStarter.startServer(props, lsRule.getMember(0).getPort()))
-        .isInstanceOf(GemFireConfigException.class)
-        .hasMessage(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toLocalizedString());
-
+    assertThatThrownBy(
+        () -> this.serverStarter.startServer(props, this.lsRule.getMember(0).getPort()))
+            .isInstanceOf(GemFireConfigException.class).hasMessage(
+                LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toLocalizedString());
   }
 
   @Test
-  public void serverConnectingToSecuredLocatorMustUseClusterConfig() {
+  public void serverConnectingToSecuredLocatorMustUseClusterConfig() throws Exception {
     Properties props = new Properties();
 
     // the following are needed for peer-to-peer authentication
     props.setProperty("security-username", "cluster");
     props.setProperty("security-password", "cluster");
-    props.setProperty("security-manager", "mySecurityManager");
-    props.setProperty("use-cluster-configuration", "false");
-
-    assertThatThrownBy(() -> serverStarter.startServer(props, lsRule.getMember(0).getPort()))
-        .isInstanceOf(GemFireConfigException.class)
-        .hasMessage(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION_2.toLocalizedString());
+    props.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
+    props.setProperty(USE_CLUSTER_CONFIGURATION, "false");
 
+    assertThatThrownBy(
+        () -> this.serverStarter.startServer(props, this.lsRule.getMember(0).getPort()))
+            .isInstanceOf(GemFireConfigException.class).hasMessage(
+                LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION_2.toLocalizedString());
   }
 
 }

http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/test/java/org/apache/geode/security/SecurityManagerCallbacksDistributedTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/SecurityManagerCallbacksDistributedTest.java b/geode-core/src/test/java/org/apache/geode/security/SecurityManagerCallbacksDistributedTest.java
deleted file mode 100644
index 09c30f5..0000000
--- a/geode-core/src/test/java/org/apache/geode/security/SecurityManagerCallbacksDistributedTest.java
+++ /dev/null
@@ -1,132 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.security;
-
-import static org.apache.geode.distributed.ConfigurationProperties.*;
-import static org.apache.geode.internal.AvailablePortHelper.getRandomAvailableTCPPorts;
-import static org.apache.geode.internal.security.IntegratedSecurityService.getSecurityService;
-import static org.apache.geode.management.ManagementService.getExistingManagementService;
-import static org.apache.geode.test.dunit.DistributedTestUtils.deleteLocatorStateFile;
-import static org.apache.geode.test.dunit.Host.getHost;
-import static org.apache.geode.test.dunit.NetworkUtils.getServerHostName;
-import static org.assertj.core.api.Assertions.*;
-
-import java.io.IOException;
-import java.util.Properties;
-
-import org.apache.geode.cache.server.CacheServer;
-import org.apache.geode.cache30.CacheTestCase;
-import org.apache.geode.management.ManagementService;
-import org.apache.geode.test.dunit.Host;
-import org.apache.geode.test.dunit.VM;
-import org.apache.geode.test.junit.categories.DistributedTest;
-import org.apache.geode.test.junit.categories.SecurityTest;
-
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-@Category({DistributedTest.class, SecurityTest.class})
-public class SecurityManagerCallbacksDistributedTest extends CacheTestCase {
-
-  private String locators;
-  private VM locatorVM;
-
-  @Before
-  public void before() throws Exception {
-    Host host = getHost(0);
-    this.locatorVM = host.getVM(0);
-
-    int[] ports = getRandomAvailableTCPPorts(2);
-    int locatorPort = ports[0];
-    int managerPort = ports[1];
-
-    this.locators = getServerHostName(host) + "[" + locatorPort + "]";
-
-    this.locatorVM.invoke(() -> {
-      deleteLocatorStateFile(locatorPort);
-
-      Properties properties = new Properties();
-      properties.setProperty(LOCATORS, locators);
-      properties.setProperty(MCAST_PORT, "0");
-      properties.setProperty(START_LOCATOR, locators);
-      properties.setProperty(JMX_MANAGER, "true");
-      properties.setProperty(JMX_MANAGER_PORT, String.valueOf(managerPort));
-      properties.setProperty(JMX_MANAGER_START, "true");
-      properties.setProperty(USE_CLUSTER_CONFIGURATION, "false");
-      properties.setProperty(SECURITY_MANAGER, SpySecurityManager.class.getName());
-      properties.setProperty("security-username", "secure");
-      properties.setProperty("security-password", "secure");
-
-      getSystem(properties);
-      getCache();
-    });
-  }
-
-  @After
-  public void after() throws Exception {
-    closeAllCache();
-  }
-
-  @Test
-  public void callbacksShouldBeInvoked() throws Exception {
-    connectServer();
-
-    verifyCallbacksRegardlessOfManager(false);
-
-    this.locatorVM.invoke(() -> {
-      verifyCallbacksRegardlessOfManager(true);
-    });
-  }
-
-  private void connectServer() throws IOException {
-    Properties properties = new Properties();
-    properties.setProperty(LOCATORS, locators);
-    properties.setProperty(MCAST_PORT, "0");
-    properties.setProperty(USE_CLUSTER_CONFIGURATION, "false");
-    properties.setProperty(SECURITY_MANAGER, SpySecurityManager.class.getName());
-    properties.setProperty("security-username", "secure");
-    properties.setProperty("security-password", "secure");
-
-    getSystem(properties);
-
-    CacheServer server1 = getCache().addCacheServer();
-    server1.setPort(0);
-    server1.start();
-
-    getCache();
-  }
-
-  private void verifyCallbacksRegardlessOfManager(final boolean isManager) {
-    ManagementService ms = getExistingManagementService(getCache());
-    assertThat(ms).isNotNull();
-    assertThat(ms.isManager()).isEqualTo(isManager);
-
-    verifyInitAndCloseInvoked();
-  }
-
-  private void verifyInitAndCloseInvoked() {
-    SpySecurityManager ssm = (SpySecurityManager) getSecurityService().getSecurityManager();
-
-    assertThat(ssm.initInvoked).isEqualTo(1);
-    assertThat(ssm.closeInvoked).isEqualTo(0);
-
-    getCache().close();
-
-    assertThat(ssm.initInvoked).isEqualTo(1);
-    assertThat(ssm.closeInvoked).isEqualTo(1);
-  }
-}

http://git-wip-us.apache.org/repos/asf/geode/blob/0211029b/geode-core/src/test/java/org/apache/geode/security/SecurityManagerLifecycleDistributedTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/SecurityManagerLifecycleDistributedTest.java b/geode-core/src/test/java/org/apache/geode/security/SecurityManagerLifecycleDistributedTest.java
new file mode 100644
index 0000000..a9048b9
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/security/SecurityManagerLifecycleDistributedTest.java
@@ -0,0 +1,143 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.security;
+
+import static org.apache.geode.distributed.ConfigurationProperties.JMX_MANAGER;
+import static org.apache.geode.distributed.ConfigurationProperties.JMX_MANAGER_PORT;
+import static org.apache.geode.distributed.ConfigurationProperties.JMX_MANAGER_START;
+import static org.apache.geode.distributed.ConfigurationProperties.LOCATORS;
+import static org.apache.geode.distributed.ConfigurationProperties.MCAST_PORT;
+import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
+import static org.apache.geode.distributed.ConfigurationProperties.START_LOCATOR;
+import static org.apache.geode.distributed.ConfigurationProperties.USE_CLUSTER_CONFIGURATION;
+import static org.apache.geode.internal.AvailablePortHelper.getRandomAvailableTCPPorts;
+import static org.apache.geode.management.ManagementService.getExistingManagementService;
+import static org.apache.geode.test.dunit.DistributedTestUtils.deleteLocatorStateFile;
+import static org.apache.geode.test.dunit.Host.getHost;
+import static org.apache.geode.test.dunit.NetworkUtils.getServerHostName;
+import static org.assertj.core.api.Assertions.assertThat;
+
+import org.apache.geode.cache.server.CacheServer;
+import org.apache.geode.cache30.CacheTestCase;
+import org.apache.geode.internal.security.EnabledSecurityService;
+import org.apache.geode.internal.security.SecurityService;
+import org.apache.geode.management.ManagementService;
+import org.apache.geode.test.dunit.Host;
+import org.apache.geode.test.dunit.VM;
+import org.apache.geode.test.junit.categories.DistributedTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import java.io.IOException;
+import java.util.Properties;
+
+@Category({DistributedTest.class, SecurityTest.class})
+public class SecurityManagerLifecycleDistributedTest extends CacheTestCase {
+
+  private String locators;
+  private VM locatorVM;
+
+  @Before
+  public void before() throws Exception {
+    Host host = getHost(0);
+    this.locatorVM = host.getVM(0);
+
+    int[] ports = getRandomAvailableTCPPorts(2);
+    int locatorPort = ports[0];
+    int managerPort = ports[1];
+
+    this.locators = getServerHostName(host) + "[" + locatorPort + "]";
+
+    this.locatorVM.invoke(() -> {
+      deleteLocatorStateFile(locatorPort);
+
+      Properties properties = new Properties();
+      properties.setProperty(LOCATORS, locators);
+      properties.setProperty(MCAST_PORT, "0");
+      properties.setProperty(START_LOCATOR, locators);
+      properties.setProperty(JMX_MANAGER, "true");
+      properties.setProperty(JMX_MANAGER_PORT, String.valueOf(managerPort));
+      properties.setProperty(JMX_MANAGER_START, "true");
+      properties.setProperty(USE_CLUSTER_CONFIGURATION, "false");
+      properties.setProperty(SECURITY_MANAGER, SpySecurityManager.class.getName());
+      properties.setProperty("security-username", "secure");
+      properties.setProperty("security-password", "secure");
+
+      getSystem(properties);
+      getCache();
+    });
+  }
+
+  @After
+  public void after() throws Exception {
+    closeAllCache();
+  }
+
+  @Test
+  public void callbacksShouldBeInvoked() throws Exception {
+    connectServer();
+
+    verifyCallbacksRegardlessOfManager(false);
+
+    this.locatorVM.invoke(() -> {
+      verifyCallbacksRegardlessOfManager(true);
+    });
+  }
+
+  private void connectServer() throws IOException {
+    Properties properties = new Properties();
+    properties.setProperty(LOCATORS, locators);
+    properties.setProperty(MCAST_PORT, "0");
+    properties.setProperty(USE_CLUSTER_CONFIGURATION, "false");
+    properties.setProperty(SECURITY_MANAGER, SpySecurityManager.class.getName());
+    properties.setProperty("security-username", "secure");
+    properties.setProperty("security-password", "secure");
+
+    getSystem(properties);
+
+    CacheServer server1 = getCache().addCacheServer();
+    server1.setPort(0);
+    server1.start();
+
+    getCache();
+  }
+
+  private void verifyCallbacksRegardlessOfManager(final boolean isManager) {
+    ManagementService ms = getExistingManagementService(getCache());
+    assertThat(ms).isNotNull();
+    assertThat(ms.isManager()).isEqualTo(isManager);
+
+    verifyInitAndCloseInvoked();
+  }
+
+  private void verifyInitAndCloseInvoked() {
+    SecurityService securityService = getCache().getSecurityService();
+    assertThat(securityService).isNotNull().isInstanceOf(EnabledSecurityService.class);
+
+    SpySecurityManager ssm =
+        (SpySecurityManager) getCache().getSecurityService().getSecurityManager();
+
+    assertThat(ssm.getInitInvocationCount()).isEqualTo(1);
+    assertThat(ssm.getCloseInvocationCount()).isEqualTo(0);
+
+    getCache().close();
+
+    assertThat(ssm.getInitInvocationCount()).isEqualTo(1);
+    assertThat(ssm.getCloseInvocationCount()).isEqualTo(1);
+  }
+}


Mime
View raw message