geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From hiteshkhame...@apache.org
Subject [23/29] geode git commit: GEODE-2632: consolidate different types of SecurityService
Date Mon, 19 Jun 2017 22:18:07 GMT
http://git-wip-us.apache.org/repos/asf/geode/blob/3902ea04/geode-core/src/main/java/org/apache/geode/internal/security/shiro/SecurityManagerProvider.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/org/apache/geode/internal/security/shiro/SecurityManagerProvider.java b/geode-core/src/main/java/org/apache/geode/internal/security/shiro/SecurityManagerProvider.java
new file mode 100644
index 0000000..ad8e66e
--- /dev/null
+++ b/geode-core/src/main/java/org/apache/geode/internal/security/shiro/SecurityManagerProvider.java
@@ -0,0 +1,83 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.internal.security.shiro;
+
+import org.apache.logging.log4j.Logger;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.config.Ini;
+import org.apache.shiro.config.IniSecurityManagerFactory;
+import org.apache.shiro.mgt.DefaultSecurityManager;
+import org.apache.shiro.realm.Realm;
+import org.apache.shiro.session.mgt.DefaultSessionManager;
+import org.apache.shiro.session.mgt.SessionManager;
+
+import org.apache.geode.internal.logging.LogService;
+import org.apache.geode.security.SecurityManager;
+
+public class SecurityManagerProvider {
+  private static Logger logger = LogService.getLogger(LogService.SECURITY_LOGGER_NAME);
+
+  private org.apache.shiro.mgt.SecurityManager shiroManager;
+  private SecurityManager securityManager;
+
+  public SecurityManagerProvider() {
+    shiroManager = SecurityUtils.getSecurityManager();
+  }
+
+  public SecurityManagerProvider(String shiroConfig) {
+    this.securityManager = null;
+
+    IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:" + shiroConfig);
+    // we will need to make sure that shiro uses a case sensitive permission resolver
+    Ini.Section main = factory.getIni().addSection("main");
+    main.put("geodePermissionResolver", GeodePermissionResolver.class.getName());
+    if (!main.containsKey("iniRealm.permissionResolver")) {
+      main.put("iniRealm.permissionResolver", "$geodePermissionResolver");
+    }
+    shiroManager = factory.getInstance();
+  }
+
+
+  public SecurityManagerProvider(SecurityManager securityManager) {
+    this.securityManager = securityManager;
+
+    Realm realm = new CustomAuthRealm(securityManager);
+    shiroManager = new DefaultSecurityManager(realm);
+    increaseShiroGlobalSessionTimeout((DefaultSecurityManager) shiroManager);
+  }
+
+  private void increaseShiroGlobalSessionTimeout(final DefaultSecurityManager shiroManager) {
+    SessionManager sessionManager = shiroManager.getSessionManager();
+    if (DefaultSessionManager.class.isInstance(sessionManager)) {
+      DefaultSessionManager defaultSessionManager = (DefaultSessionManager) sessionManager;
+      defaultSessionManager.setGlobalSessionTimeout(Long.MAX_VALUE);
+      long value = defaultSessionManager.getGlobalSessionTimeout();
+      if (value != Long.MAX_VALUE) {
+        logger.error("Unable to set Shiro Global Session Timeout. Current value is '{}'.", value);
+      }
+    } else {
+      logger.error("Unable to set Shiro Global Session Timeout. Current SessionManager is '{}'.",
+          sessionManager == null ? "null" : sessionManager.getClass());
+    }
+  }
+
+  public org.apache.shiro.mgt.SecurityManager getShiroSecurityManager() {
+    return shiroManager;
+  }
+
+  public SecurityManager getSecurityManager() {
+    return securityManager;
+  }
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/3902ea04/geode-core/src/test/java/org/apache/geode/distributed/internal/membership/MembershipJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/distributed/internal/membership/MembershipJUnitTest.java b/geode-core/src/test/java/org/apache/geode/distributed/internal/membership/MembershipJUnitTest.java
index a0c3cf3..b0e20d9 100755
--- a/geode-core/src/test/java/org/apache/geode/distributed/internal/membership/MembershipJUnitTest.java
+++ b/geode-core/src/test/java/org/apache/geode/distributed/internal/membership/MembershipJUnitTest.java
@@ -58,9 +58,6 @@ import org.apache.geode.internal.admin.remote.RemoteTransportConfig;
 import org.apache.geode.internal.net.SocketCreator;
 import org.apache.geode.internal.security.SecurityServiceFactory;
 import org.apache.geode.test.junit.categories.IntegrationTest;
-import org.apache.logging.log4j.Level;
-import org.junit.AfterClass;
-import org.junit.BeforeClass;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;
 

http://git-wip-us.apache.org/repos/asf/geode/blob/3902ea04/geode-core/src/test/java/org/apache/geode/internal/security/DisabledSecurityServiceTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/security/DisabledSecurityServiceTest.java b/geode-core/src/test/java/org/apache/geode/internal/security/DisabledSecurityServiceTest.java
deleted file mode 100644
index cacbeed..0000000
--- a/geode-core/src/test/java/org/apache/geode/internal/security/DisabledSecurityServiceTest.java
+++ /dev/null
@@ -1,164 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.internal.security;
-
-import static org.assertj.core.api.Assertions.*;
-import static org.mockito.Mockito.*;
-
-import org.apache.geode.security.PostProcessor;
-import org.apache.geode.test.junit.categories.UnitTest;
-import org.apache.shiro.subject.Subject;
-import org.apache.shiro.subject.support.SubjectThreadState;
-import org.apache.shiro.util.ThreadState;
-import org.apache.geode.security.SecurityManager;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-import java.util.Properties;
-import java.util.concurrent.Callable;
-
-@Category(UnitTest.class)
-public class DisabledSecurityServiceTest {
-
-  private DisabledSecurityService disabledSecurityService;
-  private Subject mockSubject;
-
-  @Before
-  public void before() throws Exception {
-    this.disabledSecurityService = new DisabledSecurityService();
-    this.mockSubject = mock(Subject.class);
-  }
-
-  @Test
-  public void bindSubject_null() throws Exception {
-    ThreadState threadState = this.disabledSecurityService.bindSubject(null);
-    assertThat(threadState).isNull();
-  }
-
-  @Test
-  public void bindSubject_subject_shouldReturnThreadState() throws Exception {
-    ThreadState threadState = this.disabledSecurityService.bindSubject(this.mockSubject);
-    assertThat(threadState).isNotNull().isInstanceOf(SubjectThreadState.class);
-  }
-
-  @Test
-  public void getSubject_beforeLogin_shouldReturnNull() throws Exception {
-    Subject subject = this.disabledSecurityService.getSubject();
-    assertThat(subject).isNull();
-  }
-
-  @Test
-  public void login_null_shouldReturnNull() throws Exception {
-    Subject subject = this.disabledSecurityService.login(null);
-    assertThat(subject).isNull();
-  }
-
-  @Test
-  public void login_properties_shouldReturnNull() throws Exception {
-    Subject subject = this.disabledSecurityService.login(new Properties());
-    assertThat(subject).isNull();
-  }
-
-  @Test
-  public void getSubject_afterLogin_shouldReturnNull() throws Exception {
-    this.disabledSecurityService.login(new Properties());
-    Subject subject = this.disabledSecurityService.getSubject();
-    assertThat(subject).isNull();
-  }
-
-  @Test
-  public void getSubject_afterLogout_shouldReturnNull() throws Exception {
-    this.disabledSecurityService.login(new Properties());
-    this.disabledSecurityService.logout();
-    Subject subject = this.disabledSecurityService.getSubject();
-    assertThat(subject).isNull();
-  }
-
-  @Test
-  public void associateWith_callable_shouldReturnSameCallable() throws Exception {
-    Callable mockCallable = mock(Callable.class);
-    Callable callable = this.disabledSecurityService.associateWith(mockCallable);
-    assertThat(callable).isNotNull().isSameAs(mockCallable);
-  }
-
-  @Test
-  public void associateWith_null_should() throws Exception {
-    Callable callable = this.disabledSecurityService.associateWith(null);
-    assertThat(callable).isNull();
-  }
-
-  @Test
-  public void needPostProcess_returnsFalse() throws Exception {
-    boolean needPostProcess = this.disabledSecurityService.needPostProcess();
-    assertThat(needPostProcess).isFalse();
-  }
-
-  @Test
-  public void postProcess1_value_shouldReturnSameValue() throws Exception {
-    Object value = new Object();
-    Object result = this.disabledSecurityService.postProcess(null, null, value, false);
-    assertThat(result).isNotNull().isSameAs(value);
-  }
-
-  @Test
-  public void postProcess1_null_returnsNull() throws Exception {
-    Object result = this.disabledSecurityService.postProcess(null, null, null, false);
-    assertThat(result).isNull();
-  }
-
-  @Test
-  public void postProcess2_value_shouldReturnSameValue() throws Exception {
-    Object value = new Object();
-    Object result = this.disabledSecurityService.postProcess(null, null, null, value, false);
-    assertThat(result).isNotNull().isSameAs(value);
-  }
-
-  @Test
-  public void postProcess2_null_returnsNull() throws Exception {
-    Object result = this.disabledSecurityService.postProcess(null, null, null, null, false);
-    assertThat(result).isNull();
-  }
-
-  @Test
-  public void isClientSecurityRequired_returnsFalse() throws Exception {
-    boolean result = this.disabledSecurityService.isClientSecurityRequired();
-    assertThat(result).isFalse();
-  }
-
-  @Test
-  public void isIntegratedSecurity_returnsFalse() throws Exception {
-    boolean result = this.disabledSecurityService.isIntegratedSecurity();
-    assertThat(result).isFalse();
-  }
-
-  @Test
-  public void isPeerSecurityRequired_returnsFalse() throws Exception {
-    boolean result = this.disabledSecurityService.isPeerSecurityRequired();
-    assertThat(result).isFalse();
-  }
-
-  @Test
-  public void getSecurityManager_returnsNull() throws Exception {
-    SecurityManager securityManager = this.disabledSecurityService.getSecurityManager();
-    assertThat(securityManager).isNull();
-  }
-
-  @Test
-  public void getPostProcessor_returnsNull() throws Exception {
-    PostProcessor postProcessor = this.disabledSecurityService.getPostProcessor();
-    assertThat(postProcessor).isNull();
-  }
-}

http://git-wip-us.apache.org/repos/asf/geode/blob/3902ea04/geode-core/src/test/java/org/apache/geode/internal/security/EnabledSecurityServiceTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/security/EnabledSecurityServiceTest.java b/geode-core/src/test/java/org/apache/geode/internal/security/EnabledSecurityServiceTest.java
deleted file mode 100644
index fca7eae..0000000
--- a/geode-core/src/test/java/org/apache/geode/internal/security/EnabledSecurityServiceTest.java
+++ /dev/null
@@ -1,184 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.internal.security;
-
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
-import static org.mockito.Mockito.*;
-
-import org.apache.geode.internal.security.shiro.RealmInitializer;
-import org.apache.geode.security.AuthenticationFailedException;
-import org.apache.geode.security.GemFireSecurityException;
-import org.apache.geode.security.PostProcessor;
-import org.apache.geode.security.SecurityManager;
-import org.apache.geode.test.junit.categories.UnitTest;
-import org.apache.shiro.subject.Subject;
-import org.apache.shiro.subject.support.SubjectThreadState;
-import org.apache.shiro.util.ThreadState;
-import org.junit.Before;
-import org.junit.Ignore;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-import java.util.Properties;
-import java.util.concurrent.Callable;
-
-@Category(UnitTest.class)
-public class EnabledSecurityServiceTest {
-
-  private SecurityManager mockSecurityManager;
-  private PostProcessor mockPostProcessor;
-  private RealmInitializer spyRealmInitializer;
-  private Subject mockSubject;
-
-  private EnabledSecurityService securityService;
-  private EnabledSecurityService securityServiceWithPostProcessor;
-
-  @Before
-  public void before() throws Exception {
-    this.mockSecurityManager = mock(SecurityManager.class);
-    this.mockPostProcessor = mock(PostProcessor.class);
-    this.spyRealmInitializer = spy(RealmInitializer.class);
-    this.mockSubject = mock(Subject.class);
-
-    this.securityService =
-        new EnabledSecurityService(this.mockSecurityManager, null, this.spyRealmInitializer);
-    this.securityServiceWithPostProcessor = new EnabledSecurityService(this.mockSecurityManager,
-        this.mockPostProcessor, this.spyRealmInitializer);
-  }
-
-  @Test
-  public void bindSubject_nullSubject_shouldReturn_null() throws Exception {
-    ThreadState threadState = this.securityService.bindSubject(null);
-    assertThat(threadState).isNull();
-  }
-
-  @Test
-  public void bindSubject_subject_shouldReturn_ThreadState() throws Exception {
-    ThreadState threadState = this.securityService.bindSubject(this.mockSubject);
-    assertThat(threadState).isNotNull().isInstanceOf(SubjectThreadState.class);
-  }
-
-  @Test
-  public void getSubject_beforeLogin_shouldThrow_GemFireSecurityException() throws Exception {
-    assertThatThrownBy(() -> this.securityService.getSubject())
-        .isInstanceOf(GemFireSecurityException.class).hasMessageContaining("Anonymous User");
-  }
-
-  @Test
-  public void login_nullProperties_shouldReturn_null() throws Exception {
-    Subject subject = this.securityService.login(null);
-    assertThat(subject).isNull();
-  }
-
-  @Test
-  public void login_emptyProperties_shouldThrow_AuthenticationFailedException() throws Exception {
-    assertThatThrownBy(() -> this.securityService.login(new Properties()))
-        .isInstanceOf(AuthenticationFailedException.class)
-        .hasMessageContaining("Please check your credentials");
-  }
-
-  @Ignore("Extract all shiro integration code out of EnabledSecurityService for mocking")
-  @Test
-  public void getSubject_afterLogin_shouldReturnNull() throws Exception {
-    this.securityService.login(new Properties());
-    Subject subject = this.securityService.getSubject();
-    assertThat(subject).isNull();
-  }
-
-  @Ignore("Extract all shiro integration code out of EnabledSecurityService for mocking")
-  @Test
-  public void getSubject_afterLogout_shouldReturnNull() throws Exception {
-    this.securityService.login(new Properties());
-    this.securityService.logout();
-    Subject subject = this.securityService.getSubject();
-    assertThat(subject).isNull();
-  }
-
-  @Test
-  public void associateWith_callable_beforeLogin_shouldThrow_GemFireSecurityException()
-      throws Exception {
-    assertThatThrownBy(() -> this.securityService.associateWith(mock(Callable.class)))
-        .isInstanceOf(GemFireSecurityException.class).hasMessageContaining("Anonymous User");
-  }
-
-  @Test
-  public void associateWith_null_should() throws Exception {
-    assertThatThrownBy(() -> this.securityService.associateWith(null))
-        .isInstanceOf(GemFireSecurityException.class).hasMessageContaining("Anonymous User");
-  }
-
-  @Test
-  public void needPostProcess_returnsFalse() throws Exception {
-    boolean needPostProcess = this.securityService.needPostProcess();
-    assertThat(needPostProcess).isFalse();
-  }
-
-  @Test
-  public void postProcess1_value_shouldReturnSameValue() throws Exception {
-    Object value = new Object();
-    Object result = this.securityService.postProcess(null, null, value, false);
-    assertThat(result).isNotNull().isSameAs(value);
-  }
-
-  @Test
-  public void postProcess1_null_returnsNull() throws Exception {
-    Object result = this.securityService.postProcess(null, null, null, false);
-    assertThat(result).isNull();
-  }
-
-  @Test
-  public void postProcess2_value_shouldReturnSameValue() throws Exception {
-    Object value = new Object();
-    Object result = this.securityService.postProcess(null, null, null, value, false);
-    assertThat(result).isNotNull().isSameAs(value);
-  }
-
-  @Test
-  public void postProcess2_null_returnsNull() throws Exception {
-    Object result = this.securityService.postProcess(null, null, null, null, false);
-    assertThat(result).isNull();
-  }
-
-  @Test
-  public void isClientSecurityRequired_returnsTrue() throws Exception {
-    boolean result = this.securityService.isClientSecurityRequired();
-    assertThat(result).isTrue();
-  }
-
-  @Test
-  public void isIntegratedSecurity_returnsTrue() throws Exception {
-    boolean result = this.securityService.isIntegratedSecurity();
-    assertThat(result).isTrue();
-  }
-
-  @Test
-  public void isPeerSecurityRequired_returnsTrue() throws Exception {
-    boolean result = this.securityService.isPeerSecurityRequired();
-    assertThat(result).isTrue();
-  }
-
-  @Test
-  public void getSecurityManager_returnsSecurityManager() throws Exception {
-    SecurityManager securityManager = this.securityService.getSecurityManager();
-    assertThat(securityManager).isNotNull().isSameAs(this.mockSecurityManager);
-  }
-
-  @Test
-  public void getPostProcessor_returnsNull() throws Exception {
-    PostProcessor postProcessor = this.securityService.getPostProcessor();
-    assertThat(postProcessor).isNull();
-  }
-}

http://git-wip-us.apache.org/repos/asf/geode/blob/3902ea04/geode-core/src/test/java/org/apache/geode/internal/security/FakePostProcessor.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/security/FakePostProcessor.java b/geode-core/src/test/java/org/apache/geode/internal/security/FakePostProcessor.java
deleted file mode 100644
index 7082344..0000000
--- a/geode-core/src/test/java/org/apache/geode/internal/security/FakePostProcessor.java
+++ /dev/null
@@ -1,103 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.internal.security;
-
-import java.util.Properties;
-import java.util.concurrent.atomic.AtomicInteger;
-import java.util.concurrent.atomic.AtomicReference;
-
-import org.apache.geode.security.PostProcessor;
-
-public class FakePostProcessor implements PostProcessor {
-
-  private final AtomicInteger initInvocations = new AtomicInteger(0);
-  private final AtomicInteger processRegionValueInvocations = new AtomicInteger(0);
-  private final AtomicInteger closeInvocations = new AtomicInteger(0);
-
-  private final AtomicReference<Properties> securityPropsRef = new AtomicReference<>();
-  private final AtomicReference<ProcessRegionValueArguments> processRegionValueArgumentsRef =
-      new AtomicReference<>();
-
-  @Override
-  public void init(Properties securityProps) {
-    this.initInvocations.incrementAndGet();
-    this.securityPropsRef.set(securityProps);
-  }
-
-  @Override
-  public Object processRegionValue(final Object principal, final String regionName,
-      final Object key, final Object value) {
-    this.processRegionValueInvocations.incrementAndGet();
-    this.processRegionValueArgumentsRef
-        .set(new ProcessRegionValueArguments(principal, regionName, key, value));
-    return this.processRegionValueArgumentsRef.get();
-  }
-
-  @Override
-  public void close() {
-    this.closeInvocations.incrementAndGet();
-  }
-
-  public int getInitInvocations() {
-    return this.initInvocations.get();
-  }
-
-  public int getProcessRegionValueInvocations() {
-    return this.processRegionValueInvocations.get();
-  }
-
-  public int getCloseInvocations() {
-    return this.closeInvocations.get();
-  }
-
-  public Properties getSecurityProps() {
-    return this.securityPropsRef.get();
-  }
-
-  public ProcessRegionValueArguments getProcessRegionValueArguments() {
-    return this.processRegionValueArgumentsRef.get();
-  }
-
-  public static class ProcessRegionValueArguments {
-    private final Object principal;
-    private final String regionName;
-    private final Object key;
-    private final Object value;
-
-    public ProcessRegionValueArguments(final Object principal, final String regionName,
-        final Object key, final Object value) {
-      this.principal = principal;
-      this.regionName = regionName;
-      this.key = key;
-      this.value = value;
-    }
-
-    public Object getPrincipal() {
-      return this.principal;
-    }
-
-    public String getRegionName() {
-      return this.regionName;
-    }
-
-    public Object getKey() {
-      return this.key;
-    }
-
-    public Object getValue() {
-      return this.value;
-    }
-  }
-}

http://git-wip-us.apache.org/repos/asf/geode/blob/3902ea04/geode-core/src/test/java/org/apache/geode/internal/security/FakeSecurityManager.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/security/FakeSecurityManager.java b/geode-core/src/test/java/org/apache/geode/internal/security/FakeSecurityManager.java
deleted file mode 100644
index ca4e6b7..0000000
--- a/geode-core/src/test/java/org/apache/geode/internal/security/FakeSecurityManager.java
+++ /dev/null
@@ -1,103 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.internal.security;
-
-import java.util.Properties;
-import java.util.concurrent.atomic.AtomicInteger;
-import java.util.concurrent.atomic.AtomicReference;
-
-import org.apache.geode.security.AuthenticationFailedException;
-import org.apache.geode.security.ResourcePermission;
-import org.apache.geode.security.SecurityManager;
-
-public class FakeSecurityManager implements SecurityManager {
-
-  private final AtomicInteger initInvocations = new AtomicInteger(0);
-  private final AtomicInteger authenticateInvocations = new AtomicInteger(0);
-  private final AtomicInteger authorizeInvocations = new AtomicInteger(0);
-  private final AtomicInteger closeInvocations = new AtomicInteger(0);
-
-  private final AtomicReference<Properties> securityPropsRef = new AtomicReference<>();
-  private final AtomicReference<Properties> credentialsRef = new AtomicReference<>();
-  private final AtomicReference<AuthorizeArguments> processAuthorizeArgumentsRef =
-      new AtomicReference<>();
-
-  @Override
-  public void init(final Properties securityProps) {
-    this.initInvocations.incrementAndGet();
-    this.securityPropsRef.set(securityProps);
-  }
-
-  @Override
-  public Object authenticate(final Properties credentials) throws AuthenticationFailedException {
-    this.authenticateInvocations.incrementAndGet();
-    this.credentialsRef.set(credentials);
-    return credentials;
-  }
-
-  @Override
-  public boolean authorize(final Object principal, final ResourcePermission permission) {
-    this.authorizeInvocations.incrementAndGet();
-    this.processAuthorizeArgumentsRef.set(new AuthorizeArguments(principal, permission));
-    return true;
-  }
-
-  @Override
-  public void close() {
-    this.closeInvocations.incrementAndGet();
-  }
-
-  public int getInitInvocations() {
-    return this.initInvocations.get();
-  }
-
-  public int getAuthenticateInvocations() {
-    return this.authenticateInvocations.get();
-  }
-
-  public int getAuthorizeInvocations() {
-    return this.authorizeInvocations.get();
-  }
-
-  public int getCloseInvocations() {
-    return this.closeInvocations.get();
-  }
-
-  public Properties getSecurityProps() {
-    return this.securityPropsRef.get();
-  }
-
-  public AuthorizeArguments getAuthorizeArguments() {
-    return this.processAuthorizeArgumentsRef.get();
-  }
-
-  public static class AuthorizeArguments {
-    private final Object principal;
-    private final ResourcePermission permission;
-
-    public AuthorizeArguments(final Object principal, final ResourcePermission permission) {
-      this.principal = principal;
-      this.permission = permission;
-    }
-
-    public Object getPrincipal() {
-      return this.principal;
-    }
-
-    public ResourcePermission getPermission() {
-      return this.permission;
-    }
-  }
-}

http://git-wip-us.apache.org/repos/asf/geode/blob/3902ea04/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceConstructorTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceConstructorTest.java b/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceConstructorTest.java
new file mode 100644
index 0000000..afa007f
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceConstructorTest.java
@@ -0,0 +1,93 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+package org.apache.geode.internal.security;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+import org.apache.shiro.SecurityUtils;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import org.apache.geode.internal.security.shiro.SecurityManagerProvider;
+import org.apache.geode.security.PostProcessor;
+import org.apache.geode.security.SecurityManager;
+import org.apache.geode.test.junit.categories.UnitTest;
+
+@Category(UnitTest.class)
+public class IntegratedSecurityServiceConstructorTest {
+
+  private IntegratedSecurityService securityService;
+  private SecurityManager securityManager;
+  private PostProcessor postProcessor;
+  private SecurityManagerProvider provider;
+  private org.apache.shiro.mgt.SecurityManager shiroManager;
+
+  @Before
+  public void before() throws Exception {
+    securityManager = mock(SecurityManager.class);
+    postProcessor = mock(PostProcessor.class);
+    provider = mock(SecurityManagerProvider.class);
+    shiroManager = mock(org.apache.shiro.mgt.SecurityManager.class);
+    when(provider.getShiroSecurityManager()).thenReturn(shiroManager);
+  }
+
+  @After
+  public void after() throws Exception {
+    if (securityService != null) {
+      securityService.close();
+    }
+
+    // some test manually set the shiro security manager
+    SecurityUtils.setSecurityManager(null);
+  }
+
+  @Test
+  public void constructorWithOutsideShrio() throws Exception {
+    when(provider.getSecurityManager()).thenReturn(null);
+    securityService = new IntegratedSecurityService(provider, postProcessor);
+    assertThat(securityService.getPostProcessor()).isEqualTo(postProcessor);
+    assertThat(securityService.getSecurityManager()).isNull();
+    assertIntegratedSecurityService();
+  }
+
+  @Test
+  public void constructorWithSecurityManager() throws Exception {
+    when(provider.getSecurityManager()).thenReturn(securityManager);
+    securityService = new IntegratedSecurityService(provider, null);
+    assertThat(securityService.getPostProcessor()).isNull();
+    assertThat(securityService.getSecurityManager()).isEqualTo(securityManager);
+    assertIntegratedSecurityService();
+  }
+
+  @Test
+  public void constructorWithSecurityManagerAndPostProcessor() throws Exception {
+    when(provider.getSecurityManager()).thenReturn(securityManager);
+    securityService = new IntegratedSecurityService(provider, postProcessor);
+    assertThat(securityService.getPostProcessor()).isEqualTo(postProcessor);
+    assertThat(securityService.getSecurityManager()).isEqualTo(securityManager);
+    assertIntegratedSecurityService();
+  }
+
+  private void assertIntegratedSecurityService() throws Exception {
+    assertThat(securityService.isIntegratedSecurity()).isTrue();
+    assertThat(securityService.isClientSecurityRequired()).isTrue();
+    assertThat(securityService.isPeerSecurityRequired()).isTrue();
+  }
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/3902ea04/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceTest.java b/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceTest.java
new file mode 100644
index 0000000..daaf18d
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceTest.java
@@ -0,0 +1,166 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.internal.security;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+import java.util.Properties;
+
+import org.apache.shiro.subject.Subject;
+import org.apache.shiro.subject.SubjectContext;
+import org.apache.shiro.subject.support.SubjectThreadState;
+import org.apache.shiro.util.ThreadContext;
+import org.apache.shiro.util.ThreadState;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import org.apache.geode.internal.security.shiro.SecurityManagerProvider;
+import org.apache.geode.security.AuthenticationRequiredException;
+import org.apache.geode.security.GemFireSecurityException;
+import org.apache.geode.security.PostProcessor;
+import org.apache.geode.security.SecurityManager;
+import org.apache.geode.test.junit.categories.UnitTest;
+
+@Category(UnitTest.class)
+public class IntegratedSecurityServiceTest {
+
+  private SecurityManager mockSecurityManager;
+  private SecurityManagerProvider provider;
+  private Subject mockSubject;
+  private org.apache.shiro.mgt.SecurityManager shiroManager;
+
+  private IntegratedSecurityService securityService;
+
+  @Before
+  public void before() throws Exception {
+    this.mockSecurityManager = mock(SecurityManager.class);
+    this.shiroManager = mock(org.apache.shiro.mgt.SecurityManager.class);
+    this.provider = mock(SecurityManagerProvider.class);
+    this.mockSubject = mock(Subject.class);
+    when(provider.getShiroSecurityManager()).thenReturn(shiroManager);
+    when(provider.getSecurityManager()).thenReturn(mockSecurityManager);
+    when(shiroManager.createSubject(any(SubjectContext.class))).thenReturn(mockSubject);
+    when(mockSubject.getPrincipal()).thenReturn("principal");
+
+    this.securityService = new IntegratedSecurityService(provider, null);
+  }
+
+  @After
+  public void after() throws Exception {
+    securityService.close();
+  }
+
+  @Test
+  public void bindSubject_nullSubject_shouldReturn_null() throws Exception {
+    assertThatThrownBy(() -> this.securityService.bindSubject(null))
+        .isInstanceOf(GemFireSecurityException.class).hasMessageContaining("Anonymous User");
+  }
+
+  @Test
+  public void bindSubject_subject_shouldReturn_ThreadState() throws Exception {
+    ThreadState threadState = this.securityService.bindSubject(this.mockSubject);
+    assertThat(threadState).isNotNull().isInstanceOf(SubjectThreadState.class);
+  }
+
+  @Test
+  public void login_nullProperties_shouldReturn_null() throws Exception {
+    assertThatThrownBy(() -> this.securityService.login(null))
+        .isInstanceOf(AuthenticationRequiredException.class)
+        .hasMessageContaining("credentials are null");
+  }
+
+  @Test
+  public void getSubject_login_logout() throws Exception {
+    this.securityService.login(new Properties());
+    Subject subject = this.securityService.getSubject();
+    assertThat(subject).isNotNull();
+    assertThat(ThreadContext.getSubject()).isNotNull();
+    this.securityService.logout();
+    assertThat(ThreadContext.getSubject()).isNull();
+  }
+
+  @Test
+  public void associateWith_null_should_return_null() throws Exception {
+    assertThat(this.securityService.associateWith(null)).isNull();
+  }
+
+  @Test
+  public void needPostProcess_returnsFalse() throws Exception {
+    boolean needPostProcess = this.securityService.needPostProcess();
+    assertThat(needPostProcess).isFalse();
+  }
+
+  @Test
+  public void postProcess1_value_shouldReturnSameValue() throws Exception {
+    Object value = new Object();
+    Object result = this.securityService.postProcess(null, null, value, false);
+    assertThat(result).isNotNull().isSameAs(value);
+  }
+
+  @Test
+  public void postProcess1_null_returnsNull() throws Exception {
+    Object result = this.securityService.postProcess(null, null, null, false);
+    assertThat(result).isNull();
+  }
+
+  @Test
+  public void postProcess2_value_shouldReturnSameValue() throws Exception {
+    Object value = new Object();
+    Object result = this.securityService.postProcess(null, null, null, value, false);
+    assertThat(result).isNotNull().isSameAs(value);
+  }
+
+  @Test
+  public void postProcess2_null_returnsNull() throws Exception {
+    Object result = this.securityService.postProcess(null, null, null, null, false);
+    assertThat(result).isNull();
+  }
+
+  @Test
+  public void isClientSecurityRequired_returnsTrue() throws Exception {
+    boolean result = this.securityService.isClientSecurityRequired();
+    assertThat(result).isTrue();
+  }
+
+  @Test
+  public void isIntegratedSecurity_returnsTrue() throws Exception {
+    boolean result = this.securityService.isIntegratedSecurity();
+    assertThat(result).isTrue();
+  }
+
+  @Test
+  public void isPeerSecurityRequired_returnsTrue() throws Exception {
+    boolean result = this.securityService.isPeerSecurityRequired();
+    assertThat(result).isTrue();
+  }
+
+  @Test
+  public void getSecurityManager_returnsSecurityManager() throws Exception {
+    SecurityManager securityManager = this.securityService.getSecurityManager();
+    assertThat(securityManager).isNotNull().isSameAs(this.mockSecurityManager);
+  }
+
+  @Test
+  public void getPostProcessor_returnsNull() throws Exception {
+    PostProcessor postProcessor = this.securityService.getPostProcessor();
+    assertThat(postProcessor).isNull();
+  }
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/3902ea04/geode-core/src/test/java/org/apache/geode/internal/security/LegacySecurityServiceTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/security/LegacySecurityServiceTest.java b/geode-core/src/test/java/org/apache/geode/internal/security/LegacySecurityServiceTest.java
new file mode 100644
index 0000000..bac79ec
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/internal/security/LegacySecurityServiceTest.java
@@ -0,0 +1,58 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+package org.apache.geode.internal.security;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+import org.apache.geode.test.junit.categories.UnitTest;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+@Category(UnitTest.class)
+public class LegacySecurityServiceTest {
+  private LegacySecurityService service;
+
+  @Test
+  public void emptyConstructor() throws Exception {
+    service = new LegacySecurityService();
+    assertThat(service.isIntegratedSecurity()).isFalse();
+    assertThat(service.isClientSecurityRequired()).isFalse();
+    assertThat(service.isPeerSecurityRequired()).isFalse();
+    assertThat(service.getPostProcessor()).isNull();
+    assertThat(service.getSecurityManager()).isNull();
+  }
+
+  @Test
+  public void clientAuthenticator() throws Exception {
+    service = new LegacySecurityService("abc.create", null);
+    assertThat(service.isIntegratedSecurity()).isFalse();
+    assertThat(service.isClientSecurityRequired()).isTrue();
+    assertThat(service.isPeerSecurityRequired()).isFalse();
+    assertThat(service.getPostProcessor()).isNull();
+    assertThat(service.getSecurityManager()).isNull();
+  }
+
+  @Test
+  public void peerAuthenticator() throws Exception {
+    service = new LegacySecurityService(null, "abc.create");
+    assertThat(service.isIntegratedSecurity()).isFalse();
+    assertThat(service.isClientSecurityRequired()).isFalse();
+    assertThat(service.isPeerSecurityRequired()).isTrue();
+    assertThat(service.getPostProcessor()).isNull();
+    assertThat(service.getSecurityManager()).isNull();
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/3902ea04/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceFactoryShiroIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceFactoryShiroIntegrationTest.java b/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceFactoryShiroIntegrationTest.java
index 8907012..e8548ed8 100644
--- a/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceFactoryShiroIntegrationTest.java
+++ b/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceFactoryShiroIntegrationTest.java
@@ -14,24 +14,15 @@
  */
 package org.apache.geode.internal.security;
 
-import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_CLIENT_AUTHENTICATOR;
-import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_PEER_AUTHENTICATOR;
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.mockito.Mockito.mock;
 
-import org.apache.geode.security.PostProcessor;
-import org.apache.geode.security.SecurityManager;
 import org.apache.geode.test.junit.categories.IntegrationTest;
 import org.apache.geode.test.junit.categories.SecurityTest;
-import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.util.ThreadContext;
 import org.junit.After;
 import org.junit.Before;
-import org.junit.Rule;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;
-import org.junit.rules.TemporaryFolder;
 
 import java.util.Properties;
 
@@ -42,8 +33,8 @@ public class SecurityServiceFactoryShiroIntegrationTest {
 
   private String shiroIniInClasspath;
 
-  @Rule
-  public TemporaryFolder temporaryFolder = new TemporaryFolder();
+  private SecurityService service;
+
 
   @Before
   public void before() throws Exception {
@@ -53,8 +44,9 @@ public class SecurityServiceFactoryShiroIntegrationTest {
 
   @After
   public void after() throws Exception {
-    ThreadContext.remove();
-    SecurityUtils.setSecurityManager(null);
+    if (service != null) {
+      service.close();
+    }
   }
 
   @Test
@@ -67,24 +59,8 @@ public class SecurityServiceFactoryShiroIntegrationTest {
   public void create_shiro_createsCustomSecurityService() throws Exception {
     Properties securityConfig = new Properties();
     securityConfig.setProperty(SECURITY_SHIRO_INIT, this.shiroIniInClasspath);
-
-    assertThat(SecurityServiceFactory.create(securityConfig, null, null))
-        .isInstanceOf(CustomSecurityService.class);
-  }
-
-  @Test
-  public void create_all_createsCustomSecurityService() throws Exception {
-    Properties securityConfig = new Properties();
-    securityConfig.setProperty(SECURITY_SHIRO_INIT, this.shiroIniInClasspath);
-    securityConfig.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "value");
-    securityConfig.setProperty(SECURITY_PEER_AUTHENTICATOR, "value");
-
-    SecurityManager mockSecurityManager = mock(SecurityManager.class);
-    PostProcessor mockPostProcessor = mock(PostProcessor.class);
-
-    assertThat(
-        SecurityServiceFactory.create(securityConfig, mockSecurityManager, mockPostProcessor))
-            .isInstanceOf(CustomSecurityService.class);
+    service = SecurityServiceFactory.create(securityConfig);
+    assertThat(service).isInstanceOf(IntegratedSecurityService.class);
   }
 
   private String getResourcePackage(Class classInPackage) {

http://git-wip-us.apache.org/repos/asf/geode/blob/3902ea04/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceFactoryTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceFactoryTest.java b/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceFactoryTest.java
index f027a43..fc4447b 100644
--- a/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceFactoryTest.java
+++ b/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceFactoryTest.java
@@ -21,14 +21,18 @@ import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
 
+import org.apache.geode.internal.cache.CacheConfig;
 import org.apache.geode.security.PostProcessor;
-import org.apache.geode.security.SecurityManager;
+import org.apache.geode.security.SimpleTestSecurityManager;
+import org.apache.geode.security.TestPostProcessor;
 import org.apache.geode.test.junit.categories.SecurityTest;
 import org.apache.geode.test.junit.categories.UnitTest;
 import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.util.ThreadContext;
+import org.apache.shiro.mgt.SecurityManager;
 import org.junit.After;
+import org.junit.Before;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;
 
@@ -37,244 +41,152 @@ import java.util.Properties;
 @Category({UnitTest.class, SecurityTest.class})
 public class SecurityServiceFactoryTest {
 
-  @After
-  public void after() throws Exception {
-    ThreadContext.remove();
-    SecurityUtils.setSecurityManager(null);
-  }
-
-  @Test
-  public void getPostProcessor_null_returnsNull() throws Exception {
-    assertThat(SecurityServiceFactory.getPostProcessor(null, null)).isNull();
-  }
-
-  @Test
-  public void getPostProcessor_returnsPostProcessor() throws Exception {
-    PostProcessor mockPostProcessor = mock(PostProcessor.class);
-
-    assertThat(SecurityServiceFactory.getPostProcessor(mockPostProcessor, null))
-        .isSameAs(mockPostProcessor);
-  }
-
-  @Test
-  public void getPostProcessor_SecurityConfig_createsPostProcessor() throws Exception {
-    Properties securityConfig = new Properties();
-    securityConfig.setProperty(SECURITY_POST_PROCESSOR, FakePostProcessor.class.getName());
-
-    PostProcessor postProcessor = SecurityServiceFactory.getPostProcessor(null, securityConfig);
-
-    assertThat(postProcessor).isInstanceOf(FakePostProcessor.class);
-
-    FakePostProcessor fakePostProcessor = (FakePostProcessor) postProcessor;
-
-    assertThat(fakePostProcessor.getInitInvocations()).isEqualTo(0);
-    assertThat(fakePostProcessor.getSecurityProps()).isNull();
-  }
-
-  @Test
-  public void getPostProcessor_prefersPostProcessorOverSecurityConfig() throws Exception {
-    PostProcessor mockPostProcessor = mock(PostProcessor.class);
-    Properties securityConfig = new Properties();
-    securityConfig.setProperty(SECURITY_POST_PROCESSOR, FakePostProcessor.class.getName());
-
-    assertThat(SecurityServiceFactory.getPostProcessor(mockPostProcessor, securityConfig))
-        .isSameAs(mockPostProcessor);
-  }
-
-  @Test
-  public void getSecurityManager_null_returnsNull() throws Exception {
-    assertThat(SecurityServiceFactory.getSecurityManager(null, null)).isNull();
-  }
-
-  @Test
-  public void getSecurityManager_returnsSecurityManager() throws Exception {
-    SecurityManager mockSecurityManager = mock(SecurityManager.class);
-
-    assertThat(SecurityServiceFactory.getSecurityManager(mockSecurityManager, null))
-        .isSameAs(mockSecurityManager);
-  }
-
-  @Test
-  public void getSecurityManager_SecurityConfig_createsSecurityManager() throws Exception {
-    Properties securityConfig = new Properties();
-    securityConfig.setProperty(SECURITY_MANAGER, FakeSecurityManager.class.getName());
-
-    SecurityManager securityManager =
-        SecurityServiceFactory.getSecurityManager(null, securityConfig);
-
-    assertThat(securityManager).isInstanceOf(FakeSecurityManager.class);
-
-    FakeSecurityManager fakeSecurityManager = (FakeSecurityManager) securityManager;
-
-    assertThat(fakeSecurityManager.getInitInvocations()).isEqualTo(0);
-    assertThat(fakeSecurityManager.getSecurityProps()).isNull();
-  }
-
-  @Test
-  public void getSecurityManager_prefersSecurityManagerOverSecurityConfig() throws Exception {
-    SecurityManager mockSecurityManager = mock(SecurityManager.class);
-    Properties securityConfig = new Properties();
-    securityConfig.setProperty(SECURITY_MANAGER, FakePostProcessor.class.getName());
-
-    assertThat(SecurityServiceFactory.getSecurityManager(mockSecurityManager, securityConfig))
-        .isSameAs(mockSecurityManager);
-  }
-
-  @Test
-  public void determineType_null_returnsDISABLED() throws Exception {
-    assertThat(SecurityServiceFactory.determineType(null, null, null))
-        .isSameAs(SecurityServiceType.DISABLED);
-  }
-
-  @Test
-  public void determineType_shiro_returnsCUSTOM() throws Exception {
-    Properties securityConfig = new Properties();
-    securityConfig.setProperty(SECURITY_SHIRO_INIT, "value");
-
-    assertThat(SecurityServiceFactory.determineType(securityConfig, null, null))
-        .isSameAs(SecurityServiceType.CUSTOM);
-  }
-
-  @Test
-  public void determineType_securityManager_returnsENABLED() throws Exception {
-    Properties securityConfig = new Properties();
-    SecurityManager mockSecurityManager = mock(SecurityManager.class);
-
-    assertThat(SecurityServiceFactory.determineType(securityConfig, mockSecurityManager, null))
-        .isSameAs(SecurityServiceType.ENABLED);
-  }
-
-  @Test
-  public void determineType_postProcessor_returnsDISABLED() throws Exception {
-    Properties securityConfig = new Properties();
-    PostProcessor mockPostProcessor = mock(PostProcessor.class);
+  private SecurityService service;
+  private Properties properties;
+  private org.apache.geode.security.SecurityManager securityManager;
+  private PostProcessor postProcessor;
+  private CacheConfig cacheConfig;
 
-    assertThat(SecurityServiceFactory.determineType(securityConfig, null, mockPostProcessor))
-        .isSameAs(SecurityServiceType.DISABLED);
+  @Before
+  public void before() throws Exception {
+    securityManager = mock(org.apache.geode.security.SecurityManager.class);
+    postProcessor = mock(PostProcessor.class);
+    cacheConfig = mock(CacheConfig.class);
+    properties = new Properties();
   }
 
-  @Test
-  public void determineType_both_returnsENABLED() throws Exception {
-    Properties securityConfig = new Properties();
-    SecurityManager mockSecurityManager = mock(SecurityManager.class);
-    PostProcessor mockPostProcessor = mock(PostProcessor.class);
+  @After
+  public void after() throws Exception {
+    if (service != null) {
+      service.close();
+    }
 
-    assertThat(SecurityServiceFactory.determineType(securityConfig, mockSecurityManager,
-        mockPostProcessor)).isSameAs(SecurityServiceType.ENABLED);
+    // some test manually set the shiro security manager
+    SecurityUtils.setSecurityManager(null);
   }
 
   @Test
-  public void determineType_prefersCUSTOM() throws Exception {
-    Properties securityConfig = new Properties();
-    securityConfig.setProperty(SECURITY_SHIRO_INIT, "value");
-    securityConfig.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "value");
-    securityConfig.setProperty(SECURITY_PEER_AUTHENTICATOR, "value");
-    SecurityManager mockSecurityManager = mock(SecurityManager.class);
-
-    assertThat(SecurityServiceFactory.determineType(securityConfig, mockSecurityManager, null))
-        .isSameAs(SecurityServiceType.CUSTOM);
+  public void createWithNoArgument() throws Exception {
+    service = SecurityServiceFactory.create();
+    assertThat(service).isInstanceOf(LegacySecurityService.class);
   }
 
   @Test
-  public void determineType_clientAuthenticator_returnsLEGACY() throws Exception {
-    Properties securityConfig = new Properties();
-    securityConfig.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "value");
+  public void createWithPropsWithNothingOrAuthenticators() throws Exception {
+    service = SecurityServiceFactory.create(properties);
+    assertThat(service).isInstanceOf(LegacySecurityService.class);
+    assertThat(service.isClientSecurityRequired()).isFalse();
+    assertThat(service.isPeerSecurityRequired()).isFalse();
 
-    assertThat(SecurityServiceFactory.determineType(securityConfig, null, null))
-        .isSameAs(SecurityServiceType.LEGACY);
-  }
-
-  @Test
-  public void determineType_peerAuthenticator_returnsLEGACY() throws Exception {
-    Properties securityConfig = new Properties();
-    securityConfig.setProperty(SECURITY_PEER_AUTHENTICATOR, "value");
+    // add client auth
+    properties.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "com.abc.Auth");
+    service = SecurityServiceFactory.create(properties);
+    assertThat(service).isInstanceOf(LegacySecurityService.class);
+    assertThat(service.isClientSecurityRequired()).isTrue();
+    assertThat(service.isPeerSecurityRequired()).isFalse();
 
-    assertThat(SecurityServiceFactory.determineType(securityConfig, null, null))
-        .isSameAs(SecurityServiceType.LEGACY);
+    // add peer auth
+    properties.setProperty(SECURITY_PEER_AUTHENTICATOR, "com.abc.PeerAuth");
+    service = SecurityServiceFactory.create(properties);
+    assertThat(service).isInstanceOf(LegacySecurityService.class);
+    assertThat(service.isClientSecurityRequired()).isTrue();
+    assertThat(service.isPeerSecurityRequired()).isTrue();
   }
 
   @Test
-  public void determineType_authenticators_returnsLEGACY() throws Exception {
-    Properties securityConfig = new Properties();
-    securityConfig.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "value");
-    securityConfig.setProperty(SECURITY_PEER_AUTHENTICATOR, "value");
+  public void createWithPropsWithSecurityManager() throws Exception {
+    properties.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
+    service = SecurityServiceFactory.create(properties);
+    assertThat(service).isInstanceOf(IntegratedSecurityService.class);
+    assertThat(service.getSecurityManager()).isNotNull();
+    assertThat(service.getPostProcessor()).isNull();
 
-    assertThat(SecurityServiceFactory.determineType(securityConfig, null, null))
-        .isSameAs(SecurityServiceType.LEGACY);
+    // add the post processor
+    properties.setProperty(SECURITY_POST_PROCESSOR, TestPostProcessor.class.getName());
+    service = SecurityServiceFactory.create(properties);
+    assertThat(service).isInstanceOf(IntegratedSecurityService.class);
+    assertThat(service.getSecurityManager()).isNotNull();
+    assertThat(service.getPostProcessor()).isNotNull();
   }
 
   @Test
-  public void determineType_empty_returnsDISABLED() throws Exception {
-    Properties securityConfig = new Properties();
-
-    assertThat(SecurityServiceFactory.determineType(securityConfig, null, null))
-        .isSameAs(SecurityServiceType.DISABLED);
+  public void createWithPropsWithShiro() throws Exception {
+    properties.setProperty(SECURITY_SHIRO_INIT, "shiro.ini");
+    service = SecurityServiceFactory.create(properties);
+    assertThat(service).isInstanceOf(IntegratedSecurityService.class);
+    assertThat(service.getSecurityManager()).isNull();
+    assertThat(service.getPostProcessor()).isNull();
   }
 
   @Test
-  public void create_clientAuthenticator_createsLegacySecurityService() throws Exception {
-    Properties securityConfig = new Properties();
-    securityConfig.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "value");
-
-    assertThat(SecurityServiceFactory.create(securityConfig, null, null))
-        .isInstanceOf(LegacySecurityService.class);
+  public void shiroOverwritesSecurityManager() throws Exception {
+    properties.setProperty(SECURITY_SHIRO_INIT, "shiro.ini");
+    properties.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
+    service = SecurityServiceFactory.create(properties);
+    assertThat(service).isInstanceOf(IntegratedSecurityService.class);
+    assertThat(service.getSecurityManager()).isNull();
+    assertThat(service.getPostProcessor()).isNull();
   }
 
   @Test
-  public void create_peerAuthenticator_createsLegacySecurityService() throws Exception {
-    Properties securityConfig = new Properties();
-    securityConfig.setProperty(SECURITY_PEER_AUTHENTICATOR, "value");
-
-    assertThat(SecurityServiceFactory.create(securityConfig, null, null))
-        .isInstanceOf(LegacySecurityService.class);
+  public void createWithOutsideShiro() throws Exception {
+    SecurityUtils.setSecurityManager(mock(SecurityManager.class));
+    // create the service with empty properties, but we would still end up with
+    // an IntegratedSecurityService
+    service = SecurityServiceFactory.create(properties);
+    assertThat(service).isInstanceOf(IntegratedSecurityService.class);
+    assertThat(service.getSecurityManager()).isNull();
+    assertThat(service.getPostProcessor()).isNull();
   }
 
   @Test
-  public void create_authenticators_createsLegacySecurityService() throws Exception {
-    Properties securityConfig = new Properties();
-    securityConfig.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "value");
-    securityConfig.setProperty(SECURITY_PEER_AUTHENTICATOR, "value");
-
-    assertThat(SecurityServiceFactory.create(securityConfig, null, null))
-        .isInstanceOf(LegacySecurityService.class);
+  public void cacheConfigSecurityManagerOverideShiro() throws Exception {
+    properties.setProperty(SECURITY_SHIRO_INIT, "shiro.ini");
+    when(cacheConfig.getSecurityManager()).thenReturn(securityManager);
+    service = SecurityServiceFactory.create(properties, cacheConfig);
+    assertThat(service).isInstanceOf(IntegratedSecurityService.class);
+    assertThat(service.getSecurityManager()).isNotNull();
+    assertThat(service.getPostProcessor()).isNull();
   }
 
   @Test
-  public void create_none_createsDisabledSecurityService() throws Exception {
-    Properties securityConfig = new Properties();
-
-    assertThat(SecurityServiceFactory.create(securityConfig, null, null))
-        .isInstanceOf(DisabledSecurityService.class);
+  public void cacheConfigOverideProperties_securityManager() throws Exception {
+    properties.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
+    when(cacheConfig.getSecurityManager()).thenReturn(securityManager);
+    service = SecurityServiceFactory.create(properties, cacheConfig);
+    assertThat(service).isInstanceOf(IntegratedSecurityService.class);
+    assertThat(service.getSecurityManager()).isEqualTo(securityManager);
+    assertThat(service.getPostProcessor()).isNull();
   }
 
   @Test
-  public void create_postProcessor_createsDisabledSecurityService() throws Exception {
-    Properties securityConfig = new Properties();
-    PostProcessor mockPostProcessor = mock(PostProcessor.class);
-
-    assertThat(SecurityServiceFactory.create(securityConfig, null, mockPostProcessor))
-        .isInstanceOf(DisabledSecurityService.class);
+  public void cacheConfigOverideProperties_postProcessor() throws Exception {
+    properties.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
+    properties.setProperty(SECURITY_POST_PROCESSOR, TestPostProcessor.class.getName());
+    when(cacheConfig.getPostProcessor()).thenReturn(postProcessor);
+    service = SecurityServiceFactory.create(properties, cacheConfig);
+    assertThat(service).isInstanceOf(IntegratedSecurityService.class);
+    assertThat(service.getSecurityManager()).isInstanceOf(SimpleTestSecurityManager.class);
+    assertThat(service.getPostProcessor()).isEqualTo(postProcessor);
   }
 
   @Test
-  public void create_securityManager_createsEnabledSecurityService() throws Exception {
-    Properties securityConfig = new Properties();
-    SecurityManager mockSecurityManager = mock(SecurityManager.class);
-
-    assertThat(SecurityServiceFactory.create(securityConfig, mockSecurityManager, null))
-        .isInstanceOf(EnabledSecurityService.class);
+  public void cacheConfigSecurityManagerWithPropertyPostProcessor() throws Exception {
+    properties.setProperty(SECURITY_POST_PROCESSOR, TestPostProcessor.class.getName());
+    when(cacheConfig.getSecurityManager()).thenReturn(securityManager);
+    service = SecurityServiceFactory.create(properties, cacheConfig);
+    assertThat(service).isInstanceOf(IntegratedSecurityService.class);
+    assertThat(service.getSecurityManager()).isEqualTo(securityManager);
+    assertThat(service.getPostProcessor()).isInstanceOf(TestPostProcessor.class);
   }
 
   @Test
-  public void create_securityManagerAndPostProcessor_createsEnabledSecurityService()
-      throws Exception {
-    Properties securityConfig = new Properties();
-    SecurityManager mockSecurityManager = mock(SecurityManager.class);
-    PostProcessor mockPostProcessor = mock(PostProcessor.class);
-
-    assertThat(
-        SecurityServiceFactory.create(securityConfig, mockSecurityManager, mockPostProcessor))
-            .isInstanceOf(EnabledSecurityService.class);
+  public void cacheConfigPostProcessorWithPropertySecurityManager() throws Exception {
+    properties.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
+    when(cacheConfig.getPostProcessor()).thenReturn(postProcessor);
+    service = SecurityServiceFactory.create(properties, cacheConfig);
+    assertThat(service).isInstanceOf(IntegratedSecurityService.class);
+    assertThat(service.getSecurityManager()).isInstanceOf(SimpleTestSecurityManager.class);
+    assertThat(service.getPostProcessor()).isEqualTo(postProcessor);
   }
-
 }

http://git-wip-us.apache.org/repos/asf/geode/blob/3902ea04/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceTest.java b/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceTest.java
index 4489352..4b7bbfc 100644
--- a/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceTest.java
+++ b/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceTest.java
@@ -19,10 +19,7 @@ import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANA
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_PEER_AUTHENTICATOR;
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
 
-import org.apache.geode.distributed.internal.DistributionConfig;
 import org.apache.geode.security.TestSecurityManager;
 import org.apache.geode.test.junit.categories.SecurityTest;
 import org.apache.geode.test.junit.categories.UnitTest;
@@ -39,21 +36,17 @@ import java.util.Properties;
 public class SecurityServiceTest {
 
   private Properties properties;
-  private DistributionConfig distributionConfig;
   private SecurityService securityService;
 
   @Before
   public void before() {
     this.properties = new Properties();
-    this.distributionConfig = mock(DistributionConfig.class);
-    when(this.distributionConfig.getSecurityProps()).thenReturn(this.properties);
-    this.securityService = SecurityServiceFactory.create(null, this.distributionConfig);
+    this.securityService = SecurityServiceFactory.create();
   }
 
   @After
   public void after() throws Exception {
     this.securityService.close();
-    SecurityUtils.setSecurityManager(null);
   }
 
   @Test
@@ -70,7 +63,7 @@ public class SecurityServiceTest {
     this.properties.setProperty(TestSecurityManager.SECURITY_JSON,
         "org/apache/geode/security/templates/security.json");
 
-    this.securityService = SecurityServiceFactory.create(null, this.distributionConfig);
+    this.securityService = SecurityServiceFactory.create(properties);
 
     assertThat(this.securityService.isIntegratedSecurity()).isTrue();
     assertThat(this.securityService.isClientSecurityRequired()).isTrue();
@@ -80,7 +73,7 @@ public class SecurityServiceTest {
   @Test
   public void testInitWithClientAuthenticator() {
     this.properties.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "org.abc.test");
-    this.securityService = SecurityServiceFactory.create(null, this.distributionConfig);
+    this.securityService = SecurityServiceFactory.create(properties);
 
     assertThat(this.securityService.isIntegratedSecurity()).isFalse();
     assertThat(this.securityService.isClientSecurityRequired()).isTrue();
@@ -90,7 +83,7 @@ public class SecurityServiceTest {
   @Test
   public void testInitWithPeerAuthenticator() {
     this.properties.setProperty(SECURITY_PEER_AUTHENTICATOR, "org.abc.test");
-    this.securityService = SecurityServiceFactory.create(null, this.distributionConfig);
+    this.securityService = SecurityServiceFactory.create(properties);
 
     assertThat(this.securityService.isIntegratedSecurity()).isFalse();
     assertThat(this.securityService.isClientSecurityRequired()).isFalse();
@@ -102,7 +95,7 @@ public class SecurityServiceTest {
     this.properties.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "org.abc.test");
     this.properties.setProperty(SECURITY_PEER_AUTHENTICATOR, "org.abc.test");
 
-    this.securityService = SecurityServiceFactory.create(null, this.distributionConfig);
+    this.securityService = SecurityServiceFactory.create(properties);
 
     assertThat(this.securityService.isIntegratedSecurity()).isFalse();
     assertThat(this.securityService.isClientSecurityRequired()).isTrue();
@@ -113,7 +106,7 @@ public class SecurityServiceTest {
   public void testInitWithShiroAuthenticator() {
     this.properties.setProperty(SECURITY_SHIRO_INIT, "shiro.ini");
 
-    this.securityService = SecurityServiceFactory.create(null, this.distributionConfig);
+    this.securityService = SecurityServiceFactory.create(properties);
 
     assertThat(this.securityService.isIntegratedSecurity()).isTrue();
     assertThat(this.securityService.isClientSecurityRequired()).isTrue();
@@ -128,7 +121,7 @@ public class SecurityServiceTest {
   @Test
   public void testInitWithOutsideShiroSecurityManager() {
     SecurityUtils.setSecurityManager(new DefaultSecurityManager());
-    this.securityService = SecurityServiceFactory.create(null, this.distributionConfig);
+    this.securityService = SecurityServiceFactory.create(properties);
 
     assertThat(this.securityService.isIntegratedSecurity()).isTrue();
   }

http://git-wip-us.apache.org/repos/asf/geode/blob/3902ea04/geode-core/src/test/java/org/apache/geode/internal/security/shiro/ConfigInitializerIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/security/shiro/ConfigInitializerIntegrationTest.java b/geode-core/src/test/java/org/apache/geode/internal/security/shiro/ConfigInitializerIntegrationTest.java
deleted file mode 100644
index 857c0be..0000000
--- a/geode-core/src/test/java/org/apache/geode/internal/security/shiro/ConfigInitializerIntegrationTest.java
+++ /dev/null
@@ -1,91 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.internal.security.shiro;
-
-import static org.assertj.core.api.Assertions.*;
-
-import org.apache.commons.io.FileUtils;
-import org.apache.geode.test.junit.categories.UnitTest;
-import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.UnavailableSecurityManagerException;
-import org.apache.shiro.util.ThreadContext;
-import org.apache.shiro.config.ConfigurationException;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-import org.junit.rules.TemporaryFolder;
-
-import java.io.File;
-
-@Category(UnitTest.class)
-public class ConfigInitializerIntegrationTest {
-
-  private static final String SHIRO_INI_FILE = "ConfigInitializerIntegrationTest.ini";
-
-  private String shiroIniInClasspath;
-  private ConfigInitializer configInitializer;
-  private String shiroIniInFilesystem;
-
-  @Rule
-  public TemporaryFolder temporaryFolder = new TemporaryFolder();
-
-  @Before
-  public void before() throws Exception {
-    assertThat(getClass().getResource(SHIRO_INI_FILE)).isNotNull();
-
-    this.configInitializer = new ConfigInitializer();
-
-    this.shiroIniInClasspath = getResourcePackage(getClass()) + SHIRO_INI_FILE;
-
-    File shiroIniFile = this.temporaryFolder.newFile(SHIRO_INI_FILE);
-    FileUtils.copyURLToFile(getClass().getResource(SHIRO_INI_FILE), shiroIniFile);
-    this.shiroIniInFilesystem = shiroIniFile.getAbsolutePath();
-
-    assertThatThrownBy(() -> SecurityUtils.getSecurityManager())
-        .isInstanceOf(UnavailableSecurityManagerException.class);
-  }
-
-  @After
-  public void after() throws Exception {
-    ThreadContext.remove();
-    SecurityUtils.setSecurityManager(null);
-  }
-
-  @Test
-  public void initialize_fileInClasspath() throws Exception {
-    this.configInitializer.initialize(this.shiroIniInClasspath);
-    assertThat(SecurityUtils.getSecurityManager()).isNotNull();
-  }
-
-  @Test
-  public void initialize_null_throws_ConfigurationException() throws Exception {
-    assertThatThrownBy(() -> this.configInitializer.initialize(null))
-        .isInstanceOf(ConfigurationException.class)
-        .hasMessageContaining("Resource [classpath:null] could not be found");
-  }
-
-  @Test
-  public void initialize_fileInFilesystem() throws Exception {
-    assertThatThrownBy(() -> this.configInitializer.initialize(this.shiroIniInFilesystem))
-        .isInstanceOf(ConfigurationException.class).hasMessageContaining("Resource [classpath:")
-        .hasMessageContaining("ConfigInitializerIntegrationTest.ini] could not be found");
-  }
-
-  private String getResourcePackage(Class classInPackage) {
-    return classInPackage.getName().replace(classInPackage.getSimpleName(), "").replace(".", "/");
-  }
-}

http://git-wip-us.apache.org/repos/asf/geode/blob/3902ea04/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithCustomRealmIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithCustomRealmIntegrationTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithCustomRealmIntegrationTest.java
index 01d6bb6..c47432b 100644
--- a/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithCustomRealmIntegrationTest.java
+++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithCustomRealmIntegrationTest.java
@@ -39,6 +39,6 @@ public class SecurityServiceWithCustomRealmIntegrationTest
         "org/apache/geode/management/internal/security/shiro-ini.json");
     this.props.setProperty(SECURITY_MANAGER, TestSecurityManager.class.getName());
     this.props.setProperty(SECURITY_SHIRO_INIT, "shiro.ini");
-    this.securityService = SecurityServiceFactory.create(this.props, null, null);
+    this.securityService = SecurityServiceFactory.create(this.props);
   }
 }

http://git-wip-us.apache.org/repos/asf/geode/blob/3902ea04/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithShiroIniIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithShiroIniIntegrationTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithShiroIniIntegrationTest.java
index 1caedbc..86a0ff0 100644
--- a/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithShiroIniIntegrationTest.java
+++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithShiroIniIntegrationTest.java
@@ -43,7 +43,7 @@ public class SecurityServiceWithShiroIniIntegrationTest {
   @Before
   public void before() throws Exception {
     this.props.setProperty(SECURITY_SHIRO_INIT, "shiro.ini");
-    this.securityService = SecurityServiceFactory.create(this.props, null, null);
+    this.securityService = SecurityServiceFactory.create(this.props);
   }
 
   @After

http://git-wip-us.apache.org/repos/asf/geode/blob/3902ea04/geode-core/src/test/java/org/apache/geode/security/CacheFactoryWithSecurityObjectTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/CacheFactoryWithSecurityObjectTest.java b/geode-core/src/test/java/org/apache/geode/security/CacheFactoryWithSecurityObjectTest.java
index cdb90f1..94e0be5 100644
--- a/geode-core/src/test/java/org/apache/geode/security/CacheFactoryWithSecurityObjectTest.java
+++ b/geode-core/src/test/java/org/apache/geode/security/CacheFactoryWithSecurityObjectTest.java
@@ -22,6 +22,7 @@ import static org.junit.Assert.assertTrue;
 import org.apache.geode.cache.CacheFactory;
 import org.apache.geode.distributed.ConfigurationProperties;
 import org.apache.geode.internal.cache.InternalCache;
+import org.apache.geode.internal.security.LegacySecurityService;
 import org.apache.geode.internal.security.SecurityService;
 import org.apache.geode.security.templates.DummyAuthenticator;
 import org.apache.geode.test.junit.categories.IntegrationTest;
@@ -37,17 +38,18 @@ import java.util.Properties;
 public class CacheFactoryWithSecurityObjectTest {
 
   private SecurityManager simpleSecurityManager;
-  private Properties properties = new Properties();
+  private Properties properties;
   private InternalCache cache;
 
   @Before
   public void before() throws Exception {
     this.simpleSecurityManager = new SimpleTestSecurityManager();
+    properties = new Properties();
     this.properties.setProperty("mcast-port", "0");
   }
 
   @Test
-  public void testCreateCacheWithSecurityManager() throws Exception {
+  public void testCreateCacheWithSecurityManagerOnly() throws Exception {
     this.cache = (InternalCache) new CacheFactory(this.properties)
         .setSecurityManager(this.simpleSecurityManager).setPostProcessor(null).create();
     SecurityService securityService = this.cache.getSecurityService();
@@ -56,17 +58,20 @@ public class CacheFactoryWithSecurityObjectTest {
     assertTrue(securityService.isPeerSecurityRequired());
     assertFalse(securityService.needPostProcess());
     assertNotNull(securityService.getSecurityManager());
+    assertNull(securityService.getPostProcessor());
   }
 
   @Test
-  public void testCreateCacheWithPostProcessor() throws Exception {
+  public void testCreateCacheWithPostProcessorOnly() throws Exception {
     this.cache = (InternalCache) new CacheFactory(this.properties)
         .setPostProcessor(new TestPostProcessor()).setSecurityManager(null).create();
     SecurityService securityService = this.cache.getSecurityService();
+    assertTrue(securityService instanceof LegacySecurityService);
     assertFalse(securityService.isIntegratedSecurity());
     assertFalse(securityService.isClientSecurityRequired());
     assertFalse(securityService.isPeerSecurityRequired());
     assertFalse(securityService.needPostProcess());
+    assertNull(securityService.getSecurityManager());
     assertNull(securityService.getPostProcessor());
   }
 
@@ -89,7 +94,7 @@ public class CacheFactoryWithSecurityObjectTest {
    * SECURITY_CLIENT_AUTHENTICATOR.
    */
   @Test
-  public void testOverride() throws Exception {
+  public void testSecurityManagerOverAuthenticator() throws Exception {
     this.properties.setProperty(ConfigurationProperties.SECURITY_CLIENT_AUTHENTICATOR,
         DummyAuthenticator.class.getName());
 
@@ -107,6 +112,61 @@ public class CacheFactoryWithSecurityObjectTest {
     assertNotNull(securityService.getPostProcessor());
   }
 
+
+  @Test
+  public void testCacheConfigOverProperties1() throws Exception {
+    this.properties.setProperty(ConfigurationProperties.SECURITY_SHIRO_INIT, "shiro.ini");
+
+    this.cache = (InternalCache) new CacheFactory(this.properties).setSecurityManager(null)
+        .setPostProcessor(null).create();
+
+    SecurityService securityService = this.cache.getSecurityService();
+
+    assertTrue(securityService.isIntegratedSecurity());
+    assertTrue(securityService.isClientSecurityRequired());
+    assertTrue(securityService.isPeerSecurityRequired());
+    assertFalse(securityService.needPostProcess());
+    assertNull(securityService.getSecurityManager());
+    assertNull(securityService.getPostProcessor());
+  }
+
+  @Test
+  public void testCacheConfigOverProperties() throws Exception {
+    this.properties.setProperty(ConfigurationProperties.SECURITY_SHIRO_INIT, "shiro.ini");
+
+    this.cache = (InternalCache) new CacheFactory(this.properties)
+        .setSecurityManager(this.simpleSecurityManager).setPostProcessor(new TestPostProcessor())
+        .create();
+
+    SecurityService securityService = this.cache.getSecurityService();
+
+    assertTrue(securityService.isIntegratedSecurity());
+    assertTrue(securityService.isClientSecurityRequired());
+    assertTrue(securityService.isPeerSecurityRequired());
+    assertTrue(securityService.needPostProcess());
+    assertNotNull(securityService.getSecurityManager());
+    assertNotNull(securityService.getPostProcessor());
+  }
+
+  @Test
+  public void testCacheConfigKeepsOldPostProcessor() throws Exception {
+    this.properties.setProperty(ConfigurationProperties.SECURITY_POST_PROCESSOR,
+        TestPostProcessor.class.getName());
+
+    this.cache = (InternalCache) new CacheFactory(this.properties)
+        .setSecurityManager(this.simpleSecurityManager).setPostProcessor(null).create();
+
+    SecurityService securityService = this.cache.getSecurityService();
+
+    assertTrue(securityService.isIntegratedSecurity());
+    assertTrue(securityService.isClientSecurityRequired());
+    assertTrue(securityService.isPeerSecurityRequired());
+    assertTrue(securityService.needPostProcess());
+    assertNotNull(securityService.getSecurityManager());
+    assertNotNull(securityService.getPostProcessor());
+  }
+
+
   @After
   public void after() {
     this.cache.close();

http://git-wip-us.apache.org/repos/asf/geode/blob/3902ea04/geode-core/src/test/java/org/apache/geode/security/SecurityManagerLifecycleDistributedTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/SecurityManagerLifecycleDistributedTest.java b/geode-core/src/test/java/org/apache/geode/security/SecurityManagerLifecycleDistributedTest.java
index a9048b9..8727406 100644
--- a/geode-core/src/test/java/org/apache/geode/security/SecurityManagerLifecycleDistributedTest.java
+++ b/geode-core/src/test/java/org/apache/geode/security/SecurityManagerLifecycleDistributedTest.java
@@ -31,7 +31,7 @@ import static org.assertj.core.api.Assertions.assertThat;
 
 import org.apache.geode.cache.server.CacheServer;
 import org.apache.geode.cache30.CacheTestCase;
-import org.apache.geode.internal.security.EnabledSecurityService;
+import org.apache.geode.internal.security.IntegratedSecurityService;
 import org.apache.geode.internal.security.SecurityService;
 import org.apache.geode.management.ManagementService;
 import org.apache.geode.test.dunit.Host;
@@ -127,7 +127,7 @@ public class SecurityManagerLifecycleDistributedTest extends CacheTestCase {
 
   private void verifyInitAndCloseInvoked() {
     SecurityService securityService = getCache().getSecurityService();
-    assertThat(securityService).isNotNull().isInstanceOf(EnabledSecurityService.class);
+    assertThat(securityService).isNotNull().isInstanceOf(IntegratedSecurityService.class);
 
     SpySecurityManager ssm =
         (SpySecurityManager) getCache().getSecurityService().getSecurityManager();

http://git-wip-us.apache.org/repos/asf/geode/blob/3902ea04/geode-pulse/src/test/java/org/apache/geode/tools/pulse/tests/Server.java
----------------------------------------------------------------------
diff --git a/geode-pulse/src/test/java/org/apache/geode/tools/pulse/tests/Server.java b/geode-pulse/src/test/java/org/apache/geode/tools/pulse/tests/Server.java
index 63f907c..ad5c080 100644
--- a/geode-pulse/src/test/java/org/apache/geode/tools/pulse/tests/Server.java
+++ b/geode-pulse/src/test/java/org/apache/geode/tools/pulse/tests/Server.java
@@ -14,19 +14,16 @@
  */
 package org.apache.geode.tools.pulse.tests;
 
+import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
+
 import org.apache.geode.internal.security.SecurityService;
 import org.apache.geode.internal.security.SecurityServiceFactory;
-import org.apache.geode.internal.security.shiro.CustomAuthRealm;
 import org.apache.geode.internal.security.shiro.JMXShiroAuthenticator;
 import org.apache.geode.management.internal.security.AccessControlMBean;
 import org.apache.geode.management.internal.security.MBeanServerWrapper;
 import org.apache.geode.management.internal.security.ResourceConstants;
 import org.apache.geode.security.TestSecurityManager;
 import org.apache.geode.tools.pulse.internal.data.PulseConstants;
-import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.mgt.DefaultSecurityManager;
-import org.apache.shiro.mgt.SecurityManager;
-import org.apache.shiro.realm.Realm;
 
 import java.io.IOException;
 import java.lang.management.ManagementFactory;
@@ -73,20 +70,16 @@ public class Server {
       // set up Shiro Security Manager
       Properties securityProperties = new Properties();
       securityProperties.setProperty(TestSecurityManager.SECURITY_JSON, jsonAuthFile);
-      Realm realm = new CustomAuthRealm(TestSecurityManager.class.getName(), securityProperties);
-      SecurityManager securityManager = new DefaultSecurityManager(realm);
-      SecurityUtils.setSecurityManager(securityManager);
+      securityProperties.setProperty(SECURITY_MANAGER, TestSecurityManager.class.getName());
+
+      SecurityService securityService = SecurityServiceFactory.create(securityProperties);
 
       // register the AccessControll bean
-      AccessControlMBean acc = new AccessControlMBean(SecurityServiceFactory.create());
+      AccessControlMBean acc = new AccessControlMBean(securityService);
       ObjectName accessControlMBeanON = new ObjectName(ResourceConstants.OBJECT_NAME_ACCESSCONTROL);
       MBeanServer platformMBeanServer = ManagementFactory.getPlatformMBeanServer();
       platformMBeanServer.registerMBean(acc, accessControlMBeanON);
 
-      SecurityService securityService =
-          SecurityServiceFactory.create(securityProperties, new TestSecurityManager(), null);
-      securityService.initSecurity(securityProperties);
-
       // wire in the authenticator and authorizaton
       JMXShiroAuthenticator interceptor = new JMXShiroAuthenticator(securityService);
       env.put(JMXConnectorServer.AUTHENTICATOR, interceptor);

http://git-wip-us.apache.org/repos/asf/geode/blob/3902ea04/geode-pulse/src/test/java/org/apache/geode/tools/pulse/tests/rules/ServerRule.java
----------------------------------------------------------------------
diff --git a/geode-pulse/src/test/java/org/apache/geode/tools/pulse/tests/rules/ServerRule.java b/geode-pulse/src/test/java/org/apache/geode/tools/pulse/tests/rules/ServerRule.java
index 767588d..f62bb74 100644
--- a/geode-pulse/src/test/java/org/apache/geode/tools/pulse/tests/rules/ServerRule.java
+++ b/geode-pulse/src/test/java/org/apache/geode/tools/pulse/tests/rules/ServerRule.java
@@ -14,14 +14,12 @@
  */
 package org.apache.geode.tools.pulse.tests.rules;
 
-import org.apache.geode.internal.security.DisabledSecurityService;
-import org.apache.geode.tools.pulse.internal.data.PulseConstants;
-import org.awaitility.Awaitility;
 import org.apache.geode.internal.AvailablePort;
 import org.apache.geode.internal.admin.SSLConfig;
 import org.apache.geode.management.internal.JettyHelper;
+import org.apache.geode.tools.pulse.internal.data.PulseConstants;
 import org.apache.geode.tools.pulse.tests.Server;
-
+import org.awaitility.Awaitility;
 import org.junit.rules.ExternalResource;
 
 import java.io.IOException;


Mime
View raw message