geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kl...@apache.org
Subject [2/9] geode git commit: Use immutable SecurityService
Date Mon, 05 Jun 2017 16:46:25 GMT
http://git-wip-us.apache.org/repos/asf/geode/blob/eab9e6e0/geode-core/src/test/java/org/apache/geode/internal/cache/tier/sockets/command/RegisterInterestTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/cache/tier/sockets/command/RegisterInterestTest.java b/geode-core/src/test/java/org/apache/geode/internal/cache/tier/sockets/command/RegisterInterestTest.java
index 0b02a2c..e7c7efc 100644
--- a/geode-core/src/test/java/org/apache/geode/internal/cache/tier/sockets/command/RegisterInterestTest.java
+++ b/geode-core/src/test/java/org/apache/geode/internal/cache/tier/sockets/command/RegisterInterestTest.java
@@ -115,7 +115,7 @@ public class RegisterInterestTest {
   public void noSecurityShouldSucceed() throws Exception {
     when(this.securityService.isClientSecurityRequired()).thenReturn(false);
 
-    this.registerInterest.cmdExecute(this.message, this.serverConnection, 0);
+    this.registerInterest.cmdExecute(this.message, this.serverConnection, this.securityService, 0);
 
     verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
   }
@@ -125,7 +125,7 @@ public class RegisterInterestTest {
     when(this.securityService.isClientSecurityRequired()).thenReturn(true);
     when(this.securityService.isIntegratedSecurity()).thenReturn(true);
 
-    this.registerInterest.cmdExecute(this.message, this.serverConnection, 0);
+    this.registerInterest.cmdExecute(this.message, this.serverConnection, this.securityService, 0);
 
     verify(this.securityService).authorizeRegionRead(eq(REGION_NAME), eq(KEY));
     verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
@@ -138,7 +138,7 @@ public class RegisterInterestTest {
     doThrow(new NotAuthorizedException("")).when(this.securityService)
         .authorizeRegionRead(eq(REGION_NAME), eq(KEY));
 
-    this.registerInterest.cmdExecute(this.message, this.serverConnection, 0);
+    this.registerInterest.cmdExecute(this.message, this.serverConnection, this.securityService, 0);
 
     verify(this.securityService).authorizeRegionRead(eq(REGION_NAME), eq(KEY));
     verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
@@ -149,7 +149,7 @@ public class RegisterInterestTest {
     when(this.securityService.isClientSecurityRequired()).thenReturn(true);
     when(this.securityService.isIntegratedSecurity()).thenReturn(false);
 
-    this.registerInterest.cmdExecute(this.message, this.serverConnection, 0);
+    this.registerInterest.cmdExecute(this.message, this.serverConnection, this.securityService, 0);
 
     verify(this.authzRequest).registerInterestAuthorize(eq(REGION_NAME), eq(KEY), anyInt(), any());
     verify(this.chunkedResponseMessage).sendChunk(this.serverConnection);
@@ -163,7 +163,7 @@ public class RegisterInterestTest {
     doThrow(new NotAuthorizedException("")).when(this.authzRequest)
         .registerInterestAuthorize(eq(REGION_NAME), eq(KEY), anyInt(), any());
 
-    this.registerInterest.cmdExecute(this.message, this.serverConnection, 0);
+    this.registerInterest.cmdExecute(this.message, this.serverConnection, this.securityService, 0);
 
     verify(this.authzRequest).registerInterestAuthorize(eq(REGION_NAME), eq(KEY), anyInt(), any());
 

http://git-wip-us.apache.org/repos/asf/geode/blob/eab9e6e0/geode-core/src/test/java/org/apache/geode/internal/cache/tier/sockets/command/RemoveAllTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/cache/tier/sockets/command/RemoveAllTest.java b/geode-core/src/test/java/org/apache/geode/internal/cache/tier/sockets/command/RemoveAllTest.java
index 97cd581..7d4a5a4 100644
--- a/geode-core/src/test/java/org/apache/geode/internal/cache/tier/sockets/command/RemoveAllTest.java
+++ b/geode-core/src/test/java/org/apache/geode/internal/cache/tier/sockets/command/RemoveAllTest.java
@@ -123,7 +123,7 @@ public class RemoveAllTest {
   public void noSecurityShouldSucceed() throws Exception {
     when(this.securityService.isClientSecurityRequired()).thenReturn(false);
 
-    this.removeAll.cmdExecute(this.message, this.serverConnection, 0);
+    this.removeAll.cmdExecute(this.message, this.serverConnection, this.securityService, 0);
 
     verify(this.chunkedResponseMessage).sendChunk(eq(this.serverConnection));
   }
@@ -133,7 +133,7 @@ public class RemoveAllTest {
     when(this.securityService.isClientSecurityRequired()).thenReturn(true);
     when(this.securityService.isIntegratedSecurity()).thenReturn(true);
 
-    this.removeAll.cmdExecute(this.message, this.serverConnection, 0);
+    this.removeAll.cmdExecute(this.message, this.serverConnection, this.securityService, 0);
 
     for (Object key : KEYS) {
       verify(this.securityService).authorizeRegionWrite(eq(REGION_NAME));
@@ -152,7 +152,7 @@ public class RemoveAllTest {
           .authorizeRegionRead(eq(REGION_NAME), eq(key.toString()));
     }
 
-    this.removeAll.cmdExecute(this.message, this.serverConnection, 0);
+    this.removeAll.cmdExecute(this.message, this.serverConnection, this.securityService, 0);
 
     for (Object key : KEYS) {
       verify(this.securityService).authorizeRegionWrite(eq(REGION_NAME));
@@ -166,7 +166,7 @@ public class RemoveAllTest {
     when(this.securityService.isClientSecurityRequired()).thenReturn(true);
     when(this.securityService.isIntegratedSecurity()).thenReturn(false);
 
-    this.removeAll.cmdExecute(this.message, this.serverConnection, 0);
+    this.removeAll.cmdExecute(this.message, this.serverConnection, this.securityService, 0);
 
     for (Object key : KEYS) {
       verify(this.authzRequest).removeAllAuthorize(eq(REGION_NAME), any(), any());
@@ -184,7 +184,7 @@ public class RemoveAllTest {
       doThrow(new NotAuthorizedException("")).when(this.authzRequest).getAuthorize(eq(REGION_NAME),
           eq(key.toString()), eq(null));
     }
-    this.removeAll.cmdExecute(this.message, this.serverConnection, 0);
+    this.removeAll.cmdExecute(this.message, this.serverConnection, this.securityService, 0);
 
     for (Object key : KEYS) {
       verify(this.authzRequest).removeAllAuthorize(eq(REGION_NAME), any(), any());

http://git-wip-us.apache.org/repos/asf/geode/blob/eab9e6e0/geode-core/src/test/java/org/apache/geode/internal/cache/tier/sockets/command/RequestTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/cache/tier/sockets/command/RequestTest.java b/geode-core/src/test/java/org/apache/geode/internal/cache/tier/sockets/command/RequestTest.java
index 428ddde..271c078 100644
--- a/geode-core/src/test/java/org/apache/geode/internal/cache/tier/sockets/command/RequestTest.java
+++ b/geode-core/src/test/java/org/apache/geode/internal/cache/tier/sockets/command/RequestTest.java
@@ -112,7 +112,7 @@ public class RequestTest {
   public void noSecurityShouldSucceed() throws Exception {
     when(this.securityService.isClientSecurityRequired()).thenReturn(false);
 
-    this.request.cmdExecute(this.message, this.serverConnection, 0);
+    this.request.cmdExecute(this.message, this.serverConnection, this.securityService, 0);
     verify(this.responseMessage).send(this.serverConnection);
   }
 
@@ -121,7 +121,7 @@ public class RequestTest {
     when(this.securityService.isClientSecurityRequired()).thenReturn(true);
     when(this.securityService.isIntegratedSecurity()).thenReturn(true);
 
-    this.request.cmdExecute(this.message, this.serverConnection, 0);
+    this.request.cmdExecute(this.message, this.serverConnection, this.securityService, 0);
 
     verify(this.securityService).authorizeRegionRead(eq(REGION_NAME), eq(KEY));
     verify(this.responseMessage).send(this.serverConnection);
@@ -134,7 +134,7 @@ public class RequestTest {
     doThrow(new NotAuthorizedException("")).when(this.securityService)
         .authorizeRegionRead(eq(REGION_NAME), eq(KEY));
 
-    this.request.cmdExecute(this.message, this.serverConnection, 0);
+    this.request.cmdExecute(this.message, this.serverConnection, this.securityService, 0);
 
     verify(this.securityService).authorizeRegionRead(eq(REGION_NAME), eq(KEY));
     verify(this.errorResponseMessage).send(eq(this.serverConnection));
@@ -145,7 +145,7 @@ public class RequestTest {
     when(this.securityService.isClientSecurityRequired()).thenReturn(true);
     when(this.securityService.isIntegratedSecurity()).thenReturn(false);
 
-    this.request.cmdExecute(this.message, this.serverConnection, 0);
+    this.request.cmdExecute(this.message, this.serverConnection, this.securityService, 0);
 
     verify(this.authzRequest).getAuthorize(eq(REGION_NAME), eq(KEY), eq(CALLBACK_ARG));
     verify(this.responseMessage).send(this.serverConnection);
@@ -158,7 +158,7 @@ public class RequestTest {
     doThrow(new NotAuthorizedException("")).when(this.authzRequest).getAuthorize(eq(REGION_NAME),
         eq(KEY), eq(CALLBACK_ARG));
 
-    this.request.cmdExecute(this.message, this.serverConnection, 0);
+    this.request.cmdExecute(this.message, this.serverConnection, this.securityService, 0);
 
     verify(this.authzRequest).getAuthorize(eq(REGION_NAME), eq(KEY), eq(CALLBACK_ARG));
     verify(this.errorResponseMessage).send(eq(this.serverConnection));

http://git-wip-us.apache.org/repos/asf/geode/blob/eab9e6e0/geode-core/src/test/java/org/apache/geode/internal/cache/tier/sockets/command/UnregisterInterestTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/cache/tier/sockets/command/UnregisterInterestTest.java b/geode-core/src/test/java/org/apache/geode/internal/cache/tier/sockets/command/UnregisterInterestTest.java
index b894590..6c4d242 100644
--- a/geode-core/src/test/java/org/apache/geode/internal/cache/tier/sockets/command/UnregisterInterestTest.java
+++ b/geode-core/src/test/java/org/apache/geode/internal/cache/tier/sockets/command/UnregisterInterestTest.java
@@ -150,7 +150,8 @@ public class UnregisterInterestTest {
   public void noSecurityShouldSucceed() throws Exception {
     when(this.securityService.isClientSecurityRequired()).thenReturn(false);
 
-    this.unregisterInterest.cmdExecute(this.message, this.serverConnection, 0);
+    this.unregisterInterest.cmdExecute(this.message, this.serverConnection, this.securityService,
+        0);
     verify(this.replyMessage).send(this.serverConnection);
   }
 
@@ -159,7 +160,8 @@ public class UnregisterInterestTest {
     when(this.securityService.isClientSecurityRequired()).thenReturn(true);
     when(this.securityService.isIntegratedSecurity()).thenReturn(true);
 
-    this.unregisterInterest.cmdExecute(this.message, this.serverConnection, 0);
+    this.unregisterInterest.cmdExecute(this.message, this.serverConnection, this.securityService,
+        0);
 
     verify(this.securityService).authorizeRegionRead(eq(REGION_NAME), eq(KEY));
     verify(this.replyMessage).send(this.serverConnection);
@@ -172,7 +174,8 @@ public class UnregisterInterestTest {
     doThrow(new NotAuthorizedException("")).when(this.securityService)
         .authorizeRegionRead(eq(REGION_NAME), eq(KEY));
 
-    this.unregisterInterest.cmdExecute(this.message, this.serverConnection, 0);
+    this.unregisterInterest.cmdExecute(this.message, this.serverConnection, this.securityService,
+        0);
 
     verify(this.securityService).authorizeRegionRead(eq(REGION_NAME), eq(KEY));
     verify(this.errorResponseMessage).send(eq(this.serverConnection));
@@ -183,7 +186,8 @@ public class UnregisterInterestTest {
     when(this.securityService.isClientSecurityRequired()).thenReturn(true);
     when(this.securityService.isIntegratedSecurity()).thenReturn(false);
 
-    this.unregisterInterest.cmdExecute(this.message, this.serverConnection, 0);
+    this.unregisterInterest.cmdExecute(this.message, this.serverConnection, this.securityService,
+        0);
 
     verify(this.authzRequest).unregisterInterestAuthorize(eq(REGION_NAME), eq(KEY), anyInt());
     verify(this.replyMessage).send(this.serverConnection);
@@ -196,7 +200,8 @@ public class UnregisterInterestTest {
     doThrow(new NotAuthorizedException("")).when(this.authzRequest).getAuthorize(eq(REGION_NAME),
         eq(KEY), any());
 
-    this.unregisterInterest.cmdExecute(this.message, this.serverConnection, 0);
+    this.unregisterInterest.cmdExecute(this.message, this.serverConnection, this.securityService,
+        0);
 
     verify(this.authzRequest).unregisterInterestAuthorize(eq(REGION_NAME), eq(KEY), anyInt());
     verify(this.replyMessage).send(eq(this.serverConnection));

http://git-wip-us.apache.org/repos/asf/geode/blob/eab9e6e0/geode-core/src/test/java/org/apache/geode/internal/lang/InitializerJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/lang/InitializerJUnitTest.java b/geode-core/src/test/java/org/apache/geode/internal/lang/InitializerJUnitTest.java
index 66e8ff1..8b563ac 100644
--- a/geode-core/src/test/java/org/apache/geode/internal/lang/InitializerJUnitTest.java
+++ b/geode-core/src/test/java/org/apache/geode/internal/lang/InitializerJUnitTest.java
@@ -29,7 +29,7 @@ import org.apache.geode.test.junit.categories.UnitTest;
 
 /**
  * The InitializerJUnitTest class is a test suite of test cases testing the contract and
- * functionality of the Initializer utility class.
+ * functionality of the ConfigInitialization utility class.
  * <p/>
  * 
  * @see org.apache.geode.internal.lang.Initializer

http://git-wip-us.apache.org/repos/asf/geode/blob/eab9e6e0/geode-core/src/test/java/org/apache/geode/internal/security/FakePostProcessor.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/security/FakePostProcessor.java b/geode-core/src/test/java/org/apache/geode/internal/security/FakePostProcessor.java
new file mode 100644
index 0000000..7082344
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/internal/security/FakePostProcessor.java
@@ -0,0 +1,103 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.internal.security;
+
+import java.util.Properties;
+import java.util.concurrent.atomic.AtomicInteger;
+import java.util.concurrent.atomic.AtomicReference;
+
+import org.apache.geode.security.PostProcessor;
+
+public class FakePostProcessor implements PostProcessor {
+
+  private final AtomicInteger initInvocations = new AtomicInteger(0);
+  private final AtomicInteger processRegionValueInvocations = new AtomicInteger(0);
+  private final AtomicInteger closeInvocations = new AtomicInteger(0);
+
+  private final AtomicReference<Properties> securityPropsRef = new AtomicReference<>();
+  private final AtomicReference<ProcessRegionValueArguments> processRegionValueArgumentsRef =
+      new AtomicReference<>();
+
+  @Override
+  public void init(Properties securityProps) {
+    this.initInvocations.incrementAndGet();
+    this.securityPropsRef.set(securityProps);
+  }
+
+  @Override
+  public Object processRegionValue(final Object principal, final String regionName,
+      final Object key, final Object value) {
+    this.processRegionValueInvocations.incrementAndGet();
+    this.processRegionValueArgumentsRef
+        .set(new ProcessRegionValueArguments(principal, regionName, key, value));
+    return this.processRegionValueArgumentsRef.get();
+  }
+
+  @Override
+  public void close() {
+    this.closeInvocations.incrementAndGet();
+  }
+
+  public int getInitInvocations() {
+    return this.initInvocations.get();
+  }
+
+  public int getProcessRegionValueInvocations() {
+    return this.processRegionValueInvocations.get();
+  }
+
+  public int getCloseInvocations() {
+    return this.closeInvocations.get();
+  }
+
+  public Properties getSecurityProps() {
+    return this.securityPropsRef.get();
+  }
+
+  public ProcessRegionValueArguments getProcessRegionValueArguments() {
+    return this.processRegionValueArgumentsRef.get();
+  }
+
+  public static class ProcessRegionValueArguments {
+    private final Object principal;
+    private final String regionName;
+    private final Object key;
+    private final Object value;
+
+    public ProcessRegionValueArguments(final Object principal, final String regionName,
+        final Object key, final Object value) {
+      this.principal = principal;
+      this.regionName = regionName;
+      this.key = key;
+      this.value = value;
+    }
+
+    public Object getPrincipal() {
+      return this.principal;
+    }
+
+    public String getRegionName() {
+      return this.regionName;
+    }
+
+    public Object getKey() {
+      return this.key;
+    }
+
+    public Object getValue() {
+      return this.value;
+    }
+  }
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/eab9e6e0/geode-core/src/test/java/org/apache/geode/internal/security/FakeSecurityManager.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/security/FakeSecurityManager.java b/geode-core/src/test/java/org/apache/geode/internal/security/FakeSecurityManager.java
new file mode 100644
index 0000000..ca4e6b7
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/internal/security/FakeSecurityManager.java
@@ -0,0 +1,103 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.internal.security;
+
+import java.util.Properties;
+import java.util.concurrent.atomic.AtomicInteger;
+import java.util.concurrent.atomic.AtomicReference;
+
+import org.apache.geode.security.AuthenticationFailedException;
+import org.apache.geode.security.ResourcePermission;
+import org.apache.geode.security.SecurityManager;
+
+public class FakeSecurityManager implements SecurityManager {
+
+  private final AtomicInteger initInvocations = new AtomicInteger(0);
+  private final AtomicInteger authenticateInvocations = new AtomicInteger(0);
+  private final AtomicInteger authorizeInvocations = new AtomicInteger(0);
+  private final AtomicInteger closeInvocations = new AtomicInteger(0);
+
+  private final AtomicReference<Properties> securityPropsRef = new AtomicReference<>();
+  private final AtomicReference<Properties> credentialsRef = new AtomicReference<>();
+  private final AtomicReference<AuthorizeArguments> processAuthorizeArgumentsRef =
+      new AtomicReference<>();
+
+  @Override
+  public void init(final Properties securityProps) {
+    this.initInvocations.incrementAndGet();
+    this.securityPropsRef.set(securityProps);
+  }
+
+  @Override
+  public Object authenticate(final Properties credentials) throws AuthenticationFailedException {
+    this.authenticateInvocations.incrementAndGet();
+    this.credentialsRef.set(credentials);
+    return credentials;
+  }
+
+  @Override
+  public boolean authorize(final Object principal, final ResourcePermission permission) {
+    this.authorizeInvocations.incrementAndGet();
+    this.processAuthorizeArgumentsRef.set(new AuthorizeArguments(principal, permission));
+    return true;
+  }
+
+  @Override
+  public void close() {
+    this.closeInvocations.incrementAndGet();
+  }
+
+  public int getInitInvocations() {
+    return this.initInvocations.get();
+  }
+
+  public int getAuthenticateInvocations() {
+    return this.authenticateInvocations.get();
+  }
+
+  public int getAuthorizeInvocations() {
+    return this.authorizeInvocations.get();
+  }
+
+  public int getCloseInvocations() {
+    return this.closeInvocations.get();
+  }
+
+  public Properties getSecurityProps() {
+    return this.securityPropsRef.get();
+  }
+
+  public AuthorizeArguments getAuthorizeArguments() {
+    return this.processAuthorizeArgumentsRef.get();
+  }
+
+  public static class AuthorizeArguments {
+    private final Object principal;
+    private final ResourcePermission permission;
+
+    public AuthorizeArguments(final Object principal, final ResourcePermission permission) {
+      this.principal = principal;
+      this.permission = permission;
+    }
+
+    public Object getPrincipal() {
+      return this.principal;
+    }
+
+    public ResourcePermission getPermission() {
+      return this.permission;
+    }
+  }
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/eab9e6e0/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceTest.java b/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceTest.java
deleted file mode 100644
index 01782cf..0000000
--- a/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceTest.java
+++ /dev/null
@@ -1,222 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.internal.security;
-
-import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_CLIENT_AUTHENTICATOR;
-import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
-import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_PEER_AUTHENTICATOR;
-import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertTrue;
-
-import org.apache.geode.security.GemFireSecurityException;
-import org.apache.geode.security.TestPostProcessor;
-import org.apache.geode.security.TestSecurityManager;
-import org.apache.geode.security.SimpleTestSecurityManager;
-import org.apache.geode.test.junit.categories.UnitTest;
-import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.mgt.DefaultSecurityManager;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-import java.util.Properties;
-
-@Category(UnitTest.class)
-public class IntegratedSecurityServiceTest {
-
-  private Properties properties;
-  private SecurityService securityService;
-
-  @Before
-  public void before() {
-    properties = new Properties();
-    securityService = SecurityService.getSecurityService();
-    securityService.initSecurity(properties);
-  }
-
-  @Test
-  public void testGetObjectFromConstructor() {
-    String string = SecurityService.getObjectOfType(String.class.getName(), String.class);
-    assertNotNull(string);
-
-    CharSequence charSequence =
-        SecurityService.getObjectOfType(String.class.getName(), CharSequence.class);
-    assertNotNull(charSequence);
-
-    assertThatThrownBy(() -> SecurityService.getObjectOfType("com.abc.testString", String.class))
-        .isInstanceOf(GemFireSecurityException.class);
-
-    assertThatThrownBy(() -> SecurityService.getObjectOfType(String.class.getName(), Boolean.class))
-        .isInstanceOf(GemFireSecurityException.class);
-
-    assertThatThrownBy(() -> SecurityService.getObjectOfType("", String.class))
-        .isInstanceOf(GemFireSecurityException.class);
-
-    assertThatThrownBy(() -> SecurityService.getObjectOfType(null, String.class))
-        .isInstanceOf(GemFireSecurityException.class);
-
-    assertThatThrownBy(() -> SecurityService.getObjectOfType("  ", String.class))
-        .isInstanceOf(GemFireSecurityException.class);
-  }
-
-  @Test
-  public void testGetObjectFromFactoryMethod() {
-    String string =
-        SecurityService.getObjectOfType(Factories.class.getName() + ".getString", String.class);
-    assertNotNull(string);
-
-    CharSequence charSequence =
-        SecurityService.getObjectOfType(Factories.class.getName() + ".getString", String.class);
-    assertNotNull(charSequence);
-
-    assertThatThrownBy(() -> SecurityService
-        .getObjectOfType(Factories.class.getName() + ".getStringNonStatic", String.class))
-            .isInstanceOf(GemFireSecurityException.class);
-
-    assertThatThrownBy(() -> SecurityService
-        .getObjectOfType(Factories.class.getName() + ".getNullString", String.class))
-            .isInstanceOf(GemFireSecurityException.class);
-  }
-
-  @Test
-  public void testInitialSecurityFlags() {
-    // initial state of IntegratedSecurityService
-    assertFalse(securityService.isIntegratedSecurity());
-    assertFalse(securityService.isClientSecurityRequired());
-    assertFalse(securityService.isPeerSecurityRequired());
-  }
-
-  @Test
-  public void testInitWithSecurityManager() {
-    properties.setProperty(SECURITY_MANAGER, "org.apache.geode.security.TestSecurityManager");
-    properties.setProperty(TestSecurityManager.SECURITY_JSON,
-        "org/apache/geode/security/templates/security.json");
-
-    securityService.initSecurity(properties);
-
-    assertTrue(securityService.isIntegratedSecurity());
-    assertTrue(securityService.isClientSecurityRequired());
-    assertTrue(securityService.isPeerSecurityRequired());
-  }
-
-  @Test
-  public void testInitWithClientAuthenticator() {
-    properties.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "org.abc.test");
-
-    securityService.initSecurity(properties);
-    assertFalse(securityService.isIntegratedSecurity());
-    assertTrue(securityService.isClientSecurityRequired());
-    assertFalse(securityService.isPeerSecurityRequired());
-  }
-
-  @Test
-  public void testInitWithPeerAuthenticator() {
-    properties.setProperty(SECURITY_PEER_AUTHENTICATOR, "org.abc.test");
-
-    securityService.initSecurity(properties);
-
-    assertFalse(securityService.isIntegratedSecurity());
-    assertFalse(securityService.isClientSecurityRequired());
-    assertTrue(securityService.isPeerSecurityRequired());
-  }
-
-  @Test
-  public void testInitWithAuthenticators() {
-    properties.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "org.abc.test");
-    properties.setProperty(SECURITY_PEER_AUTHENTICATOR, "org.abc.test");
-
-    securityService.initSecurity(properties);
-
-    assertFalse(securityService.isIntegratedSecurity());
-    assertTrue(securityService.isClientSecurityRequired());
-    assertTrue(securityService.isPeerSecurityRequired());
-  }
-
-  @Test
-  public void testInitWithShiroAuthenticator() {
-    properties.setProperty(SECURITY_SHIRO_INIT, "shiro.ini");
-
-    securityService.initSecurity(properties);
-
-    assertTrue(securityService.isIntegratedSecurity());
-    assertTrue(securityService.isClientSecurityRequired());
-    assertTrue(securityService.isPeerSecurityRequired());
-  }
-
-  @Test
-  public void testNoInit() {
-    assertFalse(securityService.isIntegratedSecurity());
-  }
-
-  @Test
-  public void testInitWithOutsideShiroSecurityManager() {
-    SecurityUtils.setSecurityManager(new DefaultSecurityManager());
-    securityService.initSecurity(properties);
-    assertTrue(securityService.isIntegratedSecurity());
-  }
-
-  @Test
-  public void testSetSecurityManager() {
-    // initially
-    assertFalse(securityService.isIntegratedSecurity());
-
-    // init with client authenticator
-    properties.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "org.abc.test");
-    securityService.initSecurity(properties);
-    assertFalse(securityService.isIntegratedSecurity());
-    assertTrue(securityService.isClientSecurityRequired());
-    assertFalse(securityService.isPeerSecurityRequired());
-
-    // set a security manager
-    securityService.setSecurityManager(new SimpleTestSecurityManager());
-    assertTrue(securityService.isIntegratedSecurity());
-    assertTrue(securityService.isClientSecurityRequired());
-    assertTrue(securityService.isPeerSecurityRequired());
-    assertFalse(securityService.needPostProcess());
-
-    // set a post processor
-    securityService.setPostProcessor(new TestPostProcessor());
-    assertTrue(securityService.isIntegratedSecurity());
-    assertTrue(securityService.needPostProcess());
-  }
-
-  @After
-  public void after() {
-    securityService.close();
-  }
-
-  private static class Factories {
-
-    public static String getString() {
-      return new String();
-    }
-
-    public static String getNullString() {
-      return null;
-    }
-
-    public String getStringNonStatic() {
-      return new String();
-    }
-
-    public static Boolean getBoolean() {
-      return Boolean.TRUE;
-    }
-  }
-}

http://git-wip-us.apache.org/repos/asf/geode/blob/eab9e6e0/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceFactoryTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceFactoryTest.java b/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceFactoryTest.java
new file mode 100644
index 0000000..0f2a5d9
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceFactoryTest.java
@@ -0,0 +1,244 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.internal.security;
+
+import static org.apache.geode.distributed.ConfigurationProperties.*;
+import static org.assertj.core.api.Assertions.*;
+import static org.mockito.Mockito.*;
+
+import java.util.Properties;
+
+import org.apache.geode.security.PostProcessor;
+import org.apache.geode.security.SecurityManager;
+import org.apache.geode.test.junit.categories.UnitTest;
+
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+@Category(UnitTest.class)
+public class SecurityServiceFactoryTest {
+
+  @Test
+  public void getPostProcessor_null_returnsNull() throws Exception {
+    assertThat(SecurityServiceFactory.getPostProcessor(null, null)).isNull();
+  }
+
+  @Test
+  public void getPostProcessor_returnsPostProcessor() throws Exception {
+    PostProcessor mockPostProcessor = mock(PostProcessor.class);
+
+    assertThat(SecurityServiceFactory.getPostProcessor(mockPostProcessor, null))
+        .isSameAs(mockPostProcessor);
+  }
+
+  @Test
+  public void getPostProcessor_SecurityConfig_createsPostProcessor() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_POST_PROCESSOR, FakePostProcessor.class.getName());
+
+    PostProcessor postProcessor = SecurityServiceFactory.getPostProcessor(null, securityConfig);
+
+    assertThat(postProcessor).isInstanceOf(FakePostProcessor.class);
+
+    FakePostProcessor fakePostProcessor = (FakePostProcessor) postProcessor;
+
+    assertThat(fakePostProcessor.getInitInvocations()).isEqualTo(0);
+    assertThat(fakePostProcessor.getSecurityProps()).isNull();
+  }
+
+  @Test
+  public void getPostProcessor_prefersPostProcessorOverSecurityConfig() throws Exception {
+    PostProcessor mockPostProcessor = mock(PostProcessor.class);
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_POST_PROCESSOR, FakePostProcessor.class.getName());
+
+    assertThat(SecurityServiceFactory.getPostProcessor(mockPostProcessor, securityConfig))
+        .isSameAs(mockPostProcessor);
+  }
+
+  @Test
+  public void getSecurityManager_null_returnsNull() throws Exception {
+    assertThat(SecurityServiceFactory.getSecurityManager(null, null)).isNull();
+  }
+
+  @Test
+  public void getSecurityManager_returnsSecurityManager() throws Exception {
+    SecurityManager mockSecurityManager = mock(SecurityManager.class);
+
+    assertThat(SecurityServiceFactory.getSecurityManager(mockSecurityManager, null))
+        .isSameAs(mockSecurityManager);
+  }
+
+  @Test
+  public void getSecurityManager_SecurityConfig_createsSecurityManager() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_MANAGER, FakeSecurityManager.class.getName());
+
+    SecurityManager securityManager =
+        SecurityServiceFactory.getSecurityManager(null, securityConfig);
+
+    assertThat(securityManager).isInstanceOf(FakeSecurityManager.class);
+
+    FakeSecurityManager fakeSecurityManager = (FakeSecurityManager) securityManager;
+
+    assertThat(fakeSecurityManager.getInitInvocations()).isEqualTo(0);
+    assertThat(fakeSecurityManager.getSecurityProps()).isNull();
+  }
+
+  @Test
+  public void getSecurityManager_prefersSecurityManagerOverSecurityConfig() throws Exception {
+    SecurityManager mockSecurityManager = mock(SecurityManager.class);
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_MANAGER, FakePostProcessor.class.getName());
+
+    assertThat(SecurityServiceFactory.getSecurityManager(mockSecurityManager, securityConfig))
+        .isSameAs(mockSecurityManager);
+  }
+
+  @Test
+  public void determineType_null_returnsDISABLED() throws Exception {
+    assertThat(SecurityServiceFactory.determineType(null, null))
+        .isSameAs(SecurityServiceType.DISABLED);
+  }
+
+  @Test
+  public void determineType_shiro_returnsCUSTOM() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_SHIRO_INIT, "value");
+
+    assertThat(SecurityServiceFactory.determineType(securityConfig, null))
+        .isSameAs(SecurityServiceType.CUSTOM);
+  }
+
+  @Test
+  public void determineType_securityManager_returnsENABLED() throws Exception {
+    Properties securityConfig = new Properties();
+    SecurityManager mockSecurityManager = mock(SecurityManager.class);
+
+    assertThat(SecurityServiceFactory.determineType(securityConfig, mockSecurityManager))
+        .isSameAs(SecurityServiceType.ENABLED);
+  }
+
+  @Test
+  public void determineType_prefersCUSTOM() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_SHIRO_INIT, "value");
+    securityConfig.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "value");
+    securityConfig.setProperty(SECURITY_PEER_AUTHENTICATOR, "value");
+    SecurityManager mockSecurityManager = mock(SecurityManager.class);
+
+    assertThat(SecurityServiceFactory.determineType(securityConfig, mockSecurityManager))
+        .isSameAs(SecurityServiceType.CUSTOM);
+  }
+
+  @Test
+  public void determineType_clientAuthenticator_returnsLEGACY() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "value");
+
+    assertThat(SecurityServiceFactory.determineType(securityConfig, null))
+        .isSameAs(SecurityServiceType.LEGACY);
+  }
+
+  @Test
+  public void determineType_peerAuthenticator_returnsLEGACY() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_PEER_AUTHENTICATOR, "value");
+
+    assertThat(SecurityServiceFactory.determineType(securityConfig, null))
+        .isSameAs(SecurityServiceType.LEGACY);
+  }
+
+  @Test
+  public void determineType_authenticators_returnsLEGACY() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "value");
+    securityConfig.setProperty(SECURITY_PEER_AUTHENTICATOR, "value");
+
+    assertThat(SecurityServiceFactory.determineType(securityConfig, null))
+        .isSameAs(SecurityServiceType.LEGACY);
+  }
+
+  @Test
+  public void determineType_empty_returnsDISABLED() throws Exception {
+    Properties securityConfig = new Properties();
+
+    assertThat(SecurityServiceFactory.determineType(securityConfig, null))
+        .isSameAs(SecurityServiceType.DISABLED);
+  }
+
+  @Test
+  @Ignore("Move to IntegrationTest with shiro config")
+  public void create_shiro_createsCustomSecurityService() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_SHIRO_INIT, "value");
+
+    assertThat(SecurityServiceFactory.create(securityConfig, null, null))
+        .isInstanceOf(CustomSecurityService.class);
+  }
+
+  @Test
+  public void create_clientAuthenticator_createsLegacySecurityService() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "value");
+
+    assertThat(SecurityServiceFactory.create(securityConfig, null, null))
+        .isInstanceOf(LegacySecurityService.class);
+  }
+
+  @Test
+  public void create_peerAuthenticator_createsLegacySecurityService() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_PEER_AUTHENTICATOR, "value");
+
+    assertThat(SecurityServiceFactory.create(securityConfig, null, null))
+        .isInstanceOf(LegacySecurityService.class);
+  }
+
+  @Test
+  public void create_authenticators_createsLegacySecurityService() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "value");
+    securityConfig.setProperty(SECURITY_PEER_AUTHENTICATOR, "value");
+
+    assertThat(SecurityServiceFactory.create(securityConfig, null, null))
+        .isInstanceOf(LegacySecurityService.class);
+  }
+
+  @Test
+  @Ignore("Move to IntegrationTest with shiro config")
+  public void create_all_createsCustomSecurityService() throws Exception {
+    Properties securityConfig = new Properties();
+    securityConfig.setProperty(SECURITY_SHIRO_INIT, "value");
+    securityConfig.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "value");
+    securityConfig.setProperty(SECURITY_PEER_AUTHENTICATOR, "value");
+
+    SecurityManager mockSecurityManager = mock(SecurityManager.class);
+    PostProcessor mockPostProcessor = mock(PostProcessor.class);
+
+    assertThat(
+        SecurityServiceFactory.create(securityConfig, mockSecurityManager, mockPostProcessor))
+            .isInstanceOf(CustomSecurityService.class);
+  }
+
+  @Test
+  public void create_none_createsDisabledSecurityService() throws Exception {
+    Properties securityConfig = new Properties();
+
+    assertThat(SecurityServiceFactory.create(securityConfig, null, null))
+        .isInstanceOf(DisabledSecurityService.class);
+  }
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/eab9e6e0/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceTest.java b/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceTest.java
new file mode 100644
index 0000000..279e818
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/internal/security/SecurityServiceTest.java
@@ -0,0 +1,227 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.internal.security;
+
+import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_CLIENT_AUTHENTICATOR;
+import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
+import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_PEER_AUTHENTICATOR;
+import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+import org.apache.geode.distributed.internal.DistributionConfig;
+import org.apache.geode.security.GemFireSecurityException;
+import org.apache.geode.security.TestSecurityManager;
+import org.apache.geode.test.junit.categories.UnitTest;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.mgt.DefaultSecurityManager;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import java.util.Properties;
+
+@Category(UnitTest.class)
+public class SecurityServiceTest {
+
+  private Properties properties;
+  private DistributionConfig distributionConfig;
+  private SecurityService securityService;
+
+  @Before
+  public void before() {
+    this.properties = new Properties();
+    this.distributionConfig = mock(DistributionConfig.class);
+    when(this.distributionConfig.getSecurityProps()).thenReturn(this.properties);
+    this.securityService = SecurityServiceFactory.create(null, this.distributionConfig);
+  }
+
+  @After
+  public void after() throws Exception {
+    this.securityService.close();
+    SecurityUtils.setSecurityManager(null);
+  }
+
+  @Test
+  public void testGetObjectFromConstructor() {
+    String string = SecurityService.getObjectOfType(String.class.getName(), String.class);
+    assertNotNull(string);
+
+    CharSequence charSequence =
+        SecurityService.getObjectOfType(String.class.getName(), CharSequence.class);
+    assertNotNull(charSequence);
+
+    assertThatThrownBy(() -> SecurityService.getObjectOfType("com.abc.testString", String.class))
+        .isInstanceOf(GemFireSecurityException.class);
+
+    assertThatThrownBy(() -> SecurityService.getObjectOfType(String.class.getName(), Boolean.class))
+        .isInstanceOf(GemFireSecurityException.class);
+
+    assertThatThrownBy(() -> SecurityService.getObjectOfType("", String.class))
+        .isInstanceOf(GemFireSecurityException.class);
+
+    assertThatThrownBy(() -> SecurityService.getObjectOfType(null, String.class))
+        .isInstanceOf(GemFireSecurityException.class);
+
+    assertThatThrownBy(() -> SecurityService.getObjectOfType("  ", String.class))
+        .isInstanceOf(GemFireSecurityException.class);
+  }
+
+  @Test
+  public void testGetObjectFromFactoryMethod() {
+    String string =
+        SecurityService.getObjectOfType(Factories.class.getName() + ".getString", String.class);
+    assertNotNull(string);
+
+    CharSequence charSequence =
+        SecurityService.getObjectOfType(Factories.class.getName() + ".getString", String.class);
+    assertNotNull(charSequence);
+
+    assertThatThrownBy(() -> SecurityService
+        .getObjectOfType(Factories.class.getName() + ".getStringNonStatic", String.class))
+            .isInstanceOf(GemFireSecurityException.class);
+
+    assertThatThrownBy(() -> SecurityService
+        .getObjectOfType(Factories.class.getName() + ".getNullString", String.class))
+            .isInstanceOf(GemFireSecurityException.class);
+  }
+
+  @Test
+  public void testInitialSecurityFlags() {
+    // initial state of IntegratedSecurityService
+    assertFalse(this.securityService.isIntegratedSecurity());
+    assertFalse(this.securityService.isClientSecurityRequired());
+    assertFalse(this.securityService.isPeerSecurityRequired());
+  }
+
+  @Test
+  public void testInitWithSecurityManager() {
+    this.properties.setProperty(SECURITY_MANAGER, "org.apache.geode.security.TestSecurityManager");
+    this.properties.setProperty(TestSecurityManager.SECURITY_JSON,
+        "org/apache/geode/security/templates/security.json");
+
+    this.securityService = SecurityServiceFactory.create(null, this.distributionConfig);
+
+    assertTrue(this.securityService.isIntegratedSecurity());
+    assertTrue(this.securityService.isClientSecurityRequired());
+    assertTrue(this.securityService.isPeerSecurityRequired());
+  }
+
+  @Test
+  public void testInitWithClientAuthenticator() {
+    this.properties.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "org.abc.test");
+    this.securityService = SecurityServiceFactory.create(null, this.distributionConfig);
+
+    assertFalse(this.securityService.isIntegratedSecurity());
+    assertTrue(this.securityService.isClientSecurityRequired());
+    assertFalse(this.securityService.isPeerSecurityRequired());
+  }
+
+  @Test
+  public void testInitWithPeerAuthenticator() {
+    this.properties.setProperty(SECURITY_PEER_AUTHENTICATOR, "org.abc.test");
+    this.securityService = SecurityServiceFactory.create(null, this.distributionConfig);
+
+    assertFalse(this.securityService.isIntegratedSecurity());
+    assertFalse(this.securityService.isClientSecurityRequired());
+    assertTrue(this.securityService.isPeerSecurityRequired());
+  }
+
+  @Test
+  public void testInitWithAuthenticators() {
+    this.properties.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "org.abc.test");
+    this.properties.setProperty(SECURITY_PEER_AUTHENTICATOR, "org.abc.test");
+
+    this.securityService = SecurityServiceFactory.create(null, this.distributionConfig);
+
+    assertFalse(this.securityService.isIntegratedSecurity());
+    assertTrue(this.securityService.isClientSecurityRequired());
+    assertTrue(this.securityService.isPeerSecurityRequired());
+  }
+
+  @Test
+  public void testInitWithShiroAuthenticator() {
+    this.properties.setProperty(SECURITY_SHIRO_INIT, "shiro.ini");
+
+    this.securityService = SecurityServiceFactory.create(null, this.distributionConfig);
+
+    assertTrue(this.securityService.isIntegratedSecurity());
+    assertTrue(this.securityService.isClientSecurityRequired());
+    assertTrue(this.securityService.isPeerSecurityRequired());
+  }
+
+  @Test
+  public void testNoInit() {
+    assertFalse(this.securityService.isIntegratedSecurity());
+  }
+
+  @Test
+  public void testInitWithOutsideShiroSecurityManager() {
+    SecurityUtils.setSecurityManager(new DefaultSecurityManager());
+    this.securityService = SecurityServiceFactory.create(null, this.distributionConfig);
+
+    assertTrue(this.securityService.isIntegratedSecurity());
+  }
+
+  // @Test
+  // public void testSetSecurityManager() {
+  // // initially
+  // assertFalse(this.securityService.isIntegratedSecurity());
+  //
+  // // init with client authenticator
+  // this.properties.setProperty(SECURITY_CLIENT_AUTHENTICATOR, "org.abc.test");
+  // this.securityService = SecurityServiceFactory.create(null, this.distributionConfig);
+  //
+  // assertFalse(this.securityService.isIntegratedSecurity());
+  // assertTrue(this.securityService.isClientSecurityRequired());
+  // assertFalse(this.securityService.isPeerSecurityRequired());
+  //
+  // // set a security manager
+  // this.securityService.setSecurityManager(new SimpleTestSecurityManager());
+  // assertTrue(this.securityService.isIntegratedSecurity());
+  // assertTrue(this.securityService.isClientSecurityRequired());
+  // assertTrue(this.securityService.isPeerSecurityRequired());
+  // assertFalse(this.securityService.needPostProcess());
+  //
+  // // set a post processor
+  // this.securityService.setPostProcessor(new TestPostProcessor());
+  // assertTrue(this.securityService.isIntegratedSecurity());
+  // assertTrue(this.securityService.needPostProcess());
+  // }
+
+  private static class Factories {
+
+    public static String getString() {
+      return new String();
+    }
+
+    public static String getNullString() {
+      return null;
+    }
+
+    public String getStringNonStatic() {
+      return new String();
+    }
+
+    public static Boolean getBoolean() {
+      return Boolean.TRUE;
+    }
+  }
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/eab9e6e0/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanShiroJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanShiroJUnitTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanShiroJUnitTest.java
deleted file mode 100644
index d0ea209..0000000
--- a/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanShiroJUnitTest.java
+++ /dev/null
@@ -1,109 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.management.internal.security;
-
-import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
-
-import org.apache.geode.management.CacheServerMXBean;
-import org.apache.geode.test.dunit.rules.ConnectionConfiguration;
-import org.apache.geode.test.dunit.rules.MBeanServerConnectionRule;
-import org.apache.geode.test.dunit.rules.ServerStarterRule;
-import org.apache.geode.test.junit.categories.IntegrationTest;
-import org.apache.geode.test.junit.categories.SecurityTest;
-import org.junit.Before;
-import org.junit.ClassRule;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-@Category({IntegrationTest.class, SecurityTest.class})
-public class CacheServerMBeanShiroJUnitTest {
-  private CacheServerMXBean bean;
-
-  @ClassRule
-  public static ServerStarterRule server = new ServerStarterRule()
-      .withProperty(SECURITY_SHIRO_INIT, "shiro.ini").withJMXManager().withAutoStart();
-
-  @Rule
-  public MBeanServerConnectionRule connectionRule =
-      new MBeanServerConnectionRule(server::getJmxPort);
-
-  @Before
-  public void setUp() throws Exception {
-    bean = connectionRule.getProxyMBean(CacheServerMXBean.class);
-  }
-
-  @Test
-  @ConnectionConfiguration(user = "root", password = "secret")
-  public void testAllAccess() throws Exception {
-    bean.removeIndex("foo");
-    bean.executeContinuousQuery("bar");
-    bean.fetchLoadProbe();
-    bean.getActiveCQCount();
-    bean.stopContinuousQuery("bar");
-    bean.closeAllContinuousQuery("bar");
-    bean.isRunning();
-    bean.showClientQueueDetails("foo");
-  }
-
-  @Test
-  @ConnectionConfiguration(user = "guest", password = "guest")
-  public void testNoAccess() throws Exception {
-    assertThatThrownBy(() -> bean.removeIndex("foo"))
-        .hasMessageContaining(TestCommand.dataManage.toString());
-    assertThatThrownBy(() -> bean.executeContinuousQuery("bar"))
-        .hasMessageContaining(TestCommand.dataRead.toString());
-    assertThatThrownBy(() -> bean.fetchLoadProbe())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-    assertThatThrownBy(() -> bean.getActiveCQCount())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-    assertThatThrownBy(() -> bean.stopContinuousQuery("bar"))
-        .hasMessageContaining(TestCommand.dataManage.toString());
-    assertThatThrownBy(() -> bean.closeAllContinuousQuery("bar"))
-        .hasMessageContaining(TestCommand.dataManage.toString());
-    assertThatThrownBy(() -> bean.isRunning())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-    assertThatThrownBy(() -> bean.showClientQueueDetails("bar"))
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-  }
-
-  @Test
-  @ConnectionConfiguration(user = "regionAReader", password = "password")
-  public void testRegionAccess() throws Exception {
-    assertThatThrownBy(() -> bean.removeIndex("foo"))
-        .hasMessageContaining(TestCommand.dataManage.toString());
-    assertThatThrownBy(() -> bean.fetchLoadProbe())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-    assertThatThrownBy(() -> bean.getActiveCQCount())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-
-    assertThatThrownBy(() -> bean.executeContinuousQuery("bar"))
-        .hasMessageContaining(TestCommand.dataRead.toString());
-  }
-
-  @Test
-  @ConnectionConfiguration(user = "dataReader", password = "12345")
-  public void testDataRead() throws Exception {
-    assertThatThrownBy(() -> bean.removeIndex("foo"))
-        .hasMessageContaining(TestCommand.dataManage.toString());
-    assertThatThrownBy(() -> bean.fetchLoadProbe())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-    assertThatThrownBy(() -> bean.getActiveCQCount())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-
-    bean.executeContinuousQuery("bar");
-  }
-}

http://git-wip-us.apache.org/repos/asf/geode/blob/eab9e6e0/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanWithShiroIniIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanWithShiroIniIntegrationTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanWithShiroIniIntegrationTest.java
new file mode 100644
index 0000000..55f592e
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanWithShiroIniIntegrationTest.java
@@ -0,0 +1,109 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.management.internal.security;
+
+import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
+
+import org.apache.geode.management.CacheServerMXBean;
+import org.apache.geode.test.dunit.rules.ConnectionConfiguration;
+import org.apache.geode.test.dunit.rules.MBeanServerConnectionRule;
+import org.apache.geode.test.dunit.rules.ServerStarterRule;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+import org.junit.Before;
+import org.junit.ClassRule;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+@Category({IntegrationTest.class, SecurityTest.class})
+public class CacheServerMBeanWithShiroIniIntegrationTest {
+  private CacheServerMXBean bean;
+
+  @ClassRule
+  public static ServerStarterRule server = new ServerStarterRule()
+      .withProperty(SECURITY_SHIRO_INIT, "shiro.ini").withJMXManager().withAutoStart();
+
+  @Rule
+  public MBeanServerConnectionRule connectionRule =
+      new MBeanServerConnectionRule(server::getJmxPort);
+
+  @Before
+  public void setUp() throws Exception {
+    bean = connectionRule.getProxyMBean(CacheServerMXBean.class);
+  }
+
+  @Test
+  @ConnectionConfiguration(user = "root", password = "secret")
+  public void testAllAccess() throws Exception {
+    bean.removeIndex("foo");
+    bean.executeContinuousQuery("bar");
+    bean.fetchLoadProbe();
+    bean.getActiveCQCount();
+    bean.stopContinuousQuery("bar");
+    bean.closeAllContinuousQuery("bar");
+    bean.isRunning();
+    bean.showClientQueueDetails("foo");
+  }
+
+  @Test
+  @ConnectionConfiguration(user = "guest", password = "guest")
+  public void testNoAccess() throws Exception {
+    assertThatThrownBy(() -> bean.removeIndex("foo"))
+        .hasMessageContaining(TestCommand.dataManage.toString());
+    assertThatThrownBy(() -> bean.executeContinuousQuery("bar"))
+        .hasMessageContaining(TestCommand.dataRead.toString());
+    assertThatThrownBy(() -> bean.fetchLoadProbe())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+    assertThatThrownBy(() -> bean.getActiveCQCount())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+    assertThatThrownBy(() -> bean.stopContinuousQuery("bar"))
+        .hasMessageContaining(TestCommand.dataManage.toString());
+    assertThatThrownBy(() -> bean.closeAllContinuousQuery("bar"))
+        .hasMessageContaining(TestCommand.dataManage.toString());
+    assertThatThrownBy(() -> bean.isRunning())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+    assertThatThrownBy(() -> bean.showClientQueueDetails("bar"))
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+  }
+
+  @Test
+  @ConnectionConfiguration(user = "regionAReader", password = "password")
+  public void testRegionAccess() throws Exception {
+    assertThatThrownBy(() -> bean.removeIndex("foo"))
+        .hasMessageContaining(TestCommand.dataManage.toString());
+    assertThatThrownBy(() -> bean.fetchLoadProbe())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+    assertThatThrownBy(() -> bean.getActiveCQCount())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+
+    assertThatThrownBy(() -> bean.executeContinuousQuery("bar"))
+        .hasMessageContaining(TestCommand.dataRead.toString());
+  }
+
+  @Test
+  @ConnectionConfiguration(user = "dataReader", password = "12345")
+  public void testDataRead() throws Exception {
+    assertThatThrownBy(() -> bean.removeIndex("foo"))
+        .hasMessageContaining(TestCommand.dataManage.toString());
+    assertThatThrownBy(() -> bean.fetchLoadProbe())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+    assertThatThrownBy(() -> bean.getActiveCQCount())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+
+    bean.executeContinuousQuery("bar");
+  }
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/eab9e6e0/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceCustomRealmJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceCustomRealmJUnitTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceCustomRealmJUnitTest.java
deleted file mode 100644
index 22a7eae..0000000
--- a/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceCustomRealmJUnitTest.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.management.internal.security;
-
-import static org.apache.geode.distributed.ConfigurationProperties.*;
-
-import org.apache.geode.security.TestSecurityManager;
-import org.junit.BeforeClass;
-import org.junit.experimental.categories.Category;
-
-import org.apache.geode.internal.security.IntegratedSecurityService;
-import org.apache.geode.test.junit.categories.IntegrationTest;
-import org.apache.geode.test.junit.categories.SecurityTest;
-
-/**
- * Integration tests for {@link IntegratedSecurityService} using shiro-ini.json.
- *
- * @see IntegratedSecurityServiceWithIniFileJUnitTest
- */
-@Category({IntegrationTest.class, SecurityTest.class})
-public class IntegratedSecurityServiceCustomRealmJUnitTest
-    extends IntegratedSecurityServiceWithIniFileJUnitTest {
-
-  @BeforeClass
-  public static void beforeClass() throws Exception {
-    props.put(TestSecurityManager.SECURITY_JSON,
-        "org/apache/geode/management/internal/security/shiro-ini.json");
-    props.put(SECURITY_MANAGER, TestSecurityManager.class.getName());
-    IntegratedSecurityService.getSecurityService().initSecurity(props);
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/geode/blob/eab9e6e0/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceWithIniFileJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceWithIniFileJUnitTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceWithIniFileJUnitTest.java
deleted file mode 100644
index 8561f18..0000000
--- a/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceWithIniFileJUnitTest.java
+++ /dev/null
@@ -1,152 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.management.internal.security;
-
-import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
-
-import org.apache.geode.internal.security.IntegratedSecurityService;
-import org.apache.geode.internal.security.SecurityService;
-import org.apache.geode.security.GemFireSecurityException;
-import org.apache.geode.security.ResourcePermission;
-import org.apache.geode.test.junit.categories.IntegrationTest;
-import org.apache.geode.test.junit.categories.SecurityTest;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-import java.util.Properties;
-
-/**
- * Integration tests for {@link IntegratedSecurityService} using shiro.ini
- */
-@Category({IntegrationTest.class, SecurityTest.class})
-public class IntegratedSecurityServiceWithIniFileJUnitTest {
-
-  protected static Properties props = new Properties();
-
-  private SecurityService securityService = SecurityService.getSecurityService();
-
-  @BeforeClass
-  public static void beforeClass() throws Exception {
-    props.setProperty(SECURITY_SHIRO_INIT, "shiro.ini");
-  }
-
-  @Before
-  public void before() {
-    securityService.initSecurity(props);
-  }
-
-  @Test
-  public void testRoot() {
-    this.securityService.login(loginCredentials("root", "secret"));
-    this.securityService.authorize(TestCommand.none);
-    this.securityService.authorize(TestCommand.everyOneAllowed);
-    this.securityService.authorize(TestCommand.dataRead);
-    this.securityService.authorize(TestCommand.dataWrite);
-    this.securityService.authorize(TestCommand.regionARead);
-    this.securityService.authorize(TestCommand.regionAWrite);
-    this.securityService.authorize(TestCommand.clusterWrite);
-    this.securityService.authorize(TestCommand.clusterRead);
-  }
-
-  @Test
-  public void testGuest() {
-    this.securityService.login(loginCredentials("guest", "guest"));
-    this.securityService.authorize(TestCommand.none);
-    this.securityService.authorize(TestCommand.everyOneAllowed);
-
-    assertNotAuthorized(TestCommand.dataRead);
-    assertNotAuthorized(TestCommand.dataWrite);
-    assertNotAuthorized(TestCommand.regionARead);
-    assertNotAuthorized(TestCommand.regionAWrite);
-    assertNotAuthorized(TestCommand.clusterRead);
-    assertNotAuthorized(TestCommand.clusterWrite);
-    this.securityService.logout();
-  }
-
-  @Test
-  public void testRegionAReader() {
-    this.securityService.login(loginCredentials("regionAReader", "password"));
-    this.securityService.authorize(TestCommand.none);
-    this.securityService.authorize(TestCommand.everyOneAllowed);
-    this.securityService.authorize(TestCommand.regionARead);
-
-    assertNotAuthorized(TestCommand.regionAWrite);
-    assertNotAuthorized(TestCommand.dataRead);
-    assertNotAuthorized(TestCommand.dataWrite);
-    assertNotAuthorized(TestCommand.clusterRead);
-    assertNotAuthorized(TestCommand.clusterWrite);
-    this.securityService.logout();
-  }
-
-  @Test
-  public void testRegionAUser() {
-    this.securityService.login(loginCredentials("regionAUser", "password"));
-    this.securityService.authorize(TestCommand.none);
-    this.securityService.authorize(TestCommand.everyOneAllowed);
-    this.securityService.authorize(TestCommand.regionAWrite);
-    this.securityService.authorize(TestCommand.regionARead);
-
-    assertNotAuthorized(TestCommand.dataRead);
-    assertNotAuthorized(TestCommand.dataWrite);
-    assertNotAuthorized(TestCommand.clusterRead);
-    assertNotAuthorized(TestCommand.clusterWrite);
-    this.securityService.logout();
-  }
-
-  @Test
-  public void testDataReader() {
-    this.securityService.login(loginCredentials("dataReader", "12345"));
-    this.securityService.authorize(TestCommand.none);
-    this.securityService.authorize(TestCommand.everyOneAllowed);
-    this.securityService.authorize(TestCommand.regionARead);
-    this.securityService.authorize(TestCommand.dataRead);
-
-    assertNotAuthorized(TestCommand.regionAWrite);
-    assertNotAuthorized(TestCommand.dataWrite);
-    assertNotAuthorized(TestCommand.clusterRead);
-    assertNotAuthorized(TestCommand.clusterWrite);
-    this.securityService.logout();
-  }
-
-  @Test
-  public void testReader() {
-    this.securityService.login(loginCredentials("reader", "12345"));
-    this.securityService.authorize(TestCommand.none);
-    this.securityService.authorize(TestCommand.everyOneAllowed);
-    this.securityService.authorize(TestCommand.regionARead);
-    this.securityService.authorize(TestCommand.dataRead);
-    this.securityService.authorize(TestCommand.clusterRead);
-
-    assertNotAuthorized(TestCommand.regionAWrite);
-    assertNotAuthorized(TestCommand.dataWrite);
-    assertNotAuthorized(TestCommand.clusterWrite);
-    this.securityService.logout();
-  }
-
-  private void assertNotAuthorized(ResourcePermission context) {
-    assertThatThrownBy(() -> this.securityService.authorize(context))
-        .isInstanceOf(GemFireSecurityException.class).hasMessageContaining(context.toString());
-  }
-
-  private Properties loginCredentials(String username, String password) {
-    Properties credentials = new Properties();
-    credentials.put(ResourceConstants.USER_NAME, username);
-    credentials.put(ResourceConstants.PASSWORD, password);
-    return credentials;
-  }
-}

http://git-wip-us.apache.org/repos/asf/geode/blob/eab9e6e0/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithCustomRealmIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithCustomRealmIntegrationTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithCustomRealmIntegrationTest.java
new file mode 100644
index 0000000..8f84476
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithCustomRealmIntegrationTest.java
@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.management.internal.security;
+
+import static org.apache.geode.distributed.ConfigurationProperties.*;
+
+import org.apache.geode.security.TestSecurityManager;
+import org.junit.BeforeClass;
+import org.junit.experimental.categories.Category;
+
+import org.apache.geode.internal.security.IntegratedSecurityService;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+
+/**
+ * Integration tests for {@link IntegratedSecurityService} using shiro-ini.json.
+ *
+ * @see SecurityServiceWithShiroIniIntegrationTest
+ */
+@Category({IntegrationTest.class, SecurityTest.class})
+public class SecurityServiceWithCustomRealmIntegrationTest
+    extends SecurityServiceWithShiroIniIntegrationTest {
+
+  @BeforeClass
+  public static void beforeClass() throws Exception {
+    props.put(TestSecurityManager.SECURITY_JSON,
+        "org/apache/geode/management/internal/security/shiro-ini.json");
+    props.put(SECURITY_MANAGER, TestSecurityManager.class.getName());
+    IntegratedSecurityService.getSecurityService().initSecurity(props);
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/eab9e6e0/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithShiroIniIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithShiroIniIntegrationTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithShiroIniIntegrationTest.java
new file mode 100644
index 0000000..47188f2
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithShiroIniIntegrationTest.java
@@ -0,0 +1,154 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.management.internal.security;
+
+import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
+
+import org.apache.geode.internal.security.IntegratedSecurityService;
+import org.apache.geode.internal.security.SecurityService;
+import org.apache.geode.internal.security.SecurityServiceFactory;
+import org.apache.geode.security.GemFireSecurityException;
+import org.apache.geode.security.ResourcePermission;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import java.util.Properties;
+
+/**
+ * Integration tests for {@link IntegratedSecurityService} using shiro.ini
+ */
+@Category({IntegrationTest.class, SecurityTest.class})
+public class SecurityServiceWithShiroIniIntegrationTest {
+
+  protected static Properties props = new Properties();
+
+  private SecurityService securityService;
+
+  @BeforeClass
+  public static void beforeClass() throws Exception {
+    props.setProperty(SECURITY_SHIRO_INIT, "shiro.ini");
+  }
+
+  @Before
+  public void before() {
+    this.securityService = SecurityServiceFactory.create(null, null);
+    this.securityService.initSecurity(props);
+  }
+
+  @Test
+  public void testRoot() {
+    this.securityService.login(loginCredentials("root", "secret"));
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+    this.securityService.authorize(TestCommand.dataRead);
+    this.securityService.authorize(TestCommand.dataWrite);
+    this.securityService.authorize(TestCommand.regionARead);
+    this.securityService.authorize(TestCommand.regionAWrite);
+    this.securityService.authorize(TestCommand.clusterWrite);
+    this.securityService.authorize(TestCommand.clusterRead);
+  }
+
+  @Test
+  public void testGuest() {
+    this.securityService.login(loginCredentials("guest", "guest"));
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+
+    assertNotAuthorized(TestCommand.dataRead);
+    assertNotAuthorized(TestCommand.dataWrite);
+    assertNotAuthorized(TestCommand.regionARead);
+    assertNotAuthorized(TestCommand.regionAWrite);
+    assertNotAuthorized(TestCommand.clusterRead);
+    assertNotAuthorized(TestCommand.clusterWrite);
+    this.securityService.logout();
+  }
+
+  @Test
+  public void testRegionAReader() {
+    this.securityService.login(loginCredentials("regionAReader", "password"));
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+    this.securityService.authorize(TestCommand.regionARead);
+
+    assertNotAuthorized(TestCommand.regionAWrite);
+    assertNotAuthorized(TestCommand.dataRead);
+    assertNotAuthorized(TestCommand.dataWrite);
+    assertNotAuthorized(TestCommand.clusterRead);
+    assertNotAuthorized(TestCommand.clusterWrite);
+    this.securityService.logout();
+  }
+
+  @Test
+  public void testRegionAUser() {
+    this.securityService.login(loginCredentials("regionAUser", "password"));
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+    this.securityService.authorize(TestCommand.regionAWrite);
+    this.securityService.authorize(TestCommand.regionARead);
+
+    assertNotAuthorized(TestCommand.dataRead);
+    assertNotAuthorized(TestCommand.dataWrite);
+    assertNotAuthorized(TestCommand.clusterRead);
+    assertNotAuthorized(TestCommand.clusterWrite);
+    this.securityService.logout();
+  }
+
+  @Test
+  public void testDataReader() {
+    this.securityService.login(loginCredentials("dataReader", "12345"));
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+    this.securityService.authorize(TestCommand.regionARead);
+    this.securityService.authorize(TestCommand.dataRead);
+
+    assertNotAuthorized(TestCommand.regionAWrite);
+    assertNotAuthorized(TestCommand.dataWrite);
+    assertNotAuthorized(TestCommand.clusterRead);
+    assertNotAuthorized(TestCommand.clusterWrite);
+    this.securityService.logout();
+  }
+
+  @Test
+  public void testReader() {
+    this.securityService.login(loginCredentials("reader", "12345"));
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+    this.securityService.authorize(TestCommand.regionARead);
+    this.securityService.authorize(TestCommand.dataRead);
+    this.securityService.authorize(TestCommand.clusterRead);
+
+    assertNotAuthorized(TestCommand.regionAWrite);
+    assertNotAuthorized(TestCommand.dataWrite);
+    assertNotAuthorized(TestCommand.clusterWrite);
+    this.securityService.logout();
+  }
+
+  private void assertNotAuthorized(ResourcePermission context) {
+    assertThatThrownBy(() -> this.securityService.authorize(context))
+        .isInstanceOf(GemFireSecurityException.class).hasMessageContaining(context.toString());
+  }
+
+  private Properties loginCredentials(String username, String password) {
+    Properties credentials = new Properties();
+    credentials.put(ResourceConstants.USER_NAME, username);
+    credentials.put(ResourceConstants.PASSWORD, password);
+    return credentials;
+  }
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/eab9e6e0/geode-core/src/test/java/org/apache/geode/security/CacheFactoryWithSecurityObjectTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/CacheFactoryWithSecurityObjectTest.java b/geode-core/src/test/java/org/apache/geode/security/CacheFactoryWithSecurityObjectTest.java
index 89030f5..8cabb1c 100644
--- a/geode-core/src/test/java/org/apache/geode/security/CacheFactoryWithSecurityObjectTest.java
+++ b/geode-core/src/test/java/org/apache/geode/security/CacheFactoryWithSecurityObjectTest.java
@@ -22,7 +22,9 @@ import static org.junit.Assert.assertTrue;
 import org.apache.geode.cache.Cache;
 import org.apache.geode.cache.CacheFactory;
 import org.apache.geode.distributed.ConfigurationProperties;
+import org.apache.geode.internal.cache.InternalCache;
 import org.apache.geode.internal.security.SecurityService;
+import org.apache.geode.internal.security.SecurityServiceFactory;
 import org.apache.geode.security.templates.DummyAuthenticator;
 import org.apache.geode.test.junit.categories.IntegrationTest;
 import org.apache.geode.test.junit.categories.SecurityTest;
@@ -36,22 +38,21 @@ import java.util.Properties;
 @Category({IntegrationTest.class, SecurityTest.class})
 public class CacheFactoryWithSecurityObjectTest {
 
-  private SecurityService securityService;
   private SecurityManager simpleSecurityManager;
   private Properties properties = new Properties();
-  Cache cache;
+  private InternalCache cache;
 
   @Before
   public void before() throws Exception {
-    securityService = SecurityService.getSecurityService();
     simpleSecurityManager = new SimpleTestSecurityManager();
     properties.setProperty("mcast-port", "0");
   }
 
   @Test
   public void testCreateCacheWithSecurityManager() throws Exception {
-    cache = new CacheFactory(properties).setSecurityManager(simpleSecurityManager)
+    cache = (InternalCache) new CacheFactory(properties).setSecurityManager(simpleSecurityManager)
         .setPostProcessor(null).create();
+    SecurityService securityService = cache.getSecurityService();
     assertTrue(securityService.isIntegratedSecurity());
     assertFalse(securityService.needPostProcess());
     assertNotNull(securityService.getSecurityManager());
@@ -59,8 +60,9 @@ public class CacheFactoryWithSecurityObjectTest {
 
   @Test
   public void testCreateCacheWithPostProcessor() throws Exception {
-    cache = new CacheFactory(properties).setPostProcessor(new TestPostProcessor())
+    cache = (InternalCache) new CacheFactory(properties).setPostProcessor(new TestPostProcessor())
         .setSecurityManager(null).create();
+    SecurityService securityService = cache.getSecurityService();
     assertFalse(securityService.isIntegratedSecurity());
     assertFalse(securityService.needPostProcess());
     assertNotNull(securityService.getPostProcessor());
@@ -71,9 +73,11 @@ public class CacheFactoryWithSecurityObjectTest {
     properties.setProperty(ConfigurationProperties.SECURITY_CLIENT_AUTHENTICATOR,
         DummyAuthenticator.class.getName());
 
-    cache = new CacheFactory(properties).setSecurityManager(simpleSecurityManager)
+    cache = (InternalCache) new CacheFactory(properties).setSecurityManager(simpleSecurityManager)
         .setPostProcessor(new TestPostProcessor()).create();
 
+    SecurityService securityService = cache.getSecurityService();
+
     assertTrue(securityService.isIntegratedSecurity());
     assertTrue(securityService.isClientSecurityRequired());
     assertTrue(securityService.needPostProcess());

http://git-wip-us.apache.org/repos/asf/geode/blob/eab9e6e0/geode-core/src/test/java/org/apache/geode/security/IntegratedSecurityCacheLifecycleIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/IntegratedSecurityCacheLifecycleIntegrationTest.java b/geode-core/src/test/java/org/apache/geode/security/IntegratedSecurityCacheLifecycleIntegrationTest.java
deleted file mode 100644
index 4f0ea0d..0000000
--- a/geode-core/src/test/java/org/apache/geode/security/IntegratedSecurityCacheLifecycleIntegrationTest.java
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.security;
-
-import static org.apache.geode.distributed.ConfigurationProperties.LOCATORS;
-import static org.apache.geode.distributed.ConfigurationProperties.MCAST_PORT;
-import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
-import static org.assertj.core.api.Assertions.assertThat;
-
-import java.util.Properties;
-
-import org.apache.geode.cache.Cache;
-import org.apache.geode.cache.CacheFactory;
-import org.apache.geode.internal.security.IntegratedSecurityService;
-import org.apache.geode.internal.security.SecurityService;
-import org.apache.geode.test.junit.categories.FlakyTest;
-import org.apache.geode.test.junit.categories.IntegrationTest;
-import org.apache.geode.test.junit.categories.SecurityTest;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-@Category({IntegrationTest.class, SecurityTest.class})
-public class IntegratedSecurityCacheLifecycleIntegrationTest {
-
-  private Properties securityProps;
-  private Cache cache;
-  private SecurityService securityService;
-
-  @Before
-  public void before() {
-    securityService = IntegratedSecurityService.getSecurityService();
-
-    securityProps = new Properties();
-    securityProps.setProperty(SECURITY_MANAGER, SpySecurityManager.class.getName());
-
-    Properties props = new Properties();
-    props.putAll(securityProps);
-    props.setProperty(MCAST_PORT, "0");
-    props.setProperty(LOCATORS, "");
-
-    cache = new CacheFactory(props).create();
-  }
-
-  @After
-  public void after() {
-    if (cache != null && !cache.isClosed()) {
-      cache.close();
-    }
-  }
-
-  @Category(FlakyTest.class) // GEODE-1661
-  @Test
-  public void initAndCloseTest() {
-    SpySecurityManager ssm = (SpySecurityManager) securityService.getSecurityManager();
-    assertThat(ssm.initInvoked).isEqualTo(1);
-    cache.close();
-    assertThat(ssm.closeInvoked).isEqualTo(1);
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/geode/blob/eab9e6e0/geode-core/src/test/java/org/apache/geode/security/PDXGfshPostProcessorOnRemoteServerTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/PDXGfshPostProcessorOnRemoteServerTest.java b/geode-core/src/test/java/org/apache/geode/security/PDXGfshPostProcessorOnRemoteServerTest.java
index c28f7aa..0fa26bf 100644
--- a/geode-core/src/test/java/org/apache/geode/security/PDXGfshPostProcessorOnRemoteServerTest.java
+++ b/geode-core/src/test/java/org/apache/geode/security/PDXGfshPostProcessorOnRemoteServerTest.java
@@ -101,8 +101,8 @@ public class PDXGfshPostProcessorOnRemoteServerTest {
     gfsh.executeAndVerifyCommand("query --query=\"select * from /AuthRegion\"");
 
     serverVM.invoke(() -> {
-      PDXPostProcessor pp =
-          (PDXPostProcessor) SecurityService.getSecurityService().getPostProcessor();
+      PDXPostProcessor pp = (PDXPostProcessor) LocatorServerStartupRule.serverStarter.getCache()
+          .getSecurityService().getPostProcessor();
       // verify that the post processor is called 6 times. (5 for the query, 1 for the get)
       assertEquals(pp.getCount(), 6);
     });


Mime
View raw message