geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From aba...@apache.org
Subject [14/58] [abbrv] geode git commit: Revert "GEODE-2632: use immutable SecurityService impls to improve performance"
Date Mon, 17 Jul 2017 18:06:23 GMT
http://git-wip-us.apache.org/repos/asf/geode/blob/fd638d52/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanShiroJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanShiroJUnitTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanShiroJUnitTest.java
new file mode 100644
index 0000000..d0ea209
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanShiroJUnitTest.java
@@ -0,0 +1,109 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.management.internal.security;
+
+import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
+
+import org.apache.geode.management.CacheServerMXBean;
+import org.apache.geode.test.dunit.rules.ConnectionConfiguration;
+import org.apache.geode.test.dunit.rules.MBeanServerConnectionRule;
+import org.apache.geode.test.dunit.rules.ServerStarterRule;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+import org.junit.Before;
+import org.junit.ClassRule;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+@Category({IntegrationTest.class, SecurityTest.class})
+public class CacheServerMBeanShiroJUnitTest {
+  private CacheServerMXBean bean;
+
+  @ClassRule
+  public static ServerStarterRule server = new ServerStarterRule()
+      .withProperty(SECURITY_SHIRO_INIT, "shiro.ini").withJMXManager().withAutoStart();
+
+  @Rule
+  public MBeanServerConnectionRule connectionRule =
+      new MBeanServerConnectionRule(server::getJmxPort);
+
+  @Before
+  public void setUp() throws Exception {
+    bean = connectionRule.getProxyMBean(CacheServerMXBean.class);
+  }
+
+  @Test
+  @ConnectionConfiguration(user = "root", password = "secret")
+  public void testAllAccess() throws Exception {
+    bean.removeIndex("foo");
+    bean.executeContinuousQuery("bar");
+    bean.fetchLoadProbe();
+    bean.getActiveCQCount();
+    bean.stopContinuousQuery("bar");
+    bean.closeAllContinuousQuery("bar");
+    bean.isRunning();
+    bean.showClientQueueDetails("foo");
+  }
+
+  @Test
+  @ConnectionConfiguration(user = "guest", password = "guest")
+  public void testNoAccess() throws Exception {
+    assertThatThrownBy(() -> bean.removeIndex("foo"))
+        .hasMessageContaining(TestCommand.dataManage.toString());
+    assertThatThrownBy(() -> bean.executeContinuousQuery("bar"))
+        .hasMessageContaining(TestCommand.dataRead.toString());
+    assertThatThrownBy(() -> bean.fetchLoadProbe())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+    assertThatThrownBy(() -> bean.getActiveCQCount())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+    assertThatThrownBy(() -> bean.stopContinuousQuery("bar"))
+        .hasMessageContaining(TestCommand.dataManage.toString());
+    assertThatThrownBy(() -> bean.closeAllContinuousQuery("bar"))
+        .hasMessageContaining(TestCommand.dataManage.toString());
+    assertThatThrownBy(() -> bean.isRunning())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+    assertThatThrownBy(() -> bean.showClientQueueDetails("bar"))
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+  }
+
+  @Test
+  @ConnectionConfiguration(user = "regionAReader", password = "password")
+  public void testRegionAccess() throws Exception {
+    assertThatThrownBy(() -> bean.removeIndex("foo"))
+        .hasMessageContaining(TestCommand.dataManage.toString());
+    assertThatThrownBy(() -> bean.fetchLoadProbe())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+    assertThatThrownBy(() -> bean.getActiveCQCount())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+
+    assertThatThrownBy(() -> bean.executeContinuousQuery("bar"))
+        .hasMessageContaining(TestCommand.dataRead.toString());
+  }
+
+  @Test
+  @ConnectionConfiguration(user = "dataReader", password = "12345")
+  public void testDataRead() throws Exception {
+    assertThatThrownBy(() -> bean.removeIndex("foo"))
+        .hasMessageContaining(TestCommand.dataManage.toString());
+    assertThatThrownBy(() -> bean.fetchLoadProbe())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+    assertThatThrownBy(() -> bean.getActiveCQCount())
+        .hasMessageContaining(TestCommand.clusterRead.toString());
+
+    bean.executeContinuousQuery("bar");
+  }
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/fd638d52/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanWithShiroIniIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanWithShiroIniIntegrationTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanWithShiroIniIntegrationTest.java
deleted file mode 100644
index 55f592e..0000000
--- a/geode-core/src/test/java/org/apache/geode/management/internal/security/CacheServerMBeanWithShiroIniIntegrationTest.java
+++ /dev/null
@@ -1,109 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.management.internal.security;
-
-import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
-
-import org.apache.geode.management.CacheServerMXBean;
-import org.apache.geode.test.dunit.rules.ConnectionConfiguration;
-import org.apache.geode.test.dunit.rules.MBeanServerConnectionRule;
-import org.apache.geode.test.dunit.rules.ServerStarterRule;
-import org.apache.geode.test.junit.categories.IntegrationTest;
-import org.apache.geode.test.junit.categories.SecurityTest;
-import org.junit.Before;
-import org.junit.ClassRule;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-@Category({IntegrationTest.class, SecurityTest.class})
-public class CacheServerMBeanWithShiroIniIntegrationTest {
-  private CacheServerMXBean bean;
-
-  @ClassRule
-  public static ServerStarterRule server = new ServerStarterRule()
-      .withProperty(SECURITY_SHIRO_INIT, "shiro.ini").withJMXManager().withAutoStart();
-
-  @Rule
-  public MBeanServerConnectionRule connectionRule =
-      new MBeanServerConnectionRule(server::getJmxPort);
-
-  @Before
-  public void setUp() throws Exception {
-    bean = connectionRule.getProxyMBean(CacheServerMXBean.class);
-  }
-
-  @Test
-  @ConnectionConfiguration(user = "root", password = "secret")
-  public void testAllAccess() throws Exception {
-    bean.removeIndex("foo");
-    bean.executeContinuousQuery("bar");
-    bean.fetchLoadProbe();
-    bean.getActiveCQCount();
-    bean.stopContinuousQuery("bar");
-    bean.closeAllContinuousQuery("bar");
-    bean.isRunning();
-    bean.showClientQueueDetails("foo");
-  }
-
-  @Test
-  @ConnectionConfiguration(user = "guest", password = "guest")
-  public void testNoAccess() throws Exception {
-    assertThatThrownBy(() -> bean.removeIndex("foo"))
-        .hasMessageContaining(TestCommand.dataManage.toString());
-    assertThatThrownBy(() -> bean.executeContinuousQuery("bar"))
-        .hasMessageContaining(TestCommand.dataRead.toString());
-    assertThatThrownBy(() -> bean.fetchLoadProbe())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-    assertThatThrownBy(() -> bean.getActiveCQCount())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-    assertThatThrownBy(() -> bean.stopContinuousQuery("bar"))
-        .hasMessageContaining(TestCommand.dataManage.toString());
-    assertThatThrownBy(() -> bean.closeAllContinuousQuery("bar"))
-        .hasMessageContaining(TestCommand.dataManage.toString());
-    assertThatThrownBy(() -> bean.isRunning())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-    assertThatThrownBy(() -> bean.showClientQueueDetails("bar"))
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-  }
-
-  @Test
-  @ConnectionConfiguration(user = "regionAReader", password = "password")
-  public void testRegionAccess() throws Exception {
-    assertThatThrownBy(() -> bean.removeIndex("foo"))
-        .hasMessageContaining(TestCommand.dataManage.toString());
-    assertThatThrownBy(() -> bean.fetchLoadProbe())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-    assertThatThrownBy(() -> bean.getActiveCQCount())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-
-    assertThatThrownBy(() -> bean.executeContinuousQuery("bar"))
-        .hasMessageContaining(TestCommand.dataRead.toString());
-  }
-
-  @Test
-  @ConnectionConfiguration(user = "dataReader", password = "12345")
-  public void testDataRead() throws Exception {
-    assertThatThrownBy(() -> bean.removeIndex("foo"))
-        .hasMessageContaining(TestCommand.dataManage.toString());
-    assertThatThrownBy(() -> bean.fetchLoadProbe())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-    assertThatThrownBy(() -> bean.getActiveCQCount())
-        .hasMessageContaining(TestCommand.clusterRead.toString());
-
-    bean.executeContinuousQuery("bar");
-  }
-}

http://git-wip-us.apache.org/repos/asf/geode/blob/fd638d52/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceCustomRealmJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceCustomRealmJUnitTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceCustomRealmJUnitTest.java
new file mode 100644
index 0000000..22a7eae
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceCustomRealmJUnitTest.java
@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.management.internal.security;
+
+import static org.apache.geode.distributed.ConfigurationProperties.*;
+
+import org.apache.geode.security.TestSecurityManager;
+import org.junit.BeforeClass;
+import org.junit.experimental.categories.Category;
+
+import org.apache.geode.internal.security.IntegratedSecurityService;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+
+/**
+ * Integration tests for {@link IntegratedSecurityService} using shiro-ini.json.
+ *
+ * @see IntegratedSecurityServiceWithIniFileJUnitTest
+ */
+@Category({IntegrationTest.class, SecurityTest.class})
+public class IntegratedSecurityServiceCustomRealmJUnitTest
+    extends IntegratedSecurityServiceWithIniFileJUnitTest {
+
+  @BeforeClass
+  public static void beforeClass() throws Exception {
+    props.put(TestSecurityManager.SECURITY_JSON,
+        "org/apache/geode/management/internal/security/shiro-ini.json");
+    props.put(SECURITY_MANAGER, TestSecurityManager.class.getName());
+    IntegratedSecurityService.getSecurityService().initSecurity(props);
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/fd638d52/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceWithIniFileJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceWithIniFileJUnitTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceWithIniFileJUnitTest.java
new file mode 100644
index 0000000..8561f18
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/IntegratedSecurityServiceWithIniFileJUnitTest.java
@@ -0,0 +1,152 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.management.internal.security;
+
+import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
+
+import org.apache.geode.internal.security.IntegratedSecurityService;
+import org.apache.geode.internal.security.SecurityService;
+import org.apache.geode.security.GemFireSecurityException;
+import org.apache.geode.security.ResourcePermission;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import java.util.Properties;
+
+/**
+ * Integration tests for {@link IntegratedSecurityService} using shiro.ini
+ */
+@Category({IntegrationTest.class, SecurityTest.class})
+public class IntegratedSecurityServiceWithIniFileJUnitTest {
+
+  protected static Properties props = new Properties();
+
+  private SecurityService securityService = SecurityService.getSecurityService();
+
+  @BeforeClass
+  public static void beforeClass() throws Exception {
+    props.setProperty(SECURITY_SHIRO_INIT, "shiro.ini");
+  }
+
+  @Before
+  public void before() {
+    securityService.initSecurity(props);
+  }
+
+  @Test
+  public void testRoot() {
+    this.securityService.login(loginCredentials("root", "secret"));
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+    this.securityService.authorize(TestCommand.dataRead);
+    this.securityService.authorize(TestCommand.dataWrite);
+    this.securityService.authorize(TestCommand.regionARead);
+    this.securityService.authorize(TestCommand.regionAWrite);
+    this.securityService.authorize(TestCommand.clusterWrite);
+    this.securityService.authorize(TestCommand.clusterRead);
+  }
+
+  @Test
+  public void testGuest() {
+    this.securityService.login(loginCredentials("guest", "guest"));
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+
+    assertNotAuthorized(TestCommand.dataRead);
+    assertNotAuthorized(TestCommand.dataWrite);
+    assertNotAuthorized(TestCommand.regionARead);
+    assertNotAuthorized(TestCommand.regionAWrite);
+    assertNotAuthorized(TestCommand.clusterRead);
+    assertNotAuthorized(TestCommand.clusterWrite);
+    this.securityService.logout();
+  }
+
+  @Test
+  public void testRegionAReader() {
+    this.securityService.login(loginCredentials("regionAReader", "password"));
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+    this.securityService.authorize(TestCommand.regionARead);
+
+    assertNotAuthorized(TestCommand.regionAWrite);
+    assertNotAuthorized(TestCommand.dataRead);
+    assertNotAuthorized(TestCommand.dataWrite);
+    assertNotAuthorized(TestCommand.clusterRead);
+    assertNotAuthorized(TestCommand.clusterWrite);
+    this.securityService.logout();
+  }
+
+  @Test
+  public void testRegionAUser() {
+    this.securityService.login(loginCredentials("regionAUser", "password"));
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+    this.securityService.authorize(TestCommand.regionAWrite);
+    this.securityService.authorize(TestCommand.regionARead);
+
+    assertNotAuthorized(TestCommand.dataRead);
+    assertNotAuthorized(TestCommand.dataWrite);
+    assertNotAuthorized(TestCommand.clusterRead);
+    assertNotAuthorized(TestCommand.clusterWrite);
+    this.securityService.logout();
+  }
+
+  @Test
+  public void testDataReader() {
+    this.securityService.login(loginCredentials("dataReader", "12345"));
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+    this.securityService.authorize(TestCommand.regionARead);
+    this.securityService.authorize(TestCommand.dataRead);
+
+    assertNotAuthorized(TestCommand.regionAWrite);
+    assertNotAuthorized(TestCommand.dataWrite);
+    assertNotAuthorized(TestCommand.clusterRead);
+    assertNotAuthorized(TestCommand.clusterWrite);
+    this.securityService.logout();
+  }
+
+  @Test
+  public void testReader() {
+    this.securityService.login(loginCredentials("reader", "12345"));
+    this.securityService.authorize(TestCommand.none);
+    this.securityService.authorize(TestCommand.everyOneAllowed);
+    this.securityService.authorize(TestCommand.regionARead);
+    this.securityService.authorize(TestCommand.dataRead);
+    this.securityService.authorize(TestCommand.clusterRead);
+
+    assertNotAuthorized(TestCommand.regionAWrite);
+    assertNotAuthorized(TestCommand.dataWrite);
+    assertNotAuthorized(TestCommand.clusterWrite);
+    this.securityService.logout();
+  }
+
+  private void assertNotAuthorized(ResourcePermission context) {
+    assertThatThrownBy(() -> this.securityService.authorize(context))
+        .isInstanceOf(GemFireSecurityException.class).hasMessageContaining(context.toString());
+  }
+
+  private Properties loginCredentials(String username, String password) {
+    Properties credentials = new Properties();
+    credentials.put(ResourceConstants.USER_NAME, username);
+    credentials.put(ResourceConstants.PASSWORD, password);
+    return credentials;
+  }
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/fd638d52/geode-core/src/test/java/org/apache/geode/management/internal/security/MBeanSecurityJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/MBeanSecurityJUnitTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/MBeanSecurityJUnitTest.java
index 091b1db..30ed267 100644
--- a/geode-core/src/test/java/org/apache/geode/management/internal/security/MBeanSecurityJUnitTest.java
+++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/MBeanSecurityJUnitTest.java
@@ -46,7 +46,6 @@ import javax.management.ReflectionException;
 
 @Category({IntegrationTest.class, SecurityTest.class})
 public class MBeanSecurityJUnitTest {
-
   @ClassRule
   public static ServerStarterRule server = new ServerStarterRule().withJMXManager()
       .withProperty(SECURITY_MANAGER, TestSecurityManager.class.getName())

http://git-wip-us.apache.org/repos/asf/geode/blob/fd638d52/geode-core/src/test/java/org/apache/geode/management/internal/security/MemberMBeanSecurityJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/MemberMBeanSecurityJUnitTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/MemberMBeanSecurityJUnitTest.java
index 77ddcc9..6ae8d3f 100644
--- a/geode-core/src/test/java/org/apache/geode/management/internal/security/MemberMBeanSecurityJUnitTest.java
+++ b/geode-core/src/test/java/org/apache/geode/management/internal/security/MemberMBeanSecurityJUnitTest.java
@@ -32,7 +32,6 @@ import org.junit.experimental.categories.Category;
 
 @Category({IntegrationTest.class, SecurityTest.class})
 public class MemberMBeanSecurityJUnitTest {
-
   private MemberMXBean bean;
 
   @Rule

http://git-wip-us.apache.org/repos/asf/geode/blob/fd638d52/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithCustomRealmIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithCustomRealmIntegrationTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithCustomRealmIntegrationTest.java
deleted file mode 100644
index 01d6bb6..0000000
--- a/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithCustomRealmIntegrationTest.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.management.internal.security;
-
-import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
-import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;
-
-import org.apache.geode.internal.security.SecurityServiceFactory;
-import org.apache.geode.security.TestSecurityManager;
-import org.apache.geode.test.junit.categories.IntegrationTest;
-import org.apache.geode.test.junit.categories.SecurityTest;
-import org.junit.Before;
-import org.junit.experimental.categories.Category;
-
-/**
- * Integration tests for SecurityService using shiro-ini.json.
- *
- * @see SecurityServiceWithShiroIniIntegrationTest
- */
-@Category({IntegrationTest.class, SecurityTest.class})
-public class SecurityServiceWithCustomRealmIntegrationTest
-    extends SecurityServiceWithShiroIniIntegrationTest {
-
-  @Before
-  public void before() throws Exception {
-    this.props.setProperty(TestSecurityManager.SECURITY_JSON,
-        "org/apache/geode/management/internal/security/shiro-ini.json");
-    this.props.setProperty(SECURITY_MANAGER, TestSecurityManager.class.getName());
-    this.props.setProperty(SECURITY_SHIRO_INIT, "shiro.ini");
-    this.securityService = SecurityServiceFactory.create(this.props, null, null);
-  }
-}

http://git-wip-us.apache.org/repos/asf/geode/blob/fd638d52/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithShiroIniIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithShiroIniIntegrationTest.java b/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithShiroIniIntegrationTest.java
deleted file mode 100644
index 1caedbc..0000000
--- a/geode-core/src/test/java/org/apache/geode/management/internal/security/SecurityServiceWithShiroIniIntegrationTest.java
+++ /dev/null
@@ -1,148 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.management.internal.security;
-
-import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_SHIRO_INIT;
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
-
-import org.apache.geode.internal.security.SecurityService;
-import org.apache.geode.internal.security.SecurityServiceFactory;
-import org.apache.geode.security.GemFireSecurityException;
-import org.apache.geode.security.ResourcePermission;
-import org.apache.geode.test.junit.categories.IntegrationTest;
-import org.apache.geode.test.junit.categories.SecurityTest;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-import java.util.Properties;
-
-/**
- * Integration tests for SecurityService using shiro.ini
- */
-@Category({IntegrationTest.class, SecurityTest.class})
-public class SecurityServiceWithShiroIniIntegrationTest {
-
-  protected Properties props = new Properties();
-
-  protected SecurityService securityService;
-
-  @Before
-  public void before() throws Exception {
-    this.props.setProperty(SECURITY_SHIRO_INIT, "shiro.ini");
-    this.securityService = SecurityServiceFactory.create(this.props, null, null);
-  }
-
-  @After
-  public void after() throws Exception {
-    this.securityService.logout();
-  }
-
-  @Test
-  public void testRoot() throws Exception {
-    this.securityService.login(loginCredentials("root", "secret"));
-    this.securityService.authorize(TestCommand.none);
-    this.securityService.authorize(TestCommand.everyOneAllowed);
-    this.securityService.authorize(TestCommand.dataRead);
-    this.securityService.authorize(TestCommand.dataWrite);
-    this.securityService.authorize(TestCommand.regionARead);
-    this.securityService.authorize(TestCommand.regionAWrite);
-    this.securityService.authorize(TestCommand.clusterWrite);
-    this.securityService.authorize(TestCommand.clusterRead);
-  }
-
-  @Test
-  public void testGuest() throws Exception {
-    this.securityService.login(loginCredentials("guest", "guest"));
-    this.securityService.authorize(TestCommand.none);
-    this.securityService.authorize(TestCommand.everyOneAllowed);
-
-    assertNotAuthorized(TestCommand.dataRead);
-    assertNotAuthorized(TestCommand.dataWrite);
-    assertNotAuthorized(TestCommand.regionARead);
-    assertNotAuthorized(TestCommand.regionAWrite);
-    assertNotAuthorized(TestCommand.clusterRead);
-    assertNotAuthorized(TestCommand.clusterWrite);
-  }
-
-  @Test
-  public void testRegionAReader() throws Exception {
-    this.securityService.login(loginCredentials("regionAReader", "password"));
-    this.securityService.authorize(TestCommand.none);
-    this.securityService.authorize(TestCommand.everyOneAllowed);
-    this.securityService.authorize(TestCommand.regionARead);
-
-    assertNotAuthorized(TestCommand.regionAWrite);
-    assertNotAuthorized(TestCommand.dataRead);
-    assertNotAuthorized(TestCommand.dataWrite);
-    assertNotAuthorized(TestCommand.clusterRead);
-    assertNotAuthorized(TestCommand.clusterWrite);
-  }
-
-  @Test
-  public void testRegionAUser() throws Exception {
-    this.securityService.login(loginCredentials("regionAUser", "password"));
-    this.securityService.authorize(TestCommand.none);
-    this.securityService.authorize(TestCommand.everyOneAllowed);
-    this.securityService.authorize(TestCommand.regionAWrite);
-    this.securityService.authorize(TestCommand.regionARead);
-
-    assertNotAuthorized(TestCommand.dataRead);
-    assertNotAuthorized(TestCommand.dataWrite);
-    assertNotAuthorized(TestCommand.clusterRead);
-    assertNotAuthorized(TestCommand.clusterWrite);
-  }
-
-  @Test
-  public void testDataReader() throws Exception {
-    this.securityService.login(loginCredentials("dataReader", "12345"));
-    this.securityService.authorize(TestCommand.none);
-    this.securityService.authorize(TestCommand.everyOneAllowed);
-    this.securityService.authorize(TestCommand.regionARead);
-    this.securityService.authorize(TestCommand.dataRead);
-
-    assertNotAuthorized(TestCommand.regionAWrite);
-    assertNotAuthorized(TestCommand.dataWrite);
-    assertNotAuthorized(TestCommand.clusterRead);
-    assertNotAuthorized(TestCommand.clusterWrite);
-  }
-
-  @Test
-  public void testReader() throws Exception {
-    this.securityService.login(loginCredentials("reader", "12345"));
-    this.securityService.authorize(TestCommand.none);
-    this.securityService.authorize(TestCommand.everyOneAllowed);
-    this.securityService.authorize(TestCommand.regionARead);
-    this.securityService.authorize(TestCommand.dataRead);
-    this.securityService.authorize(TestCommand.clusterRead);
-
-    assertNotAuthorized(TestCommand.regionAWrite);
-    assertNotAuthorized(TestCommand.dataWrite);
-    assertNotAuthorized(TestCommand.clusterWrite);
-  }
-
-  private void assertNotAuthorized(ResourcePermission context) {
-    assertThatThrownBy(() -> this.securityService.authorize(context))
-        .isInstanceOf(GemFireSecurityException.class).hasMessageContaining(context.toString());
-  }
-
-  private Properties loginCredentials(String username, String password) {
-    Properties credentials = new Properties();
-    credentials.put(ResourceConstants.USER_NAME, username);
-    credentials.put(ResourceConstants.PASSWORD, password);
-    return credentials;
-  }
-}

http://git-wip-us.apache.org/repos/asf/geode/blob/fd638d52/geode-core/src/test/java/org/apache/geode/security/CacheFactoryWithSecurityObjectTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/CacheFactoryWithSecurityObjectTest.java b/geode-core/src/test/java/org/apache/geode/security/CacheFactoryWithSecurityObjectTest.java
index cdb90f1..89030f5 100644
--- a/geode-core/src/test/java/org/apache/geode/security/CacheFactoryWithSecurityObjectTest.java
+++ b/geode-core/src/test/java/org/apache/geode/security/CacheFactoryWithSecurityObjectTest.java
@@ -12,16 +12,16 @@
  * or implied. See the License for the specific language governing permissions and limitations under
  * the License.
  */
+
 package org.apache.geode.security;
 
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertTrue;
 
+import org.apache.geode.cache.Cache;
 import org.apache.geode.cache.CacheFactory;
 import org.apache.geode.distributed.ConfigurationProperties;
-import org.apache.geode.internal.cache.InternalCache;
 import org.apache.geode.internal.security.SecurityService;
 import org.apache.geode.security.templates.DummyAuthenticator;
 import org.apache.geode.test.junit.categories.IntegrationTest;
@@ -36,80 +36,53 @@ import java.util.Properties;
 @Category({IntegrationTest.class, SecurityTest.class})
 public class CacheFactoryWithSecurityObjectTest {
 
+  private SecurityService securityService;
   private SecurityManager simpleSecurityManager;
   private Properties properties = new Properties();
-  private InternalCache cache;
+  Cache cache;
 
   @Before
   public void before() throws Exception {
-    this.simpleSecurityManager = new SimpleTestSecurityManager();
-    this.properties.setProperty("mcast-port", "0");
+    securityService = SecurityService.getSecurityService();
+    simpleSecurityManager = new SimpleTestSecurityManager();
+    properties.setProperty("mcast-port", "0");
   }
 
   @Test
   public void testCreateCacheWithSecurityManager() throws Exception {
-    this.cache = (InternalCache) new CacheFactory(this.properties)
-        .setSecurityManager(this.simpleSecurityManager).setPostProcessor(null).create();
-    SecurityService securityService = this.cache.getSecurityService();
+    cache = new CacheFactory(properties).setSecurityManager(simpleSecurityManager)
+        .setPostProcessor(null).create();
     assertTrue(securityService.isIntegratedSecurity());
-    assertTrue(securityService.isClientSecurityRequired());
-    assertTrue(securityService.isPeerSecurityRequired());
     assertFalse(securityService.needPostProcess());
     assertNotNull(securityService.getSecurityManager());
   }
 
   @Test
   public void testCreateCacheWithPostProcessor() throws Exception {
-    this.cache = (InternalCache) new CacheFactory(this.properties)
-        .setPostProcessor(new TestPostProcessor()).setSecurityManager(null).create();
-    SecurityService securityService = this.cache.getSecurityService();
+    cache = new CacheFactory(properties).setPostProcessor(new TestPostProcessor())
+        .setSecurityManager(null).create();
     assertFalse(securityService.isIntegratedSecurity());
-    assertFalse(securityService.isClientSecurityRequired());
-    assertFalse(securityService.isPeerSecurityRequired());
     assertFalse(securityService.needPostProcess());
-    assertNull(securityService.getPostProcessor());
-  }
-
-  @Test
-  public void testCreateCacheWithSecurityManagerAndPostProcessor() throws Exception {
-    this.cache = (InternalCache) new CacheFactory(this.properties)
-        .setSecurityManager(this.simpleSecurityManager).setPostProcessor(new TestPostProcessor())
-        .create();
-    SecurityService securityService = this.cache.getSecurityService();
-    assertTrue(securityService.isIntegratedSecurity());
-    assertTrue(securityService.isClientSecurityRequired());
-    assertTrue(securityService.isPeerSecurityRequired());
-    assertTrue(securityService.needPostProcess());
-    assertNotNull(securityService.getSecurityManager());
     assertNotNull(securityService.getPostProcessor());
   }
 
-  /**
-   * This test seems to be misleading. Nothing is overridden here. SecurityManager is preferred over
-   * SECURITY_CLIENT_AUTHENTICATOR.
-   */
   @Test
   public void testOverride() throws Exception {
-    this.properties.setProperty(ConfigurationProperties.SECURITY_CLIENT_AUTHENTICATOR,
+    properties.setProperty(ConfigurationProperties.SECURITY_CLIENT_AUTHENTICATOR,
         DummyAuthenticator.class.getName());
 
-    this.cache = (InternalCache) new CacheFactory(this.properties)
-        .setSecurityManager(this.simpleSecurityManager).setPostProcessor(new TestPostProcessor())
-        .create();
-
-    SecurityService securityService = this.cache.getSecurityService();
+    cache = new CacheFactory(properties).setSecurityManager(simpleSecurityManager)
+        .setPostProcessor(new TestPostProcessor()).create();
 
     assertTrue(securityService.isIntegratedSecurity());
     assertTrue(securityService.isClientSecurityRequired());
-    assertTrue(securityService.isPeerSecurityRequired());
     assertTrue(securityService.needPostProcess());
     assertNotNull(securityService.getSecurityManager());
-    assertNotNull(securityService.getPostProcessor());
   }
 
   @After
   public void after() {
-    this.cache.close();
+    cache.close();
   }
 
 }

http://git-wip-us.apache.org/repos/asf/geode/blob/fd638d52/geode-core/src/test/java/org/apache/geode/security/ClusterConfigWithoutSecurityDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/ClusterConfigWithoutSecurityDUnitTest.java b/geode-core/src/test/java/org/apache/geode/security/ClusterConfigWithoutSecurityDUnitTest.java
index e90bc0a..805d000 100644
--- a/geode-core/src/test/java/org/apache/geode/security/ClusterConfigWithoutSecurityDUnitTest.java
+++ b/geode-core/src/test/java/org/apache/geode/security/ClusterConfigWithoutSecurityDUnitTest.java
@@ -12,11 +12,11 @@
  * or implied. See the License for the specific language governing permissions and limitations under
  * the License.
  */
+
 package org.apache.geode.security;
 
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR;
-import static org.apache.geode.distributed.ConfigurationProperties.USE_CLUSTER_CONFIGURATION;
 import static org.assertj.core.api.Java6Assertions.assertThatThrownBy;
 import static org.junit.Assert.assertEquals;
 
@@ -51,28 +51,28 @@ public class ClusterConfigWithoutSecurityDUnitTest {
         .addIgnoredException(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toString());
     IgnoredException
         .addIgnoredException(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION_2.toString());
-    this.lsRule.startLocatorVM(0, new Properties());
+    lsRule.startLocatorVM(0, new Properties());
   }
 
   @After
-  public void after() throws Exception {
+  public void after() {
     IgnoredException.removeAllExpectedExceptions();
   }
 
-  /**
-   * when locator is not secured, a secured server should be allowed to start with its own security
-   * manager if use-cluster-config is false
-   */
+  // when locator is not secured, a secured server should be allowed to start with its own security
+  // manager
+  // if use-cluster-config is false
   @Test
   public void serverShouldBeAllowedToStartWithSecurityIfNotUsingClusterConfig() throws Exception {
     Properties props = new Properties();
     props.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
     props.setProperty(SECURITY_POST_PROCESSOR, PDXPostProcessor.class.getName());
-    props.setProperty(USE_CLUSTER_CONFIGURATION, "false");
+
+    props.setProperty("use-cluster-configuration", "false");
 
     // initial security properties should only contain initial set of values
-    this.serverStarter.startServer(props, this.lsRule.getMember(0).getPort());
-    DistributedSystem ds = this.serverStarter.getCache().getDistributedSystem();
+    serverStarter.startServer(props, lsRule.getMember(0).getPort());
+    DistributedSystem ds = serverStarter.getCache().getDistributedSystem();
 
     // after cache is created, the configuration won't chagne
     Properties secProps = ds.getSecurityProperties();
@@ -82,30 +82,18 @@ public class ClusterConfigWithoutSecurityDUnitTest {
     assertEquals(PDXPostProcessor.class.getName(), secProps.getProperty("security-post-processor"));
   }
 
-  /**
-   * when locator is not secured, server should not be secured if use-cluster-config is true
-   */
-  @Test
-  public void serverShouldNotBeAllowedToStartWithSecurityIfUsingClusterConfig() throws Exception {
-    Properties props = new Properties();
-    props.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
-    props.setProperty(USE_CLUSTER_CONFIGURATION, "true");
-
-    assertThatThrownBy(
-        () -> this.serverStarter.startServer(props, this.lsRule.getMember(0).getPort()))
-            .isInstanceOf(GemFireConfigException.class).hasMessage(
-                LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toLocalizedString());
-  }
 
   @Test
-  public void nonExistentSecurityManagerThrowsGemFireSecurityException() throws Exception {
+  // when locator is not secured, server should not be secured if use-cluster-config is true
+  public void serverShouldNotBeAllowedToStartWithSecurityIfUsingClusterConfig() {
     Properties props = new Properties();
-    props.setProperty(SECURITY_MANAGER, "mySecurityManager");
-    props.setProperty(USE_CLUSTER_CONFIGURATION, "true");
 
-    assertThatThrownBy(() -> this.serverStarter.startServer(props, this.lsRule.getMember(0)
-        .getPort())).isInstanceOf(GemFireSecurityException.class).hasMessage(
-            "Instance could not be obtained, java.lang.ClassNotFoundException: mySecurityManager");
+    props.setProperty("security-manager", "mySecurityManager");
+    props.setProperty("use-cluster-configuration", "true");
+
+    assertThatThrownBy(() -> serverStarter.startServer(props, lsRule.getMember(0).getPort()))
+        .isInstanceOf(GemFireConfigException.class)
+        .hasMessage(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toLocalizedString());
   }
 
 }

http://git-wip-us.apache.org/repos/asf/geode/blob/fd638d52/geode-core/src/test/java/org/apache/geode/security/IntegratedSecurityCacheLifecycleIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/IntegratedSecurityCacheLifecycleIntegrationTest.java b/geode-core/src/test/java/org/apache/geode/security/IntegratedSecurityCacheLifecycleIntegrationTest.java
new file mode 100644
index 0000000..4f0ea0d
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/security/IntegratedSecurityCacheLifecycleIntegrationTest.java
@@ -0,0 +1,74 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.security;
+
+import static org.apache.geode.distributed.ConfigurationProperties.LOCATORS;
+import static org.apache.geode.distributed.ConfigurationProperties.MCAST_PORT;
+import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
+import static org.assertj.core.api.Assertions.assertThat;
+
+import java.util.Properties;
+
+import org.apache.geode.cache.Cache;
+import org.apache.geode.cache.CacheFactory;
+import org.apache.geode.internal.security.IntegratedSecurityService;
+import org.apache.geode.internal.security.SecurityService;
+import org.apache.geode.test.junit.categories.FlakyTest;
+import org.apache.geode.test.junit.categories.IntegrationTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+@Category({IntegrationTest.class, SecurityTest.class})
+public class IntegratedSecurityCacheLifecycleIntegrationTest {
+
+  private Properties securityProps;
+  private Cache cache;
+  private SecurityService securityService;
+
+  @Before
+  public void before() {
+    securityService = IntegratedSecurityService.getSecurityService();
+
+    securityProps = new Properties();
+    securityProps.setProperty(SECURITY_MANAGER, SpySecurityManager.class.getName());
+
+    Properties props = new Properties();
+    props.putAll(securityProps);
+    props.setProperty(MCAST_PORT, "0");
+    props.setProperty(LOCATORS, "");
+
+    cache = new CacheFactory(props).create();
+  }
+
+  @After
+  public void after() {
+    if (cache != null && !cache.isClosed()) {
+      cache.close();
+    }
+  }
+
+  @Category(FlakyTest.class) // GEODE-1661
+  @Test
+  public void initAndCloseTest() {
+    SpySecurityManager ssm = (SpySecurityManager) securityService.getSecurityManager();
+    assertThat(ssm.initInvoked).isEqualTo(1);
+    cache.close();
+    assertThat(ssm.closeInvoked).isEqualTo(1);
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/fd638d52/geode-core/src/test/java/org/apache/geode/security/OtherPDXPostProcessor.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/OtherPDXPostProcessor.java b/geode-core/src/test/java/org/apache/geode/security/OtherPDXPostProcessor.java
deleted file mode 100644
index 336bc98..0000000
--- a/geode-core/src/test/java/org/apache/geode/security/OtherPDXPostProcessor.java
+++ /dev/null
@@ -1,18 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.security;
-
-public class OtherPDXPostProcessor extends PDXPostProcessor {
-}

http://git-wip-us.apache.org/repos/asf/geode/blob/fd638d52/geode-core/src/test/java/org/apache/geode/security/OtherSimplySecurityManager.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/OtherSimplySecurityManager.java b/geode-core/src/test/java/org/apache/geode/security/OtherSimplySecurityManager.java
deleted file mode 100644
index 159e3f4..0000000
--- a/geode-core/src/test/java/org/apache/geode/security/OtherSimplySecurityManager.java
+++ /dev/null
@@ -1,18 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.security;
-
-public class OtherSimplySecurityManager extends SimpleTestSecurityManager {
-}

http://git-wip-us.apache.org/repos/asf/geode/blob/fd638d52/geode-core/src/test/java/org/apache/geode/security/PDXGfshPostProcessorOnRemoteServerTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/PDXGfshPostProcessorOnRemoteServerTest.java b/geode-core/src/test/java/org/apache/geode/security/PDXGfshPostProcessorOnRemoteServerTest.java
index 37d4ad0..c28f7aa 100644
--- a/geode-core/src/test/java/org/apache/geode/security/PDXGfshPostProcessorOnRemoteServerTest.java
+++ b/geode-core/src/test/java/org/apache/geode/security/PDXGfshPostProcessorOnRemoteServerTest.java
@@ -12,11 +12,11 @@
  * or implied. See the License for the specific language governing permissions and limitations under
  * the License.
  */
+
 package org.apache.geode.security;
 
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR;
-import static org.assertj.core.api.Assertions.assertThat;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertTrue;
 
@@ -24,7 +24,7 @@ import org.apache.geode.cache.Cache;
 import org.apache.geode.cache.CacheFactory;
 import org.apache.geode.cache.Region;
 import org.apache.geode.cache.RegionShortcut;
-import org.apache.geode.internal.cache.InternalCache;
+import org.apache.geode.internal.security.SecurityService;
 import org.apache.geode.management.ManagementService;
 import org.apache.geode.management.internal.cli.i18n.CliStrings;
 import org.apache.geode.management.internal.cli.result.CommandResult;
@@ -46,8 +46,7 @@ import java.util.concurrent.TimeUnit;
 
 @Category({DistributedTest.class, SecurityTest.class})
 public class PDXGfshPostProcessorOnRemoteServerTest {
-
-  private static final String REGION_NAME = "AuthRegion";
+  protected static final String REGION_NAME = "AuthRegion";
 
   @Rule
   public LocatorServerStartupRule lsRule = new LocatorServerStartupRule();
@@ -65,22 +64,15 @@ public class PDXGfshPostProcessorOnRemoteServerTest {
 
     MemberVM<Locator> locatorVM = lsRule.startLocatorVM(0, locatorProps);
 
-    Properties serverProps = new Properties(locatorProps);
+    Properties serverProps = new Properties();
     serverProps.setProperty(TestSecurityManager.SECURITY_JSON,
         "org/apache/geode/management/internal/security/clientServer.json");
-    serverProps.setProperty(SECURITY_MANAGER, TestSecurityManager.class.getName());
-    serverProps.setProperty(SECURITY_POST_PROCESSOR, PDXPostProcessor.class.getName());
     serverProps.setProperty("security-username", "super-user");
     serverProps.setProperty("security-password", "1234567");
-
     MemberVM<Server> serverVM = lsRule.startServerVM(1, serverProps, locatorVM.getPort());
 
     serverVM.invoke(() -> {
-      InternalCache cache = LocatorServerStartupRule.serverStarter.getCache();
-      assertThat(cache.getSecurityService()).isNotNull();
-      assertThat(cache.getSecurityService().getSecurityManager()).isNotNull();
-      assertThat(cache.getSecurityService().getPostProcessor()).isNotNull();
-
+      Cache cache = LocatorServerStartupRule.serverStarter.getCache();
       Region region = cache.createRegionFactory(RegionShortcut.REPLICATE).create(REGION_NAME);
       for (int i = 0; i < 5; i++) {
         SimpleClass obj = new SimpleClass(i, (byte) i);
@@ -90,7 +82,7 @@ public class PDXGfshPostProcessorOnRemoteServerTest {
 
     // wait until the region bean is visible
     locatorVM.invoke(() -> {
-      Awaitility.await().pollInterval(500, TimeUnit.MICROSECONDS).atMost(2, TimeUnit.MINUTES)
+      Awaitility.await().pollInterval(500, TimeUnit.MICROSECONDS).atMost(5, TimeUnit.SECONDS)
           .until(() -> {
             Cache cache = CacheFactory.getAnyInstance();
             Object bean = ManagementService.getManagementService(cache)
@@ -109,8 +101,8 @@ public class PDXGfshPostProcessorOnRemoteServerTest {
     gfsh.executeAndVerifyCommand("query --query=\"select * from /AuthRegion\"");
 
     serverVM.invoke(() -> {
-      PDXPostProcessor pp = (PDXPostProcessor) LocatorServerStartupRule.serverStarter.getCache()
-          .getSecurityService().getPostProcessor();
+      PDXPostProcessor pp =
+          (PDXPostProcessor) SecurityService.getSecurityService().getPostProcessor();
       // verify that the post processor is called 6 times. (5 for the query, 1 for the get)
       assertEquals(pp.getCount(), 6);
     });

http://git-wip-us.apache.org/repos/asf/geode/blob/fd638d52/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessor.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessor.java b/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessor.java
index 8b99dd9..2b84246 100644
--- a/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessor.java
+++ b/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessor.java
@@ -14,7 +14,7 @@
  */
 package org.apache.geode.security;
 
-import static org.assertj.core.api.Assertions.*;
+import static org.junit.Assert.assertTrue;
 
 import org.apache.geode.pdx.SimpleClass;
 import org.apache.geode.pdx.internal.PdxInstanceImpl;
@@ -23,37 +23,31 @@ import java.util.Arrays;
 import java.util.Properties;
 
 public class PDXPostProcessor implements PostProcessor {
-
-  private static final byte[] BYTES = {1, 0};
-
-  static byte[] bytes() {
-    return BYTES;
-  }
+  public static byte[] BYTES = {1, 0};
 
   private boolean pdx = false;
   private int count = 0;
 
-  @Override
-  public void init(Properties securityProps) {
-    this.pdx = Boolean.parseBoolean(securityProps.getProperty("security-pdx"));
-    this.count = 0;
+  public void init(Properties props) {
+    pdx = Boolean.parseBoolean(props.getProperty("security-pdx"));
+    count = 0;
   }
 
   @Override
   public Object processRegionValue(final Object principal, final String regionName,
       final Object key, final Object value) {
-    this.count++;
+    count++;
     if (value instanceof byte[]) {
-      assertThat(Arrays.equals(BYTES, (byte[]) value)).isTrue();
-    } else if (this.pdx) {
-      assertThat(value).isInstanceOf(PdxInstanceImpl.class);
+      assertTrue(Arrays.equals(BYTES, (byte[]) value));
+    } else if (pdx) {
+      assertTrue(value instanceof PdxInstanceImpl);
     } else {
-      assertThat(value).isInstanceOf(SimpleClass.class);
+      assertTrue(value instanceof SimpleClass);
     }
     return value;
   }
 
   public int getCount() {
-    return this.count;
+    return count;
   }
 }

http://git-wip-us.apache.org/repos/asf/geode/blob/fd638d52/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessorDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessorDUnitTest.java b/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessorDUnitTest.java
index c4a2547..134e33f 100644
--- a/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessorDUnitTest.java
+++ b/geode-core/src/test/java/org/apache/geode/security/PDXPostProcessorDUnitTest.java
@@ -12,13 +12,16 @@
  * or implied. See the License for the specific language governing permissions and limitations under
  * the License.
  */
+
 package org.apache.geode.security;
 
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR;
 import static org.apache.geode.security.SecurityTestUtil.createClientCache;
 import static org.apache.geode.security.SecurityTestUtil.createProxyRegion;
-import static org.assertj.core.api.Assertions.*;
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
 
 import org.apache.geode.cache.EntryEvent;
 import org.apache.geode.cache.Region;
@@ -29,6 +32,7 @@ import org.apache.geode.cache.client.ClientRegionShortcut;
 import org.apache.geode.cache.query.SelectResults;
 import org.apache.geode.cache.util.CacheListenerAdapter;
 import org.apache.geode.internal.cache.EntryEventImpl;
+import org.apache.geode.internal.security.SecurityService;
 import org.apache.geode.management.internal.cli.result.CommandResult;
 import org.apache.geode.pdx.SimpleClass;
 import org.apache.geode.test.dunit.Host;
@@ -41,7 +45,6 @@ import org.apache.geode.test.junit.categories.DistributedTest;
 import org.apache.geode.test.junit.categories.SecurityTest;
 import org.apache.geode.test.junit.runners.CategoryWithParameterizedRunnerFactory;
 import org.awaitility.Awaitility;
-import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;
@@ -57,14 +60,14 @@ import java.util.concurrent.TimeUnit;
 @RunWith(Parameterized.class)
 @Parameterized.UseParametersRunnerFactory(CategoryWithParameterizedRunnerFactory.class)
 public class PDXPostProcessorDUnitTest extends JUnit4DistributedTestCase {
+  private static String REGION_NAME = "AuthRegion";
 
-  private static final byte[] BYTES = PDXPostProcessor.bytes();
-  private static final String REGION_NAME = "AuthRegion";
-
-  private VM client1;
-  private VM client2;
+  final Host host = Host.getHost(0);
+  final VM client1 = host.getVM(1);
+  final VM client2 = host.getVM(2);
 
-  private boolean pdxPersistent;
+  private boolean pdxPersistent = false;
+  private static byte[] BYTES = PDXPostProcessor.BYTES;
 
   @Parameterized.Parameters
   public static Collection<Object[]> parameters() {
@@ -76,26 +79,19 @@ public class PDXPostProcessorDUnitTest extends JUnit4DistributedTestCase {
     this.pdxPersistent = pdxPersistent;
   }
 
-  @Before
-  public void before() throws Exception {
-    Host host = Host.getHost(0);
-    this.client1 = host.getVM(1);
-    this.client2 = host.getVM(2);
-  }
-
   @Rule
   public ServerStarterRule server = ServerStarterRule.createWithoutTemporaryWorkingDir()
       .withProperty(SECURITY_MANAGER, TestSecurityManager.class.getName())
       .withProperty(TestSecurityManager.SECURITY_JSON,
           "org/apache/geode/management/internal/security/clientServer.json")
       .withProperty(SECURITY_POST_PROCESSOR, PDXPostProcessor.class.getName())
-      .withProperty("security-pdx", this.pdxPersistent + "").withJMXManager()
+      .withProperty("security-pdx", pdxPersistent + "").withJMXManager()
       .withRegion(RegionShortcut.REPLICATE, REGION_NAME);
 
   @Test
   public void testRegionGet() {
-    this.client2.invoke(() -> {
-      ClientCache cache = createClientCache("super-user", "1234567", this.server.getPort());
+    client2.invoke(() -> {
+      ClientCache cache = createClientCache("super-user", "1234567", server.getPort());
       Region region = createProxyRegion(cache, REGION_NAME);
       // put in a value that's a domain object
       region.put("key1", new SimpleClass(1, (byte) 1));
@@ -103,37 +99,37 @@ public class PDXPostProcessorDUnitTest extends JUnit4DistributedTestCase {
       region.put("key2", BYTES);
     });
 
-    this.client1.invoke(() -> {
-      ClientCache cache = createClientCache("super-user", "1234567", this.server.getPort());
+    client1.invoke(() -> {
+      ClientCache cache = createClientCache("super-user", "1234567", server.getPort());
       Region region = createProxyRegion(cache, REGION_NAME);
 
       // post process for get the client domain object
       Object value = region.get("key1");
-      assertThat(value).isInstanceOf(SimpleClass.class);
+      assertTrue(value instanceof SimpleClass);
 
       // post process for get the raw byte value
       value = region.get("key2");
-      assertThat(Arrays.equals(BYTES, (byte[]) value)).isTrue();
+      assertTrue(Arrays.equals(BYTES, (byte[]) value));
     });
 
     // this makes sure PostProcessor is getting called
     PDXPostProcessor pp =
-        (PDXPostProcessor) this.server.getCache().getSecurityService().getPostProcessor();
-    assertThat(pp.getCount()).isEqualTo(2);
+        (PDXPostProcessor) SecurityService.getSecurityService().getPostProcessor();
+    assertEquals(pp.getCount(), 2);
   }
 
   @Test
   public void testQuery() {
-    this.client2.invoke(() -> {
-      ClientCache cache = createClientCache("super-user", "1234567", this.server.getPort());
+    client2.invoke(() -> {
+      ClientCache cache = createClientCache("super-user", "1234567", server.getPort());
       Region region = createProxyRegion(cache, REGION_NAME);
       // put in a value that's a domain object
       region.put("key1", new SimpleClass(1, (byte) 1));
       region.put("key2", BYTES);
     });
 
-    this.client1.invoke(() -> {
-      ClientCache cache = createClientCache("super-user", "1234567", this.server.getPort());
+    client1.invoke(() -> {
+      ClientCache cache = createClientCache("super-user", "1234567", server.getPort());
       Region region = createProxyRegion(cache, REGION_NAME);
 
       // post process for query
@@ -144,25 +140,24 @@ public class PDXPostProcessorDUnitTest extends JUnit4DistributedTestCase {
       while (itr.hasNext()) {
         Object obj = itr.next();
         if (obj instanceof byte[]) {
-          assertThat(Arrays.equals(BYTES, (byte[]) obj)).isTrue();
+          assertTrue(Arrays.equals(BYTES, (byte[]) obj));
         } else {
-          assertThat(obj).isInstanceOf(SimpleClass.class);
+          assertTrue(obj instanceof SimpleClass);
         }
       }
     });
 
     // this makes sure PostProcessor is getting called
     PDXPostProcessor pp =
-        (PDXPostProcessor) this.server.getCache().getSecurityService().getPostProcessor();
-    assertThat(pp.getCount()).isEqualTo(2);
+        (PDXPostProcessor) SecurityService.getSecurityService().getPostProcessor();
+    assertEquals(pp.getCount(), 2);
   }
 
   @Test
   public void testRegisterInterest() {
     IgnoredException.addIgnoredException("NoAvailableServersException");
-
-    this.client1.invoke(() -> {
-      ClientCache cache = createClientCache("super-user", "1234567", this.server.getPort());
+    client1.invoke(() -> {
+      ClientCache cache = createClientCache("super-user", "1234567", server.getPort());
 
       ClientRegionFactory factory = cache.createClientRegionFactory(ClientRegionShortcut.PROXY);
       factory.addCacheListener(new CacheListenerAdapter() {
@@ -171,9 +166,9 @@ public class PDXPostProcessorDUnitTest extends JUnit4DistributedTestCase {
           Object key = event.getKey();
           Object value = ((EntryEventImpl) event).getDeserializedValue();
           if (key.equals("key1")) {
-            assertThat(value).isInstanceOf(SimpleClass.class);
+            assertTrue(value instanceof SimpleClass);
           } else if (key.equals("key2")) {
-            assertThat(Arrays.equals(BYTES, (byte[]) value)).isTrue();
+            assertTrue(Arrays.equals(BYTES, (byte[]) value));
           }
         }
       });
@@ -184,25 +179,26 @@ public class PDXPostProcessorDUnitTest extends JUnit4DistributedTestCase {
       region.registerInterest("key2");
     });
 
-    this.client2.invoke(() -> {
-      ClientCache cache = createClientCache("dataUser", "1234567", this.server.getPort());
+    client2.invoke(() -> {
+      ClientCache cache = createClientCache("dataUser", "1234567", server.getPort());
       Region region = createProxyRegion(cache, REGION_NAME);
       // put in a value that's a domain object
       region.put("key1", new SimpleClass(1, (byte) 1));
       region.put("key2", BYTES);
     });
 
+    // wait for events to fire
+    Awaitility.await().atMost(1, TimeUnit.SECONDS);
     PDXPostProcessor pp =
-        (PDXPostProcessor) this.server.getCache().getSecurityService().getPostProcessor();
-    Awaitility.await().atMost(2, TimeUnit.MINUTES)
-        .until(() -> assertThat(pp.getCount()).isEqualTo(2));
+        (PDXPostProcessor) SecurityService.getSecurityService().getPostProcessor();
+    assertEquals(pp.getCount(), 2);
   }
 
   @Test
   public void testGfshCommand() {
     // have client2 input some domain data into the region
-    this.client2.invoke(() -> {
-      ClientCache cache = createClientCache("super-user", "1234567", this.server.getPort());
+    client2.invoke(() -> {
+      ClientCache cache = createClientCache("super-user", "1234567", server.getPort());
       Region region = createProxyRegion(cache, REGION_NAME);
       // put in a value that's a domain object
       region.put("key1", new SimpleClass(1, (byte) 1));
@@ -210,29 +206,28 @@ public class PDXPostProcessorDUnitTest extends JUnit4DistributedTestCase {
       region.put("key2", BYTES);
     });
 
-    this.client1.invoke(() -> {
+    client1.invoke(() -> {
       GfshShellConnectionRule gfsh = new GfshShellConnectionRule();
-      gfsh.secureConnectAndVerify(this.server.getJmxPort(),
-          GfshShellConnectionRule.PortType.jmxManger, "dataUser", "1234567");
+      gfsh.secureConnectAndVerify(server.getJmxPort(), GfshShellConnectionRule.PortType.jmxManger,
+          "dataUser", "1234567");
 
       // get command
       CommandResult result = gfsh.executeAndVerifyCommand("get --key=key1 --region=AuthRegion");
-      if (this.pdxPersistent) {
+      if (pdxPersistent)
         assertThat(gfsh.getGfshOutput().contains("org.apache.geode.pdx.internal.PdxInstanceImpl"));
-      } else {
+      else
         assertThat(gfsh.getGfshOutput()).contains("SimpleClass");
-      }
 
       result = gfsh.executeAndVerifyCommand("get --key=key2 --region=AuthRegion");
-      assertThat(result.getContent().toString()).contains("byte[]");
+      assertTrue(result.getContent().toString().contains("byte[]"));
 
       gfsh.executeAndVerifyCommand("query --query=\"select * from /AuthRegion\"");
       gfsh.close();
     });
 
     PDXPostProcessor pp =
-        (PDXPostProcessor) this.server.getCache().getSecurityService().getPostProcessor();
-    assertThat(pp).isNotNull(); // TODO: what else to check here?
+        (PDXPostProcessor) SecurityService.getSecurityService().getPostProcessor();
+    assertEquals(pp.getCount(), 4);
   }
 
 }

http://git-wip-us.apache.org/repos/asf/geode/blob/fd638d52/geode-core/src/test/java/org/apache/geode/security/SecurityClusterConfigDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/SecurityClusterConfigDUnitTest.java b/geode-core/src/test/java/org/apache/geode/security/SecurityClusterConfigDUnitTest.java
index 46767ff..1fe4175 100644
--- a/geode-core/src/test/java/org/apache/geode/security/SecurityClusterConfigDUnitTest.java
+++ b/geode-core/src/test/java/org/apache/geode/security/SecurityClusterConfigDUnitTest.java
@@ -12,6 +12,7 @@
  * or implied. See the License for the specific language governing permissions and limitations under
  * the License.
  */
+
 package org.apache.geode.security;
 
 import static org.apache.geode.distributed.ConfigurationProperties.JMX_MANAGER;
@@ -19,14 +20,14 @@ import static org.apache.geode.distributed.ConfigurationProperties.JMX_MANAGER_P
 import static org.apache.geode.distributed.ConfigurationProperties.JMX_MANAGER_START;
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_POST_PROCESSOR;
-import static org.apache.geode.distributed.ConfigurationProperties.USE_CLUSTER_CONFIGURATION;
-import static org.apache.geode.test.dunit.IgnoredException.addIgnoredException;
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
+import static org.assertj.core.api.Java6Assertions.assertThatThrownBy;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
 
 import org.apache.geode.GemFireConfigException;
 import org.apache.geode.distributed.DistributedSystem;
 import org.apache.geode.internal.i18n.LocalizedStrings;
+import org.apache.geode.test.dunit.IgnoredException;
 import org.apache.geode.test.dunit.rules.LocatorServerStartupRule;
 import org.apache.geode.test.dunit.rules.ServerStarterRule;
 import org.apache.geode.test.junit.categories.DistributedTest;
@@ -49,38 +50,36 @@ public class SecurityClusterConfigDUnitTest {
 
   @Before
   public void before() throws Exception {
-    addIgnoredException(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toString());
-    addIgnoredException(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION_2.toString());
-
+    IgnoredException
+        .addIgnoredException(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toString());
+    IgnoredException
+        .addIgnoredException(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION_2.toString());
     Properties props = new Properties();
+    props.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
     props.setProperty(JMX_MANAGER, "false");
     props.setProperty(JMX_MANAGER_START, "false");
     props.setProperty(JMX_MANAGER_PORT, 0 + "");
-    props.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
     props.setProperty(SECURITY_POST_PROCESSOR, PDXPostProcessor.class.getName());
-
-    this.lsRule.startLocatorVM(0, props);
+    lsRule.startLocatorVM(0, props);
   }
 
   @Test
   public void testStartServerWithClusterConfig() throws Exception {
     Properties props = new Properties();
-
     // the following are needed for peer-to-peer authentication
     props.setProperty("security-username", "cluster");
     props.setProperty("security-password", "cluster");
-    props.setProperty(USE_CLUSTER_CONFIGURATION, "true");
+    props.setProperty("use-cluster-configuration", "true");
 
     // initial security properties should only contain initial set of values
-    this.serverStarter.startServer(props, this.lsRule.getMember(0).getPort());
-    DistributedSystem ds = this.serverStarter.getCache().getDistributedSystem();
+    serverStarter.startServer(props, lsRule.getMember(0).getPort());
+    DistributedSystem ds = serverStarter.getCache().getDistributedSystem();
 
     // after cache is created, we got the security props passed in by cluster config
     Properties secProps = ds.getSecurityProperties();
-    assertThat(secProps).containsKey("security-username");
-    assertThat(secProps).containsKey("security-password");
-    assertThat(secProps).containsKey(SECURITY_MANAGER);
-    assertThat(secProps).containsKey(SECURITY_POST_PROCESSOR);
+    assertEquals(4, secProps.size());
+    assertTrue(secProps.containsKey("security-manager"));
+    assertTrue(secProps.containsKey("security-post-processor"));
   }
 
   @Test
@@ -90,71 +89,67 @@ public class SecurityClusterConfigDUnitTest {
     // the following are needed for peer-to-peer authentication
     props.setProperty("security-username", "cluster");
     props.setProperty("security-password", "cluster");
+    props.setProperty("use-cluster-configuration", "true");
     props.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
-    props.setProperty(USE_CLUSTER_CONFIGURATION, "true");
 
     // initial security properties should only contain initial set of values
-    this.serverStarter.startServer(props, this.lsRule.getMember(0).getPort());
-    DistributedSystem ds = this.serverStarter.getCache().getDistributedSystem();
+    serverStarter.startServer(props, lsRule.getMember(0).getPort());
+    DistributedSystem ds = serverStarter.getCache().getDistributedSystem();
 
     // after cache is created, we got the security props passed in by cluster config
     Properties secProps = ds.getSecurityProperties();
-    assertThat(secProps).containsKey("security-username");
-    assertThat(secProps).containsKey("security-password");
-    assertThat(secProps).containsKey(SECURITY_MANAGER);
-    assertThat(secProps).containsKey(SECURITY_POST_PROCESSOR);
+    assertTrue(secProps.containsKey("security-manager"));
+    assertTrue(secProps.containsKey("security-post-processor"));
   }
 
   @Test
-  public void serverWithDifferentSecurityManagerShouldThrowGemFireConfigException()
-      throws Exception {
+  public void serverWithDifferentSecurityManagerShouldThrowException() {
     Properties props = new Properties();
 
     // the following are needed for peer-to-peer authentication
     props.setProperty("security-username", "cluster");
     props.setProperty("security-password", "cluster");
-    props.setProperty(SECURITY_MANAGER, OtherSimplySecurityManager.class.getName());
-    props.setProperty(USE_CLUSTER_CONFIGURATION, "true");
+    props.setProperty("security-manager", "mySecurityManager");
+    props.setProperty("use-cluster-configuration", "true");
 
     // initial security properties should only contain initial set of values
-    assertThatThrownBy(
-        () -> this.serverStarter.startServer(props, this.lsRule.getMember(0).getPort()))
-            .isInstanceOf(GemFireConfigException.class).hasMessage(
-                LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toLocalizedString());
+    assertThatThrownBy(() -> serverStarter.startServer(props, lsRule.getMember(0).getPort()))
+        .isInstanceOf(GemFireConfigException.class)
+        .hasMessage(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toLocalizedString());
+
   }
 
   @Test
-  public void serverWithDifferentPostProcessorShouldThrowGemFireConfigException() throws Exception {
+  public void serverWithDifferentPostProcessorShouldThrowException() {
     Properties props = new Properties();
 
     // the following are needed for peer-to-peer authentication
     props.setProperty("security-username", "cluster");
     props.setProperty("security-password", "cluster");
-    props.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
-    props.setProperty(SECURITY_POST_PROCESSOR, OtherPDXPostProcessor.class.getName());
-    props.setProperty(USE_CLUSTER_CONFIGURATION, "true");
+    props.setProperty(SECURITY_POST_PROCESSOR, "this-is-not-ok");
+    props.setProperty("use-cluster-configuration", "true");
 
     // initial security properties should only contain initial set of values
-    assertThatThrownBy(
-        () -> this.serverStarter.startServer(props, this.lsRule.getMember(0).getPort()))
-            .isInstanceOf(GemFireConfigException.class).hasMessage(
-                LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toLocalizedString());
+    assertThatThrownBy(() -> serverStarter.startServer(props, lsRule.getMember(0).getPort()))
+        .isInstanceOf(GemFireConfigException.class)
+        .hasMessage(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toLocalizedString());
+
   }
 
   @Test
-  public void serverConnectingToSecuredLocatorMustUseClusterConfig() throws Exception {
+  public void serverConnectingToSecuredLocatorMustUseClusterConfig() {
     Properties props = new Properties();
 
     // the following are needed for peer-to-peer authentication
     props.setProperty("security-username", "cluster");
     props.setProperty("security-password", "cluster");
-    props.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
-    props.setProperty(USE_CLUSTER_CONFIGURATION, "false");
+    props.setProperty("security-manager", "mySecurityManager");
+    props.setProperty("use-cluster-configuration", "false");
+
+    assertThatThrownBy(() -> serverStarter.startServer(props, lsRule.getMember(0).getPort()))
+        .isInstanceOf(GemFireConfigException.class)
+        .hasMessage(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION_2.toLocalizedString());
 
-    assertThatThrownBy(
-        () -> this.serverStarter.startServer(props, this.lsRule.getMember(0).getPort()))
-            .isInstanceOf(GemFireConfigException.class).hasMessage(
-                LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION_2.toLocalizedString());
   }
 
 }

http://git-wip-us.apache.org/repos/asf/geode/blob/fd638d52/geode-core/src/test/java/org/apache/geode/security/SecurityManagerCallbacksDistributedTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/SecurityManagerCallbacksDistributedTest.java b/geode-core/src/test/java/org/apache/geode/security/SecurityManagerCallbacksDistributedTest.java
new file mode 100644
index 0000000..09c30f5
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/security/SecurityManagerCallbacksDistributedTest.java
@@ -0,0 +1,132 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.security;
+
+import static org.apache.geode.distributed.ConfigurationProperties.*;
+import static org.apache.geode.internal.AvailablePortHelper.getRandomAvailableTCPPorts;
+import static org.apache.geode.internal.security.IntegratedSecurityService.getSecurityService;
+import static org.apache.geode.management.ManagementService.getExistingManagementService;
+import static org.apache.geode.test.dunit.DistributedTestUtils.deleteLocatorStateFile;
+import static org.apache.geode.test.dunit.Host.getHost;
+import static org.apache.geode.test.dunit.NetworkUtils.getServerHostName;
+import static org.assertj.core.api.Assertions.*;
+
+import java.io.IOException;
+import java.util.Properties;
+
+import org.apache.geode.cache.server.CacheServer;
+import org.apache.geode.cache30.CacheTestCase;
+import org.apache.geode.management.ManagementService;
+import org.apache.geode.test.dunit.Host;
+import org.apache.geode.test.dunit.VM;
+import org.apache.geode.test.junit.categories.DistributedTest;
+import org.apache.geode.test.junit.categories.SecurityTest;
+
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+@Category({DistributedTest.class, SecurityTest.class})
+public class SecurityManagerCallbacksDistributedTest extends CacheTestCase {
+
+  private String locators;
+  private VM locatorVM;
+
+  @Before
+  public void before() throws Exception {
+    Host host = getHost(0);
+    this.locatorVM = host.getVM(0);
+
+    int[] ports = getRandomAvailableTCPPorts(2);
+    int locatorPort = ports[0];
+    int managerPort = ports[1];
+
+    this.locators = getServerHostName(host) + "[" + locatorPort + "]";
+
+    this.locatorVM.invoke(() -> {
+      deleteLocatorStateFile(locatorPort);
+
+      Properties properties = new Properties();
+      properties.setProperty(LOCATORS, locators);
+      properties.setProperty(MCAST_PORT, "0");
+      properties.setProperty(START_LOCATOR, locators);
+      properties.setProperty(JMX_MANAGER, "true");
+      properties.setProperty(JMX_MANAGER_PORT, String.valueOf(managerPort));
+      properties.setProperty(JMX_MANAGER_START, "true");
+      properties.setProperty(USE_CLUSTER_CONFIGURATION, "false");
+      properties.setProperty(SECURITY_MANAGER, SpySecurityManager.class.getName());
+      properties.setProperty("security-username", "secure");
+      properties.setProperty("security-password", "secure");
+
+      getSystem(properties);
+      getCache();
+    });
+  }
+
+  @After
+  public void after() throws Exception {
+    closeAllCache();
+  }
+
+  @Test
+  public void callbacksShouldBeInvoked() throws Exception {
+    connectServer();
+
+    verifyCallbacksRegardlessOfManager(false);
+
+    this.locatorVM.invoke(() -> {
+      verifyCallbacksRegardlessOfManager(true);
+    });
+  }
+
+  private void connectServer() throws IOException {
+    Properties properties = new Properties();
+    properties.setProperty(LOCATORS, locators);
+    properties.setProperty(MCAST_PORT, "0");
+    properties.setProperty(USE_CLUSTER_CONFIGURATION, "false");
+    properties.setProperty(SECURITY_MANAGER, SpySecurityManager.class.getName());
+    properties.setProperty("security-username", "secure");
+    properties.setProperty("security-password", "secure");
+
+    getSystem(properties);
+
+    CacheServer server1 = getCache().addCacheServer();
+    server1.setPort(0);
+    server1.start();
+
+    getCache();
+  }
+
+  private void verifyCallbacksRegardlessOfManager(final boolean isManager) {
+    ManagementService ms = getExistingManagementService(getCache());
+    assertThat(ms).isNotNull();
+    assertThat(ms.isManager()).isEqualTo(isManager);
+
+    verifyInitAndCloseInvoked();
+  }
+
+  private void verifyInitAndCloseInvoked() {
+    SpySecurityManager ssm = (SpySecurityManager) getSecurityService().getSecurityManager();
+
+    assertThat(ssm.initInvoked).isEqualTo(1);
+    assertThat(ssm.closeInvoked).isEqualTo(0);
+
+    getCache().close();
+
+    assertThat(ssm.initInvoked).isEqualTo(1);
+    assertThat(ssm.closeInvoked).isEqualTo(1);
+  }
+}

http://git-wip-us.apache.org/repos/asf/geode/blob/fd638d52/geode-core/src/test/java/org/apache/geode/security/SecurityManagerLifecycleDistributedTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/SecurityManagerLifecycleDistributedTest.java b/geode-core/src/test/java/org/apache/geode/security/SecurityManagerLifecycleDistributedTest.java
deleted file mode 100644
index a9048b9..0000000
--- a/geode-core/src/test/java/org/apache/geode/security/SecurityManagerLifecycleDistributedTest.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.security;
-
-import static org.apache.geode.distributed.ConfigurationProperties.JMX_MANAGER;
-import static org.apache.geode.distributed.ConfigurationProperties.JMX_MANAGER_PORT;
-import static org.apache.geode.distributed.ConfigurationProperties.JMX_MANAGER_START;
-import static org.apache.geode.distributed.ConfigurationProperties.LOCATORS;
-import static org.apache.geode.distributed.ConfigurationProperties.MCAST_PORT;
-import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
-import static org.apache.geode.distributed.ConfigurationProperties.START_LOCATOR;
-import static org.apache.geode.distributed.ConfigurationProperties.USE_CLUSTER_CONFIGURATION;
-import static org.apache.geode.internal.AvailablePortHelper.getRandomAvailableTCPPorts;
-import static org.apache.geode.management.ManagementService.getExistingManagementService;
-import static org.apache.geode.test.dunit.DistributedTestUtils.deleteLocatorStateFile;
-import static org.apache.geode.test.dunit.Host.getHost;
-import static org.apache.geode.test.dunit.NetworkUtils.getServerHostName;
-import static org.assertj.core.api.Assertions.assertThat;
-
-import org.apache.geode.cache.server.CacheServer;
-import org.apache.geode.cache30.CacheTestCase;
-import org.apache.geode.internal.security.EnabledSecurityService;
-import org.apache.geode.internal.security.SecurityService;
-import org.apache.geode.management.ManagementService;
-import org.apache.geode.test.dunit.Host;
-import org.apache.geode.test.dunit.VM;
-import org.apache.geode.test.junit.categories.DistributedTest;
-import org.apache.geode.test.junit.categories.SecurityTest;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-import java.io.IOException;
-import java.util.Properties;
-
-@Category({DistributedTest.class, SecurityTest.class})
-public class SecurityManagerLifecycleDistributedTest extends CacheTestCase {
-
-  private String locators;
-  private VM locatorVM;
-
-  @Before
-  public void before() throws Exception {
-    Host host = getHost(0);
-    this.locatorVM = host.getVM(0);
-
-    int[] ports = getRandomAvailableTCPPorts(2);
-    int locatorPort = ports[0];
-    int managerPort = ports[1];
-
-    this.locators = getServerHostName(host) + "[" + locatorPort + "]";
-
-    this.locatorVM.invoke(() -> {
-      deleteLocatorStateFile(locatorPort);
-
-      Properties properties = new Properties();
-      properties.setProperty(LOCATORS, locators);
-      properties.setProperty(MCAST_PORT, "0");
-      properties.setProperty(START_LOCATOR, locators);
-      properties.setProperty(JMX_MANAGER, "true");
-      properties.setProperty(JMX_MANAGER_PORT, String.valueOf(managerPort));
-      properties.setProperty(JMX_MANAGER_START, "true");
-      properties.setProperty(USE_CLUSTER_CONFIGURATION, "false");
-      properties.setProperty(SECURITY_MANAGER, SpySecurityManager.class.getName());
-      properties.setProperty("security-username", "secure");
-      properties.setProperty("security-password", "secure");
-
-      getSystem(properties);
-      getCache();
-    });
-  }
-
-  @After
-  public void after() throws Exception {
-    closeAllCache();
-  }
-
-  @Test
-  public void callbacksShouldBeInvoked() throws Exception {
-    connectServer();
-
-    verifyCallbacksRegardlessOfManager(false);
-
-    this.locatorVM.invoke(() -> {
-      verifyCallbacksRegardlessOfManager(true);
-    });
-  }
-
-  private void connectServer() throws IOException {
-    Properties properties = new Properties();
-    properties.setProperty(LOCATORS, locators);
-    properties.setProperty(MCAST_PORT, "0");
-    properties.setProperty(USE_CLUSTER_CONFIGURATION, "false");
-    properties.setProperty(SECURITY_MANAGER, SpySecurityManager.class.getName());
-    properties.setProperty("security-username", "secure");
-    properties.setProperty("security-password", "secure");
-
-    getSystem(properties);
-
-    CacheServer server1 = getCache().addCacheServer();
-    server1.setPort(0);
-    server1.start();
-
-    getCache();
-  }
-
-  private void verifyCallbacksRegardlessOfManager(final boolean isManager) {
-    ManagementService ms = getExistingManagementService(getCache());
-    assertThat(ms).isNotNull();
-    assertThat(ms.isManager()).isEqualTo(isManager);
-
-    verifyInitAndCloseInvoked();
-  }
-
-  private void verifyInitAndCloseInvoked() {
-    SecurityService securityService = getCache().getSecurityService();
-    assertThat(securityService).isNotNull().isInstanceOf(EnabledSecurityService.class);
-
-    SpySecurityManager ssm =
-        (SpySecurityManager) getCache().getSecurityService().getSecurityManager();
-
-    assertThat(ssm.getInitInvocationCount()).isEqualTo(1);
-    assertThat(ssm.getCloseInvocationCount()).isEqualTo(0);
-
-    getCache().close();
-
-    assertThat(ssm.getInitInvocationCount()).isEqualTo(1);
-    assertThat(ssm.getCloseInvocationCount()).isEqualTo(1);
-  }
-}


Mime
View raw message