geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From u..@apache.org
Subject [geode] branch develop updated: GEODE-3739: Refactor protobuf authentication (#922)
Date Thu, 19 Oct 2017 16:36:04 GMT
This is an automated email from the ASF dual-hosted git repository.

udo pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/geode.git


The following commit(s) were added to refs/heads/develop by this push:
     new d7ea68f  GEODE-3739: Refactor protobuf authentication (#922)
d7ea68f is described below

commit d7ea68fd41a4db0244ed17d5a25460f18e5cd37e
Author: Brian Rowe <browe@pivotal.io>
AuthorDate: Thu Oct 19 09:36:00 2017 -0700

    GEODE-3739: Refactor protobuf authentication (#922)
    
    GEODE-3739: Refactor protobuf authentication
    
    Use the security settings to determine authentication type, remove new authentication property
    Move the authentication and authorization objects out of core
    Change authentication messages to use full protobuf message objects
    Add and update unit tests
    
    Signed-off-by: Sarge <mdodge@pivotal.io>
    Signed-off-by: Brian Rowe <browe@pivotal.io>
---
 .../tier/sockets/ClientProtocolProcessor.java      |   2 +
 .../cache/tier/sockets/ClientProtocolService.java  |   9 +-
 .../tier/sockets/ClientProtocolStatistics.java     |  24 --
 .../tier/sockets/ServerConnectionFactory.java      |  37 +--
 .../geode/security/internal/server/package.html    |  45 ----
 .../tier/sockets/MessageExecutionContext.java      |  21 +-
 .../internal/protocol/ProtobufCachePipeline.java   |  22 +-
 .../internal/protocol/ProtobufProtocolService.java |  56 ++++-
 .../protocol/protobuf/ProtobufOpsProcessor.java    |   5 +-
 .../protobuf/ProtobufSimpleAuthenticator.java      |  78 -------
 .../protocol/protobuf/security}/Authenticator.java |  30 +--
 .../protocol/protobuf/security}/Authorizer.java    |   4 +-
 .../security/InvalidConfigAuthenticator.java       |  51 ++++
 .../protobuf/security}/NoOpAuthenticator.java      |  24 +-
 .../protobuf/security}/NoOpAuthorizer.java         |   4 +-
 .../security/ProtobufShiroAuthenticator.java       |  87 +++++++
 .../protobuf/security/ProtobufShiroAuthorizer.java |  45 ++++
 .../statistics/ProtobufClientStatistics.java       |   4 +-
 .../src/main/proto/authentication_API.proto        |   7 +-
 geode-protobuf/src/main/proto/clientProtocol.proto |   5 +
 ...he.geode.security.internal.server.Authenticator |   1 -
 .../GenericProtocolServerConnectionTest.java       |   2 +
 .../protocol/AuthenticationIntegrationTest.java    | 259 ++++++++++++++++++---
 .../protocol/AuthorizationIntegrationTest.java     |  21 +-
 .../acceptance/CacheConnectionJUnitTest.java       |   2 +
 .../CacheConnectionTimeoutJUnitTest.java           |   4 +-
 .../acceptance/CacheMaxConnectionJUnitTest.java    |   1 +
 .../acceptance/CacheOperationsJUnitTest.java       |   1 +
 .../ProtobufShiroAuthenticatorJUnitTest.java       | 117 ++++++++++
 .../ProtobufSimpleAuthenticatorJUnitTest.java      | 128 ----------
 .../protobuf/ProtobufStreamProcessorTest.java      |  19 +-
 .../protobuf/ProtobufTestExecutionContext.java}    |  26 +--
 .../GetAllRequestOperationHandlerJUnitTest.java    |  25 +-
 ...egionNamesRequestOperationHandlerJUnitTest.java |  13 +-
 .../GetRegionRequestOperationHandlerJUnitTest.java |  11 +-
 .../GetRequestOperationHandlerJUnitTest.java       |  19 +-
 .../PutAllRequestOperationHandlerJUnitTest.java    |  13 +-
 .../PutRequestOperationHandlerJUnitTest.java       |  16 +-
 .../RemoveRequestOperationHandlerJUnitTest.java    |  16 +-
 .../statistics/NoOpProtobufStatistics.java         |  47 ----
 40 files changed, 727 insertions(+), 574 deletions(-)

diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ClientProtocolProcessor.java b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ClientProtocolProcessor.java
index 96d2a89..30b4baf 100644
--- a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ClientProtocolProcessor.java
+++ b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ClientProtocolProcessor.java
@@ -27,6 +27,8 @@ import org.apache.geode.cache.IncompatibleVersionException;
  */
 public interface ClientProtocolProcessor extends AutoCloseable {
   /**
+   * @throws IOException if there were any issues reading/writing to the socket, the server is
+   *         expected to close the connection in this case
    * @throws IncompatibleVersionException if a client tries to connect with version that is
    *         incompatible with the current version of the server.
    */
diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ClientProtocolService.java b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ClientProtocolService.java
index 2d7bd64..544f286 100644
--- a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ClientProtocolService.java
+++ b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ClientProtocolService.java
@@ -19,7 +19,6 @@ import org.apache.geode.StatisticsFactory;
 import org.apache.geode.cache.Cache;
 import org.apache.geode.distributed.internal.InternalLocator;
 import org.apache.geode.internal.security.SecurityService;
-import org.apache.geode.security.internal.server.Authenticator;
 
 /**
  * Provides a convenient location for a client protocol service to be loaded into the system.
@@ -29,16 +28,14 @@ public interface ClientProtocolService {
 
   /**
    *
-   * The pipeline MUST use an available authenticator for authentication of all operations once the
+   * The processor MUST use an available authenticator for authentication of all operations once the
    * handshake has happened.
    *
-   * @param availableAuthenticators A list of valid authenticators for the current system.
    */
-  ClientProtocolProcessor createProcessorForCache(Cache cache,
-      Authenticator availableAuthenticators, SecurityService securityService);
+  ClientProtocolProcessor createProcessorForCache(Cache cache, SecurityService securityService);
 
   /**
-   * Create a locator pipeline. The locator does not currently provide any authentication.
+   * Create a locator processor. The locator does not currently provide any authentication.
    */
   ClientProtocolProcessor createProcessorForLocator(InternalLocator locator);
 }
diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ClientProtocolStatistics.java b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ClientProtocolStatistics.java
deleted file mode 100644
index 3c3acbe..0000000
--- a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ClientProtocolStatistics.java
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.internal.cache.tier.sockets;
-
-/**
- * Implementations of this interface record statistics for the corresponding client/server protocol
- */
-public interface ClientProtocolStatistics {
-  public void clientConnected();
-
-  public void clientDisconnected();
-}
diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ServerConnectionFactory.java b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ServerConnectionFactory.java
index 1897563..5f0757f 100644
--- a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ServerConnectionFactory.java
+++ b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ServerConnectionFactory.java
@@ -19,16 +19,12 @@ import static org.apache.geode.internal.cache.tier.CommunicationMode.ProtobufCli
 
 import java.io.IOException;
 import java.net.Socket;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.ServiceLoader;
 
 import org.apache.geode.StatisticsFactory;
 import org.apache.geode.internal.cache.InternalCache;
 import org.apache.geode.internal.cache.tier.Acceptor;
 import org.apache.geode.internal.cache.tier.CachedRegionHelper;
 import org.apache.geode.internal.security.SecurityService;
-import org.apache.geode.security.internal.server.Authenticator;
 
 /**
  * Creates instances of ServerConnection based on the connection mode provided.
@@ -36,33 +32,11 @@ import org.apache.geode.security.internal.server.Authenticator;
 public class ServerConnectionFactory {
   private final ClientProtocolServiceLoader clientProtocolServiceLoader;
   private volatile ClientProtocolService clientProtocolService;
-  private Map<String, Class<? extends Authenticator>> authenticators;
 
   public ServerConnectionFactory() {
-
-    authenticators = new HashMap<>();
-    ServiceLoader<Authenticator> loader = ServiceLoader.load(Authenticator.class);
-    for (Authenticator streamAuthenticator : loader) {
-      authenticators.put(streamAuthenticator.implementationID(), streamAuthenticator.getClass());
-    }
     clientProtocolServiceLoader = new ClientProtocolServiceLoader();
   }
 
-  private Authenticator findStreamAuthenticator(String implementationID) {
-    Class<? extends Authenticator> streamAuthenticatorClass = authenticators.get(implementationID);
-    if (streamAuthenticatorClass == null) {
-      throw new ServiceLoadingFailureException(
-          "Could not find implementation for Authenticator with implementation ID "
-              + implementationID);
-    } else {
-      try {
-        return streamAuthenticatorClass.newInstance();
-      } catch (InstantiationException | IllegalAccessException e) {
-        throw new ServiceLoadingFailureException(
-            "Unable to instantiate authenticator for ID " + implementationID, e);
-      }
-    }
-  }
 
   private synchronized ClientProtocolService getClientProtocolService(
       StatisticsFactory statisticsFactory, String serverName) {
@@ -82,12 +56,8 @@ public class ServerConnectionFactory {
         throw new IOException("Server received unknown communication mode: " + communicationMode);
       } else {
         try {
-          String authenticationMode =
-              System.getProperty("geode.protocol-authentication-mode", "NOOP");
-
           return createGenericProtocolServerConnection(socket, cache, helper, stats, hsTimeout,
-              socketBufferSize, communicationModeStr, communicationMode, acceptor, securityService,
-              authenticationMode);
+              socketBufferSize, communicationModeStr, communicationMode, acceptor, securityService);
         } catch (ServiceLoadingFailureException ex) {
           throw new IOException("Could not load protobuf client protocol", ex);
         }
@@ -101,12 +71,11 @@ public class ServerConnectionFactory {
   private ServerConnection createGenericProtocolServerConnection(Socket socket, InternalCache cache,
       CachedRegionHelper helper, CacheServerStats stats, int hsTimeout, int socketBufferSize,
       String communicationModeStr, byte communicationMode, Acceptor acceptor,
-      SecurityService securityService, String authenticationMode) {
+      SecurityService securityService) {
     ClientProtocolService service =
         getClientProtocolService(cache.getDistributedSystem(), acceptor.getServerName());
 
-    ClientProtocolProcessor processor = service.createProcessorForCache(cache,
-        findStreamAuthenticator(authenticationMode), securityService);
+    ClientProtocolProcessor processor = service.createProcessorForCache(cache, securityService);
 
     return new GenericProtocolServerConnection(socket, cache, helper, stats, hsTimeout,
         socketBufferSize, communicationModeStr, communicationMode, acceptor, processor,
diff --git a/geode-core/src/main/java/org/apache/geode/security/internal/server/package.html b/geode-core/src/main/java/org/apache/geode/security/internal/server/package.html
deleted file mode 100644
index 15a2114..0000000
--- a/geode-core/src/main/java/org/apache/geode/security/internal/server/package.html
+++ /dev/null
@@ -1,45 +0,0 @@
-<!--
-Licensed to the Apache Software Foundation (ASF) under one or more
-contributor license agreements.  See the NOTICE file distributed with
-this work for additional information regarding copyright ownership.
-The ASF licenses this file to You under the Apache License, Version 2.0
-(the "License"); you may not use this file except in compliance with
-the License.  You may obtain a copy of the License at
-
-     http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
--->
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-</head>
-<body>
-<p>This package provides authentication and authorization for a client.  There is a default
-"no-op" implementation that is overridden by the Protobuf form of client/server
-   communication.</p>
-<p>This can also be overridden by _you_ in order to use a different mechanism
-on the server by setting the property geode.protocol-authentication-mode to the name
-   of your implementation.  This is the string returned by your class's
-   implementationID method.</p>
-
-<p>The Authenticator.authenticate() method
-   is first given the i/o streams connected to the client so that it
-can interact with the client to get credentials.  A simple mechanism might expect a
-username and password on the input stream.</p>
-
-<p>Once the client is authenticated the Authenticator will be asked for an authorizer each time
-a message is received.  The authorizer will be asked if the authenticated principal
-is authorized for permissions associated with the request sent by the client.</p>
-
-<p><i>Note: the legacy "GemFire" client/server authorization mechanism is hardcoded
-to get credentials using a non-documented interchange and is not affected by this package.
-It interacts directly with the SecurityManager, as does the default mechanism used in
-Protobuf communications.</i></p>
-</body>
-</html>
diff --git a/geode-protobuf/src/main/java/org/apache/geode/internal/cache/tier/sockets/MessageExecutionContext.java b/geode-protobuf/src/main/java/org/apache/geode/internal/cache/tier/sockets/MessageExecutionContext.java
index 6c540eb..b205b33 100644
--- a/geode-protobuf/src/main/java/org/apache/geode/internal/cache/tier/sockets/MessageExecutionContext.java
+++ b/geode-protobuf/src/main/java/org/apache/geode/internal/cache/tier/sockets/MessageExecutionContext.java
@@ -21,21 +21,24 @@ import org.apache.geode.distributed.Locator;
 import org.apache.geode.distributed.internal.InternalLocator;
 import org.apache.geode.internal.exception.InvalidExecutionContextException;
 import org.apache.geode.internal.protocol.protobuf.statistics.ProtobufClientStatistics;
-import org.apache.geode.security.internal.server.Authorizer;
-import org.apache.geode.security.internal.server.NoOpAuthorizer;
+import org.apache.geode.internal.protocol.protobuf.security.Authorizer;
+import org.apache.geode.internal.protocol.protobuf.security.NoOpAuthorizer;
+import org.apache.geode.security.ResourcePermission;
 
 @Experimental
 public class MessageExecutionContext {
   private Cache cache;
   private Locator locator;
   private final Authorizer authorizer;
+  private final Object authenticatedSubject;
   private final ProtobufClientStatistics statistics;
 
 
   public MessageExecutionContext(Cache cache, Authorizer streamAuthorizer,
-      ProtobufClientStatistics statistics) {
+      Object authenticatedSubject, ProtobufClientStatistics statistics) {
     this.cache = cache;
     this.authorizer = streamAuthorizer;
+    this.authenticatedSubject = authenticatedSubject;
     this.statistics = statistics;
   }
 
@@ -45,6 +48,7 @@ public class MessageExecutionContext {
     // and authorization checks
     this.authorizer = new NoOpAuthorizer();
     this.statistics = statistics;
+    this.authenticatedSubject = new Object();
   }
 
   /**
@@ -76,14 +80,21 @@ public class MessageExecutionContext {
   }
 
   /**
-   * Returns the Authorizer associated with this execution. This can be used to perform
-   * authorization checks for the user associated with this thread.
+   * Return the authorizer associated with this execution
    */
   public Authorizer getAuthorizer() {
     return authorizer;
   }
 
   /**
+   * Returns the authentication/authorization subject associated with this execution
+   */
+  public Object getSubject() {
+    return authenticatedSubject;
+  }
+
+
+  /**
    * Returns the statistics for recording operation stats. In a unit test environment this may not
    * be a protocol-specific statistics implementation.
    */
diff --git a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/ProtobufCachePipeline.java b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/ProtobufCachePipeline.java
index ab14a78..90c9895 100644
--- a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/ProtobufCachePipeline.java
+++ b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/ProtobufCachePipeline.java
@@ -25,25 +25,32 @@ import org.apache.geode.cache.IncompatibleVersionException;
 import org.apache.geode.internal.cache.tier.sockets.ClientProtocolProcessor;
 import org.apache.geode.internal.cache.tier.sockets.MessageExecutionContext;
 import org.apache.geode.internal.protocol.protobuf.ProtobufStreamProcessor;
+import org.apache.geode.internal.protocol.protobuf.security.Authenticator;
+import org.apache.geode.internal.protocol.protobuf.security.Authorizer;
 import org.apache.geode.internal.protocol.protobuf.statistics.ProtobufClientStatistics;
 import org.apache.geode.internal.security.SecurityService;
-import org.apache.geode.security.internal.server.Authenticator;
+import org.apache.geode.security.AuthenticationFailedException;
+
 
 @Experimental
 public final class ProtobufCachePipeline implements ClientProtocolProcessor {
   private final ProtobufClientStatistics statistics;
   private final Cache cache;
+  private final Authorizer authorizer;
   private final SecurityService securityService;
   private final ProtobufStreamProcessor streamProcessor;
   private final Authenticator authenticator;
 
+  private Object authenticatorToken;
+
   ProtobufCachePipeline(ProtobufStreamProcessor protobufStreamProcessor,
       ProtobufClientStatistics statistics, Cache cache, Authenticator authenticator,
-      SecurityService securityService) {
+      Authorizer authorizer, SecurityService securityService) {
     this.streamProcessor = protobufStreamProcessor;
     this.statistics = statistics;
     this.cache = cache;
     this.authenticator = authenticator;
+    this.authorizer = authorizer;
     this.securityService = securityService;
     this.statistics.clientConnected();
   }
@@ -51,11 +58,16 @@ public final class ProtobufCachePipeline implements ClientProtocolProcessor {
   @Override
   public void processMessage(InputStream inputStream, OutputStream outputStream)
       throws IOException, IncompatibleVersionException {
-    if (!authenticator.isAuthenticated()) {
-      authenticator.authenticate(inputStream, outputStream, securityService.getSecurityManager());
+    if (authenticatorToken == null) {
+      try {
+        authenticatorToken = authenticator.authenticate(inputStream, outputStream, securityService);
+      } catch (AuthenticationFailedException ex) {
+        statistics.incAuthenticationFailures();
+        throw new IOException(ex);
+      }
     } else {
       streamProcessor.receiveMessage(inputStream, outputStream,
-          new MessageExecutionContext(cache, authenticator.getAuthorizer(), statistics));
+          new MessageExecutionContext(cache, authorizer, authenticatorToken, statistics));
     }
   }
 
diff --git a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/ProtobufProtocolService.java b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/ProtobufProtocolService.java
index a0e9ebc..7c14852 100644
--- a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/ProtobufProtocolService.java
+++ b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/ProtobufProtocolService.java
@@ -19,12 +19,18 @@ import org.apache.geode.cache.Cache;
 import org.apache.geode.distributed.internal.InternalLocator;
 import org.apache.geode.internal.cache.tier.sockets.ClientProtocolProcessor;
 import org.apache.geode.internal.cache.tier.sockets.ClientProtocolService;
+import org.apache.geode.internal.protocol.protobuf.security.Authorizer;
+import org.apache.geode.internal.protocol.protobuf.security.InvalidConfigAuthenticator;
+import org.apache.geode.internal.protocol.protobuf.security.NoOpAuthorizer;
+import org.apache.geode.internal.protocol.protobuf.security.ProtobufShiroAuthenticator;
 import org.apache.geode.internal.protocol.protobuf.ProtobufStreamProcessor;
+import org.apache.geode.internal.protocol.protobuf.security.ProtobufShiroAuthorizer;
 import org.apache.geode.internal.protocol.protobuf.statistics.NoOpStatistics;
 import org.apache.geode.internal.protocol.protobuf.statistics.ProtobufClientStatistics;
 import org.apache.geode.internal.protocol.protobuf.statistics.ProtobufClientStatisticsImpl;
 import org.apache.geode.internal.security.SecurityService;
-import org.apache.geode.security.internal.server.Authenticator;
+import org.apache.geode.internal.protocol.protobuf.security.Authenticator;
+import org.apache.geode.internal.protocol.protobuf.security.NoOpAuthenticator;
 
 public class ProtobufProtocolService implements ClientProtocolService {
   private volatile ProtobufClientStatistics statistics;
@@ -38,6 +44,18 @@ public class ProtobufProtocolService implements ClientProtocolService {
     }
   }
 
+  @Override
+  public ClientProtocolProcessor createProcessorForCache(Cache cache,
+      SecurityService securityService) {
+    assert (statistics != null);
+
+    Authenticator authenticator = getAuthenticator(securityService);
+    Authorizer authorizer = getAuthorizer(securityService);
+
+    return new ProtobufCachePipeline(protobufStreamProcessor, getStatistics(), cache, authenticator,
+        authorizer, securityService);
+  }
+
   /**
    * For internal use. This is necessary because the statistics may get initialized in another
    * thread.
@@ -50,14 +68,36 @@ public class ProtobufProtocolService implements ClientProtocolService {
   }
 
   @Override
-  public ClientProtocolProcessor createProcessorForCache(Cache cache, Authenticator authenticator,
-      SecurityService securityService) {
-    return new ProtobufCachePipeline(protobufStreamProcessor, getStatistics(), cache, authenticator,
-        securityService);
-  }
-
-  @Override
   public ClientProtocolProcessor createProcessorForLocator(InternalLocator locator) {
     return new ProtobufLocatorPipeline(protobufStreamProcessor, getStatistics(), locator);
   }
+
+  private Authenticator getAuthenticator(SecurityService securityService) {
+    if (securityService.isIntegratedSecurity()) {
+      // Simple authenticator...normal shiro
+      return new ProtobufShiroAuthenticator();
+    }
+    if (securityService.isPeerSecurityRequired() || securityService.isClientSecurityRequired()) {
+      // Failing authentication...legacy security
+      return new InvalidConfigAuthenticator();
+    } else {
+      // Noop authenticator...no security
+      return new NoOpAuthenticator();
+    }
+  }
+
+  private Authorizer getAuthorizer(SecurityService securityService) {
+    if (securityService.isIntegratedSecurity()) {
+      // Simple authenticator...normal shiro
+      return new ProtobufShiroAuthorizer(securityService);
+    }
+    if (securityService.isPeerSecurityRequired() || securityService.isClientSecurityRequired()) {
+      // Failing authentication...legacy security
+      // This should never be called.
+      return null;
+    } else {
+      // Noop authenticator...no security
+      return new NoOpAuthorizer();
+    }
+  }
 }
diff --git a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/ProtobufOpsProcessor.java b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/ProtobufOpsProcessor.java
index 27bb909..a8cde46 100644
--- a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/ProtobufOpsProcessor.java
+++ b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/ProtobufOpsProcessor.java
@@ -52,7 +52,8 @@ public class ProtobufOpsProcessor {
     ClientProtocol.Response.Builder builder;
     Result result;
     try {
-      if (context.getAuthorizer().authorize(operationContext.getAccessPermissionRequired())) {
+      if (context.getAuthorizer().authorize(context.getSubject(),
+          operationContext.getAccessPermissionRequired())) {
         result = operationContext.getOperationHandler().process(serializationService,
             operationContext.getFromRequest().apply(request), context);
       } else {
@@ -73,7 +74,7 @@ public class ProtobufOpsProcessor {
   }
 
   private void recordAuthorizationViolation(MessageExecutionContext context) {
-    ProtobufClientStatistics statistics = (ProtobufClientStatistics) context.getStatistics();
+    ProtobufClientStatistics statistics = context.getStatistics();
     statistics.incAuthorizationViolations();
   }
 }
diff --git a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/ProtobufSimpleAuthenticator.java b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/ProtobufSimpleAuthenticator.java
deleted file mode 100644
index 9fd93ec..0000000
--- a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/ProtobufSimpleAuthenticator.java
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.internal.protocol.protobuf;
-
-import org.apache.geode.management.internal.security.ResourceConstants;
-import org.apache.geode.security.AuthenticationRequiredException;
-import org.apache.geode.security.internal.server.Authenticator;
-import org.apache.geode.security.AuthenticationFailedException;
-import org.apache.geode.security.SecurityManager;
-import org.apache.geode.security.internal.server.Authorizer;
-
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.Properties;
-
-public class ProtobufSimpleAuthenticator implements Authenticator {
-  private ProtobufSimpleAuthorizer authorizer = null;
-
-  @Override
-  public void authenticate(InputStream inputStream, OutputStream outputStream,
-      SecurityManager securityManager) throws IOException {
-    AuthenticationAPI.SimpleAuthenticationRequest authenticationRequest =
-        AuthenticationAPI.SimpleAuthenticationRequest.parseDelimitedFrom(inputStream);
-    if (authenticationRequest == null) {
-      throw new EOFException();
-    }
-
-    Properties properties = new Properties();
-    properties.setProperty(ResourceConstants.USER_NAME, authenticationRequest.getUsername());
-    properties.setProperty(ResourceConstants.PASSWORD, authenticationRequest.getPassword());
-
-    authorizer = null; // authenticating a new user clears current authorizer
-    try {
-      Object principal = securityManager.authenticate(properties);
-      if (principal != null) {
-        authorizer = new ProtobufSimpleAuthorizer(principal, securityManager);
-      }
-    } catch (AuthenticationFailedException e) {
-      authorizer = null;
-    }
-
-    AuthenticationAPI.SimpleAuthenticationResponse.newBuilder().setAuthenticated(isAuthenticated())
-        .build().writeDelimitedTo(outputStream);
-  }
-
-  @Override
-  public boolean isAuthenticated() {
-    // note: an authorizer is only created if the user has been authenticated
-    return authorizer != null;
-  }
-
-  @Override
-  public Authorizer getAuthorizer() throws AuthenticationRequiredException {
-    if (authorizer == null) {
-      throw new AuthenticationRequiredException("Not yet authenticated");
-    }
-    return authorizer;
-  }
-
-  @Override
-  public String implementationID() {
-    return "SIMPLE";
-  }
-}
diff --git a/geode-core/src/main/java/org/apache/geode/security/internal/server/Authenticator.java b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/Authenticator.java
similarity index 60%
rename from geode-core/src/main/java/org/apache/geode/security/internal/server/Authenticator.java
rename to geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/Authenticator.java
index 882988c..2873933 100644
--- a/geode-core/src/main/java/org/apache/geode/security/internal/server/Authenticator.java
+++ b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/Authenticator.java
@@ -12,14 +12,15 @@
  * or implied. See the License for the specific language governing permissions and limitations under
  * the License.
  */
-package org.apache.geode.security.internal.server;
+package org.apache.geode.internal.protocol.protobuf.security;
 
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
 
+import org.apache.geode.internal.security.SecurityService;
+import org.apache.geode.security.AuthenticationFailedException;
 import org.apache.geode.security.AuthenticationRequiredException;
-import org.apache.geode.security.SecurityManager;
 
 /**
  * Implementers of this interface do some message passing over a socket to authenticate a client,
@@ -33,27 +34,10 @@ public interface Authenticator {
    *
    * @param inputStream to read auth messages from.
    * @param outputStream to send messages to.
-   * @param securityManager can be used for validating credentials against.
+   * @param securityService used for validating credentials.
+   * @return authenticated principal
    * @throws IOException if EOF or if invalid input is received.
    */
-  void authenticate(InputStream inputStream, OutputStream outputStream,
-      SecurityManager securityManager) throws IOException;
-
-  /**
-   * Until authentication is complete, isAuthenticated() must return false, and the socket will
-   * always be passed to the Authenticator. Once authentication succeeds, calls to this function
-   * must always return true.
-   */
-  boolean isAuthenticated();
-
-  /**
-   * Return an authorization object which can be used to determine which permissions this stream has
-   * according to the provided securityManager.
-   */
-  Authorizer getAuthorizer() throws AuthenticationRequiredException;
-
-  /**
-   * @return a unique identifier for this particular implementation (NOOP, PASSTHROUGH, etc.)
-   */
-  String implementationID();
+  Object authenticate(InputStream inputStream, OutputStream outputStream,
+      SecurityService securityService) throws IOException, AuthenticationFailedException;
 }
diff --git a/geode-core/src/main/java/org/apache/geode/security/internal/server/Authorizer.java b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/Authorizer.java
similarity index 85%
rename from geode-core/src/main/java/org/apache/geode/security/internal/server/Authorizer.java
rename to geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/Authorizer.java
index 13ef090..3cfb2db 100644
--- a/geode-core/src/main/java/org/apache/geode/security/internal/server/Authorizer.java
+++ b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/Authorizer.java
@@ -12,10 +12,10 @@
  * or implied. See the License for the specific language governing permissions and limitations under
  * the License.
  */
-package org.apache.geode.security.internal.server;
+package org.apache.geode.internal.protocol.protobuf.security;
 
 import org.apache.geode.security.ResourcePermission;
 
 public interface Authorizer {
-  boolean authorize(ResourcePermission permissionRequested);
+  boolean authorize(Object authenticatedSubject, ResourcePermission permissionRequested);
 }
diff --git a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/InvalidConfigAuthenticator.java b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/InvalidConfigAuthenticator.java
new file mode 100644
index 0000000..bf3d669
--- /dev/null
+++ b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/InvalidConfigAuthenticator.java
@@ -0,0 +1,51 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+package org.apache.geode.internal.protocol.protobuf.security;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+
+import org.apache.geode.internal.protocol.protobuf.BasicTypes;
+import org.apache.geode.internal.protocol.protobuf.ClientProtocol;
+import org.apache.geode.internal.protocol.protobuf.ProtocolErrorCode;
+import org.apache.logging.log4j.Logger;
+
+import org.apache.geode.internal.logging.LogService;
+import org.apache.geode.internal.protocol.protobuf.AuthenticationAPI;
+import org.apache.geode.internal.security.SecurityService;
+import org.apache.geode.security.AuthenticationRequiredException;
+
+public class InvalidConfigAuthenticator implements Authenticator {
+  private static final Logger logger = LogService.getLogger(InvalidConfigAuthenticator.class);
+
+  @Override
+  public Object authenticate(InputStream inputStream, OutputStream outputStream,
+      SecurityService securityService) throws IOException {
+    logger.warn(
+        "Attempting to authenticate incoming protobuf message using legacy security implementation. This is not supported. Failing authentication.");
+
+    ClientProtocol.Message.newBuilder()
+        .setResponse(ClientProtocol.Response.newBuilder()
+            .setErrorResponse(ClientProtocol.ErrorResponse.newBuilder()
+                .setError(BasicTypes.Error.newBuilder()
+                    .setErrorCode(ProtocolErrorCode.AUTHENTICATION_FAILED.codeValue).setMessage(
+                        "Attempting to authenticate incoming protobuf message using legacy security implementation. This is not supported. Failing authentication."))))
+        .build().writeDelimitedTo(outputStream);
+
+    throw new IOException("Protobuf clients not supported with legacy security.");
+  }
+}
diff --git a/geode-core/src/main/java/org/apache/geode/security/internal/server/NoOpAuthenticator.java b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/NoOpAuthenticator.java
similarity index 70%
rename from geode-core/src/main/java/org/apache/geode/security/internal/server/NoOpAuthenticator.java
rename to geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/NoOpAuthenticator.java
index d41b29d..116d92c 100644
--- a/geode-core/src/main/java/org/apache/geode/security/internal/server/NoOpAuthenticator.java
+++ b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/NoOpAuthenticator.java
@@ -12,13 +12,13 @@
  * or implied. See the License for the specific language governing permissions and limitations under
  * the License.
  */
-package org.apache.geode.security.internal.server;
+package org.apache.geode.internal.protocol.protobuf.security;
 
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
 
-import org.apache.geode.security.SecurityManager;
+import org.apache.geode.internal.security.SecurityService;
 
 /**
  * An implementation of {@link Authenticator} that doesn't use its parameters and always returns
@@ -26,23 +26,9 @@ import org.apache.geode.security.SecurityManager;
  */
 public class NoOpAuthenticator implements Authenticator {
   @Override
-  public void authenticate(InputStream inputStream, OutputStream outputStream,
-      SecurityManager securityManager) throws IOException {
+  public Object authenticate(InputStream inputStream, OutputStream outputStream,
+      SecurityService securityService) throws IOException {
     // this method needs to do nothing as it is a pass-through implementation
-  }
-
-  @Override
-  public boolean isAuthenticated() {
-    return true;
-  }
-
-  @Override
-  public Authorizer getAuthorizer() {
-    return new NoOpAuthorizer();
-  }
-
-  @Override
-  public String implementationID() {
-    return "NOOP";
+    return new Object();
   }
 }
diff --git a/geode-core/src/main/java/org/apache/geode/security/internal/server/NoOpAuthorizer.java b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/NoOpAuthorizer.java
similarity index 86%
rename from geode-core/src/main/java/org/apache/geode/security/internal/server/NoOpAuthorizer.java
rename to geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/NoOpAuthorizer.java
index bae1c40..3add18c 100644
--- a/geode-core/src/main/java/org/apache/geode/security/internal/server/NoOpAuthorizer.java
+++ b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/NoOpAuthorizer.java
@@ -12,7 +12,7 @@
  * or implied. See the License for the specific language governing permissions and limitations under
  * the License.
  */
-package org.apache.geode.security.internal.server;
+package org.apache.geode.internal.protocol.protobuf.security;
 
 import org.apache.geode.security.ResourcePermission;
 
@@ -21,7 +21,7 @@ import org.apache.geode.security.ResourcePermission;
  */
 public class NoOpAuthorizer implements Authorizer {
   @Override
-  public boolean authorize(ResourcePermission permissionRequested) {
+  public boolean authorize(Object authenticatedSubject, ResourcePermission permissionRequested) {
     return true;
   }
 }
diff --git a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/ProtobufShiroAuthenticator.java b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/ProtobufShiroAuthenticator.java
new file mode 100644
index 0000000..ca47b94
--- /dev/null
+++ b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/ProtobufShiroAuthenticator.java
@@ -0,0 +1,87 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.internal.protocol.protobuf.security;
+
+import static org.apache.geode.internal.protocol.protobuf.ProtocolErrorCode.AUTHENTICATION_FAILED;
+
+import org.apache.geode.internal.protocol.protobuf.AuthenticationAPI;
+
+import org.apache.geode.internal.protocol.protobuf.BasicTypes;
+import org.apache.geode.internal.protocol.protobuf.ClientProtocol;
+import org.apache.geode.internal.security.SecurityService;
+import org.apache.geode.security.AuthenticationFailedException;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.util.Properties;
+
+import org.apache.shiro.subject.Subject;
+
+public class ProtobufShiroAuthenticator implements Authenticator {
+
+  private static final String SHOULD_HAVE_AUTHED =
+      "Got non-auth request while expecting authentication request";
+
+  @Override
+  public Subject authenticate(InputStream inputStream, OutputStream outputStream,
+      SecurityService securityService) throws IOException, AuthenticationFailedException {
+    ClientProtocol.Message message = ClientProtocol.Message.parseDelimitedFrom(inputStream);
+
+    if (message.getRequest().getRequestAPICase()
+        .getNumber() != ClientProtocol.Request.SIMPLEAUTHENTICATIONREQUEST_FIELD_NUMBER) {
+      failAuth(outputStream);
+    }
+
+    AuthenticationAPI.AuthenticationRequest authenticationRequest =
+        message.getRequest().getSimpleAuthenticationRequest();
+    if (authenticationRequest == null) {
+      failAuth(outputStream);
+    }
+
+    Properties properties = new Properties();
+    properties.putAll(authenticationRequest.getCredentialsMap());
+
+    try {
+      // throws AuthenticationFailedException on failure.
+      Subject authToken = securityService.login(properties);
+
+      sendAuthenticationResponse(outputStream, true);
+      return authToken;
+    } catch (AuthenticationFailedException ex) {
+      sendAuthenticationResponse(outputStream, false);
+      throw ex;
+    }
+  }
+
+  private void sendAuthenticationResponse(OutputStream outputStream, boolean success)
+      throws IOException {
+    ClientProtocol.Message.newBuilder()
+        .setResponse(ClientProtocol.Response.newBuilder().setSimpleAuthenticationResponse(
+            AuthenticationAPI.AuthenticationResponse.newBuilder().setAuthenticated(success)))
+        .build().writeDelimitedTo(outputStream);
+  }
+
+  private void failAuth(OutputStream outputStream) throws IOException {
+    ClientProtocol.Message.newBuilder()
+        .setResponse(ClientProtocol.Response.newBuilder()
+            .setErrorResponse(ClientProtocol.ErrorResponse.newBuilder()
+                .setError(BasicTypes.Error.newBuilder()
+                    .setErrorCode(AUTHENTICATION_FAILED.codeValue).setMessage(SHOULD_HAVE_AUTHED))))
+        .build().writeDelimitedTo(outputStream);
+
+    throw new IOException(SHOULD_HAVE_AUTHED);
+  }
+}
diff --git a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/ProtobufShiroAuthorizer.java b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/ProtobufShiroAuthorizer.java
new file mode 100644
index 0000000..78d51c0
--- /dev/null
+++ b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/security/ProtobufShiroAuthorizer.java
@@ -0,0 +1,45 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.internal.protocol.protobuf.security;
+
+import org.apache.shiro.subject.Subject;
+import org.apache.shiro.util.ThreadState;
+
+import org.apache.geode.internal.security.SecurityService;
+import org.apache.geode.security.NotAuthorizedException;
+import org.apache.geode.security.ResourcePermission;
+import org.apache.geode.internal.protocol.protobuf.security.Authorizer;
+
+public class ProtobufShiroAuthorizer implements Authorizer {
+  private final SecurityService securityService;
+
+  public ProtobufShiroAuthorizer(SecurityService securityService) {
+    this.securityService = securityService;
+  }
+
+  @Override
+  public boolean authorize(Object authenticatedSubject, ResourcePermission permissionRequested) {
+    ThreadState threadState = securityService.bindSubject((Subject) authenticatedSubject);
+
+    try {
+      securityService.authorize(permissionRequested);
+      return true;
+    } catch (NotAuthorizedException ex) {
+      return false;
+    } finally {
+      threadState.restore();
+    }
+  }
+}
diff --git a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/statistics/ProtobufClientStatistics.java b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/statistics/ProtobufClientStatistics.java
index afd9648..a8070c7 100644
--- a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/statistics/ProtobufClientStatistics.java
+++ b/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/statistics/ProtobufClientStatistics.java
@@ -14,9 +14,7 @@
  */
 package org.apache.geode.internal.protocol.protobuf.statistics;
 
-import org.apache.geode.internal.cache.tier.sockets.ClientProtocolStatistics;
-
-public interface ProtobufClientStatistics extends ClientProtocolStatistics {
+public interface ProtobufClientStatistics {
   String PROTOBUF_STATS_NAME = "ProtobufStats";
 
   void clientConnected();
diff --git a/geode-protobuf/src/main/proto/authentication_API.proto b/geode-protobuf/src/main/proto/authentication_API.proto
index be6721e..cecc717 100644
--- a/geode-protobuf/src/main/proto/authentication_API.proto
+++ b/geode-protobuf/src/main/proto/authentication_API.proto
@@ -16,11 +16,10 @@
 syntax = "proto3";
 package org.apache.geode.internal.protocol.protobuf;
 
-message SimpleAuthenticationRequest {
-    string username = 1;
-    string password = 2;
+message AuthenticationRequest {
+    map<string,string> credentials = 1;
 }
 
-message SimpleAuthenticationResponse {
+message AuthenticationResponse {
     bool authenticated = 1;
 }
diff --git a/geode-protobuf/src/main/proto/clientProtocol.proto b/geode-protobuf/src/main/proto/clientProtocol.proto
index 4dce221..b4c0f56 100644
--- a/geode-protobuf/src/main/proto/clientProtocol.proto
+++ b/geode-protobuf/src/main/proto/clientProtocol.proto
@@ -25,6 +25,7 @@ import "google/protobuf/any.proto";
 import "region_API.proto";
 import "server_API.proto";
 import "basicTypes.proto";
+import "authentication_API.proto";
 
 message Message {
     oneof messageType {
@@ -46,6 +47,8 @@ message Request {
         GetAvailableServersRequest getAvailableServersRequest = 42;
         GetRegionNamesRequest getRegionNamesRequest = 43;
         GetRegionRequest getRegionRequest = 44;
+
+        AuthenticationRequest simpleAuthenticationRequest = 100;
     }
 }
 
@@ -63,6 +66,8 @@ message Response {
         GetAvailableServersResponse getAvailableServersResponse = 42;
         GetRegionNamesResponse getRegionNamesResponse = 43;
         GetRegionResponse getRegionResponse = 44;
+
+        AuthenticationResponse simpleAuthenticationResponse = 100;
     }
 }
 
diff --git a/geode-protobuf/src/main/resources/META-INF/services/org.apache.geode.security.internal.server.Authenticator b/geode-protobuf/src/main/resources/META-INF/services/org.apache.geode.security.internal.server.Authenticator
deleted file mode 100644
index 3e382e1..0000000
--- a/geode-protobuf/src/main/resources/META-INF/services/org.apache.geode.security.internal.server.Authenticator
+++ /dev/null
@@ -1 +0,0 @@
-org.apache.geode.internal.protocol.protobuf.ProtobufSimpleAuthenticator
\ No newline at end of file
diff --git a/geode-protobuf/src/test/java/org/apache/geode/internal/cache/tier/sockets/GenericProtocolServerConnectionTest.java b/geode-protobuf/src/test/java/org/apache/geode/internal/cache/tier/sockets/GenericProtocolServerConnectionTest.java
index 98aa1b9..8f16935 100644
--- a/geode-protobuf/src/test/java/org/apache/geode/internal/cache/tier/sockets/GenericProtocolServerConnectionTest.java
+++ b/geode-protobuf/src/test/java/org/apache/geode/internal/cache/tier/sockets/GenericProtocolServerConnectionTest.java
@@ -28,6 +28,8 @@ import java.net.InetSocketAddress;
 import java.net.Socket;
 import java.net.UnknownHostException;
 
+import org.apache.geode.distributed.internal.SecurityConfig;
+import org.junit.Before;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;
 import org.mockito.ArgumentCaptor;
diff --git a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/AuthenticationIntegrationTest.java b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/AuthenticationIntegrationTest.java
index c954587..adbe906 100644
--- a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/AuthenticationIntegrationTest.java
+++ b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/AuthenticationIntegrationTest.java
@@ -14,12 +14,13 @@
  */
 package org.apache.geode.internal.protocol;
 
+import static junit.framework.TestCase.fail;
+import static org.apache.geode.internal.protocol.protobuf.ProtocolErrorCode.AUTHENTICATION_FAILED;
 import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertTrue;
 import static org.mockito.ArgumentMatchers.any;
-import static org.mockito.ArgumentMatchers.same;
 import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
 
 import java.io.IOException;
 import java.io.InputStream;
@@ -28,8 +29,10 @@ import java.net.Socket;
 import java.util.Properties;
 import java.util.concurrent.TimeUnit;
 
+import org.apache.geode.internal.protocol.exception.InvalidProtocolMessageException;
 import org.awaitility.Awaitility;
 import org.junit.After;
+import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.contrib.java.lang.system.RestoreSystemProperties;
@@ -40,14 +43,23 @@ import org.apache.geode.cache.CacheFactory;
 import org.apache.geode.cache.server.CacheServer;
 import org.apache.geode.distributed.ConfigurationProperties;
 import org.apache.geode.internal.AvailablePortHelper;
+import org.apache.geode.internal.cache.InternalCache;
 import org.apache.geode.internal.protocol.protobuf.AuthenticationAPI;
 import org.apache.geode.internal.protocol.protobuf.ClientProtocol;
 import org.apache.geode.internal.protocol.protobuf.RegionAPI;
 import org.apache.geode.internal.protocol.protobuf.serializer.ProtobufProtocolSerializer;
 import org.apache.geode.management.internal.security.ResourceConstants;
+import org.apache.geode.security.AuthenticationFailedException;
+import org.apache.geode.security.ResourcePermission;
 import org.apache.geode.security.SecurityManager;
 import org.apache.geode.test.junit.categories.IntegrationTest;
 
+/**
+ * Security seems to have a few possible setups: * Manual SecurityManager set: integrated security *
+ * Security enabled without SecurityManager set: integrated security * Legacy security: - with peer
+ * or client auth enabled: we call this incompatible with our auth. - with neither enabled: this is
+ * what we call "security off". Don't auth at all.
+ */
 @Category(IntegrationTest.class)
 public class AuthenticationIntegrationTest {
 
@@ -61,36 +73,21 @@ public class AuthenticationIntegrationTest {
   private OutputStream outputStream;
   private InputStream inputStream;
   private ProtobufProtocolSerializer protobufProtocolSerializer;
+  private Properties expectedAuthProperties;
+  private Socket socket;
 
-  public void setUp(String authenticationMode) throws IOException {
-    Properties expectedAuthProperties = new Properties();
-    expectedAuthProperties.setProperty(ResourceConstants.USER_NAME, TEST_USERNAME);
-    expectedAuthProperties.setProperty(ResourceConstants.PASSWORD, TEST_PASSWORD);
-
-    Object securityPrincipal = new Object();
-    SecurityManager mockSecurityManager = mock(SecurityManager.class);
-    when(mockSecurityManager.authenticate(expectedAuthProperties)).thenReturn(securityPrincipal);
-    when(mockSecurityManager.authorize(same(securityPrincipal), any())).thenReturn(true);
-
-    Properties properties = new Properties();
-    CacheFactory cacheFactory = new CacheFactory(properties);
-    cacheFactory.set(ConfigurationProperties.MCAST_PORT, "0"); // sometimes it isn't due to other
-                                                               // tests.
-    cacheFactory.set(ConfigurationProperties.USE_CLUSTER_CONFIGURATION, "false");
-    cacheFactory.set(ConfigurationProperties.ENABLE_CLUSTER_CONFIGURATION, "false");
-
-    cacheFactory.setSecurityManager(mockSecurityManager);
-    cache = cacheFactory.create();
+  @Before
+  public void setUp() {
+    System.setProperty("geode.feature-protobuf-protocol", "true");
+  }
 
+  public void setupCacheServerAndSocket() throws IOException {
     CacheServer cacheServer = cache.addCacheServer();
     int cacheServerPort = AvailablePortHelper.getRandomAvailableTCPPort();
     cacheServer.setPort(cacheServerPort);
     cacheServer.start();
 
-
-    System.setProperty("geode.feature-protobuf-protocol", "true");
-    System.setProperty("geode.protocol-authentication-mode", authenticationMode);
-    Socket socket = new Socket("localhost", cacheServerPort);
+    socket = new Socket("localhost", cacheServerPort);
 
     Awaitility.await().atMost(5, TimeUnit.SECONDS).until(socket::isConnected);
     outputStream = socket.getOutputStream();
@@ -100,17 +97,80 @@ public class AuthenticationIntegrationTest {
     protobufProtocolSerializer = new ProtobufProtocolSerializer();
   }
 
+  private static class SimpleSecurityManager implements SecurityManager {
+    private final Object authorizedPrincipal;
+    private final Properties authorizedCredentials;
+
+    SimpleSecurityManager(Object validPrincipal, Properties validCredentials) {
+      this.authorizedPrincipal = validPrincipal;
+      authorizedCredentials = validCredentials;
+    }
+
+    @Override
+    public Object authenticate(Properties credentials) throws AuthenticationFailedException {
+      if (authorizedCredentials.equals(credentials)) {
+        return authorizedPrincipal;
+      } else {
+        throw new AuthenticationFailedException(
+            "Test properties: " + credentials + " don't match authorized " + authorizedCredentials);
+      }
+    }
+
+    @Override
+    public boolean authorize(Object principal, ResourcePermission permission) {
+      return principal == authorizedPrincipal;
+    }
+  }
+
+  private Cache createCacheWithSecurityManagerTakingExpectedCreds() {
+    expectedAuthProperties = new Properties();
+    expectedAuthProperties.setProperty(ResourceConstants.USER_NAME, TEST_USERNAME);
+    expectedAuthProperties.setProperty(ResourceConstants.PASSWORD, TEST_PASSWORD);
+
+    SimpleSecurityManager securityManager =
+        new SimpleSecurityManager("this is a secret string or something.", expectedAuthProperties);
+
+    Properties properties = new Properties();
+    CacheFactory cacheFactory = new CacheFactory(properties);
+    cacheFactory.set(ConfigurationProperties.MCAST_PORT, "0"); // sometimes it isn't due to other
+    // tests.
+    cacheFactory.set(ConfigurationProperties.USE_CLUSTER_CONFIGURATION, "false");
+    cacheFactory.set(ConfigurationProperties.ENABLE_CLUSTER_CONFIGURATION, "false");
+
+    cacheFactory.setSecurityManager(securityManager);
+    return cacheFactory.create();
+  }
+
+  private Cache createNoSecurityCache() {
+    Properties properties = new Properties();
+    CacheFactory cacheFactory = new CacheFactory(properties);
+    cacheFactory.set(ConfigurationProperties.MCAST_PORT, "0"); // sometimes it isn't due to other
+    // tests.
+    cacheFactory.set(ConfigurationProperties.USE_CLUSTER_CONFIGURATION, "false");
+    cacheFactory.set(ConfigurationProperties.ENABLE_CLUSTER_CONFIGURATION, "false");
+    cacheFactory.setSecurityManager(null);
+
+    return cacheFactory.create();
+  }
+
   @After
-  public void tearDown() {
+  public void tearDown() throws IOException {
     if (cache != null) {
       cache.close();
       cache = null;
     }
+    if (socket != null) {
+      socket.close();
+    }
+    socket = null;
+    inputStream = null;
+    outputStream = null;
   }
 
   @Test
   public void noopAuthenticationSucceeds() throws Exception {
-    setUp("NOOP");
+    cache = createNoSecurityCache();
+    setupCacheServerAndSocket();
     ClientProtocol.Message getRegionsMessage =
         ClientProtocol.Message.newBuilder().setRequest(ClientProtocol.Request.newBuilder()
             .setGetRegionNamesRequest(RegionAPI.GetRegionNamesRequest.newBuilder())).build();
@@ -122,15 +182,36 @@ public class AuthenticationIntegrationTest {
   }
 
   @Test
+  public void skippingAuthenticationFails() throws Exception {
+    cache = createCacheWithSecurityManagerTakingExpectedCreds();
+    setupCacheServerAndSocket();
+    ClientProtocol.Message getRegionsMessage =
+        ClientProtocol.Message.newBuilder().setRequest(ClientProtocol.Request.newBuilder()
+            .setGetRegionNamesRequest(RegionAPI.GetRegionNamesRequest.newBuilder())).build();
+    protobufProtocolSerializer.serialize(getRegionsMessage, outputStream);
+
+    ClientProtocol.Message errorResponse = protobufProtocolSerializer.deserialize(inputStream);
+    assertEquals(ClientProtocol.Response.ResponseAPICase.ERRORRESPONSE,
+        errorResponse.getResponse().getResponseAPICase());
+    assertEquals(AUTHENTICATION_FAILED.codeValue,
+        errorResponse.getResponse().getErrorResponse().getError().getErrorCode());
+  }
+
+  @Test
   public void simpleAuthenticationSucceeds() throws Exception {
-    setUp("SIMPLE");
-    AuthenticationAPI.SimpleAuthenticationRequest authenticationRequest =
-        AuthenticationAPI.SimpleAuthenticationRequest.newBuilder().setUsername(TEST_USERNAME)
-            .setPassword(TEST_PASSWORD).build();
+    cache = createCacheWithSecurityManagerTakingExpectedCreds();
+    setupCacheServerAndSocket();
+
+    ClientProtocol.Message authenticationRequest = ClientProtocol.Message.newBuilder()
+        .setRequest(ClientProtocol.Request.newBuilder()
+            .setSimpleAuthenticationRequest(AuthenticationAPI.AuthenticationRequest.newBuilder()
+                .putCredentials(ResourceConstants.USER_NAME, TEST_USERNAME)
+                .putCredentials(ResourceConstants.PASSWORD, TEST_PASSWORD)))
+        .build();
     authenticationRequest.writeDelimitedTo(outputStream);
 
-    AuthenticationAPI.SimpleAuthenticationResponse authenticationResponse =
-        AuthenticationAPI.SimpleAuthenticationResponse.parseDelimitedFrom(inputStream);
+    AuthenticationAPI.AuthenticationResponse authenticationResponse =
+        parseSimpleAuthenticationResponseFromInput();
     assertTrue(authenticationResponse.getAuthenticated());
 
     ClientProtocol.Message getRegionsMessage =
@@ -143,4 +224,116 @@ public class AuthenticationIntegrationTest {
         regionsResponse.getResponse().getResponseAPICase());
 
   }
+
+  @Test
+  public void simpleAuthenticationWithEmptyCreds() throws Exception {
+    cache = createCacheWithSecurityManagerTakingExpectedCreds();
+    setupCacheServerAndSocket();
+
+    ClientProtocol.Message authenticationRequest = ClientProtocol.Message.newBuilder()
+        .setRequest(ClientProtocol.Request.newBuilder()
+            .setSimpleAuthenticationRequest(AuthenticationAPI.AuthenticationRequest.newBuilder()))
+        .build();
+
+    authenticationRequest.writeDelimitedTo(outputStream);
+
+    AuthenticationAPI.AuthenticationResponse authenticationResponse =
+        parseSimpleAuthenticationResponseFromInput();
+    assertFalse(authenticationResponse.getAuthenticated());
+  }
+
+  @Test
+  public void simpleAuthenticationWithInvalidCreds() throws Exception {
+    cache = createCacheWithSecurityManagerTakingExpectedCreds();
+    setupCacheServerAndSocket();
+
+    ClientProtocol.Message authenticationRequest = ClientProtocol.Message.newBuilder()
+        .setRequest(ClientProtocol.Request.newBuilder()
+            .setSimpleAuthenticationRequest(AuthenticationAPI.AuthenticationRequest.newBuilder()
+                .putCredentials(ResourceConstants.USER_NAME, TEST_USERNAME)
+                .putCredentials(ResourceConstants.PASSWORD, "wrong password")))
+        .build();
+
+    authenticationRequest.writeDelimitedTo(outputStream);
+
+    AuthenticationAPI.AuthenticationResponse authenticationResponse =
+        parseSimpleAuthenticationResponseFromInput();
+    assertFalse(authenticationResponse.getAuthenticated());
+  }
+
+  @Test
+  public void noAuthenticatorSet() throws IOException {
+    cache = createNoSecurityCache();
+    setupCacheServerAndSocket();
+
+    // expect the cache to be in what we recognize as a no-security state.
+    assertFalse(((InternalCache) cache).getSecurityService().isIntegratedSecurity());
+    assertFalse(((InternalCache) cache).getSecurityService().isClientSecurityRequired());
+    assertFalse(((InternalCache) cache).getSecurityService().isPeerSecurityRequired());
+  }
+
+  @Test
+  public void legacyClientAuthenticatorSet() throws Exception {
+    createLegacyAuthCache("security-client-authenticator");
+    setupCacheServerAndSocket();
+
+    ClientProtocol.Message authenticationRequest = ClientProtocol.Message.newBuilder()
+        .setRequest(ClientProtocol.Request.newBuilder()
+            .setSimpleAuthenticationRequest(AuthenticationAPI.AuthenticationRequest.newBuilder()))
+        .build();
+
+    authenticationRequest.writeDelimitedTo(outputStream);
+
+    ClientProtocol.Message errorResponse = protobufProtocolSerializer.deserialize(inputStream);
+    assertEquals(ClientProtocol.Response.ResponseAPICase.ERRORRESPONSE,
+        errorResponse.getResponse().getResponseAPICase());
+    assertEquals(AUTHENTICATION_FAILED.codeValue,
+        errorResponse.getResponse().getErrorResponse().getError().getErrorCode());
+  }
+
+  @Test
+  public void legacyPeerAuthenticatorSet() throws Exception {
+    createLegacyAuthCache("security-peer-authenticator");
+    setupCacheServerAndSocket();
+
+    ClientProtocol.Message authenticationRequest = ClientProtocol.Message.newBuilder()
+        .setRequest(ClientProtocol.Request.newBuilder()
+            .setSimpleAuthenticationRequest(AuthenticationAPI.AuthenticationRequest.newBuilder()))
+        .build();
+
+    authenticationRequest.writeDelimitedTo(outputStream);
+
+    ClientProtocol.Message errorResponse = protobufProtocolSerializer.deserialize(inputStream);
+    assertEquals(ClientProtocol.Response.ResponseAPICase.ERRORRESPONSE,
+        errorResponse.getResponse().getResponseAPICase());
+    assertEquals(AUTHENTICATION_FAILED.codeValue,
+        errorResponse.getResponse().getErrorResponse().getError().getErrorCode());
+  }
+
+  private void createLegacyAuthCache(String authenticationProperty) {
+    String authenticatorLoadFunction =
+        "org.apache.geode.security.templates.DummyAuthenticator.create";
+
+    Properties properties = new Properties();
+    properties.setProperty(authenticationProperty, authenticatorLoadFunction);
+    CacheFactory cacheFactory = new CacheFactory(properties);
+    cacheFactory.set(ConfigurationProperties.MCAST_PORT, "0"); // sometimes it isn't due to other
+    // tests.
+    cacheFactory.set(ConfigurationProperties.USE_CLUSTER_CONFIGURATION, "false");
+    cacheFactory.set(ConfigurationProperties.ENABLE_CLUSTER_CONFIGURATION, "false");
+    cacheFactory.setSecurityManager(null);
+
+    cache = cacheFactory.create();
+  }
+
+  private AuthenticationAPI.AuthenticationResponse parseSimpleAuthenticationResponseFromInput()
+      throws IOException {
+    ClientProtocol.Message authenticationResponseMessage =
+        ClientProtocol.Message.parseDelimitedFrom(inputStream);
+    assertEquals(ClientProtocol.Message.RESPONSE_FIELD_NUMBER,
+        authenticationResponseMessage.getMessageTypeCase().getNumber());
+    assertEquals(ClientProtocol.Response.SIMPLEAUTHENTICATIONRESPONSE_FIELD_NUMBER,
+        authenticationResponseMessage.getResponse().getResponseAPICase().getNumber());
+    return authenticationResponseMessage.getResponse().getSimpleAuthenticationResponse();
+  }
 }
diff --git a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/AuthorizationIntegrationTest.java b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/AuthorizationIntegrationTest.java
index cc0faec..b41b93c 100644
--- a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/AuthorizationIntegrationTest.java
+++ b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/AuthorizationIntegrationTest.java
@@ -72,7 +72,6 @@ public class AuthorizationIntegrationTest {
   private ProtobufProtocolSerializer protobufProtocolSerializer;
   private Object securityPrincipal;
   private SecurityManager mockSecurityManager;
-  private String testRegion;
   public static final ResourcePermission READ_PERMISSION =
       new ResourcePermission(ResourcePermission.Resource.DATA, ResourcePermission.Operation.READ);
   public static final ResourcePermission WRITE_PERMISSION =
@@ -84,7 +83,7 @@ public class AuthorizationIntegrationTest {
     expectedAuthProperties.setProperty(ResourceConstants.USER_NAME, TEST_USERNAME);
     expectedAuthProperties.setProperty(ResourceConstants.PASSWORD, TEST_PASSWORD);
 
-    securityPrincipal = new Object();
+    securityPrincipal = "mockSecurityPrincipal";
     mockSecurityManager = mock(SecurityManager.class);
     when(mockSecurityManager.authenticate(expectedAuthProperties)).thenReturn(securityPrincipal);
 
@@ -115,13 +114,21 @@ public class AuthorizationIntegrationTest {
     protobufProtocolSerializer = new ProtobufProtocolSerializer();
 
     when(mockSecurityManager.authorize(same(securityPrincipal), any())).thenReturn(false);
-    AuthenticationAPI.SimpleAuthenticationRequest authenticationRequest =
-        AuthenticationAPI.SimpleAuthenticationRequest.newBuilder().setUsername(TEST_USERNAME)
-            .setPassword(TEST_PASSWORD).build();
+    ClientProtocol.Message authenticationRequest = ClientProtocol.Message.newBuilder()
+        .setRequest(ClientProtocol.Request.newBuilder()
+            .setSimpleAuthenticationRequest(AuthenticationAPI.AuthenticationRequest.newBuilder()
+                .putCredentials(ResourceConstants.USER_NAME, TEST_USERNAME)
+                .putCredentials(ResourceConstants.PASSWORD, TEST_PASSWORD)))
+        .build();
     authenticationRequest.writeDelimitedTo(outputStream);
 
-    AuthenticationAPI.SimpleAuthenticationResponse authenticationResponse =
-        AuthenticationAPI.SimpleAuthenticationResponse.parseDelimitedFrom(inputStream);
+    ClientProtocol.Message responseMessage = ClientProtocol.Message.parseDelimitedFrom(inputStream);
+    assertEquals(ClientProtocol.Message.RESPONSE_FIELD_NUMBER,
+        responseMessage.getMessageTypeCase().getNumber());
+    assertEquals(ClientProtocol.Response.SIMPLEAUTHENTICATIONRESPONSE_FIELD_NUMBER,
+        responseMessage.getResponse().getResponseAPICase().getNumber());
+    AuthenticationAPI.AuthenticationResponse authenticationResponse =
+        responseMessage.getResponse().getSimpleAuthenticationResponse();
     assertTrue(authenticationResponse.getAuthenticated());
   }
 
diff --git a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/acceptance/CacheConnectionJUnitTest.java b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/acceptance/CacheConnectionJUnitTest.java
index cb3e544..a7d0313 100644
--- a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/acceptance/CacheConnectionJUnitTest.java
+++ b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/acceptance/CacheConnectionJUnitTest.java
@@ -34,6 +34,7 @@ import java.util.Collection;
 import java.util.Properties;
 import java.util.concurrent.TimeUnit;
 
+import org.apache.geode.distributed.internal.SecurityConfig;
 import org.awaitility.Awaitility;
 import org.junit.After;
 import org.junit.Before;
@@ -121,6 +122,7 @@ public class CacheConnectionJUnitTest {
     cacheFactory.set(ConfigurationProperties.ENABLE_CLUSTER_CONFIGURATION, "false");
     cacheFactory.set(ConfigurationProperties.USE_CLUSTER_CONFIGURATION, "false");
     cacheFactory.set(ConfigurationProperties.STATISTIC_SAMPLE_RATE, "100");
+    cacheFactory.setSecurityManager(null);
     cache = cacheFactory.create();
 
     CacheServer cacheServer = cache.addCacheServer();
diff --git a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/acceptance/CacheConnectionTimeoutJUnitTest.java b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/acceptance/CacheConnectionTimeoutJUnitTest.java
index 810e5a7..2b910da 100644
--- a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/acceptance/CacheConnectionTimeoutJUnitTest.java
+++ b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/acceptance/CacheConnectionTimeoutJUnitTest.java
@@ -26,6 +26,7 @@ import java.net.Socket;
 import java.util.Properties;
 import java.util.concurrent.TimeUnit;
 
+import org.apache.geode.distributed.internal.SecurityConfig;
 import org.awaitility.Awaitility;
 import org.junit.After;
 import org.junit.Before;
@@ -81,6 +82,7 @@ public class CacheConnectionTimeoutJUnitTest {
     cacheFactory.set(ConfigurationProperties.MCAST_PORT, "0");
     cacheFactory.set(ConfigurationProperties.ENABLE_CLUSTER_CONFIGURATION, "false");
     cacheFactory.set(ConfigurationProperties.USE_CLUSTER_CONFIGURATION, "false");
+    cacheFactory.setSecurityManager(null);
 
     cache = cacheFactory.create();
 
@@ -154,7 +156,7 @@ public class CacheConnectionTimeoutJUnitTest {
     for (int i = 0; i < timeout; i += interval) {
       // send a PUT message
       protobufProtocolSerializer.serialize(putMessage, outputStream);
-      assertNotEquals(-1, socket.getInputStream().read());
+      protobufProtocolSerializer.deserialize(socket.getInputStream());
       Thread.sleep(interval);
     }
   }
diff --git a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/acceptance/CacheMaxConnectionJUnitTest.java b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/acceptance/CacheMaxConnectionJUnitTest.java
index d928224..83084e9 100644
--- a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/acceptance/CacheMaxConnectionJUnitTest.java
+++ b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/acceptance/CacheMaxConnectionJUnitTest.java
@@ -32,6 +32,7 @@ import java.util.concurrent.Executors;
 import java.util.concurrent.Future;
 import java.util.concurrent.TimeUnit;
 
+import org.apache.geode.distributed.internal.SecurityConfig;
 import org.awaitility.Awaitility;
 import org.junit.After;
 import org.junit.Before;
diff --git a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/acceptance/CacheOperationsJUnitTest.java b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/acceptance/CacheOperationsJUnitTest.java
index 29c6623..08d648f 100644
--- a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/acceptance/CacheOperationsJUnitTest.java
+++ b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/acceptance/CacheOperationsJUnitTest.java
@@ -36,6 +36,7 @@ import java.util.Set;
 import java.util.concurrent.TimeUnit;
 import java.util.stream.Stream;
 
+import org.apache.geode.distributed.internal.SecurityConfig;
 import org.awaitility.Awaitility;
 import org.junit.After;
 import org.junit.Assert;
diff --git a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufShiroAuthenticatorJUnitTest.java b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufShiroAuthenticatorJUnitTest.java
new file mode 100644
index 0000000..1972e31
--- /dev/null
+++ b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufShiroAuthenticatorJUnitTest.java
@@ -0,0 +1,117 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+package org.apache.geode.internal.protocol.protobuf;
+
+import static junit.framework.TestCase.fail;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.util.Properties;
+
+import org.apache.shiro.subject.Subject;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import org.apache.geode.internal.protocol.protobuf.security.ProtobufShiroAuthenticator;
+import org.apache.geode.internal.security.SecurityService;
+import org.apache.geode.management.internal.security.ResourceConstants;
+import org.apache.geode.security.AuthenticationFailedException;
+import org.apache.geode.test.junit.categories.UnitTest;
+
+@Category(UnitTest.class)
+public class ProtobufShiroAuthenticatorJUnitTest {
+  private static final String TEST_USERNAME = "user1";
+  private static final String TEST_PASSWORD = "hunter2";
+  private ByteArrayInputStream byteArrayInputStream; // initialized with an incoming request in
+                                                     // setUp.
+  private ByteArrayOutputStream byteArrayOutputStream;
+  private ProtobufShiroAuthenticator protobufShiroAuthenticator;
+  private SecurityService mockSecurityService;
+  private Subject mockSecuritySubject;
+  private Properties expectedAuthProperties;
+
+  @Before
+  public void setUp() throws IOException {
+    ClientProtocol.Message basicAuthenticationRequest = ClientProtocol.Message.newBuilder()
+        .setRequest(ClientProtocol.Request.newBuilder()
+            .setSimpleAuthenticationRequest(AuthenticationAPI.AuthenticationRequest.newBuilder()
+                .putCredentials(ResourceConstants.USER_NAME, TEST_USERNAME)
+                .putCredentials(ResourceConstants.PASSWORD, TEST_PASSWORD)))
+        .build();
+
+    expectedAuthProperties = new Properties();
+    expectedAuthProperties.setProperty(ResourceConstants.USER_NAME, TEST_USERNAME);
+    expectedAuthProperties.setProperty(ResourceConstants.PASSWORD, TEST_PASSWORD);
+
+    ByteArrayOutputStream messageStream = new ByteArrayOutputStream();
+    basicAuthenticationRequest.writeDelimitedTo(messageStream);
+    byteArrayInputStream = new ByteArrayInputStream(messageStream.toByteArray());
+    byteArrayOutputStream = new ByteArrayOutputStream();
+
+    mockSecuritySubject = mock(Subject.class);
+    mockSecurityService = mock(SecurityService.class);
+    when(mockSecurityService.login(expectedAuthProperties)).thenReturn(mockSecuritySubject);
+
+    protobufShiroAuthenticator = new ProtobufShiroAuthenticator();
+  }
+
+  @Test
+  public void successfulAuthentication() throws IOException {
+    protobufShiroAuthenticator.authenticate(byteArrayInputStream, byteArrayOutputStream,
+        mockSecurityService);
+
+    AuthenticationAPI.AuthenticationResponse authenticationResponse =
+        getSimpleAuthenticationResponse(byteArrayOutputStream);
+
+    assertTrue(authenticationResponse.getAuthenticated());
+  }
+
+  @Test(expected = AuthenticationFailedException.class)
+  public void failedAuthentication() throws IOException {
+    when(mockSecurityService.login(expectedAuthProperties))
+        .thenThrow(new AuthenticationFailedException("BOOM!"));
+
+    protobufShiroAuthenticator.authenticate(byteArrayInputStream, byteArrayOutputStream,
+        mockSecurityService);
+  }
+
+  @Test
+  public void authenticationRequestedWithNoCacheSecurity() throws IOException {
+    when(mockSecurityService.isIntegratedSecurity()).thenReturn(false);
+    when(mockSecurityService.isClientSecurityRequired()).thenReturn(false);
+    when(mockSecurityService.isPeerSecurityRequired()).thenReturn(false);
+
+    protobufShiroAuthenticator.authenticate(byteArrayInputStream, byteArrayOutputStream,
+        mockSecurityService);
+
+    AuthenticationAPI.AuthenticationResponse authenticationResponse =
+        getSimpleAuthenticationResponse(byteArrayOutputStream);
+
+    assertTrue(authenticationResponse.getAuthenticated());
+  }
+
+  private AuthenticationAPI.AuthenticationResponse getSimpleAuthenticationResponse(
+      ByteArrayOutputStream outputStream) throws IOException {
+    ByteArrayInputStream responseStream = new ByteArrayInputStream(outputStream.toByteArray());
+    return ClientProtocol.Message.parseDelimitedFrom(responseStream).getResponse()
+        .getSimpleAuthenticationResponse();
+  }
+}
diff --git a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufSimpleAuthenticatorJUnitTest.java b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufSimpleAuthenticatorJUnitTest.java
deleted file mode 100644
index c8df327..0000000
--- a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufSimpleAuthenticatorJUnitTest.java
+++ /dev/null
@@ -1,128 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-
-package org.apache.geode.internal.protocol.protobuf;
-
-import org.apache.geode.examples.security.ExampleSecurityManager;
-import org.apache.geode.management.internal.security.ResourceConstants;
-import org.apache.geode.security.AuthenticationFailedException;
-import org.apache.geode.security.SecurityManager;
-import org.apache.geode.test.junit.categories.UnitTest;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.util.Properties;
-
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-import static org.mockito.ArgumentMatchers.any;
-import static org.mockito.ArgumentMatchers.same;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
-
-@Category(UnitTest.class)
-public class ProtobufSimpleAuthenticatorJUnitTest {
-  private static final String TEST_USERNAME = "user1";
-  private static final String TEST_PASSWORD = "hunter2";
-  private ByteArrayInputStream byteArrayInputStream; // initialized with an incoming request in
-                                                     // setUp.
-  private ByteArrayOutputStream byteArrayOutputStream;
-  private ProtobufSimpleAuthenticator protobufSimpleAuthenticator;
-  private SecurityManager mockSecurityManager;
-  private Object securityPrincipal;
-  private Properties expectedAuthProperties;
-
-  @Before
-  public void setUp() throws IOException {
-    AuthenticationAPI.SimpleAuthenticationRequest basicAuthenticationRequest =
-        AuthenticationAPI.SimpleAuthenticationRequest.newBuilder().setUsername(TEST_USERNAME)
-            .setPassword(TEST_PASSWORD).build();
-
-    expectedAuthProperties = new Properties();
-    expectedAuthProperties.setProperty(ResourceConstants.USER_NAME, TEST_USERNAME);
-    expectedAuthProperties.setProperty(ResourceConstants.PASSWORD, TEST_PASSWORD);
-
-    ByteArrayOutputStream messageStream = new ByteArrayOutputStream();
-    basicAuthenticationRequest.writeDelimitedTo(messageStream);
-    byteArrayInputStream = new ByteArrayInputStream(messageStream.toByteArray());
-    byteArrayOutputStream = new ByteArrayOutputStream();
-
-    securityPrincipal = new Object();
-    mockSecurityManager = mock(SecurityManager.class);
-    when(mockSecurityManager.authenticate(expectedAuthProperties)).thenReturn(securityPrincipal);
-    when(mockSecurityManager.authorize(same(securityPrincipal), any())).thenReturn(true);
-
-    protobufSimpleAuthenticator = new ProtobufSimpleAuthenticator();
-  }
-
-  @Test
-  public void successfulAuthentication() throws IOException {
-    assertFalse(protobufSimpleAuthenticator.isAuthenticated());
-
-    protobufSimpleAuthenticator.authenticate(byteArrayInputStream, byteArrayOutputStream,
-        mockSecurityManager);
-
-    AuthenticationAPI.SimpleAuthenticationResponse simpleAuthenticationResponse =
-        getSimpleAuthenticationResponse(byteArrayOutputStream);
-
-    assertTrue(simpleAuthenticationResponse.getAuthenticated());
-    assertTrue(protobufSimpleAuthenticator.isAuthenticated());
-  }
-
-  @Test
-  public void authenticationFails() throws IOException {
-    assertFalse(protobufSimpleAuthenticator.isAuthenticated());
-
-    Properties expectedAuthProperties = new Properties();
-    expectedAuthProperties.setProperty(ResourceConstants.USER_NAME, TEST_USERNAME);
-    expectedAuthProperties.setProperty(ResourceConstants.PASSWORD, TEST_PASSWORD);
-    when(mockSecurityManager.authenticate(expectedAuthProperties))
-        .thenThrow(new AuthenticationFailedException("BOOM!"));
-
-    protobufSimpleAuthenticator.authenticate(byteArrayInputStream, byteArrayOutputStream,
-        mockSecurityManager);
-
-    AuthenticationAPI.SimpleAuthenticationResponse simpleAuthenticationResponse =
-        getSimpleAuthenticationResponse(byteArrayOutputStream);
-
-    assertFalse(simpleAuthenticationResponse.getAuthenticated());
-    assertFalse(protobufSimpleAuthenticator.isAuthenticated());
-  }
-
-  @Test
-  public void testExampleSecurityManager() throws IOException {
-    assertFalse(protobufSimpleAuthenticator.isAuthenticated());
-
-    protobufSimpleAuthenticator.authenticate(byteArrayInputStream, byteArrayOutputStream,
-        mockSecurityManager);
-
-    new ExampleSecurityManager().init(expectedAuthProperties);
-    AuthenticationAPI.SimpleAuthenticationResponse simpleAuthenticationResponse =
-        getSimpleAuthenticationResponse(byteArrayOutputStream);
-
-    assertTrue(simpleAuthenticationResponse.getAuthenticated());
-    assertTrue(protobufSimpleAuthenticator.isAuthenticated());
-  }
-
-  private AuthenticationAPI.SimpleAuthenticationResponse getSimpleAuthenticationResponse(
-      ByteArrayOutputStream outputStream) throws IOException {
-    ByteArrayInputStream responseStream = new ByteArrayInputStream(outputStream.toByteArray());
-    return AuthenticationAPI.SimpleAuthenticationResponse.parseDelimitedFrom(responseStream);
-  }
-}
diff --git a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufStreamProcessorTest.java b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufStreamProcessorTest.java
index 16c3cd9..54b4e54 100644
--- a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufStreamProcessorTest.java
+++ b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufStreamProcessorTest.java
@@ -14,7 +14,13 @@
  */
 package org.apache.geode.internal.protocol.protobuf;
 
-import static org.mockito.Mockito.mock;
+import org.apache.geode.internal.cache.InternalCache;
+import org.apache.geode.internal.cache.tier.sockets.MessageExecutionContext;
+import org.apache.geode.internal.protocol.protobuf.security.NoOpAuthorizer;
+import org.apache.geode.internal.protocol.protobuf.statistics.NoOpStatistics;
+import org.apache.geode.test.junit.categories.UnitTest;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
 
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
@@ -22,14 +28,7 @@ import java.io.EOFException;
 import java.io.InputStream;
 import java.io.OutputStream;
 
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-import org.apache.geode.internal.cache.InternalCache;
-import org.apache.geode.internal.cache.tier.sockets.MessageExecutionContext;
-import org.apache.geode.internal.protocol.protobuf.statistics.NoOpProtobufStatistics;
-import org.apache.geode.security.internal.server.NoOpAuthorizer;
-import org.apache.geode.test.junit.categories.UnitTest;
+import static org.mockito.Mockito.mock;
 
 @Category(UnitTest.class)
 public class ProtobufStreamProcessorTest {
@@ -41,6 +40,6 @@ public class ProtobufStreamProcessorTest {
     ProtobufStreamProcessor protobufStreamProcessor = new ProtobufStreamProcessor();
     InternalCache mockInternalCache = mock(InternalCache.class);
     protobufStreamProcessor.receiveMessage(inputStream, outputStream, new MessageExecutionContext(
-        mockInternalCache, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        mockInternalCache, new NoOpAuthorizer(), new Object(), new NoOpStatistics()));
   }
 }
diff --git a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/ProtobufSimpleAuthorizer.java b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufTestExecutionContext.java
similarity index 55%
rename from geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/ProtobufSimpleAuthorizer.java
rename to geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufTestExecutionContext.java
index bfddca9..56beb0e 100644
--- a/geode-protobuf/src/main/java/org/apache/geode/internal/protocol/protobuf/ProtobufSimpleAuthorizer.java
+++ b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/ProtobufTestExecutionContext.java
@@ -14,21 +14,19 @@
  */
 package org.apache.geode.internal.protocol.protobuf;
 
-import org.apache.geode.security.ResourcePermission;
-import org.apache.geode.security.SecurityManager;
-import org.apache.geode.security.internal.server.Authorizer;
+import com.google.protobuf.GeneratedMessageV3;
+import org.apache.geode.cache.Cache;
+import org.apache.geode.internal.cache.tier.sockets.MessageExecutionContext;
+import org.apache.geode.internal.protocol.protobuf.security.NoOpAuthorizer;
+import org.apache.geode.internal.protocol.protobuf.statistics.NoOpStatistics;
 
-public class ProtobufSimpleAuthorizer implements Authorizer {
-  private final Object authenticatedPrincipal;
-  private final SecurityManager securityManager;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
 
-  public ProtobufSimpleAuthorizer(Object authenticatedPrincipal, SecurityManager securityManager) {
-    this.authenticatedPrincipal = authenticatedPrincipal;
-    this.securityManager = securityManager;
-  }
-
-  @Override
-  public boolean authorize(ResourcePermission permissionRequested) {
-    return securityManager.authorize(authenticatedPrincipal, permissionRequested);
+public class ProtobufTestExecutionContext {
+  public static MessageExecutionContext getNoAuthExecutionContext(Cache cache) {
+    return new MessageExecutionContext(cache, new NoOpAuthorizer(), new Object(),
+        new NoOpStatistics());
   }
 }
diff --git a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/GetAllRequestOperationHandlerJUnitTest.java b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/GetAllRequestOperationHandlerJUnitTest.java
index 9bfc061..86ad5af 100644
--- a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/GetAllRequestOperationHandlerJUnitTest.java
+++ b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/GetAllRequestOperationHandlerJUnitTest.java
@@ -33,18 +33,16 @@ import org.junit.experimental.categories.Category;
 
 import org.apache.geode.cache.CacheLoaderException;
 import org.apache.geode.cache.Region;
-import org.apache.geode.internal.cache.tier.sockets.MessageExecutionContext;
 import org.apache.geode.internal.exception.InvalidExecutionContextException;
 import org.apache.geode.internal.protocol.protobuf.BasicTypes;
+import org.apache.geode.internal.protocol.protobuf.ProtobufTestExecutionContext;
 import org.apache.geode.internal.protocol.protobuf.RegionAPI;
 import org.apache.geode.internal.protocol.protobuf.Result;
 import org.apache.geode.internal.protocol.protobuf.Success;
-import org.apache.geode.internal.protocol.protobuf.statistics.NoOpProtobufStatistics;
 import org.apache.geode.internal.protocol.protobuf.utilities.ProtobufRequestUtilities;
 import org.apache.geode.internal.protocol.protobuf.utilities.ProtobufUtilities;
 import org.apache.geode.internal.serialization.exception.UnsupportedEncodingTypeException;
 import org.apache.geode.internal.serialization.registry.exception.CodecNotRegisteredForTypeException;
-import org.apache.geode.security.internal.server.NoOpAuthorizer;
 import org.apache.geode.test.junit.categories.UnitTest;
 
 @Category(UnitTest.class)
@@ -78,9 +76,9 @@ public class GetAllRequestOperationHandlerJUnitTest extends OperationHandlerJUni
 
   @Test
   public void processReturnsExpectedValuesForValidKeys() throws Exception {
-    Result<RegionAPI.GetAllResponse> result = operationHandler.process(serializationServiceStub,
-        generateTestRequest(true, false),
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+    Result<RegionAPI.GetAllResponse> result =
+        operationHandler.process(serializationServiceStub, generateTestRequest(true, false),
+            ProtobufTestExecutionContext.getNoAuthExecutionContext(cacheStub));
 
     assertTrue(result instanceof Success);
 
@@ -99,9 +97,9 @@ public class GetAllRequestOperationHandlerJUnitTest extends OperationHandlerJUni
   @Test
   public void processReturnsNoEntriesForNoKeysRequested() throws UnsupportedEncodingTypeException,
       CodecNotRegisteredForTypeException, InvalidExecutionContextException {
-    Result<RegionAPI.GetAllResponse> result = operationHandler.process(serializationServiceStub,
-        generateTestRequest(false, false),
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+    Result<RegionAPI.GetAllResponse> result =
+        operationHandler.process(serializationServiceStub, generateTestRequest(false, false),
+            ProtobufTestExecutionContext.getNoAuthExecutionContext(cacheStub));
 
     assertTrue(result instanceof Success);
 
@@ -118,8 +116,7 @@ public class GetAllRequestOperationHandlerJUnitTest extends OperationHandlerJUni
     RegionAPI.GetAllRequest getAllRequest =
         ProtobufRequestUtilities.createGetAllRequest(TEST_REGION, testKeys);
     Result<RegionAPI.GetAllResponse> result = operationHandler.process(serializationServiceStub,
-        getAllRequest,
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        getAllRequest, ProtobufTestExecutionContext.getNoAuthExecutionContext(cacheStub));
 
     assertTrue(result instanceof Success);
     RegionAPI.GetAllResponse message = result.getMessage();
@@ -133,9 +130,9 @@ public class GetAllRequestOperationHandlerJUnitTest extends OperationHandlerJUni
   @Test
   public void multipleKeysWhereOneThrows() throws UnsupportedEncodingTypeException,
       CodecNotRegisteredForTypeException, InvalidExecutionContextException {
-    Result<RegionAPI.GetAllResponse> result = operationHandler.process(serializationServiceStub,
-        generateTestRequest(true, true),
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+    Result<RegionAPI.GetAllResponse> result =
+        operationHandler.process(serializationServiceStub, generateTestRequest(true, true),
+            ProtobufTestExecutionContext.getNoAuthExecutionContext(cacheStub));
 
     assertTrue(result instanceof Success);
 
diff --git a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/GetRegionNamesRequestOperationHandlerJUnitTest.java b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/GetRegionNamesRequestOperationHandlerJUnitTest.java
index 31ac2cb..3c0c913 100644
--- a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/GetRegionNamesRequestOperationHandlerJUnitTest.java
+++ b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/GetRegionNamesRequestOperationHandlerJUnitTest.java
@@ -14,6 +14,7 @@
  */
 package org.apache.geode.internal.protocol.protobuf.operations;
 
+import static org.apache.geode.internal.protocol.protobuf.ProtobufTestExecutionContext.getNoAuthExecutionContext;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
 
@@ -28,16 +29,13 @@ import org.junit.experimental.categories.Category;
 
 import org.apache.geode.cache.Cache;
 import org.apache.geode.cache.Region;
-import org.apache.geode.internal.cache.tier.sockets.MessageExecutionContext;
 import org.apache.geode.internal.exception.InvalidExecutionContextException;
 import org.apache.geode.internal.protocol.protobuf.RegionAPI;
 import org.apache.geode.internal.protocol.protobuf.Result;
 import org.apache.geode.internal.protocol.protobuf.Success;
-import org.apache.geode.internal.protocol.protobuf.statistics.NoOpProtobufStatistics;
 import org.apache.geode.internal.protocol.protobuf.utilities.ProtobufRequestUtilities;
 import org.apache.geode.internal.serialization.exception.UnsupportedEncodingTypeException;
 import org.apache.geode.internal.serialization.registry.exception.CodecNotRegisteredForTypeException;
-import org.apache.geode.security.internal.server.NoOpAuthorizer;
 import org.apache.geode.test.junit.categories.UnitTest;
 
 @Category(UnitTest.class)
@@ -67,7 +65,7 @@ public class GetRegionNamesRequestOperationHandlerJUnitTest extends OperationHan
       CodecNotRegisteredForTypeException, InvalidExecutionContextException {
     Result<RegionAPI.GetRegionNamesResponse> result = operationHandler.process(
         serializationServiceStub, ProtobufRequestUtilities.createGetRegionNamesRequest(),
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        getNoAuthExecutionContext(cacheStub));
     Assert.assertTrue(result instanceof Success);
 
     RegionAPI.GetRegionNamesResponse getRegionsResponse = result.getMessage();
@@ -89,10 +87,9 @@ public class GetRegionNamesRequestOperationHandlerJUnitTest extends OperationHan
     Cache emptyCache = mock(Cache.class);;
     when(emptyCache.rootRegions())
         .thenReturn(Collections.unmodifiableSet(new HashSet<Region<String, String>>()));
-    Result<RegionAPI.GetRegionNamesResponse> result =
-        operationHandler.process(serializationServiceStub,
-            ProtobufRequestUtilities.createGetRegionNamesRequest(), new MessageExecutionContext(
-                emptyCache, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+    Result<RegionAPI.GetRegionNamesResponse> result = operationHandler.process(
+        serializationServiceStub, ProtobufRequestUtilities.createGetRegionNamesRequest(),
+        getNoAuthExecutionContext(emptyCache));
     Assert.assertTrue(result instanceof Success);
 
     RegionAPI.GetRegionNamesResponse getRegionsResponse = result.getMessage();
diff --git a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/GetRegionRequestOperationHandlerJUnitTest.java b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/GetRegionRequestOperationHandlerJUnitTest.java
index 3764f6e..2e7979c 100644
--- a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/GetRegionRequestOperationHandlerJUnitTest.java
+++ b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/GetRegionRequestOperationHandlerJUnitTest.java
@@ -14,6 +14,7 @@
  */
 package org.apache.geode.internal.protocol.protobuf.operations;
 
+import static org.apache.geode.internal.protocol.protobuf.ProtobufTestExecutionContext.getNoAuthExecutionContext;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
 
@@ -30,7 +31,6 @@ import org.apache.geode.cache.DataPolicy;
 import org.apache.geode.cache.Region;
 import org.apache.geode.cache.RegionAttributes;
 import org.apache.geode.cache.Scope;
-import org.apache.geode.internal.cache.tier.sockets.MessageExecutionContext;
 import org.apache.geode.internal.protocol.MessageUtil;
 import org.apache.geode.internal.protocol.protobuf.BasicTypes;
 import org.apache.geode.internal.protocol.protobuf.ClientProtocol;
@@ -38,8 +38,6 @@ import org.apache.geode.internal.protocol.protobuf.Failure;
 import org.apache.geode.internal.protocol.protobuf.ProtocolErrorCode;
 import org.apache.geode.internal.protocol.protobuf.RegionAPI;
 import org.apache.geode.internal.protocol.protobuf.Result;
-import org.apache.geode.internal.protocol.protobuf.statistics.NoOpProtobufStatistics;
-import org.apache.geode.security.internal.server.NoOpAuthorizer;
 import org.apache.geode.test.junit.categories.UnitTest;
 
 @Category(UnitTest.class)
@@ -72,8 +70,7 @@ public class GetRegionRequestOperationHandlerJUnitTest extends OperationHandlerJ
 
 
     Result<RegionAPI.GetRegionResponse> result = operationHandler.process(serializationServiceStub,
-        MessageUtil.makeGetRegionRequest(TEST_REGION1),
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        MessageUtil.makeGetRegionRequest(TEST_REGION1), getNoAuthExecutionContext(cacheStub));
     RegionAPI.GetRegionResponse response = result.getMessage();
     BasicTypes.Region region = response.getRegion();
     Assert.assertEquals(TEST_REGION1, region.getName());
@@ -96,10 +93,10 @@ public class GetRegionRequestOperationHandlerJUnitTest extends OperationHandlerJ
         .thenReturn(Collections.unmodifiableSet(new HashSet<Region<String, String>>()));
     String unknownRegionName = "UNKNOWN_REGION";
     Result<RegionAPI.GetRegionResponse> result = operationHandler.process(serializationServiceStub,
-        MessageUtil.makeGetRegionRequest(unknownRegionName), new MessageExecutionContext(emptyCache,
-            new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        MessageUtil.makeGetRegionRequest(unknownRegionName), getNoAuthExecutionContext(emptyCache));
     Assert.assertTrue(result instanceof Failure);
     Assert.assertEquals(ProtocolErrorCode.REGION_NOT_FOUND.codeValue,
         result.getErrorMessage().getError().getErrorCode());
   }
+
 }
diff --git a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/GetRequestOperationHandlerJUnitTest.java b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/GetRequestOperationHandlerJUnitTest.java
index 224ab45..8064475 100644
--- a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/GetRequestOperationHandlerJUnitTest.java
+++ b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/GetRequestOperationHandlerJUnitTest.java
@@ -25,19 +25,17 @@ import org.junit.Test;
 import org.junit.experimental.categories.Category;
 
 import org.apache.geode.cache.Region;
-import org.apache.geode.internal.cache.tier.sockets.MessageExecutionContext;
 import org.apache.geode.internal.protocol.protobuf.BasicTypes;
 import org.apache.geode.internal.protocol.protobuf.Failure;
+import org.apache.geode.internal.protocol.protobuf.ProtobufTestExecutionContext;
 import org.apache.geode.internal.protocol.protobuf.ProtocolErrorCode;
 import org.apache.geode.internal.protocol.protobuf.RegionAPI;
 import org.apache.geode.internal.protocol.protobuf.Result;
 import org.apache.geode.internal.protocol.protobuf.Success;
-import org.apache.geode.internal.protocol.protobuf.statistics.NoOpProtobufStatistics;
 import org.apache.geode.internal.protocol.protobuf.utilities.ProtobufRequestUtilities;
 import org.apache.geode.internal.protocol.protobuf.utilities.ProtobufUtilities;
 import org.apache.geode.internal.serialization.exception.UnsupportedEncodingTypeException;
 import org.apache.geode.internal.serialization.registry.exception.CodecNotRegisteredForTypeException;
-import org.apache.geode.security.internal.server.NoOpAuthorizer;
 import org.apache.geode.test.junit.categories.UnitTest;
 
 @Category(UnitTest.class)
@@ -69,8 +67,7 @@ public class GetRequestOperationHandlerJUnitTest extends OperationHandlerJUnitTe
   public void processReturnsTheEncodedValueFromTheRegion() throws Exception {
     RegionAPI.GetRequest getRequest = generateTestRequest(false, false, false);
     Result<RegionAPI.GetResponse> result = operationHandler.process(serializationServiceStub,
-        getRequest,
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        getRequest, ProtobufTestExecutionContext.getNoAuthExecutionContext(cacheStub));
 
     Assert.assertTrue(result instanceof Success);
     Assert.assertEquals(BasicTypes.EncodedValue.ValueCase.STRINGRESULT,
@@ -83,8 +80,7 @@ public class GetRequestOperationHandlerJUnitTest extends OperationHandlerJUnitTe
   public void processReturnsUnsucessfulResponseForInvalidRegion() throws Exception {
     RegionAPI.GetRequest getRequest = generateTestRequest(true, false, false);
     Result<RegionAPI.GetResponse> response = operationHandler.process(serializationServiceStub,
-        getRequest,
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        getRequest, ProtobufTestExecutionContext.getNoAuthExecutionContext(cacheStub));
 
     Assert.assertTrue(response instanceof Failure);
     Assert.assertEquals(ProtocolErrorCode.REGION_NOT_FOUND.codeValue,
@@ -95,8 +91,7 @@ public class GetRequestOperationHandlerJUnitTest extends OperationHandlerJUnitTe
   public void processReturnsKeyNotFoundWhenKeyIsNotFound() throws Exception {
     RegionAPI.GetRequest getRequest = generateTestRequest(false, true, false);
     Result<RegionAPI.GetResponse> response = operationHandler.process(serializationServiceStub,
-        getRequest,
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        getRequest, ProtobufTestExecutionContext.getNoAuthExecutionContext(cacheStub));
 
     Assert.assertTrue(response instanceof Success);
   }
@@ -105,8 +100,7 @@ public class GetRequestOperationHandlerJUnitTest extends OperationHandlerJUnitTe
   public void processReturnsLookupFailureWhenKeyFoundWithNoValue() throws Exception {
     RegionAPI.GetRequest getRequest = generateTestRequest(false, false, true);
     Result<RegionAPI.GetResponse> response = operationHandler.process(serializationServiceStub,
-        getRequest,
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        getRequest, ProtobufTestExecutionContext.getNoAuthExecutionContext(cacheStub));
 
     Assert.assertTrue(response instanceof Success);
   }
@@ -125,8 +119,7 @@ public class GetRequestOperationHandlerJUnitTest extends OperationHandlerJUnitTe
     RegionAPI.GetRequest getRequest =
         ProtobufRequestUtilities.createGetRequest(TEST_REGION, encodedKey).getGetRequest();
     Result<RegionAPI.GetResponse> response = operationHandler.process(serializationServiceStub,
-        getRequest,
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        getRequest, ProtobufTestExecutionContext.getNoAuthExecutionContext(cacheStub));
 
     Assert.assertTrue(response instanceof Failure);
     Assert.assertEquals(ProtocolErrorCode.VALUE_ENCODING_ERROR.codeValue,
diff --git a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/PutAllRequestOperationHandlerJUnitTest.java b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/PutAllRequestOperationHandlerJUnitTest.java
index 7d6cab2..9e1d7a5 100644
--- a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/PutAllRequestOperationHandlerJUnitTest.java
+++ b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/PutAllRequestOperationHandlerJUnitTest.java
@@ -14,6 +14,7 @@
  */
 package org.apache.geode.internal.protocol.protobuf.operations;
 
+import static org.apache.geode.internal.protocol.protobuf.ProtobufTestExecutionContext.getNoAuthExecutionContext;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertTrue;
 import static org.mockito.Mockito.any;
@@ -30,17 +31,14 @@ import org.junit.Test;
 import org.junit.experimental.categories.Category;
 
 import org.apache.geode.cache.Region;
-import org.apache.geode.internal.cache.tier.sockets.MessageExecutionContext;
 import org.apache.geode.internal.protocol.protobuf.BasicTypes;
 import org.apache.geode.internal.protocol.protobuf.RegionAPI;
 import org.apache.geode.internal.protocol.protobuf.Result;
 import org.apache.geode.internal.protocol.protobuf.Success;
-import org.apache.geode.internal.protocol.protobuf.statistics.NoOpProtobufStatistics;
 import org.apache.geode.internal.protocol.protobuf.utilities.ProtobufRequestUtilities;
 import org.apache.geode.internal.protocol.protobuf.utilities.ProtobufUtilities;
 import org.apache.geode.internal.serialization.exception.UnsupportedEncodingTypeException;
 import org.apache.geode.internal.serialization.registry.exception.CodecNotRegisteredForTypeException;
-import org.apache.geode.security.internal.server.NoOpAuthorizer;
 import org.apache.geode.test.dunit.Assert;
 import org.apache.geode.test.junit.categories.UnitTest;
 
@@ -73,8 +71,7 @@ public class PutAllRequestOperationHandlerJUnitTest extends OperationHandlerJUni
     PutAllRequestOperationHandler operationHandler = new PutAllRequestOperationHandler();
 
     Result<RegionAPI.PutAllResponse> result = operationHandler.process(serializationServiceStub,
-        generateTestRequest(false, true),
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        generateTestRequest(false, true), getNoAuthExecutionContext(cacheStub));
 
     Assert.assertTrue(result instanceof Success);
 
@@ -88,8 +85,7 @@ public class PutAllRequestOperationHandlerJUnitTest extends OperationHandlerJUni
     PutAllRequestOperationHandler operationHandler = new PutAllRequestOperationHandler();
 
     Result<RegionAPI.PutAllResponse> result = operationHandler.process(serializationServiceStub,
-        generateTestRequest(true, true),
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        generateTestRequest(true, true), getNoAuthExecutionContext(cacheStub));
 
     assertTrue(result instanceof Success);
     verify(regionMock).put(TEST_KEY1, TEST_VALUE1);
@@ -108,8 +104,7 @@ public class PutAllRequestOperationHandlerJUnitTest extends OperationHandlerJUni
     PutAllRequestOperationHandler operationHandler = new PutAllRequestOperationHandler();
 
     Result<RegionAPI.PutAllResponse> result = operationHandler.process(serializationServiceStub,
-        generateTestRequest(false, false),
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        generateTestRequest(false, false), getNoAuthExecutionContext(cacheStub));
 
     assertTrue(result instanceof Success);
 
diff --git a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/PutRequestOperationHandlerJUnitTest.java b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/PutRequestOperationHandlerJUnitTest.java
index 0a0b19e..b90982c 100644
--- a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/PutRequestOperationHandlerJUnitTest.java
+++ b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/PutRequestOperationHandlerJUnitTest.java
@@ -29,19 +29,17 @@ import org.junit.Test;
 import org.junit.experimental.categories.Category;
 
 import org.apache.geode.cache.Region;
-import org.apache.geode.internal.cache.tier.sockets.MessageExecutionContext;
 import org.apache.geode.internal.protocol.protobuf.BasicTypes;
 import org.apache.geode.internal.protocol.protobuf.Failure;
+import org.apache.geode.internal.protocol.protobuf.ProtobufTestExecutionContext;
 import org.apache.geode.internal.protocol.protobuf.ProtocolErrorCode;
 import org.apache.geode.internal.protocol.protobuf.RegionAPI;
 import org.apache.geode.internal.protocol.protobuf.Result;
 import org.apache.geode.internal.protocol.protobuf.Success;
-import org.apache.geode.internal.protocol.protobuf.statistics.NoOpProtobufStatistics;
 import org.apache.geode.internal.protocol.protobuf.utilities.ProtobufRequestUtilities;
 import org.apache.geode.internal.protocol.protobuf.utilities.ProtobufUtilities;
 import org.apache.geode.internal.serialization.exception.UnsupportedEncodingTypeException;
 import org.apache.geode.internal.serialization.registry.exception.CodecNotRegisteredForTypeException;
-import org.apache.geode.security.internal.server.NoOpAuthorizer;
 import org.apache.geode.test.junit.categories.UnitTest;
 
 @Category(UnitTest.class)
@@ -65,8 +63,7 @@ public class PutRequestOperationHandlerJUnitTest extends OperationHandlerJUnitTe
   public void test_puttingTheEncodedEntryIntoRegion() throws Exception {
     PutRequestOperationHandler operationHandler = new PutRequestOperationHandler();
     Result<RegionAPI.PutResponse> result = operationHandler.process(serializationServiceStub,
-        generateTestRequest(),
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        generateTestRequest(), ProtobufTestExecutionContext.getNoAuthExecutionContext(cacheStub));
 
     assertTrue(result instanceof Success);
 
@@ -95,8 +92,7 @@ public class PutRequestOperationHandlerJUnitTest extends OperationHandlerJUnitTe
     RegionAPI.PutRequest putRequest =
         ProtobufRequestUtilities.createPutRequest(TEST_REGION, testEntry).getPutRequest();
     Result<RegionAPI.PutResponse> result = operationHandler.process(serializationServiceStub,
-        putRequest,
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        putRequest, ProtobufTestExecutionContext.getNoAuthExecutionContext(cacheStub));
 
     assertTrue(result instanceof Failure);
     assertEquals(ProtocolErrorCode.VALUE_ENCODING_ERROR.codeValue,
@@ -108,8 +104,7 @@ public class PutRequestOperationHandlerJUnitTest extends OperationHandlerJUnitTe
     when(cacheStub.getRegion(TEST_REGION)).thenReturn(null);
     PutRequestOperationHandler operationHandler = new PutRequestOperationHandler();
     Result<RegionAPI.PutResponse> result = operationHandler.process(serializationServiceStub,
-        generateTestRequest(),
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        generateTestRequest(), ProtobufTestExecutionContext.getNoAuthExecutionContext(cacheStub));
 
     assertTrue(result instanceof Failure);
     assertEquals(ProtocolErrorCode.REGION_NOT_FOUND.codeValue,
@@ -122,8 +117,7 @@ public class PutRequestOperationHandlerJUnitTest extends OperationHandlerJUnitTe
 
     PutRequestOperationHandler operationHandler = new PutRequestOperationHandler();
     Result<RegionAPI.PutResponse> result = operationHandler.process(serializationServiceStub,
-        generateTestRequest(),
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        generateTestRequest(), ProtobufTestExecutionContext.getNoAuthExecutionContext(cacheStub));
 
     assertTrue(result instanceof Failure);
     assertEquals(ProtocolErrorCode.CONSTRAINT_VIOLATION.codeValue,
diff --git a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/RemoveRequestOperationHandlerJUnitTest.java b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/RemoveRequestOperationHandlerJUnitTest.java
index 3d9c2d2..5bfad23 100644
--- a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/RemoveRequestOperationHandlerJUnitTest.java
+++ b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/operations/RemoveRequestOperationHandlerJUnitTest.java
@@ -27,20 +27,18 @@ import org.junit.Test;
 import org.junit.experimental.categories.Category;
 
 import org.apache.geode.cache.Region;
-import org.apache.geode.internal.cache.tier.sockets.MessageExecutionContext;
 import org.apache.geode.internal.protocol.protobuf.BasicTypes;
 import org.apache.geode.internal.protocol.protobuf.ClientProtocol;
 import org.apache.geode.internal.protocol.protobuf.Failure;
+import org.apache.geode.internal.protocol.protobuf.ProtobufTestExecutionContext;
 import org.apache.geode.internal.protocol.protobuf.ProtocolErrorCode;
 import org.apache.geode.internal.protocol.protobuf.RegionAPI;
 import org.apache.geode.internal.protocol.protobuf.Result;
 import org.apache.geode.internal.protocol.protobuf.Success;
-import org.apache.geode.internal.protocol.protobuf.statistics.NoOpProtobufStatistics;
 import org.apache.geode.internal.protocol.protobuf.utilities.ProtobufRequestUtilities;
 import org.apache.geode.internal.protocol.protobuf.utilities.ProtobufUtilities;
 import org.apache.geode.internal.serialization.exception.UnsupportedEncodingTypeException;
 import org.apache.geode.internal.serialization.registry.exception.CodecNotRegisteredForTypeException;
-import org.apache.geode.security.internal.server.NoOpAuthorizer;
 import org.apache.geode.test.junit.categories.UnitTest;
 
 @Category(UnitTest.class)
@@ -70,8 +68,7 @@ public class RemoveRequestOperationHandlerJUnitTest extends OperationHandlerJUni
   public void processValidKeyRemovesTheEntryAndReturnSuccess() throws Exception {
     RegionAPI.RemoveRequest removeRequest = generateTestRequest(false, false).getRemoveRequest();
     Result<RegionAPI.RemoveResponse> result = operationHandler.process(serializationServiceStub,
-        removeRequest,
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        removeRequest, ProtobufTestExecutionContext.getNoAuthExecutionContext(cacheStub));
 
     assertTrue(result instanceof Success);
     verify(regionStub).remove(TEST_KEY);
@@ -81,8 +78,7 @@ public class RemoveRequestOperationHandlerJUnitTest extends OperationHandlerJUni
   public void processReturnsUnsucessfulResponseForInvalidRegion() throws Exception {
     RegionAPI.RemoveRequest removeRequest = generateTestRequest(true, false).getRemoveRequest();
     Result<RegionAPI.RemoveResponse> result = operationHandler.process(serializationServiceStub,
-        removeRequest,
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        removeRequest, ProtobufTestExecutionContext.getNoAuthExecutionContext(cacheStub));
 
     assertTrue(result instanceof Failure);
     assertEquals(ProtocolErrorCode.REGION_NOT_FOUND.codeValue,
@@ -93,8 +89,7 @@ public class RemoveRequestOperationHandlerJUnitTest extends OperationHandlerJUni
   public void processReturnsSuccessWhenKeyIsNotFound() throws Exception {
     RegionAPI.RemoveRequest removeRequest = generateTestRequest(false, true).getRemoveRequest();
     Result<RegionAPI.RemoveResponse> result = operationHandler.process(serializationServiceStub,
-        removeRequest,
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        removeRequest, ProtobufTestExecutionContext.getNoAuthExecutionContext(cacheStub));
 
     assertTrue(result instanceof Success);
   }
@@ -114,8 +109,7 @@ public class RemoveRequestOperationHandlerJUnitTest extends OperationHandlerJUni
     RegionAPI.RemoveRequest removeRequest =
         ProtobufRequestUtilities.createRemoveRequest(TEST_REGION, encodedKey).getRemoveRequest();;
     Result<RegionAPI.RemoveResponse> result = operationHandler.process(serializationServiceStub,
-        removeRequest,
-        new MessageExecutionContext(cacheStub, new NoOpAuthorizer(), new NoOpProtobufStatistics()));
+        removeRequest, ProtobufTestExecutionContext.getNoAuthExecutionContext(cacheStub));
 
     assertTrue(result instanceof Failure);
     assertEquals(ProtocolErrorCode.VALUE_ENCODING_ERROR.codeValue,
diff --git a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/statistics/NoOpProtobufStatistics.java b/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/statistics/NoOpProtobufStatistics.java
deleted file mode 100644
index eae1c8f..0000000
--- a/geode-protobuf/src/test/java/org/apache/geode/internal/protocol/protobuf/statistics/NoOpProtobufStatistics.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.internal.protocol.protobuf.statistics;
-
-public class NoOpProtobufStatistics implements ProtobufClientStatistics {
-  @Override
-  public void clientConnected() {
-
-  }
-
-  @Override
-  public void clientDisconnected() {
-
-  }
-
-  @Override
-  public void messageReceived(int bytes) {
-
-  }
-
-  @Override
-  public void messageSent(int bytes) {
-
-  }
-
-  @Override
-  public void incAuthorizationViolations() {
-
-  }
-
-  @Override
-  public void incAuthenticationFailures() {
-
-  }
-}

-- 
To stop receiving notification emails like this one, please contact
['"commits@geode.apache.org" <commits@geode.apache.org>'].

Mime
View raw message