[Cleanup] - refactored out N2NAuthenticator

N2NAuthenticator was not really used. Only the ip filtering authenticator was used, and was used directory (no use for a generic interface). `IPFilteringN2NAuthenticator` is now `IPFilter` and all relevant classes were moved to `shield.transport.filter` package. Original commit: elastic/x-pack-elasticsearch@43f6faeb4b
2014-12-02 13:28:45 +01:00 · 2014-12-02 13:28:45 +01:00 · 63a483e77e
parent 8bcbc690ce
commit 63a483e77e
16 changed files with 52 additions and 83 deletions
--- a/src/main/java/org/elasticsearch/shield/audit/AuditTrail.java
+++ b/src/main/java/org/elasticsearch/shield/audit/AuditTrail.java
@ -8,7 +8,7 @@ package org.elasticsearch.shield.audit;
 import org.elasticsearch.rest.RestRequest;
 import org.elasticsearch.shield.User;
 import org.elasticsearch.shield.authc.AuthenticationToken;
-import org.elasticsearch.shield.transport.n2n.ProfileIpFilterRule;
+import org.elasticsearch.shield.transport.filter.ProfileIpFilterRule;
 import org.elasticsearch.transport.TransportMessage;
 import org.elasticsearch.transport.TransportRequest;

--- a/src/main/java/org/elasticsearch/shield/audit/AuditTrailService.java
+++ b/src/main/java/org/elasticsearch/shield/audit/AuditTrailService.java
@ -11,7 +11,7 @@ import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.rest.RestRequest;
 import org.elasticsearch.shield.User;
 import org.elasticsearch.shield.authc.AuthenticationToken;
-import org.elasticsearch.shield.transport.n2n.ProfileIpFilterRule;
+import org.elasticsearch.shield.transport.filter.ProfileIpFilterRule;
 import org.elasticsearch.transport.TransportMessage;
 import org.elasticsearch.transport.TransportRequest;

--- a/src/main/java/org/elasticsearch/shield/audit/logfile/LoggingAuditTrail.java
+++ b/src/main/java/org/elasticsearch/shield/audit/logfile/LoggingAuditTrail.java
@ -15,7 +15,7 @@ import org.elasticsearch.rest.RestRequest;
 import org.elasticsearch.shield.User;
 import org.elasticsearch.shield.audit.AuditTrail;
 import org.elasticsearch.shield.authc.AuthenticationToken;
-import org.elasticsearch.shield.transport.n2n.ProfileIpFilterRule;
+import org.elasticsearch.shield.transport.filter.ProfileIpFilterRule;
 import org.elasticsearch.transport.TransportMessage;
 import org.elasticsearch.transport.TransportRequest;

--- a/src/main/java/org/elasticsearch/shield/transport/SecuredTransportModule.java
+++ b/src/main/java/org/elasticsearch/shield/transport/SecuredTransportModule.java
@ -12,7 +12,7 @@ import org.elasticsearch.common.inject.util.Providers;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.shield.ShieldPlugin;
 import org.elasticsearch.shield.support.AbstractShieldModule;
-import org.elasticsearch.shield.transport.n2n.IPFilteringN2NAuthenticator;
+import org.elasticsearch.shield.transport.filter.IPFilter;
 import org.elasticsearch.shield.transport.netty.NettySecuredHttpServerTransportModule;
 import org.elasticsearch.shield.transport.netty.NettySecuredTransportModule;
 import org.elasticsearch.transport.TransportModule;
@ -50,7 +50,7 @@ public class SecuredTransportModule extends AbstractShieldModule.Spawn implement

        if (clientMode) {
            // no ip filtering on the client
-            bind(IPFilteringN2NAuthenticator.class).toProvider(Providers.<IPFilteringN2NAuthenticator>of(null));
+            bind(IPFilter.class).toProvider(Providers.<IPFilter>of(null));
            bind(ServerTransportFilter.class).to(ServerTransportFilter.Client.class).asEagerSingleton();
            bind(ClientTransportFilter.class).to(ClientTransportFilter.Client.class).asEagerSingleton();
            return;
@ -59,7 +59,7 @@ public class SecuredTransportModule extends AbstractShieldModule.Spawn implement
        bind(ServerTransportFilter.class).to(ServerTransportFilter.Node.class).asEagerSingleton();
        bind(ClientTransportFilter.class).to(ClientTransportFilter.Node.class).asEagerSingleton();
        if (settings.getAsBoolean("shield.transport.filter.enabled", true)) {
-            bind(IPFilteringN2NAuthenticator.class).asEagerSingleton();
+            bind(IPFilter.class).asEagerSingleton();
        }
    }
 }
--- a/src/main/java/org/elasticsearch/shield/transport/n2n/IPFilteringN2NAuthenticator.java
+++ b/src/main/java/org/elasticsearch/shield/transport/n2n/IPFilteringN2NAuthenticator.java
@ -3,10 +3,9 @@
 * or more contributor license agreements. Licensed under the Elastic License;
 * you may not use this file except in compliance with the Elastic License.
 */
-package org.elasticsearch.shield.transport.n2n;
+package org.elasticsearch.shield.transport.filter;

 import org.elasticsearch.ElasticsearchParseException;
-import org.elasticsearch.common.Nullable;
 import org.elasticsearch.common.component.AbstractComponent;
 import org.elasticsearch.common.inject.Inject;
 import org.elasticsearch.common.jackson.dataformat.yaml.snakeyaml.error.YAMLException;
@ -21,10 +20,12 @@ import org.elasticsearch.shield.audit.AuditTrail;
 import java.io.IOException;
 import java.net.InetAddress;
 import java.net.UnknownHostException;
-import java.security.Principal;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+import java.util.Map;

-public class IPFilteringN2NAuthenticator extends AbstractComponent implements N2NAuthenticator {
+public class IPFilter extends AbstractComponent {

    private static final ProfileIpFilterRule[] NO_RULES = new ProfileIpFilterRule[0];
    private static final ProfileIpFilterRule ACCEPT_ALL_RULE = new ProfileIpFilterRule("default",
@ -35,14 +36,13 @@ public class IPFilteringN2NAuthenticator extends AbstractComponent implements N2
    private volatile ProfileIpFilterRule[] rules = NO_RULES;

    @Inject
-    public IPFilteringN2NAuthenticator(Settings settings, AuditTrail auditTrail) {
+    public IPFilter(Settings settings, AuditTrail auditTrail) {
        super(settings);
        this.auditTrail = auditTrail;
        rules = parseSettings(settings, logger);
    }

-    @Override
-    public boolean authenticate(@Nullable Principal peerPrincipal, String profile, InetAddress peerAddress, int peerPort) {
+    public boolean accept(String profile, InetAddress peerAddress) {
        if (rules == NO_RULES) {
            return true;
        }
--- a/src/main/java/org/elasticsearch/shield/transport/filter/ProfileIpFilterRule.java
+++ b/src/main/java/org/elasticsearch/shield/transport/filter/ProfileIpFilterRule.java
@ -3,7 +3,7 @@
 * or more contributor license agreements. Licensed under the Elastic License;
 * you may not use this file except in compliance with the Elastic License.
 */
-package org.elasticsearch.shield.transport.n2n;
+package org.elasticsearch.shield.transport.filter;

 import org.elasticsearch.common.netty.handler.ipfilter.IpFilterRule;

--- a/src/main/java/org/elasticsearch/shield/transport/n2n/N2NAuthenticator.java
+++ b/src/main/java/org/elasticsearch/shield/transport/n2n/N2NAuthenticator.java
@ -1,20 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License;
- * you may not use this file except in compliance with the Elastic License.
- */
-package org.elasticsearch.shield.transport.n2n;
-
-import org.elasticsearch.common.Nullable;
-
-import java.net.InetAddress;
-import java.security.Principal;
-
-/**
- *
- */
-public interface N2NAuthenticator {
-
-    boolean authenticate(@Nullable Principal peerPrincipal, @Nullable String profile, InetAddress peerAddress, int peerPort);
-
-}
--- a/src/main/java/org/elasticsearch/shield/transport/netty/NettyIPFilterUpstreamHandler.java
+++ b/src/main/java/org/elasticsearch/shield/transport/netty/NettyIPFilterUpstreamHandler.java
@ -9,7 +9,7 @@ import org.elasticsearch.common.netty.channel.ChannelEvent;
 import org.elasticsearch.common.netty.channel.ChannelHandler;
 import org.elasticsearch.common.netty.channel.ChannelHandlerContext;
 import org.elasticsearch.common.netty.handler.ipfilter.IpFilteringHandlerImpl;
-import org.elasticsearch.shield.transport.n2n.IPFilteringN2NAuthenticator;
+import org.elasticsearch.shield.transport.filter.IPFilter;

 import java.net.InetSocketAddress;

@ -17,20 +17,20 @@ import java.net.InetSocketAddress;
 *
 */
@ChannelHandler.Sharable
-public class N2NNettyUpstreamHandler extends IpFilteringHandlerImpl {
+public class NettyIPFilterUpstreamHandler extends IpFilteringHandlerImpl {

-    private final IPFilteringN2NAuthenticator authenticator;
+    private final IPFilter filter;
    private final String profile;

-    public N2NNettyUpstreamHandler(IPFilteringN2NAuthenticator authenticator, String profile) {
-        this.authenticator = authenticator;
+    public NettyIPFilterUpstreamHandler(IPFilter filter, String profile) {
+        this.filter = filter;
        this.profile = profile;
    }

    @Override
    protected boolean accept(ChannelHandlerContext channelHandlerContext, ChannelEvent channelEvent, InetSocketAddress inetSocketAddress) throws Exception {
        // at this stage no auth has happened, so we do not have any principal anyway
-        return authenticator.authenticate(null, profile, inetSocketAddress.getAddress(), inetSocketAddress.getPort());
+        return filter.accept(profile, inetSocketAddress.getAddress());
    }

 }
--- a/src/main/java/org/elasticsearch/shield/transport/netty/NettySecuredHttpServerTransport.java
+++ b/src/main/java/org/elasticsearch/shield/transport/netty/NettySecuredHttpServerTransport.java
@ -6,7 +6,6 @@
 package org.elasticsearch.shield.transport.netty;

 import org.elasticsearch.common.inject.Inject;
-import org.elasticsearch.common.inject.Provider;
 import org.elasticsearch.common.inject.internal.Nullable;
 import org.elasticsearch.common.netty.channel.ChannelPipeline;
 import org.elasticsearch.common.netty.channel.ChannelPipelineFactory;
@ -17,7 +16,7 @@ import org.elasticsearch.common.util.BigArrays;
 import org.elasticsearch.http.netty.NettyHttpServerTransport;
 import org.elasticsearch.shield.ssl.SSLService;
 import org.elasticsearch.shield.ssl.SSLServiceProvider;
-import org.elasticsearch.shield.transport.n2n.IPFilteringN2NAuthenticator;
+import org.elasticsearch.shield.transport.filter.IPFilter;

 import javax.net.ssl.SSLEngine;

@ -26,14 +25,14 @@ import javax.net.ssl.SSLEngine;
 */
 public class NettySecuredHttpServerTransport extends NettyHttpServerTransport {

-    private final IPFilteringN2NAuthenticator authenticator;
+    private final IPFilter ipFilter;
    private final @Nullable SSLService sslService;

    @Inject
    public NettySecuredHttpServerTransport(Settings settings, NetworkService networkService, BigArrays bigArrays,
-                                           IPFilteringN2NAuthenticator authenticator, SSLServiceProvider sslServiceProvider) {
+                                           IPFilter ipFilter, SSLServiceProvider sslServiceProvider) {
        super(settings, networkService, bigArrays);
-        this.authenticator = authenticator;
+        this.ipFilter = ipFilter;
        this.sslService = settings.getAsBoolean("shield.http.ssl", false) ? sslServiceProvider.get() : null;
    }

@ -58,7 +57,7 @@ public class NettySecuredHttpServerTransport extends NettyHttpServerTransport {

                pipeline.addFirst("ssl", new SslHandler(engine));
            }
-            pipeline.addFirst("ipfilter", new N2NNettyUpstreamHandler(authenticator, "default"));
+            pipeline.addFirst("ipfilter", new NettyIPFilterUpstreamHandler(ipFilter, "default"));
            return pipeline;
        }
    }
--- a/src/main/java/org/elasticsearch/shield/transport/netty/NettySecuredTransport.java
+++ b/src/main/java/org/elasticsearch/shield/transport/netty/NettySecuredTransport.java
@ -16,7 +16,7 @@ import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.util.BigArrays;
 import org.elasticsearch.shield.ssl.SSLService;
 import org.elasticsearch.shield.ssl.SSLServiceProvider;
-import org.elasticsearch.shield.transport.n2n.IPFilteringN2NAuthenticator;
+import org.elasticsearch.shield.transport.filter.IPFilter;
 import org.elasticsearch.threadpool.ThreadPool;
 import org.elasticsearch.transport.netty.NettyTransport;

@ -28,11 +28,12 @@ import javax.net.ssl.SSLEngine;
 public class NettySecuredTransport extends NettyTransport {

    private final @Nullable SSLService sslService;
-    private final @Nullable IPFilteringN2NAuthenticator authenticator;
+    private final @Nullable
+    IPFilter authenticator;

    @Inject
    public NettySecuredTransport(Settings settings, ThreadPool threadPool, NetworkService networkService, BigArrays bigArrays, Version version,
-                                 @Nullable IPFilteringN2NAuthenticator authenticator, SSLServiceProvider sslServiceProvider) {
+                                 @Nullable IPFilter authenticator, SSLServiceProvider sslServiceProvider) {
        super(settings, threadPool, networkService, bigArrays, version);
        this.authenticator = authenticator;
        boolean ssl = settings.getAsBoolean("shield.transport.ssl", false);
@ -75,7 +76,7 @@ public class NettySecuredTransport extends NettyTransport {
                pipeline.replace("dispatcher", "dispatcher", new SecuredMessageChannelHandler(nettyTransport, logger));
            }
            if (authenticator != null) {
-                pipeline.addFirst("ipfilter", new N2NNettyUpstreamHandler(authenticator, name));
+                pipeline.addFirst("ipfilter", new NettyIPFilterUpstreamHandler(authenticator, name));
            }
            return pipeline;
        }
--- a/src/test/java/org/elasticsearch/shield/audit/AuditTrailServiceTests.java
+++ b/src/test/java/org/elasticsearch/shield/audit/AuditTrailServiceTests.java
@ -11,7 +11,7 @@ import org.elasticsearch.common.settings.ImmutableSettings;
 import org.elasticsearch.rest.RestRequest;
 import org.elasticsearch.shield.User;
 import org.elasticsearch.shield.authc.AuthenticationToken;
-import org.elasticsearch.shield.transport.n2n.ProfileIpFilterRule;
+import org.elasticsearch.shield.transport.filter.ProfileIpFilterRule;
 import org.elasticsearch.test.ElasticsearchTestCase;
 import org.elasticsearch.transport.TransportMessage;
 import org.junit.Before;
@ -21,7 +21,6 @@ import java.net.InetAddress;
 import java.util.Set;

 import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.mockingDetails;
 import static org.mockito.Mockito.verify;

 /**
--- a/src/test/java/org/elasticsearch/shield/audit/logfile/LoggingAuditTrailTests.java
+++ b/src/test/java/org/elasticsearch/shield/audit/logfile/LoggingAuditTrailTests.java
@ -12,7 +12,7 @@ import org.elasticsearch.common.transport.LocalTransportAddress;
 import org.elasticsearch.rest.RestRequest;
 import org.elasticsearch.shield.User;
 import org.elasticsearch.shield.authc.AuthenticationToken;
-import org.elasticsearch.shield.transport.n2n.ProfileIpFilterRule;
+import org.elasticsearch.shield.transport.filter.ProfileIpFilterRule;
 import org.elasticsearch.test.ElasticsearchTestCase;
 import org.elasticsearch.transport.TransportMessage;
 import org.junit.Test;
--- a/src/test/java/org/elasticsearch/shield/transport/n2n/IPFilteringN2NAuthenticatorTests.java
+++ b/src/test/java/org/elasticsearch/shield/transport/n2n/IPFilteringN2NAuthenticatorTests.java
@ -3,7 +3,7 @@
 * or more contributor license agreements. Licensed under the Elastic License;
 * you may not use this file except in compliance with the Elastic License.
 */
-package org.elasticsearch.shield.transport.n2n;
+package org.elasticsearch.shield.transport.filter;

 import org.elasticsearch.common.net.InetAddresses;
 import org.elasticsearch.common.settings.Settings;
@ -15,28 +15,18 @@ import org.junit.Test;
 import org.mockito.ArgumentCaptor;

 import java.net.InetAddress;
-import java.security.Principal;
 import java.util.Locale;

 import static org.elasticsearch.common.settings.ImmutableSettings.settingsBuilder;
 import static org.hamcrest.Matchers.is;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.eq;
+import static org.mockito.Mockito.*;

 /**
 *
 */
-public class IPFilteringN2NAuthenticatorTests extends ElasticsearchTestCase {
+public class IPFilterTests extends ElasticsearchTestCase {

-    public static final Principal NULL_PRINCIPAL = new Principal() {
-        @Override
-        public String getName() {
-            return "null";
-        }
-    };
-
-    private IPFilteringN2NAuthenticator ipFilteringN2NAuthenticator;
+    private IPFilter ipFilter;
    private AuditTrail auditTrail;

    @Before
@ -50,7 +40,7 @@ public class IPFilteringN2NAuthenticatorTests extends ElasticsearchTestCase {
                .put("shield.transport.filter.allow", "127.0.0.1")
                .put("shield.transport.filter.deny", "10.0.0.0/8")
                .build();
-        ipFilteringN2NAuthenticator = new IPFilteringN2NAuthenticator(settings, auditTrail);
+        ipFilter = new IPFilter(settings, auditTrail);

        assertAddressIsAllowed("127.0.0.1");
        assertAddressIsDenied("10.2.3.4");
@ -64,7 +54,7 @@ public class IPFilteringN2NAuthenticatorTests extends ElasticsearchTestCase {
                .put("shield.transport.filter.allow", "2001:0db8:1234::/48")
                .putArray("shield.transport.filter.deny", "1234:db8:85a3:0:0:8a2e:370:7334", "4321:db8:1234::/48")
                .build();
-        ipFilteringN2NAuthenticator = new IPFilteringN2NAuthenticator(settings, auditTrail);
+        ipFilter = new IPFilter(settings, auditTrail);

        assertAddressIsAllowed("2001:0db8:1234:0000:0000:8a2e:0370:7334");
        assertAddressIsDenied("1234:0db8:85a3:0000:0000:8a2e:0370:7334");
@ -78,7 +68,7 @@ public class IPFilteringN2NAuthenticatorTests extends ElasticsearchTestCase {
                .put("shield.transport.filter.allow", "127.0.0.1")
                .put("shield.transport.filter.deny", "*.google.com")
                .build();
-        ipFilteringN2NAuthenticator = new IPFilteringN2NAuthenticator(settings, auditTrail);
+        ipFilter = new IPFilter(settings, auditTrail);

        assertAddressIsAllowed("127.0.0.1");
        assertAddressIsDenied("8.8.8.8");
@ -89,7 +79,7 @@ public class IPFilteringN2NAuthenticatorTests extends ElasticsearchTestCase {
        Settings settings = settingsBuilder()
                .put("shield.transport.filter.allow", "_all")
                .build();
-        ipFilteringN2NAuthenticator = new IPFilteringN2NAuthenticator(settings, auditTrail);
+        ipFilter = new IPFilter(settings, auditTrail);

        assertAddressIsAllowed("127.0.0.1");
        assertAddressIsAllowed("173.194.70.100");
@ -103,7 +93,7 @@ public class IPFilteringN2NAuthenticatorTests extends ElasticsearchTestCase {
                .put("transport.profiles.client.shield.filter.allow", "192.168.0.1")
                .put("transport.profiles.client.shield.filter.deny", "_all")
                .build();
-        ipFilteringN2NAuthenticator = new IPFilteringN2NAuthenticator(settings, auditTrail);
+        ipFilter = new IPFilter(settings, auditTrail);

        assertAddressIsAllowed("127.0.0.1");
        assertAddressIsDenied("192.168.0.1");
@ -117,7 +107,7 @@ public class IPFilteringN2NAuthenticatorTests extends ElasticsearchTestCase {
                .put("shield.transport.filter.allow", "10.0.0.1")
                .put("shield.transport.filter.deny", "10.0.0.0/8")
                .build();
-        ipFilteringN2NAuthenticator = new IPFilteringN2NAuthenticator(settings, auditTrail);
+        ipFilter = new IPFilter(settings, auditTrail);

        assertAddressIsAllowed("10.0.0.1");
        assertAddressIsDenied("10.0.0.2");
@ -126,7 +116,7 @@ public class IPFilteringN2NAuthenticatorTests extends ElasticsearchTestCase {
    @Test
    public void testDefaultAllow() throws Exception {
        Settings settings = settingsBuilder().build();
-        ipFilteringN2NAuthenticator = new IPFilteringN2NAuthenticator(settings, auditTrail);
+        ipFilter = new IPFilter(settings, auditTrail);

        assertAddressIsAllowed("10.0.0.1");
        assertAddressIsAllowed("10.0.0.2");
@ -136,7 +126,7 @@ public class IPFilteringN2NAuthenticatorTests extends ElasticsearchTestCase {
        for (String inetAddress : inetAddresses) {
            String message = String.format(Locale.ROOT, "Expected address %s to be allowed", inetAddress);
            InetAddress address = InetAddresses.forString(inetAddress);
-            assertThat(message, ipFilteringN2NAuthenticator.authenticate(NULL_PRINCIPAL, profile, address, 1024), is(true));
+            assertThat(message, ipFilter.accept(profile, address), is(true));
            ArgumentCaptor<ProfileIpFilterRule> ruleCaptor = ArgumentCaptor.forClass(ProfileIpFilterRule.class);
            verify(auditTrail).connectionGranted(eq(address), ruleCaptor.capture());
            assertNotNull(ruleCaptor.getValue());
@ -151,7 +141,7 @@ public class IPFilteringN2NAuthenticatorTests extends ElasticsearchTestCase {
        for (String inetAddress : inetAddresses) {
            String message = String.format(Locale.ROOT, "Expected address %s to be denied", inetAddress);
            InetAddress address = InetAddresses.forString(inetAddress);
-            assertThat(message, ipFilteringN2NAuthenticator.authenticate(NULL_PRINCIPAL, profile, address, 1024), is(false));
+            assertThat(message, ipFilter.accept(profile, address), is(false));
            ArgumentCaptor<ProfileIpFilterRule> ruleCaptor = ArgumentCaptor.forClass(ProfileIpFilterRule.class);
            verify(auditTrail).connectionDenied(eq(address), ruleCaptor.capture());
            assertNotNull(ruleCaptor.getValue());
--- a/src/test/java/org/elasticsearch/shield/transport/filter/IpFilteringIntegrationTests.java
+++ b/src/test/java/org/elasticsearch/shield/transport/filter/IpFilteringIntegrationTests.java
@ -3,7 +3,7 @@
 * or more contributor license agreements. Licensed under the Elastic License;
 * you may not use this file except in compliance with the Elastic License.
 */
-package org.elasticsearch.shield.transport.n2n;
+package org.elasticsearch.shield.transport.filter;

 import com.google.common.base.Charsets;
 import org.apache.lucene.util.LuceneTestCase;
--- a/src/test/java/org/elasticsearch/shield/transport/filter/ip_filtering
+++ b/src/test/java/org/elasticsearch/shield/transport/filter/ip_filtering
--- a/src/test/java/org/elasticsearch/shield/transport/netty/NettyIPFilterUpstreamHandlerTests.java
+++ b/src/test/java/org/elasticsearch/shield/transport/netty/NettyIPFilterUpstreamHandlerTests.java
@ -9,7 +9,7 @@ import com.google.common.net.InetAddresses;
 import org.elasticsearch.common.netty.channel.*;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.shield.audit.AuditTrail;
-import org.elasticsearch.shield.transport.n2n.IPFilteringN2NAuthenticator;
+import org.elasticsearch.shield.transport.filter.IPFilter;
 import org.elasticsearch.test.ElasticsearchTestCase;
 import org.junit.Before;
 import org.junit.Test;
@ -23,9 +23,9 @@ import static org.hamcrest.Matchers.is;
 /**
 *
 */
-public class N2NNettyUpstreamHandlerTests extends ElasticsearchTestCase {
+public class NettyIPFilterUpstreamHandlerTests extends ElasticsearchTestCase {

-    private N2NNettyUpstreamHandler nettyUpstreamHandler;
+    private NettyIPFilterUpstreamHandler nettyUpstreamHandler;

    @Before
    public void init() throws Exception {
@ -34,9 +34,9 @@ public class N2NNettyUpstreamHandlerTests extends ElasticsearchTestCase {
                .put("shield.transport.filter.deny", "10.0.0.0/8")
                .build();

-        IPFilteringN2NAuthenticator ipFilteringN2NAuthenticator = new IPFilteringN2NAuthenticator(settings, AuditTrail.NOOP);
+        IPFilter ipFilter = new IPFilter(settings, AuditTrail.NOOP);

-        nettyUpstreamHandler = new N2NNettyUpstreamHandler(ipFilteringN2NAuthenticator, "default");
+        nettyUpstreamHandler = new NettyIPFilterUpstreamHandler(ipFilter, "default");
    }

    @Test