http://git-wip-us.apache.org/repos/asf/knox/blob/3158bc84/gateway-demo-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/BaseDirectoryServiceFactory.java
----------------------------------------------------------------------
diff --git a/gateway-demo-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/BaseDirectoryServiceFactory.java b/gateway-demo-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/BaseDirectoryServiceFactory.java
new file mode 100644
index 0000000..dc3468d
--- /dev/null
+++ b/gateway-demo-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/BaseDirectoryServiceFactory.java
@@ -0,0 +1,290 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.hadoop.gateway.security.ldap;
+
+import org.apache.commons.io.FileUtils;
+import org.apache.directory.api.ldap.model.constants.SchemaConstants;
+import org.apache.directory.api.ldap.model.schema.LdapComparator;
+import org.apache.directory.api.ldap.model.schema.SchemaManager;
+import org.apache.directory.api.ldap.model.schema.comparators.NormalizingComparator;
+import org.apache.directory.api.ldap.model.schema.registries.ComparatorRegistry;
+import org.apache.directory.api.ldap.model.schema.registries.SchemaLoader;
+import org.apache.directory.api.ldap.schemaextractor.SchemaLdifExtractor;
+import org.apache.directory.api.ldap.schemaextractor.impl.DefaultSchemaLdifExtractor;
+import org.apache.directory.api.ldap.schemaloader.LdifSchemaLoader;
+import org.apache.directory.api.ldap.schemamanager.impl.DefaultSchemaManager;
+import org.apache.directory.api.util.exception.Exceptions;
+import org.apache.directory.server.constants.ServerDNConstants;
+import org.apache.directory.server.core.DefaultDirectoryService;
+import org.apache.directory.server.core.api.CacheService;
+import org.apache.directory.server.core.api.DirectoryService;
+import org.apache.directory.server.core.api.InstanceLayout;
+import org.apache.directory.server.core.api.partition.Partition;
+import org.apache.directory.server.core.api.schema.SchemaPartition;
+import org.apache.directory.server.core.factory.DefaultDirectoryServiceFactory;
+import org.apache.directory.server.core.factory.DirectoryServiceFactory;
+import org.apache.directory.server.core.factory.JdbmPartitionFactory;
+import org.apache.directory.server.core.factory.PartitionFactory;
+import org.apache.directory.server.core.partition.ldif.LdifPartition;
+import org.apache.directory.server.i18n.I18n;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.File;
+import java.io.IOException;
+import java.util.List;
+
+
+/**
+ * A Default factory for DirectoryService.
+ * This is a copy of org.apache.directory.server.core.factory.DefaultDirectoryServiceFactory
+ * created to control how the DirectoryService is created.  This can be removed
+ * when http://svn.apache.org/r1546144 in ApacheDS 2.0.0-M16 is available.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+public class BaseDirectoryServiceFactory implements DirectoryServiceFactory
+{
+  /** A logger for this class */
+  private static final Logger LOG = LoggerFactory.getLogger( DefaultDirectoryServiceFactory.class );
+
+  /** The directory service. */
+  private DirectoryService directoryService;
+
+  /** The partition factory. */
+  private PartitionFactory partitionFactory;
+
+
+  public BaseDirectoryServiceFactory()
+  {
+    directoryService = createDirectoryService();
+    partitionFactory = createPartitionFactory();
+  }
+
+  protected DirectoryService createDirectoryService() {
+    DirectoryService result;
+    try
+    {
+      // Creating the instance here so that
+      // we we can set some properties like accesscontrol, anon access
+      // before starting up the service
+      result = new DefaultDirectoryService();
+
+      // No need to register a shutdown hook during tests because this
+      // starts a lot of threads and slows down test execution
+      result.setShutdownHookEnabled( false );
+    }
+    catch ( Exception e )
+    {
+      throw new RuntimeException( e );
+    }
+    return result;
+  }
+
+  protected PartitionFactory createPartitionFactory() {
+    PartitionFactory result;
+    try
+    {
+      String typeName = System.getProperty( "apacheds.partition.factory" );
+      if ( typeName != null )
+      {
+        Class<? extends PartitionFactory> type = ( Class<? extends PartitionFactory> ) Class.forName( typeName );
+        result = type.newInstance();
+      }
+      else
+      {
+        result = new JdbmPartitionFactory();
+      }
+    }
+    catch ( Exception e )
+    {
+      LOG.error( "Error instantiating custom partition factory", e );
+      throw new RuntimeException( e );
+    }
+    return result;
+  }
+
+  /**
+   * {@inheritDoc}
+   */
+  public void init( String name ) throws Exception
+  {
+    if ( ( directoryService != null ) && directoryService.isStarted() )
+    {
+      return;
+    }
+
+    build( name );
+  }
+
+
+  /**
+   * Build the working directory
+   */
+  private void buildInstanceDirectory( String name ) throws IOException
+  {
+    String instanceDirectory = System.getProperty( "workingDirectory" );
+
+    if ( instanceDirectory == null )
+    {
+      instanceDirectory = System.getProperty( "java.io.tmpdir" ) + "/server-work-" + name;
+    }
+
+    InstanceLayout instanceLayout = new InstanceLayout( instanceDirectory );
+
+    if ( instanceLayout.getInstanceDirectory().exists() )
+    {
+      try
+      {
+        FileUtils.deleteDirectory( instanceLayout.getInstanceDirectory() );
+      }
+      catch ( IOException e )
+      {
+        LOG.warn( "couldn't delete the instance directory before initializing the DirectoryService", e );
+      }
+    }
+
+    directoryService.setInstanceLayout( instanceLayout );
+  }
+
+
+  /**
+   * Inits the schema and schema partition.
+   */
+  private void initSchema() throws Exception
+  {
+    File workingDirectory = directoryService.getInstanceLayout().getPartitionsDirectory();
+
+    // Extract the schema on disk (a brand new one) and load the registries
+    File schemaRepository = new File( workingDirectory, "schema" );
+    SchemaLdifExtractor extractor = new DefaultSchemaLdifExtractor( workingDirectory );
+
+    try
+    {
+      extractor.extractOrCopy();
+    }
+    catch ( IOException ioe )
+    {
+      // The schema has already been extracted, bypass
+    }
+
+    SchemaLoader loader = new LdifSchemaLoader( schemaRepository );
+    SchemaManager schemaManager = new DefaultSchemaManager( loader );
+
+    // We have to load the schema now, otherwise we won't be able
+    // to initialize the Partitions, as we won't be able to parse
+    // and normalize their suffix Dn
+    schemaManager.loadAllEnabled();
+
+    // Tell all the normalizer comparators that they should not normalize anything
+    ComparatorRegistry comparatorRegistry = schemaManager.getComparatorRegistry();
+
+    for ( LdapComparator<?> comparator : comparatorRegistry )
+    {
+      if ( comparator instanceof NormalizingComparator )
+      {
+        ( ( NormalizingComparator ) comparator ).setOnServer();
+      }
+    }
+
+    directoryService.setSchemaManager( schemaManager );
+
+    // Init the LdifPartition
+    LdifPartition ldifPartition = new LdifPartition( schemaManager /*, directoryService.getDnFactory()*/ );
+    ldifPartition.setPartitionPath( new File( workingDirectory, "schema" ).toURI() );
+    SchemaPartition schemaPartition = new SchemaPartition( schemaManager );
+    schemaPartition.setWrappedPartition( ldifPartition );
+    directoryService.setSchemaPartition( schemaPartition );
+
+    List<Throwable> errors = schemaManager.getErrors();
+
+    if ( errors.size() != 0 )
+    {
+      throw new Exception( I18n.err( I18n.ERR_317, Exceptions.printErrors( errors ) ) );
+    }
+  }
+
+
+  /**
+   * Inits the system partition.
+   *
+   * @throws Exception the exception
+   */
+  private void initSystemPartition() throws Exception
+  {
+    // change the working directory to something that is unique
+    // on the system and somewhere either under target directory
+    // or somewhere in a temp area of the machine.
+
+    // Inject the System Partition
+    Partition systemPartition = partitionFactory.createPartition(
+        directoryService.getSchemaManager(),
+        //directoryService.getDnFactory(),
+        "system",
+        ServerDNConstants.SYSTEM_DN,
+        500,
+        new File( directoryService.getInstanceLayout().getPartitionsDirectory(), "system" ) );
+    systemPartition.setSchemaManager( directoryService.getSchemaManager() );
+
+    partitionFactory.addIndex( systemPartition, SchemaConstants.OBJECT_CLASS_AT, 100 );
+
+    directoryService.setSystemPartition( systemPartition );
+  }
+
+
+  /**
+   * Builds the directory server instance.
+   *
+   * @param name the instance name
+   */
+  private void build( String name ) throws Exception
+  {
+    directoryService.setInstanceId( name );
+    buildInstanceDirectory( name );
+
+    CacheService cacheService = new CacheService();
+    cacheService.initialize( directoryService.getInstanceLayout() );
+
+    directoryService.setCacheService( cacheService );
+
+    // Init the service now
+    initSchema();
+    initSystemPartition();
+
+    directoryService.startup();
+  }
+
+
+  /**
+   * {@inheritDoc}
+   */
+  public DirectoryService getDirectoryService() throws Exception
+  {
+    return directoryService;
+  }
+
+
+  /**
+   * {@inheritDoc}
+   */
+  public PartitionFactory getPartitionFactory() throws Exception
+  {
+    return partitionFactory;
+  }
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/knox/blob/3158bc84/gateway-demo-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleDirectoryService.java
----------------------------------------------------------------------
diff --git a/gateway-demo-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleDirectoryService.java b/gateway-demo-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleDirectoryService.java
new file mode 100644
index 0000000..68fa1da
--- /dev/null
+++ b/gateway-demo-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleDirectoryService.java
@@ -0,0 +1,29 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.gateway.security.ldap;
+
+public class SimpleDirectoryService extends BaseDirectoryService {
+
+  public SimpleDirectoryService() throws Exception {
+  }
+
+  protected void showSecurityWarnings() throws Exception {
+    // NoOp - This prevents confusing warnings from being output.
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/3158bc84/gateway-demo-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleDirectoryServiceFactory.java
----------------------------------------------------------------------
diff --git a/gateway-demo-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleDirectoryServiceFactory.java b/gateway-demo-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleDirectoryServiceFactory.java
new file mode 100644
index 0000000..72a05ff
--- /dev/null
+++ b/gateway-demo-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleDirectoryServiceFactory.java
@@ -0,0 +1,34 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.gateway.security.ldap;
+
+import org.apache.directory.server.core.api.DirectoryService;
+
+public class SimpleDirectoryServiceFactory extends BaseDirectoryServiceFactory {
+
+  protected DirectoryService createDirectoryService() {
+    DirectoryService result;
+    try {
+      result = new SimpleDirectoryService();
+    } catch( Exception e ) {
+      throw new RuntimeException( e );
+    }
+    return result;
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/3158bc84/gateway-demo-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleLdapDirectoryServer.java
----------------------------------------------------------------------
diff --git a/gateway-demo-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleLdapDirectoryServer.java b/gateway-demo-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleLdapDirectoryServer.java
new file mode 100644
index 0000000..139b83b
--- /dev/null
+++ b/gateway-demo-ldap/src/main/java/org/apache/hadoop/gateway/security/ldap/SimpleLdapDirectoryServer.java
@@ -0,0 +1,110 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.gateway.security.ldap;
+
+import org.apache.commons.io.FileUtils;
+import org.apache.directory.server.core.api.CoreSession;
+import org.apache.directory.server.core.api.DirectoryService;
+import org.apache.directory.server.core.api.partition.Partition;
+import org.apache.directory.server.core.factory.DirectoryServiceFactory;
+import org.apache.directory.server.ldap.LdapServer;
+import org.apache.directory.server.protocol.shared.store.LdifFileLoader;
+import org.apache.directory.server.protocol.shared.transport.TcpTransport;
+import org.apache.directory.server.protocol.shared.transport.Transport;
+import org.apache.log4j.PropertyConfigurator;
+
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.net.ServerSocket;
+import java.util.UUID;
+
+public class SimpleLdapDirectoryServer {
+
+  private DirectoryServiceFactory factory;
+
+  private DirectoryService service;
+
+  private LdapServer server;
+
+  public SimpleLdapDirectoryServer( String rootDn, File usersLdif, Transport... transports ) throws Exception {
+    if( !usersLdif.exists() ) {
+      throw new FileNotFoundException( usersLdif.getAbsolutePath() );
+    }
+
+    factory = new SimpleDirectoryServiceFactory();
+    factory.init( UUID.randomUUID().toString() );
+    service = factory.getDirectoryService();
+
+    Partition partition = factory.getPartitionFactory().createPartition(
+        service.getSchemaManager(), "users", rootDn, 500, service.getInstanceLayout().getInstanceDirectory() );
+    service.addPartition( partition );
+
+    CoreSession session = service.getAdminSession();
+    LdifFileLoader lfl = new LdifFileLoader( session, usersLdif, null );
+    lfl.execute();
+
+    server = new LdapServer();
+    server.setTransports( transports );
+    server.setDirectoryService( service );
+  }
+
+  public void start() throws Exception {
+    service.startup();
+    server.start();
+  }
+
+  public void stop( boolean clean ) throws Exception {
+    server.stop();
+    service.shutdown();
+    if( clean ) {
+      FileUtils.deleteDirectory( service.getInstanceLayout().getInstanceDirectory() );
+    }
+  }
+
+  public static void main( String[] args ) throws Exception {
+    PropertyConfigurator.configure( System.getProperty( "log4j.configuration" ) );
+
+    SimpleLdapDirectoryServer ldap;
+
+    File file;
+    if ( args.length < 1 ) {
+      file = new File( "conf/users.ldif" );
+    } else {
+      File dir = new File( args[0] );
+      if( !dir.exists() || !dir.isDirectory() ) {
+        throw new FileNotFoundException( dir.getAbsolutePath() );
+      }
+      file = new File( dir, "users.ldif" );
+    }
+
+    if( !file.exists() || !file.canRead() ) {
+      throw new FileNotFoundException( file.getAbsolutePath() );
+    }
+
+    int port = 33389;
+
+    // Make sure the port is free.
+    ServerSocket socket = new ServerSocket( port );
+    socket.close();
+
+    TcpTransport transport = new TcpTransport( port );
+    ldap = new SimpleLdapDirectoryServer( "dc=hadoop,dc=apache,dc=org", file, transport );
+    ldap.start();
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/3158bc84/gateway-demo-ldap/src/main/resources/log4j.properties
----------------------------------------------------------------------
diff --git a/gateway-demo-ldap/src/main/resources/log4j.properties b/gateway-demo-ldap/src/main/resources/log4j.properties
new file mode 100644
index 0000000..40b5546
--- /dev/null
+++ b/gateway-demo-ldap/src/main/resources/log4j.properties
@@ -0,0 +1,25 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+log4j.rootLogger=ERROR,stdout
+log4j.threshhold=ALL
+log4j.appender.stdout=org.apache.log4j.ConsoleAppender
+log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
+log4j.appender.stdout.layout.ConversionPattern=%d{ISO8601} %-5p %m%n
+
+#log4j.logger.org.apache.directory=INFO
+#log4j.logger.org.apache.hadoop.gateway=INFO
+#log4j.logger.org.apache.hadoop.gateway=DEBUG
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/knox/blob/3158bc84/gateway-demo-ldap/src/main/resources/users.ldif
----------------------------------------------------------------------
diff --git a/gateway-demo-ldap/src/main/resources/users.ldif b/gateway-demo-ldap/src/main/resources/users.ldif
new file mode 100644
index 0000000..f75edb8
--- /dev/null
+++ b/gateway-demo-ldap/src/main/resources/users.ldif
@@ -0,0 +1,44 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+version: 1
+
+dn: dc=hadoop,dc=apache,dc=org
+objectclass: organization
+objectclass: dcObject
+o: Hadoop at Apache.org
+dc: hadoop
+description: Makers of Hadoop
+
+# entry for a sample people container
+# please replace with site specific values
+dn: ou=people,dc=hadoop,dc=apache,dc=org
+objectclass:top
+objectclass:organizationalUnit
+ou: people
+
+# entry for a sample end user
+# please replace with site specific values
+dn: uid=guest,ou=people,dc=hadoop,dc=apache,dc=org
+objectclass:top
+objectclass:person
+objectclass:organizationalPerson
+objectclass:inetOrgPerson
+cn: Guest
+sn: User
+uid: guest
+userPassword:guest-password
+

http://git-wip-us.apache.org/repos/asf/knox/blob/3158bc84/gateway-demo-ldap/src/test/java/org/apache/hadoop/gateway/security/ldap/SimpleLdapServerTest.java
----------------------------------------------------------------------
diff --git a/gateway-demo-ldap/src/test/java/org/apache/hadoop/gateway/security/ldap/SimpleLdapServerTest.java b/gateway-demo-ldap/src/test/java/org/apache/hadoop/gateway/security/ldap/SimpleLdapServerTest.java
new file mode 100644
index 0000000..75f439e
--- /dev/null
+++ b/gateway-demo-ldap/src/test/java/org/apache/hadoop/gateway/security/ldap/SimpleLdapServerTest.java
@@ -0,0 +1,98 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.hadoop.gateway.security.ldap;
+
+import org.apache.directory.api.ldap.model.exception.LdapAuthenticationException;
+import org.apache.directory.api.ldap.model.exception.LdapException;
+import org.apache.directory.ldap.client.api.LdapConnection;
+import org.apache.directory.ldap.client.api.LdapNetworkConnection;
+import org.apache.directory.server.protocol.shared.transport.TcpTransport;
+import org.apache.directory.server.protocol.shared.transport.Transport;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import java.io.File;
+import java.io.IOException;
+import java.net.ServerSocket;
+
+import static org.junit.Assert.fail;
+
+public class SimpleLdapServerTest {
+
+  private static int port;
+  private static File ldifFile;
+  private static SimpleLdapDirectoryServer ldap;
+
+  @BeforeClass
+  public static void setup() throws Exception {
+    port = findFreePort();
+    ldifFile = new File( ClassLoader.getSystemResource( "users.ldif" ).toURI() );
+    ldap = new SimpleLdapDirectoryServer( "dc=hadoop,dc=apache,dc=org", ldifFile, new Transport[]{ new TcpTransport( port ) } );
+    ldap.start();
+  }
+
+  @AfterClass
+  public static void cleanup() throws Exception {
+    if( ldap != null ) {
+      ldap.stop( true );
+    }
+  }
+
+  private static int findFreePort() throws IOException {
+    ServerSocket socket = new ServerSocket(0);
+    int port = socket.getLocalPort();
+    socket.close();
+    return port;
+  }
+
+  @Test
+  public void testBind() throws LdapException, IOException {
+    LdapConnection connection;
+
+    connection = new LdapNetworkConnection( "localhost", port );
+    try {
+      connection.bind( "uid=guest,ou=people,dc=hadoop,dc=apache,dc=org", "guest-password" );
+    } finally {
+      connection.close();
+    }
+
+    connection = new LdapNetworkConnection( "localhost", port );
+    try {
+      connection.bind( "uid=nobody,ou=people,dc=hadoop,dc=apache,dc=org", "guest-password" );
+      fail( "Expected LdapAuthenticationException" );
+    } catch ( LdapAuthenticationException e ) {
+      // Expected
+    } finally {
+      connection.close();
+    }
+
+    connection = new LdapNetworkConnection( "localhost", port );
+    try {
+      connection.bind( "uid=guest,ou=people,dc=hadoop,dc=apache,dc=org", "wrong-password" );
+      fail( "Expected LdapAuthenticationException" );
+    } catch ( LdapAuthenticationException e ) {
+      // Expected
+    } finally {
+      connection.close();
+    }
+
+  }
+
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/knox/blob/3158bc84/gateway-release/pom.xml
----------------------------------------------------------------------
diff --git a/gateway-release/pom.xml b/gateway-release/pom.xml
index 9f810c8..1d2a60e 100644
--- a/gateway-release/pom.xml
+++ b/gateway-release/pom.xml
@@ -267,11 +267,11 @@
 
         <dependency>
             <groupId>${gateway-group}</groupId>
-            <artifactId>gateway-test-ldap</artifactId>
+            <artifactId>gateway-demo-ldap</artifactId>
         </dependency>
         <dependency>
             <groupId>${gateway-group}</groupId>
-            <artifactId>gateway-test-ldap-launcher</artifactId>
+            <artifactId>gateway-demo-ldap-launcher</artifactId>
         </dependency>
 
         <dependency>

http://git-wip-us.apache.org/repos/asf/knox/blob/3158bc84/gateway-release/src/assembly.xml
----------------------------------------------------------------------
diff --git a/gateway-release/src/assembly.xml b/gateway-release/src/assembly.xml
index 709d1f3..a1fafa3 100644
--- a/gateway-release/src/assembly.xml
+++ b/gateway-release/src/assembly.xml
@@ -90,7 +90,7 @@
                 <exclude>${gateway-group}:gateway-util-launcher</exclude>
                 <exclude>${gateway-group}:gateway-server-launcher</exclude>
                 <exclude>${gateway-group}:gateway-shell-launcher</exclude>
-                <exclude>${gateway-group}:gateway-test-ldap-launcher</exclude>
+                <exclude>${gateway-group}:gateway-demo-ldap-launcher</exclude>
             </excludes>
         </dependencySet>
         <dependencySet>
@@ -118,7 +118,7 @@
             <outputDirectory>bin</outputDirectory>
             <outputFileNameMapping>ldap.jar</outputFileNameMapping>
             <includes>
-                <include>${gateway-group}:gateway-test-ldap-launcher</include>
+                <include>${gateway-group}:gateway-demo-ldap-launcher</include>
             </includes>
         </dependencySet>
         <dependencySet>

http://git-wip-us.apache.org/repos/asf/knox/blob/3158bc84/gateway-server/pom.xml
----------------------------------------------------------------------
diff --git a/gateway-server/pom.xml b/gateway-server/pom.xml
index a6db1d4..4289e87 100644
--- a/gateway-server/pom.xml
+++ b/gateway-server/pom.xml
@@ -203,7 +203,7 @@
 
         <dependency>
             <groupId>${gateway-group}</groupId>
-            <artifactId>gateway-test-ldap</artifactId>
+            <artifactId>gateway-demo-ldap</artifactId>
             <scope>test</scope>
         </dependency>
 

http://git-wip-us.apache.org/repos/asf/knox/blob/3158bc84/gateway-test-ldap-launcher/pom.xml
----------------------------------------------------------------------
diff --git a/gateway-test-ldap-launcher/pom.xml b/gateway-test-ldap-launcher/pom.xml
deleted file mode 100644
index 86d3378..0000000
--- a/gateway-test-ldap-launcher/pom.xml
+++ /dev/null
@@ -1,72 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one or more
-  contributor license agreements.  See the NOTICE file distributed with
-  this work for additional information regarding copyright ownership.
-  The ASF licenses this file to You under the Apache License, Version 2.0
-  (the "License"); you may not use this file except in compliance with
-  the License.  You may obtain a copy of the License at
-
-      http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0"
-         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-    <modelVersion>4.0.0</modelVersion>
-
-    <parent>
-        <artifactId>gateway</artifactId>
-        <groupId>org.apache.knox</groupId>
-        <version>0.8.0-SNAPSHOT</version>
-    </parent>
-    <artifactId>gateway-test-ldap-launcher</artifactId>
-    <name>gateway-test-ldap-launcher</name>
-    <description>Launcher for the test/demo LDAP server.</description>
-
-    <dependencies>
-        <dependency>
-            <groupId>${gateway-group}</groupId>
-            <artifactId>gateway-util-launcher</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>junit</groupId>
-            <artifactId>junit</artifactId>
-            <scope>test</scope>
-        </dependency>
-    </dependencies>
-
-    <build>
-        <plugins>
-            <plugin>
-                <inherited>false</inherited>
-                <artifactId>maven-assembly-plugin</artifactId>
-                <version>2.4</version>
-                <executions>
-                    <execution>
-                        <id>server-launcher</id>
-                        <phase>package</phase>
-                        <goals><goal>single</goal></goals>
-                        <configuration>
-                            <appendAssemblyId>false</appendAssemblyId>
-                            <descriptorRefs>
-                                <descriptorRef>jar-with-dependencies</descriptorRef>
-                            </descriptorRefs>
-                            <archive>
-                                <manifest>
-                                    <mainClass>org.apache.hadoop.gateway.launcher.Launcher</mainClass>
-                                </manifest>
-                            </archive>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-        </plugins>
-    </build>
-
-</project>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/knox/blob/3158bc84/gateway-test-ldap-launcher/src/main/resources/META-INF/launcher.cfg
----------------------------------------------------------------------
diff --git a/gateway-test-ldap-launcher/src/main/resources/META-INF/launcher.cfg b/gateway-test-ldap-launcher/src/main/resources/META-INF/launcher.cfg
deleted file mode 100644
index dda1a25..0000000
--- a/gateway-test-ldap-launcher/src/main/resources/META-INF/launcher.cfg
+++ /dev/null
@@ -1,17 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements.  See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License.  You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-main.class = org.apache.hadoop.gateway.security.ldap.SimpleLdapDirectoryServer
-class.path = ../lib/*.jar;../dep/*.jar
-log4j.configuration=${launcher.dir}/../conf/${launcher.name}-log4j.properties
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/knox/blob/3158bc84/gateway-test-ldap/pom.xml
----------------------------------------------------------------------
diff --git a/gateway-test-ldap/pom.xml b/gateway-test-ldap/pom.xml
deleted file mode 100644
index dd58b51..0000000
--- a/gateway-test-ldap/pom.xml
+++ /dev/null
@@ -1,179 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one or more
-  contributor license agreements.  See the NOTICE file distributed with
-  this work for additional information regarding copyright ownership.
-  The ASF licenses this file to You under the Apache License, Version 2.0
-  (the "License"); you may not use this file except in compliance with
-  the License.  You may obtain a copy of the License at
-
-      http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0"
-         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-    <modelVersion>4.0.0</modelVersion>
-    <parent>
-        <groupId>org.apache.knox</groupId>
-        <artifactId>gateway</artifactId>
-        <version>0.8.0-SNAPSHOT</version>
-    </parent>
-    <artifactId>gateway-test-ldap</artifactId>
-
-    <name>gateway-test-ldap</name>
-    <description>A LDAP server based on ApacheDS used for demos and testing.</description>
-
-    <licenses>
-        <license>
-            <name>The Apache Software License, Version 2.0</name>
-            <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
-            <distribution>repo</distribution>
-        </license>
-    </licenses>
-
-    <!--
-    <build>
-        <plugins>
-            <plugin>
-                <groupId>org.codehaus.mojo</groupId>
-                <artifactId>exec-maven-plugin</artifactId>
-                <version>1.2.1</version>
-                <executions>
-                    <execution>
-                        <goals>
-                            <goal>java</goal>
-                        </goals>
-                    </execution>
-                </executions>
-                <configuration>
-                    <mainClass>org.apache.hadoop.gateway.security.EmbeddedApacheDirectoryServer</mainClass>
-                </configuration>
-            </plugin>
-        </plugins>
-    </build>
-    -->
-
-    <!--
-    <profiles>
-        <profile>
-            <id>release</id>
-            <build>
-                <plugins>
-                    <plugin>
-                        <groupId>org.apache.maven.plugins</groupId>
-                        <artifactId>maven-shade-plugin</artifactId>
-                        <version>2.0</version>
-                        <configuration>
-                            <transformers>
-                                <transformer
-                                        implementation="org.apache.maven.plugins.shade.resource.ManifestResourceTransformer">
-                                    <manifestEntries>
-                                        <Main-Class>org.apache.hadoop.gateway.security.EmbeddedApacheDirectoryServer
-                                        </Main-Class>
-                                    </manifestEntries>
-                                </transformer>
-                            </transformers>
-                            <filters>
-                                <filter>
-                                    <artifact>*:*</artifact>
-                                    <excludes>
-                                        <exclude>META-INF/*.SF</exclude>
-                                        <exclude>META-INF/*.DSA</exclude>
-                                        <exclude>META-INF/*.RSA</exclude>
-                                    </excludes>
-                                </filter>
-                            </filters>
-                        </configuration>
-                        <executions>
-                            <execution>
-                                <phase>package</phase>
-                                <goals>
-                                    <goal>shade</goal>
-                                </goals>
-                            </execution>
-                        </executions>
-                    </plugin>
-                </plugins>
-            </build>
-        </profile>
-    </profiles>
-    -->
-
-    <dependencies>
-
-        <!--
-        <dependency>
-            <groupId>org.apache.directory.server</groupId>
-            <artifactId>apacheds-server-integ</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.directory.server</groupId>
-            <artifactId>apacheds-core-entry</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.directory.shared</groupId>
-            <artifactId>shared-ldap</artifactId>
-        </dependency>
-        -->
-        <!--
-        <dependency>
-            <groupId>org.apache.directory.server</groupId>
-            <artifactId>apacheds-jdbm</artifactId>
-        </dependency>
-        -->
-        <dependency>
-            <groupId>org.apache.directory.server</groupId>
-            <artifactId>apacheds-all</artifactId>
-            <exclusions>
-                <exclusion>
-                    <groupId>ldapsdk</groupId>
-                    <artifactId>ldapsdk</artifactId>
-                </exclusion>
-            </exclusions>
-        </dependency>
-
-        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>slf4j-api</artifactId>
-        </dependency>
-
-        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>slf4j-log4j12</artifactId>
-        </dependency>
-
-        <!--
-        <dependency>
-            <groupId>org.apache.directory.server</groupId>
-            <artifactId>apacheds-all</artifactId>
-            <version>1.5.5</version>
-            <exclusions>
-                <exclusion>
-                    <groupId>org.apache.directory.shared</groupId>
-                    <artifactId>shared-ldap-schema</artifactId>
-                </exclusion>
-            </exclusions>
-        </dependency>
-        -->
-
-        <dependency>
-            <groupId>junit</groupId>
-            <artifactId>junit</artifactId>
-            <scope>test</scope>
-        </dependency>
-
-        <dependency>
-            <groupId>${gateway-group}</groupId>
-            <artifactId>gateway-test-utils</artifactId>
-            <scope>test</scope>
-        </dependency>
-
-    </dependencies>
-
-</project>
\ No newline at end of file