diff --git a/build-tools/geode-dependency-management/src/main/groovy/org/apache/geode/gradle/plugins/DependencyConstraints.groovy b/build-tools/geode-dependency-management/src/main/groovy/org/apache/geode/gradle/plugins/DependencyConstraints.groovy
index ac814c526f7e..86d40c3611ac 100644
--- a/build-tools/geode-dependency-management/src/main/groovy/org/apache/geode/gradle/plugins/DependencyConstraints.groovy
+++ b/build-tools/geode-dependency-management/src/main/groovy/org/apache/geode/gradle/plugins/DependencyConstraints.groovy
@@ -49,7 +49,7 @@ class DependencyConstraints {
     deps.put("log4j.version", "2.25.3")
     deps.put("log4j-slf4j2-impl.version", "2.23.1")
     deps.put("micrometer.version", "1.14.0")
-    deps.put("shiro.version", "1.13.0")
+    deps.put("shiro.version", "2.1.0")
     deps.put("slf4j-api.version", "2.0.17")
     deps.put("jakarta.transaction-api.version", "2.0.1")
     deps.put("jboss-modules.version", "1.11.0.Final")
diff --git a/geode-assembly/src/integrationTest/resources/assembly_content.txt b/geode-assembly/src/integrationTest/resources/assembly_content.txt
index 4d691910144c..cc2dcd44812b 100644
--- a/geode-assembly/src/integrationTest/resources/assembly_content.txt
+++ b/geode-assembly/src/integrationTest/resources/assembly_content.txt
@@ -296,6 +296,284 @@ javadoc/org/apache/geode/cache/client/proxy/ProxySocketFactories.html
 javadoc/org/apache/geode/cache/client/proxy/SniProxySocketFactory.html
 javadoc/org/apache/geode/cache/client/proxy/package-summary.html
 javadoc/org/apache/geode/cache/client/proxy/package-tree.html
+bin/gfsh
+bin/gfsh-completion.bash
+bin/gfsh.bat
+config/cache.xml
+config/gemfire.properties
+config/log4j2.xml
+config/open-all-jdk-packages-linux-openjdk-17
+javadoc/allclasses-index.html
+javadoc/allpackages-index.html
+javadoc/constant-values.html
+javadoc/deprecated-list.html
+javadoc/element-list
+javadoc/help-doc.html
+javadoc/index-all.html
+javadoc/index.html
+javadoc/javadoc-images/BucketAdvisor-state.png
+javadoc/javadoc-images/ConnectionManagerImpl.dia
+javadoc/javadoc-images/ConnectionManagerImpl.png
+javadoc/javadoc-images/QueueManagerImpl.dia
+javadoc/javadoc-images/QueueManagerImpl.png
+javadoc/javadoc-images/class-hierarchy.fig
+javadoc/javadoc-images/class-hierarchy.gif
+javadoc/javadoc-images/client_static_diagram.png
+javadoc/javadoc-images/data-serialization-exceptions.fig
+javadoc/javadoc-images/data-serialization-exceptions.gif
+javadoc/javadoc-images/distribution-managers.fig
+javadoc/javadoc-images/distribution-managers.gif
+javadoc/javadoc-images/elder.fig
+javadoc/javadoc-images/elder.jpg
+javadoc/javadoc-images/entry-life-cycle.fig
+javadoc/javadoc-images/entry-life-cycle.gif
+javadoc/javadoc-images/eventmatrix.xls
+javadoc/javadoc-images/example-cache.xml
+javadoc/javadoc-images/example-client-cache.xml
+javadoc/javadoc-images/example2-cache.xml
+javadoc/javadoc-images/example3-cache.xml
+javadoc/javadoc-images/extensible-hashing.fig
+javadoc/javadoc-images/extensible-hashing.gif
+javadoc/javadoc-images/health-classes.gif
+javadoc/javadoc-images/jcache-get-flow.fig
+javadoc/javadoc-images/jcache-get-flow.pdf
+javadoc/javadoc-images/jcache-put-flow.fig
+javadoc/javadoc-images/jcache-put-flow.pdf
+javadoc/javadoc-images/jcache-update-message-flow.fig
+javadoc/javadoc-images/jcache-update-message-flow.pdf
+javadoc/javadoc-images/merge-log-files.fig
+javadoc/javadoc-images/merge-log-files.gif
+javadoc/javadoc-images/partitioned-regions.fig
+javadoc/javadoc-images/partitioned-regions.gif
+javadoc/javadoc-images/turks.fig
+javadoc/javadoc-images/turks.jpg
+javadoc/jquery-ui.overrides.css
+javadoc/legal/ADDITIONAL_LICENSE_INFO
+javadoc/legal/ASSEMBLY_EXCEPTION
+javadoc/legal/LICENSE
+javadoc/legal/jquery.md
+javadoc/legal/jqueryUI.md
+javadoc/member-search-index.js
+javadoc/module-search-index.js
+javadoc/org/apache/geode/CancelCriterion.html
+javadoc/org/apache/geode/CancelException.html
+javadoc/org/apache/geode/CanonicalInstantiator.html
+javadoc/org/apache/geode/CopyException.html
+javadoc/org/apache/geode/CopyHelper.html
+javadoc/org/apache/geode/DataSerializable.Replaceable.html
+javadoc/org/apache/geode/DataSerializable.html
+javadoc/org/apache/geode/DataSerializer.html
+javadoc/org/apache/geode/Delta.html
+javadoc/org/apache/geode/DeltaSerializationException.html
+javadoc/org/apache/geode/ForcedDisconnectException.html
+javadoc/org/apache/geode/GemFireCacheException.html
+javadoc/org/apache/geode/GemFireCheckedException.html
+javadoc/org/apache/geode/GemFireConfigException.html
+javadoc/org/apache/geode/GemFireException.html
+javadoc/org/apache/geode/GemFireIOException.html
+javadoc/org/apache/geode/GemFireRethrowable.html
+javadoc/org/apache/geode/IncompatibleSystemException.html
+javadoc/org/apache/geode/Instantiator.html
+javadoc/org/apache/geode/InternalGemFireError.html
+javadoc/org/apache/geode/InternalGemFireException.html
+javadoc/org/apache/geode/InvalidDeltaException.html
+javadoc/org/apache/geode/InvalidValueException.html
+javadoc/org/apache/geode/InvalidVersionException.html
+javadoc/org/apache/geode/LogWriter.html
+javadoc/org/apache/geode/NoSystemException.html
+javadoc/org/apache/geode/OutOfOffHeapMemoryException.html
+javadoc/org/apache/geode/SerializationException.html
+javadoc/org/apache/geode/StatisticDescriptor.html
+javadoc/org/apache/geode/Statistics.html
+javadoc/org/apache/geode/StatisticsFactory.html
+javadoc/org/apache/geode/StatisticsType.html
+javadoc/org/apache/geode/StatisticsTypeFactory.html
+javadoc/org/apache/geode/SystemConnectException.html
+javadoc/org/apache/geode/SystemFailure.html
+javadoc/org/apache/geode/SystemIsRunningException.html
+javadoc/org/apache/geode/ToDataException.html
+javadoc/org/apache/geode/UncreatedSystemException.html
+javadoc/org/apache/geode/UnmodifiableException.html
+javadoc/org/apache/geode/UnstartedSystemException.html
+javadoc/org/apache/geode/admin/AdminConfig.Entry.html
+javadoc/org/apache/geode/admin/AdminConfig.html
+javadoc/org/apache/geode/admin/AdminDistributedSystem.html
+javadoc/org/apache/geode/admin/AdminDistributedSystemFactory.html
+javadoc/org/apache/geode/admin/AdminException.html
+javadoc/org/apache/geode/admin/AdminXmlException.html
+javadoc/org/apache/geode/admin/Alert.html
+javadoc/org/apache/geode/admin/AlertLevel.html
+javadoc/org/apache/geode/admin/AlertListener.html
+javadoc/org/apache/geode/admin/BackupStatus.html
+javadoc/org/apache/geode/admin/CacheDoesNotExistException.html
+javadoc/org/apache/geode/admin/CacheHealthConfig.html
+javadoc/org/apache/geode/admin/CacheServer.html
+javadoc/org/apache/geode/admin/CacheServerConfig.html
+javadoc/org/apache/geode/admin/CacheVm.html
+javadoc/org/apache/geode/admin/CacheVmConfig.html
+javadoc/org/apache/geode/admin/ConfigurationParameter.html
+javadoc/org/apache/geode/admin/DistributedSystemConfig.ConfigListener.html
+javadoc/org/apache/geode/admin/DistributedSystemConfig.html
+javadoc/org/apache/geode/admin/DistributedSystemHealthConfig.html
+javadoc/org/apache/geode/admin/DistributionLocator.html
+javadoc/org/apache/geode/admin/DistributionLocatorConfig.html
+javadoc/org/apache/geode/admin/GemFireHealth.Health.html
+javadoc/org/apache/geode/admin/GemFireHealth.html
+javadoc/org/apache/geode/admin/GemFireHealthConfig.html
+javadoc/org/apache/geode/admin/GemFireMemberStatus.html
+javadoc/org/apache/geode/admin/ManagedEntity.html
+javadoc/org/apache/geode/admin/ManagedEntityConfig.html
+javadoc/org/apache/geode/admin/MemberHealthConfig.html
+javadoc/org/apache/geode/admin/OperationCancelledException.html
+javadoc/org/apache/geode/admin/RegionNotFoundException.html
+javadoc/org/apache/geode/admin/RegionSubRegionSnapshot.html
+javadoc/org/apache/geode/admin/RuntimeAdminException.html
+javadoc/org/apache/geode/admin/Statistic.html
+javadoc/org/apache/geode/admin/StatisticResource.html
+javadoc/org/apache/geode/admin/SystemMember.html
+javadoc/org/apache/geode/admin/SystemMemberBridgeServer.html
+javadoc/org/apache/geode/admin/SystemMemberCache.html
+javadoc/org/apache/geode/admin/SystemMemberCacheEvent.html
+javadoc/org/apache/geode/admin/SystemMemberCacheListener.html
+javadoc/org/apache/geode/admin/SystemMemberCacheServer.html
+javadoc/org/apache/geode/admin/SystemMemberRegion.html
+javadoc/org/apache/geode/admin/SystemMemberRegionEvent.html
+javadoc/org/apache/geode/admin/SystemMemberType.html
+javadoc/org/apache/geode/admin/SystemMembershipEvent.html
+javadoc/org/apache/geode/admin/SystemMembershipListener.html
+javadoc/org/apache/geode/admin/UnmodifiableConfigurationException.html
+javadoc/org/apache/geode/admin/jmx/Agent.html
+javadoc/org/apache/geode/admin/jmx/AgentConfig.html
+javadoc/org/apache/geode/admin/jmx/AgentFactory.html
+javadoc/org/apache/geode/admin/jmx/package-summary.html
+javadoc/org/apache/geode/admin/jmx/package-tree.html
+javadoc/org/apache/geode/admin/package-summary.html
+javadoc/org/apache/geode/admin/package-tree.html
+javadoc/org/apache/geode/annotations/Experimental.html
+javadoc/org/apache/geode/annotations/Immutable.html
+javadoc/org/apache/geode/annotations/VisibleForTesting.html
+javadoc/org/apache/geode/annotations/package-summary.html
+javadoc/org/apache/geode/annotations/package-tree.html
+javadoc/org/apache/geode/cache/AttributesFactory.html
+javadoc/org/apache/geode/cache/AttributesMutator.html
+javadoc/org/apache/geode/cache/Cache.html
+javadoc/org/apache/geode/cache/CacheCallback.html
+javadoc/org/apache/geode/cache/CacheClosedException.html
+javadoc/org/apache/geode/cache/CacheEvent.html
+javadoc/org/apache/geode/cache/CacheException.html
+javadoc/org/apache/geode/cache/CacheExistsException.html
+javadoc/org/apache/geode/cache/CacheFactory.html
+javadoc/org/apache/geode/cache/CacheListener.html
+javadoc/org/apache/geode/cache/CacheLoader.html
+javadoc/org/apache/geode/cache/CacheLoaderException.html
+javadoc/org/apache/geode/cache/CacheRuntimeException.html
+javadoc/org/apache/geode/cache/DuplicatePrimaryPartitionException.html
+javadoc/org/apache/geode/cache/DynamicRegionFactory.Config.html
+javadoc/org/apache/geode/cache/DynamicRegionFactory.html
+javadoc/org/apache/geode/cache/DynamicRegionListener.html
+javadoc/org/apache/geode/cache/EntryDestroyedException.html
+javadoc/org/apache/geode/cache/EntryEvent.html
+javadoc/org/apache/geode/cache/EntryExistsException.html
+javadoc/org/apache/geode/cache/EntryNotFoundException.html
+javadoc/org/apache/geode/cache/EntryOperation.html
+javadoc/org/apache/geode/cache/EvictionAction.html
+javadoc/org/apache/geode/cache/EvictionAlgorithm.html
+javadoc/org/apache/geode/cache/EvictionAttributes.html
+javadoc/org/apache/geode/cache/EvictionAttributesMutator.html
+javadoc/org/apache/geode/cache/ExpirationAction.html
+javadoc/org/apache/geode/cache/ExpirationAttributes.html
+javadoc/org/apache/geode/cache/FailedSynchronizationException.html
+javadoc/org/apache/geode/cache/FixedPartitionAttributes.html
+javadoc/org/apache/geode/cache/FixedPartitionResolver.html
+javadoc/org/apache/geode/cache/GatewayConfigurationException.html
+javadoc/org/apache/geode/cache/GatewayException.html
+javadoc/org/apache/geode/cache/GemFireCache.html
+javadoc/org/apache/geode/cache/IncompatibleVersionException.html
+javadoc/org/apache/geode/cache/InterestPolicy.html
+javadoc/org/apache/geode/cache/InterestRegistrationEvent.html
+javadoc/org/apache/geode/cache/InterestRegistrationListener.html
+javadoc/org/apache/geode/cache/InterestResultPolicy.html
+javadoc/org/apache/geode/cache/LoaderHelper.html
+javadoc/org/apache/geode/cache/LossAction.html
+javadoc/org/apache/geode/cache/LowMemoryException.html
+javadoc/org/apache/geode/cache/MembershipAttributes.html
+javadoc/org/apache/geode/cache/MirrorType.html
+javadoc/org/apache/geode/cache/NoQueueServersAvailableException.html
+javadoc/org/apache/geode/cache/NoSubscriptionServersAvailableException.html
+javadoc/org/apache/geode/cache/Operation.html
+javadoc/org/apache/geode/cache/OperationAbortedException.html
+javadoc/org/apache/geode/cache/PartitionAttributes.html
+javadoc/org/apache/geode/cache/PartitionAttributesFactory.html
+javadoc/org/apache/geode/cache/PartitionResolver.html
+javadoc/org/apache/geode/cache/PartitionedRegionDistributionException.html
+javadoc/org/apache/geode/cache/PartitionedRegionStorageException.html
+javadoc/org/apache/geode/cache/Region.Entry.html
+javadoc/org/apache/geode/cache/Region.html
+javadoc/org/apache/geode/cache/RegionAccessException.html
+javadoc/org/apache/geode/cache/RegionAttributes.html
+javadoc/org/apache/geode/cache/RegionDestroyedException.html
+javadoc/org/apache/geode/cache/RegionDistributionException.html
+javadoc/org/apache/geode/cache/RegionEvent.html
+javadoc/org/apache/geode/cache/RegionExistsException.html
+javadoc/org/apache/geode/cache/RegionFactory.html
+javadoc/org/apache/geode/cache/RegionMembershipListener.html
+javadoc/org/apache/geode/cache/RegionReinitializedException.html
+javadoc/org/apache/geode/cache/RegionRoleException.html
+javadoc/org/apache/geode/cache/RegionRoleListener.html
+javadoc/org/apache/geode/cache/RegionService.html
+javadoc/org/apache/geode/cache/RegionShortcut.html
+javadoc/org/apache/geode/cache/RequiredRoles.html
+javadoc/org/apache/geode/cache/ResourceException.html
+javadoc/org/apache/geode/cache/ResumptionAction.html
+javadoc/org/apache/geode/cache/RoleEvent.html
+javadoc/org/apache/geode/cache/RoleException.html
+javadoc/org/apache/geode/cache/Scope.html
+javadoc/org/apache/geode/cache/SerializedCacheValue.html
+javadoc/org/apache/geode/cache/StatisticsDisabledException.html
+javadoc/org/apache/geode/cache/SubscriptionAttributes.html
+javadoc/org/apache/geode/cache/SynchronizationCommitConflictException.html
+javadoc/org/apache/geode/cache/TimeoutException.html
+javadoc/org/apache/geode/cache/TransactionDataNodeHasDepartedException.html
+javadoc/org/apache/geode/cache/TransactionDataNotColocatedException.html
+javadoc/org/apache/geode/cache/TransactionDataRebalancedException.html
+javadoc/org/apache/geode/cache/TransactionEvent.html
+javadoc/org/apache/geode/cache/TransactionException.html
+javadoc/org/apache/geode/cache/TransactionId.html
+javadoc/org/apache/geode/cache/TransactionInDoubtException.html
+javadoc/org/apache/geode/cache/TransactionListener.html
+javadoc/org/apache/geode/cache/TransactionWriter.html
+javadoc/org/apache/geode/cache/TransactionWriterException.html
+javadoc/org/apache/geode/cache/UnsupportedOperationInTransactionException.html
+javadoc/org/apache/geode/cache/UnsupportedVersionException.html
+javadoc/org/apache/geode/cache/VersionException.html
+javadoc/org/apache/geode/cache/asyncqueue/AsyncEvent.html
+javadoc/org/apache/geode/cache/asyncqueue/AsyncEventListener.html
+javadoc/org/apache/geode/cache/asyncqueue/AsyncEventQueue.html
+javadoc/org/apache/geode/cache/asyncqueue/AsyncEventQueueFactory.html
+javadoc/org/apache/geode/cache/asyncqueue/package-summary.html
+javadoc/org/apache/geode/cache/asyncqueue/package-tree.html
+javadoc/org/apache/geode/cache/client/AllConnectionsInUseException.html
+javadoc/org/apache/geode/cache/client/ClientCache.html
+javadoc/org/apache/geode/cache/client/ClientCacheFactory.html
+javadoc/org/apache/geode/cache/client/ClientNotReadyException.html
+javadoc/org/apache/geode/cache/client/ClientRegionFactory.html
+javadoc/org/apache/geode/cache/client/ClientRegionShortcut.html
+javadoc/org/apache/geode/cache/client/NoAvailableLocatorsException.html
+javadoc/org/apache/geode/cache/client/NoAvailableServersException.html
+javadoc/org/apache/geode/cache/client/Pool.html
+javadoc/org/apache/geode/cache/client/PoolFactory.html
+javadoc/org/apache/geode/cache/client/PoolManager.html
+javadoc/org/apache/geode/cache/client/ServerConnectivityException.html
+javadoc/org/apache/geode/cache/client/ServerOperationException.html
+javadoc/org/apache/geode/cache/client/ServerRefusedConnectionException.html
+javadoc/org/apache/geode/cache/client/SocketFactory.html
+javadoc/org/apache/geode/cache/client/SubscriptionNotEnabledException.html
+javadoc/org/apache/geode/cache/client/package-summary.html
+javadoc/org/apache/geode/cache/client/package-tree.html
+javadoc/org/apache/geode/cache/client/proxy/ProxySocketFactories.html
+javadoc/org/apache/geode/cache/client/proxy/SniProxySocketFactory.html
+javadoc/org/apache/geode/cache/client/proxy/package-summary.html
+javadoc/org/apache/geode/cache/client/proxy/package-tree.html
 javadoc/org/apache/geode/cache/configuration/CacheConfig.AsyncEventQueue.html
 javadoc/org/apache/geode/cache/configuration/CacheConfig.CacheServer.html
 javadoc/org/apache/geode/cache/configuration/CacheConfig.GatewayHub.Gateway.GatewayEndpoint.html
@@ -923,6 +1201,7 @@ lib/antlr-runtime-3.5.2.jar
 lib/asm-9.8.jar
 lib/asm-commons-9.8.jar
 lib/asm-tree-9.8.jar
+lib/bcprov-jdk18on-1.82.jar
 lib/byte-buddy-1.14.9.jar
 lib/classgraph-4.8.147.jar
 lib/classmate-1.5.1.jar
@@ -1034,15 +1313,17 @@ lib/ra.jar
 lib/reactive-streams-1.0.4.jar
 lib/reactor-core-3.6.10.jar
 lib/rmiio-2.1.2.jar
-lib/shiro-cache-1.13.0.jar
-lib/shiro-config-core-1.13.0.jar
-lib/shiro-config-ogdl-1.13.0.jar
-lib/shiro-core-1.13.0.jar
-lib/shiro-crypto-cipher-1.13.0.jar
-lib/shiro-crypto-core-1.13.0.jar
-lib/shiro-crypto-hash-1.13.0.jar
-lib/shiro-event-1.13.0.jar
-lib/shiro-lang-1.13.0.jar
+lib/shiro-cache-2.1.0.jar
+lib/shiro-config-core-2.1.0.jar
+lib/shiro-config-ogdl-2.1.0.jar
+lib/shiro-core-2.1.0.jar
+lib/shiro-crypto-cipher-2.1.0.jar
+lib/shiro-crypto-core-2.1.0.jar
+lib/shiro-crypto-hash-2.1.0.jar
+lib/shiro-event-2.1.0.jar
+lib/shiro-lang-2.1.0.jar
+lib/shiro-hashes-argon2-2.1.0.jar
+lib/shiro-hashes-bcrypt-2.1.0.jar
 lib/slf4j-api-2.0.17.jar
 lib/snakeyaml-2.2.jar
 lib/snappy-0.5.jar
diff --git a/geode-assembly/src/integrationTest/resources/expected_jars.txt b/geode-assembly/src/integrationTest/resources/expected_jars.txt
index f2023163ef6a..cbe7fc34edb3 100644
--- a/geode-assembly/src/integrationTest/resources/expected_jars.txt
+++ b/geode-assembly/src/integrationTest/resources/expected_jars.txt
@@ -9,6 +9,7 @@ antlr-runtime
 asm
 asm-commons
 asm-tree
+bcprov-jdk18on
 byte-buddy
 classgraph
 classmate
@@ -111,6 +112,8 @@ shiro-crypto-cipher
 shiro-crypto-core
 shiro-crypto-hash
 shiro-event
+shiro-hashes-argon
+shiro-hashes-bcrypt
 shiro-lang
 slf4j-api
 snakeyaml
diff --git a/geode-assembly/src/integrationTest/resources/gfsh_dependency_classpath.txt b/geode-assembly/src/integrationTest/resources/gfsh_dependency_classpath.txt
index 290385f1c6e1..63f8d7a730b8 100644
--- a/geode-assembly/src/integrationTest/resources/gfsh_dependency_classpath.txt
+++ b/geode-assembly/src/integrationTest/resources/gfsh_dependency_classpath.txt
@@ -66,8 +66,8 @@ HikariCP-4.0.3.jar
 antlr-2.7.7.jar
 istack-commons-runtime-4.1.1.jar
 commons-validator-1.7.jar
-shiro-core-1.13.0.jar
-shiro-config-ogdl-1.13.0.jar
+shiro-core-2.1.0.jar
+shiro-config-ogdl-2.1.0.jar
 commons-beanutils-1.11.0.jar
 commons-codec-1.15.jar
 commons-collections-3.2.2.jar
@@ -97,13 +97,15 @@ jetty-security-12.0.27.jar
 jetty-server-12.0.27.jar
 snappy-0.5.jar
 jgroups-3.6.20.Final.jar
-shiro-cache-1.13.0.jar
-shiro-crypto-hash-1.13.0.jar
-shiro-crypto-cipher-1.13.0.jar
-shiro-config-core-1.13.0.jar
-shiro-event-1.13.0.jar
-shiro-crypto-core-1.13.0.jar
-shiro-lang-1.13.0.jar
+shiro-cache-2.1.0.jar
+shiro-crypto-hash-2.1.0.jar
+shiro-crypto-cipher-2.1.0.jar
+shiro-config-core-2.1.0.jar
+shiro-event-2.1.0.jar
+shiro-crypto-core-2.1.0.jar
+shiro-lang-2.1.0.jar
+shiro-hashes-argon2-2.1.0.jar
+shiro-hashes-bcrypt-2.1.0.jar
 jetty-xml-12.0.27.jar
 jetty-http-12.0.27.jar
 jetty-io-12.0.27.jar
@@ -143,3 +145,4 @@ classmate-1.5.1.jar
 logback-core-1.5.11.jar
 jakarta.el-api-5.0.0.jar
 jakarta.inject-api-2.0.1.jar
+bcprov-jdk18on-1.82.jar
diff --git a/geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java b/geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java
index 98fae4aa53ea..d2e204e6ab60 100644
--- a/geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java
+++ b/geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java
@@ -28,8 +28,10 @@
 import org.apache.commons.lang3.StringUtils;
 import org.apache.logging.log4j.Logger;
 import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.ShiroException;
 import org.apache.shiro.UnavailableSecurityManagerException;
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authz.AuthorizationException;
+import org.apache.shiro.config.ConfigurationException;
 import org.apache.shiro.session.Session;
 import org.apache.shiro.subject.Subject;
 import org.apache.shiro.subject.support.SubjectThreadState;
@@ -173,7 +175,7 @@ public Subject login(final Properties credentials) {
       currentUser.login(token);
     } catch (UnavailableSecurityManagerException e) {
       throw new CacheClosedException("Cache is closed.");
-    } catch (ShiroException e) {
+    } catch (AuthenticationException | ConfigurationException e) {
       logger.info("error logging in: " + token.getPrincipal());
       Throwable cause = e.getCause();
       if (cause == null) {
@@ -199,7 +201,7 @@ public void logout() {
     try {
       logger.debug("Logging out " + currentUser.getPrincipal());
       currentUser.logout();
-    } catch (ShiroException e) {
+    } catch (AuthenticationException e) {
       logger.info("error logging out: " + currentUser.getPrincipal());
       throw new GemFireSecurityException(e.getMessage(), e);
     }
@@ -286,7 +288,7 @@ public void authorize(ResourcePermission context, Subject currentUser) {
 
     try {
       currentUser.checkPermission(context);
-    } catch (ShiroException e) {
+    } catch (AuthorizationException e) {
       String message = currentUser.getPrincipal() + " not authorized for " + context;
       logger.info("NotAuthorizedException: {}", message);
       throw new NotAuthorizedException(message, e);
diff --git a/geode-core/src/main/java/org/apache/geode/internal/security/shiro/SecurityManagerProvider.java b/geode-core/src/main/java/org/apache/geode/internal/security/shiro/SecurityManagerProvider.java
index 5d286439a27d..4a6b4d82f1ca 100644
--- a/geode-core/src/main/java/org/apache/geode/internal/security/shiro/SecurityManagerProvider.java
+++ b/geode-core/src/main/java/org/apache/geode/internal/security/shiro/SecurityManagerProvider.java
@@ -19,7 +19,6 @@
 import org.apache.logging.log4j.Logger;
 import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.config.Ini;
-import org.apache.shiro.config.IniSecurityManagerFactory;
 import org.apache.shiro.mgt.DefaultSecurityManager;
 import org.apache.shiro.realm.Realm;
 import org.apache.shiro.session.mgt.DefaultSessionManager;
@@ -41,14 +40,20 @@ public SecurityManagerProvider() {
   public SecurityManagerProvider(String shiroConfig) {
     securityManager = null;
 
-    IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:" + shiroConfig);
-    // we will need to make sure that shiro uses a case sensitive permission resolver
-    Ini.Section main = factory.getIni().addSection("main");
+    // Shiro 2.1.0: IniSecurityManagerFactory is removed. Use Ini and DefaultSecurityManager
+    // directly.
+    Ini ini = new Ini();
+    ini.loadFromPath("classpath:" + shiroConfig);
+    Ini.Section main = ini.getSection("main");
+    if (main == null) {
+      main = ini.addSection("main");
+    }
     main.put("geodePermissionResolver", GeodePermissionResolver.class.getName());
     if (!main.containsKey("iniRealm.permissionResolver")) {
       main.put("iniRealm.permissionResolver", "$geodePermissionResolver");
     }
-    shiroManager = factory.getInstance();
+    // Shiro 2.1.0: create a DefaultSecurityManager
+    shiroManager = new DefaultSecurityManager();
   }
 
 
diff --git a/geode-core/src/test/java/org/apache/geode/internal/InternalDataSerializerShiroAcceptListTest.java b/geode-core/src/test/java/org/apache/geode/internal/InternalDataSerializerShiroAcceptListTest.java
index 64f34159dc03..eb255c6a4098 100644
--- a/geode-core/src/test/java/org/apache/geode/internal/InternalDataSerializerShiroAcceptListTest.java
+++ b/geode-core/src/test/java/org/apache/geode/internal/InternalDataSerializerShiroAcceptListTest.java
@@ -25,15 +25,16 @@
 import java.io.IOException;
 import java.util.Properties;
 
-import org.apache.shiro.ShiroException;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authz.AuthorizationException;
-import org.apache.shiro.codec.CodecException;
 import org.apache.shiro.config.ConfigurationException;
 import org.apache.shiro.crypto.UnknownAlgorithmException;
 import org.apache.shiro.dao.InvalidResourceUsageException;
 import org.apache.shiro.env.RequiredTypeException;
-import org.apache.shiro.io.SerializationException;
+import org.apache.shiro.lang.ShiroException;
+import org.apache.shiro.lang.codec.CodecException;
+import org.apache.shiro.lang.io.SerializationException;
+import org.apache.shiro.lang.util.InstantiationException;
 import org.apache.shiro.ldap.UnsupportedAuthenticationMechanismException;
 import org.apache.shiro.session.SessionException;
 import org.apache.shiro.session.StoppedSessionException;
@@ -91,7 +92,7 @@ public void acceptsExecutionException() throws IOException, ClassNotFoundExcepti
 
   @Test
   public void acceptsInstantiationException() throws IOException, ClassNotFoundException {
-    trySerializingObject(new org.apache.shiro.util.InstantiationException("testing"),
+    trySerializingObject(new InstantiationException("testing"),
         propertiesWithoutFilter());
   }
 
diff --git a/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceTest.java b/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceTest.java
index fbe90a448149..3588e3ff4cd4 100644
--- a/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceTest.java
+++ b/geode-core/src/test/java/org/apache/geode/internal/security/IntegratedSecurityServiceTest.java
@@ -24,8 +24,8 @@
 
 import java.util.Properties;
 
-import org.apache.shiro.ShiroException;
 import org.apache.shiro.UnavailableSecurityManagerException;
+import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.session.Session;
 import org.apache.shiro.subject.Subject;
 import org.apache.shiro.subject.SubjectContext;
@@ -53,7 +53,7 @@ public class IntegratedSecurityServiceTest {
   private org.apache.shiro.mgt.SecurityManager shiroManager;
 
   private IntegratedSecurityService securityService;
-  private ShiroException shiroException;
+  private AuthenticationException shiroException;
   private Properties properties;
 
   @Before
@@ -68,7 +68,7 @@ public void before() throws Exception {
     when(mockSubject.getPrincipal()).thenReturn("principal");
     when(mockSubject.getSession()).thenReturn(mock(Session.class));
 
-    shiroException = mock(ShiroException.class);
+    shiroException = mock(AuthenticationException.class);
     properties = new Properties();
 
     securityService = new IntegratedSecurityService(provider, null);
@@ -189,7 +189,7 @@ public void login_when_ShiroException_hasNoCause() throws Exception {
     doThrow(shiroException).when(mockSubject).login(any(GeodeAuthenticationToken.class));
     assertThatThrownBy(() -> securityService.login(properties))
         .isInstanceOf(AuthenticationFailedException.class)
-        .hasCauseInstanceOf(ShiroException.class)
+        .hasCauseInstanceOf(AuthenticationException.class)
         .hasMessageContaining("Authentication error. Please check your credentials");
   }
 
diff --git a/geode-server-all/src/integrationTest/resources/dependency_classpath.txt b/geode-server-all/src/integrationTest/resources/dependency_classpath.txt
index 546fb9182781..fc9a424cb58c 100644
--- a/geode-server-all/src/integrationTest/resources/dependency_classpath.txt
+++ b/geode-server-all/src/integrationTest/resources/dependency_classpath.txt
@@ -51,7 +51,7 @@ jakarta.resource-api-2.1.0.jar
 jetty-ee10-annotations-12.0.27.jar
 jetty-ee10-plus-12.0.27.jar
 jakarta.transaction-api-2.0.1.jar
-shiro-core-1.13.0.jar
+shiro-core-2.1.0.jar
 jgroups-3.6.20.Final.jar
 commons-validator-1.7.jar
 fastutil-8.5.8.jar
@@ -79,7 +79,7 @@ lucene-analysis-common-9.12.3.jar
 lucene-queryparser-9.12.3.jar
 lucene-queries-9.12.3.jar
 lucene-core-9.12.3.jar
-shiro-config-ogdl-1.13.0.jar
+shiro-config-ogdl-2.1.0.jar
 commons-beanutils-1.11.0.jar
 commons-codec-1.15.jar
 commons-collections-3.2.2.jar
@@ -98,13 +98,13 @@ jetty-session-12.0.27.jar
 jetty-plus-12.0.27.jar
 jetty-security-12.0.27.jar
 jetty-server-12.0.27.jar
-shiro-cache-1.13.0.jar
-shiro-crypto-hash-1.13.0.jar
-shiro-crypto-cipher-1.13.0.jar
-shiro-config-core-1.13.0.jar
-shiro-event-1.13.0.jar
-shiro-crypto-core-1.13.0.jar
-shiro-lang-1.13.0.jar
+shiro-cache-2.1.0.jar
+shiro-crypto-hash-2.1.0.jar
+shiro-crypto-cipher-2.1.0.jar
+shiro-config-core-2.1.0.jar
+shiro-event-2.1.0.jar
+shiro-crypto-core-2.1.0.jar
+shiro-lang-2.1.0.jar
 jetty-xml-12.0.27.jar
 jetty-http-12.0.27.jar
 jetty-io-12.0.27.jar
@@ -143,3 +143,6 @@ jakarta.validation-api-3.0.2.jar
 jboss-logging-3.4.3.Final.jar
 classmate-1.5.1.jar
 logback-core-1.5.11.jar
+shiro-hashes-argon2-2.1.0.jar
+shiro-hashes-bcrypt-2.1.0.jar
+bcprov-jdk18on-1.82.jar