saml test harness specification
TRANSCRIPT
Rainer Hörbe
SAML Test Harness Specification
as of April 4, 2013
1
Donnerstag, 04. April 13
Key Concepts
Community EffortUse deployment experience to improve testingManage test cases with web-2.0 style service
Self-service TestingTest Harness provides Test Plans consisting of Test CasesTest Plans can be executed when combined with deployment-specific Test Configuration
Organization of Test RepositoryAnalogy to Linux Distro and Packages: Test Plans and CasesVersion Management, System Configuration
2
SAMLTest Harness
Donnerstag, 04. April 13
3
SAML Test Harness
Repository
Test Target(IdP/DS/SP)
SAML Deployment
Profile
DeploymentData
DeploymentMetadata
Profile Test Plan
SAML 2.0 core, protocol, bindings, MD, conformance
profiles, etc. (OASIS SSTC)
Test Operator
configure &execute tests
Test Designer
define & managetest cases & profiles
Test Backend
Test GUI
RepositoryManager
Configuration Store
define& use
use
Test results
Federation-specific Profile
export
CLI
GUI
OverviewSAMLTest Harness
Donnerstag, 04. April 13
Key Domain Objects
SAML Profiles specify Requirements (grouped in Features)e.g.: SAML2Int requires EntityDescriptors, which is part of the „Metadata“ Feature
Test Cases verify the Test Target‘s conformance with a Requirement
e.g.: The IDP‘s metadata MUST include an<md:IDPSSODescriptor> element containing all necessary <md:KeyDescriptor> and<md:SingleSignOnService> elements
Test Plans select a set of Test Cases and define the relevance for each one (MUST/SHOULD/MAY comply and n/a)
A Test Configuration adds the deployment-specific data to execute a test plan, like metadata and the test target‘s EntityId
4
SAMLTest Harness
Donnerstag, 04. April 13
5
Repository SchemaSAMLTest Harness
Test Backend
Repository
Test Deployment Configuration
Define Test Cases .
Group Test Cases in Test Plans Organize Test Cases
Versioning and undo
SAML Deployment Profile
Test Case
SAML Request
Test Class
PreTest PostTest
Feature Group
Feature
RequirementProfile Test Plan
reversion_revision reversion-version
Deployment data and metadata Deployment Parameters
Test Harness Metadata
Test Results
*
*
*
*
1
*
1*
1
*
1
*
extend
*
*
**
1
*
1*
*
*
1
*
1
*
Donnerstag, 04. April 13
6
How to deploy a Test PlanSAMLTest Harness
a) Select Test PlanThe Test GUI provides a list of available Profile Test Plans. The Test Operator needs to selected one to which this Test Configuration pertains.
b) Provide deployment configuration data to Test HarnessSet MD Feed URLProvide any data and artifacts that are needed in addition to MD. E.g.:
MD certificateUser Interaction with the Test Target (AuthN, ..)Test Results interfaceEntity certificates if these are not provided with MDAttribute release policy
c) Provide test target with Test Harness metadataProvide the selected subset of MD that is required to execute the Test Plan. The Test Operator may provide own certificates to the test harness.
d) Add Test Harness MD to Test target
Donnerstag, 04. April 13