Rainer Hörbe

SAML Test Harness Specification

as of April 4, 2013

1

Donnerstag, 04. April 13

Key Concepts

Community EffortUse deployment experience to improve testingManage test cases with web-2.0 style service

Self-service TestingTest Harness provides Test Plans consisting of Test CasesTest Plans can be executed when combined with deployment-specific Test Configuration

Organization of Test RepositoryAnalogy to Linux Distro and Packages: Test Plans and CasesVersion Management, System Configuration

2

SAMLTest Harness

Donnerstag, 04. April 13

3

SAML Test Harness

Repository

Test Target(IdP/DS/SP)

SAML Deployment

Profile

DeploymentData

DeploymentMetadata

Profile Test Plan

SAML 2.0 core, protocol, bindings, MD, conformance

profiles, etc. (OASIS SSTC)

Test Operator

configure &execute tests

Test Designer

define & managetest cases & profiles

Test Backend

Test GUI

RepositoryManager

Configuration Store

define& use

use

Test results

Federation-specific Profile

export

CLI

GUI

OverviewSAMLTest Harness

Donnerstag, 04. April 13

Key Domain Objects

SAML Profiles specify Requirements (grouped in Features)e.g.: SAML2Int requires EntityDescriptors, which is part of the „Metadata“ Feature

Test Cases verify the Test Target‘s conformance with a Requirement

e.g.: The IDP‘s metadata MUST include an<md:IDPSSODescriptor> element containing all necessary <md:KeyDescriptor> and<md:SingleSignOnService> elements

Test Plans select a set of Test Cases and define the relevance for each one (MUST/SHOULD/MAY comply and n/a)

A Test Configuration adds the deployment-specific data to execute a test plan, like metadata and the test target‘s EntityId

4

SAMLTest Harness

Donnerstag, 04. April 13

5

Repository SchemaSAMLTest Harness

Test Backend

Repository

Test Deployment Configuration

Define Test Cases .

Group Test Cases in Test Plans Organize Test Cases

Versioning and undo

SAML Deployment Profile

Test Case

SAML Request

Test Class

PreTest PostTest

Feature Group

Feature

RequirementProfile Test Plan

reversion_revision reversion-version

Deployment data and metadata Deployment Parameters

Test Harness Metadata

Test Results

*

*

*

*

1

*

1*

1

*

1

*

extend

*

*

**

1

*

1*

*

*

1

*

1

*

Donnerstag, 04. April 13

6

How to deploy a Test PlanSAMLTest Harness

a) Select Test PlanThe Test GUI provides a list of available Profile Test Plans. The Test Operator needs to selected one to which this Test Configuration pertains.

b) Provide deployment configuration data to Test HarnessSet MD Feed URLProvide any data and artifacts that are needed in addition to MD. E.g.:

MD certificateUser Interaction with the Test Target (AuthN, ..)Test Results interfaceEntity certificates if these are not provided with MDAttribute release policy

c) Provide test target with Test Harness metadataProvide the selected subset of MD that is required to execute the Test Plan. The Test Operator may provide own certificates to the test harness.

d) Add Test Harness MD to Test target

Donnerstag, 04. April 13