http://localhost:8180/gazelle-sts?wsdl
]]>http://schemas.xmlsoap.org/wsdl/
${#Project#ServiceBaseURL}/gazelle-sts
http://localhost:8180/gazelle-stshttps://sake.irisa.fr/gazelle-stshttps://sake.irisa.fr/gazelle-stshttps://sake.irisa.fr/gazelle-sts
true
UTF-8
http://localhost:8180/gazelle-sts
?
?
JpQqP2iLrH9DbvaX0GAO9g==
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
?
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
No AuthorizationNo Authorization
true
UTF-8
http://localhost:8180/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Validate
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
?
]]>
No AuthorizationNo Authorization
true
UTF-8
http://localhost:8180/gazelle-sts
?
?
1S0diJqtjPm78XodEjcwKQ==
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Cancel
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
?
]]>
No AuthorizationNo Authorization
true
UTF-8
http://localhost:8180/gazelle-sts
?
?
1S0diJqtjPm78XodEjcwKQ==
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Renew
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
?
]]>
No AuthorizationNo Authorization
SEQUENTIAL
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
valid
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/saml2:Conditions/saml2:AudienceRestriction/saml2:Audience
XPathExpectedResult
${#TestSuite#Audience}
ExpectedValidationStatus
valid
ExpectedValidationReason
SAMLV2.0 Assertion successfuly validated (with NO Authz-Consent option)
Audience
${#TestSuite#Audience}
PARALLELL
1000
false
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
valid
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/saml2:Conditions/saml2:AudienceRestriction/saml2:Audience
XPathExpectedResult
${#TestSuite#Audience}
ExpectedValidationStatus
valid
ExpectedValidationReason
SAMLV2.0 Assertion successfuly validated (with NO Authz-Consent option)
Audience
${#TestSuite#Audience}
PARALLELL
STSBinding
IssueToken
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Renew
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
urn:ihe-europe:sts
yEX1qXQbUGdBkSWf4gomQ52UzjM=
XB9C459Tk/ZjorSF9xd8eUQ2Ry+lmVVtMqqefbzIULaDn+IMBDee5E04rvy72g71b5/cflMtS7GeVDNjG1x5M5UcK0qOzR7cd/ezriaGrg+oGJdtz8d1IgjtGx4JituwOjPYxnVBfXNuI+bBSKuznmsoi9WEXF8zufSjpLv9sqjXX++QdtZOZsdvi688mNnLbW7dZeO13126rRZkRilt2tuV6QQ+leGO7nI1u8p4i8qgJ8CJ7dLLuaQS/MmGThmnJwWtblTveL150TlV7Zc8G4wb4yPWhlIK+ly2Sf3m3l3yvFrBdkhM1EMaLbpEBJ5vw+1/QomtW5+qJJ91YFQyhg==
MIIHhTCCBm2gAwIBAgIEW4oH5DANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzEQMA4GA1UEChMHRW50cnVzdDEiMCAGA1UECxMZQ2VydGlmaWNhdGlvbiBBdXRob3JpdGllczExMC8GA1UECxMoRW50cnVzdCBORkkgVGVzdCBTaGFyZWQgU2VydmljZSBQcm92aWRlcjAeFw0yMDAzMjcwNzQ0MzJaFw0yMTAzMjcwODE0MzJaMFgxCzAJBgNVBAYTAlVTMQ0wCwYDVQQKEwROSElOMRIwEAYDVQQLEwlOSElOLVRlc3QxJjAkBgNVBAMTHXZhbGlkYXRpb24uc2VxdW9pYXByb2plY3Qub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHuzZPtoOlBi4vkSeHBkMHNOH5hg3EJh8y3JovH54jHLjjye0koku7pHWg7pMVq/lLs4BegwRkDZCCVEQSvOTgMd2kHnc973CSXiy/z5GzsR3ngySsDA3TVM7J3xE4hfH36NenoTv8G7IQ3D0E4VVCuWVtNHg9LSOcyrrzHamYwQpD6PF4ldw4DVBkZTc0L1CkNEbcxpxCu2XFWDRC1r3f8MWzbGfOaZVf9w9/oNQePUD7RQvWRiFX9ahInPpZWsEkqCgkVyMqJR2GpAd0YwI8kz3bRS26oX66+cX0djU46veyiyiMeVQjkymdLZTdgllc2b0W9LTbeUvJEZ8aI63QIDAQABo4IENzCCBDMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCCAX0GCCsGAQUFBwEBBIIBbzCCAWswVQYIKwYBBQUHMAKGSWh0dHA6Ly9uZml0ZXN0d2ViLm1hbmFnZWQuZW50cnVzdC5jb20vQUlBL0NlcnRzSXNzdWVkVG9ORklNZWRpdW1TU1BDQS5wN2MwgccGCCsGAQUFBzAChoG6bGRhcDovL25maXRlc3RkaXIubWFuYWdlZC5lbnRydXN0LmNvbS9vdT1FbnRydXN0JTIwTkZJJTIwVGVzdCUyMFNoYXJlZCUyMFNlcnZpY2UlMjBQcm92aWRlcixvdT1DZXJ0aWZpY2F0aW9uJTIwQXV0aG9yaXRpZXMsbz1FbnRydXN0LGM9VVM/Y0FDZXJ0aWZpY2F0ZTtiaW5hcnksY3Jvc3NDZXJ0aWZpY2F0ZVBhaXI7YmluYXJ5MEgGCCsGAQUFBzABhjxodHRwOi8vbmZpdGVzdG9jc3AubWFuYWdlZC5lbnRydXN0LmNvbS9PQ1NQL05GSVRlc3RSZXNwb25kZXIwQwYDVR0RBDwwOoITYXNzdXJpdHkuZHluZG5zLm9yZ4IjdmFsaWRhdGlvbi10YW5nby5zZXF1b2lhcHJvamVjdC5vcmcwggGnBgNVHR8EggGeMIIBmjCCAQGggf6ggfuGPGh0dHA6Ly9uZml0ZXN0d2ViLm1hbmFnZWQuZW50cnVzdC5jb20vQ1JMcy9ORklUZXN0U1NQQ0EyLmNybIaBumxkYXA6Ly9uZml0ZXN0ZGlyLm1hbmFnZWQuZW50cnVzdC5jb20vY249V2luQ29tYmluZWQyLG91PUVudHJ1c3QlMjBORkklMjBUZXN0JTIwU2hhcmVkJTIwU2VydmljZSUyMFByb3ZpZGVyLG91PUNlcnRpZmljYXRpb24lMjBBdXRob3JpdGllcyxvPUVudHJ1c3QsYz1VUz9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0O2JpbmFyeTCBkqCBj6CBjKSBiTCBhjELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0VudHJ1c3QxIjAgBgNVBAsTGUNlcnRpZmljYXRpb24gQXV0aG9yaXRpZXMxMTAvBgNVBAsTKEVudHJ1c3QgTkZJIFRlc3QgU2hhcmVkIFNlcnZpY2UgUHJvdmlkZXIxDjAMBgNVBAMTBUNSTDI2MCsGA1UdEAQkMCKADzIwMjAwMzI3MDc0NDMyWoEPMjAyMTAzMjcwODE0MzJaMB8GA1UdIwQYMBaAFI8Jc8FggvBRsUpDLtsUoJuCygbRMB0GA1UdDgQWBBTRIyqTLTv/eKH1tAzVo12Gg2yAajAJBgNVHRMEAjAAMBkGCSqGSIb2fQdBAAQMMAobBFY4LjMDAgOoMA0GCSqGSIb3DQEBCwUAA4IBAQBSl7AEVS6hePvatC8HjJocXoGSboRTRZTo23Sxp966DIrwUGcNki9yjfQExJgRc3CaE7oHPP2wL0UJvDf63ppiihgWMiQiJpEfmgOG/A1+bvvI2koU0scHuwxg3Bz4qjv0dqEeHGHstDM6nCn8vxRxpzA3T6NgAXQxffdHObCqdTsHzpCDS60zatE0VtWfG15Bbra0/X89mbtXCz2OLpdcmESxEbC6YOkl+MbnyjkbXrBi9fxXk7gaAR3T2KrV/2kiu75VZeZGhlMw/6J/orhCZibMVm5nG+R6NzFqWzT4NdfYdJoo4jCu6/+HivCFOJtkQydFk3UEt1E1qgzOOvQG
sHuzZPtoOlBi4vkSeHBkMHNOH5hg3EJh8y3JovH54jHLjjye0koku7pHWg7pMVq/lLs4BegwRkDZCCVEQSvOTgMd2kHnc973CSXiy/z5GzsR3ngySsDA3TVM7J3xE4hfH36NenoTv8G7IQ3D0E4VVCuWVtNHg9LSOcyrrzHamYwQpD6PF4ldw4DVBkZTc0L1CkNEbcxpxCu2XFWDRC1r3f8MWzbGfOaZVf9w9/oNQePUD7RQvWRiFX9ahInPpZWsEkqCgkVyMqJR2GpAd0YwI8kz3bRS26oX66+cX0djU46veyiyiMeVQjkymdLZTdgllc2b0W9LTbeUvJEZ8aI63Q==
AQAB
valid
https://gazelle.ihe.net
urn:oasis:names:tc:SAML:2.0:ac:classes:Password
valid
IHE-Europe
urn:oid:1.2.3
urn:oid:1.2.3.4.5
]]>
${#TestCase#username}
${#TestCase#password}
BasicBasicGlobal HTTP Settings
usernamevalidpasswordconnectathonAudiencehttps://gazelle.ihe.net
SEQUENTIAL
Request a valid assertion. It must be Signed and valid for two hours. the Audience
restriction must have been set from the WS-Addressing request's element.
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
valid
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/saml2:Conditions/saml2:AudienceRestriction/saml2:Audience
XPathExpectedResult
${#TestSuite#Audience}
ExpectedValidationStatus
valid
ExpectedValidationReason
SAMLV2.0 Assertion successfuly validated (with NO Authz-Consent option)
Audience
${#TestSuite#Audience}
PARALLELL
Verify the issued assertion has a modified audience restriction. However, the assertion must still be valid, the service provider is responsible for the audience validation.
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
unknownaudience
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/saml2:Conditions/saml2:AudienceRestriction/saml2:Audience
XPathExpectedResult
http://ihe.unknown.xua/X-ServiceProvider-IHE-Unknown
ExpectedValidationStatus
valid
ExpectedValidationReason
SAMLV2.0 Assertion successfuly validated (with NO Authz-Consent option)
Audience
${#TestSuite#Audience}
PARALLELL
Username
Xuabad
Validation
invalid
Reason
Validation failure: URI of unknown X-Service_Provider in audience restriction
Xpath
//wst:RequestedSecurityToken/saml2:Assertion/saml2:Conditions/saml2:AudienceRestriction/saml2:Audience
XpathResult
http://ihe.unknown.xua/X-ServiceProvider-IHE-Unknown
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
notyetvalid
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion)
XPathExpectedResult
true
ExpectedValidationStatus
invalid
ExpectedValidationReason
Validation failure: assertion expired or used before its lifetime period
Audience
${#TestSuite#Audience}
PARALLELL
Username
notyetvalid
Validation
invalid
Reason
Validation failure: assertion expired or used before its lifetime period
Xpath
boolean(//wst:RequestSecurityTokenResponseCollection)
XpathResult
true
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
expired
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion)
XPathExpectedResult
true
ExpectedValidationStatus
invalid
ExpectedValidationReason
Validation failure: assertion expired or used before its lifetime period
Audience
${#TestSuite#Audience}
PARALLELL
Username
expired
Validation
invalid
Reason
Validation failure: assertion expired or used before its lifetime period
Xpath
boolean(//wst:RequestSecurityTokenResponseCollection)
XpathResult
true
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
unsigned
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature)
XPathExpectedResult
false
ExpectedValidationStatus
invalid
ExpectedValidationReason
Validation failure: unable to verify digital signature: PL00092: Null Value:Cannot find Signature element
Audience
${#TestSuite#Audience}
PARALLELL
Username
unsigned
Validation
invalid
Reason
Validation failure: unable to verify digital signature: PL00092: Null Value:Cannot find Signature element
Xpath
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature)
XpathResult
false
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
invalidsignature
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature)
XPathExpectedResult
true
ExpectedValidationStatus
invalid
ExpectedValidationReason
Validation failure: digital signature is invalid
Audience
${#TestSuite#Audience}
PARALLELL
Username
unsigned
Validation
invalid
Reason
Validation failure: unable to verify digital signature: PL00092: Null Value:Cannot find
Signature element
Xpath
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature)
XpathResult
false
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
invalidauthncontext
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/saml2:AuthnStatement/saml2:AuthnContext/saml2:AuthnContextClassRef
XPathExpectedResult
urn:oasis:names:tc:SAML:2.0:ac:classes:Invalid
ExpectedValidationStatus
invalid
ExpectedValidationReason
Validation failure: invalid AuthnStatement parameter
Audience
${#TestSuite#Audience}
PARALLELL
Username
invalidauthncontext
Validation
invalid
Reason
Validation failure: invalid AuthnStatement parameter
Xpath
//wst:RequestedSecurityToken/saml2:Assertion/saml2:AuthnStatement/saml2:AuthnContext/saml2:AuthnContextClassRef
XpathResult
urn:oasis:names:tc:SAML:2.0:ac:classes:Invalid
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
secondauthncontext
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/saml2:AuthnStatement/saml2:AuthnContext/saml2:AuthnContextClassRef
XPathExpectedResult
urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol
ExpectedValidationStatus
invalid
ExpectedValidationReason
Validation failure: AuthnContextClassRef is 'InternetProtocol' which 'policy' says is an unacceptable authentication method
Audience
${#TestSuite#Audience}
PARALLELL
Username
secondauthncontext
Validation
invalid
Reason
Validation failure: AuthnContextClassRef is 'InternetProtocol' which 'policy' says is an unacceptable authentication method
Xpath
//wst:RequestedSecurityToken/saml2:Assertion/saml2:AuthnStatement/saml2:AuthnContext/saml2:AuthnContextClassRef
XpathResult
urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
secondrole
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oasis:names:tc:xacml:2.0:subject:role']/saml2:AttributeValue/hl7:Role/@displayName
XPathExpectedResult
Social Worker
ExpectedValidationStatus
invalid
ExpectedValidationReason
Validation failure: current role cannot provide any access
Audience
${#TestSuite#Audience}
PARALLELL
Username
secondrole
Validation
invalid
Reason
Validation failure: current role cannot provide any access
Xpath
//wst:RequestedSecurityToken/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oasis:names:tc:xacml:2.0:subject:role']/saml2:AttributeValue/hl7:Role/@displayName
XpathResult
Social Worker
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
secondpurposeofuse
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oasis:names:tc:xspa:1.0:subject:purposeofuse']/saml2:AttributeValue/hl7:PurposeOfUse/@displayName
XPathExpectedResult
RESEARCH
ExpectedValidationStatus
invalid
ExpectedValidationReason
Validation failure: current purposeofuse cannot provide any access
Audience
${#TestSuite#Audience}
PARALLELL
Username
secondpurposeofuse
Validation
invalid
Reason
Validation failure: current purposeofuse cannot provide any access
Xpath
//wst:RequestedSecurityToken/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oasis:names:tc:xspa:1.0:subject:purposeofuse']/saml2:AttributeValue/hl7:PurposeOfUse/@displayName
XpathResult
RESEARCH
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
withauthzconsent
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name="urn:ihe:iti:bppc:2007:docid"]) and boolean(//wst:RequestedSecurityToken/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name="urn:oasis:names:tc:xacml:2.0:resource:resource-id"])
XPathExpectedResult
true
ExpectedValidationStatus
valid
ExpectedValidationReason
SAMLV2.0 Assertion successfuly validated (WITH Authz-Consent option)
Audience
${#TestSuite#Audience}
PARALLELL
Username
withauthzconsent
Validation
valid
Reason
SAMLV2.0 Assertion successfuly validated (with NO Authz-Consent option)
Xpath
//wst:RequestedSecurityToken/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute/@Name
XpathResult
urn:oasis:names:tc:xacml:2.0:resource:resource-id
Audience
http://ihe.connectathon.xua/X-ServiceProvider-IHE-Connectathon
SEQUENTIAL
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
valid
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/saml2:Conditions/saml2:AudienceRestriction/saml2:Audience
XPathExpectedResult
${#TestSuite#Audience}
ExpectedValidationStatus
valid
ExpectedValidationReason
SAMLV2.0 Assertion successfuly validated (with NO Authz-Consent option)
Audience
${#TestSuite#Audience}
PARALLELL
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
invalidsignature
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature)
XPathExpectedResult
true
ExpectedValidationStatus
invalid
ExpectedValidationReason
Validation failure: digital signature is invalid
Audience
${#TestSuite#Audience}
PARALLELL
Username
unsigned
Validation
invalid
Reason
Validation failure: unable to verify digital signature: PL00092: Null Value:Cannot find
Signature element
Xpath
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature)
XpathResult
false
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
missingkeyinfo
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature/ds:KeyInfo)
XPathExpectedResult
false
ExpectedValidationStatus
invalid
ExpectedValidationReason
Validation failure: unable to verify digital signature: PL00092: Null Value:Cannot find X509Certificate element, RSAKeyValue element or DSAKeyValue element in Signature
Audience
${#TestSuite#Audience}
PARALLELL
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}
${#TestCase#XPathExpectedResult}
true
false
false
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
missingkeyinfo
XpathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature/ds:KeyInfo)
XpathExpectedResult
false
Audience${#TestSuite#Audience}
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}
${#TestCase#XPathExpectedResult}
true
false
false
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
missingkeyvalue
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature/ds:KeyInfo/ds:KeyValue)
XPathExpectedResult
false
Audience
${#TestSuite#Audience}
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
missingrsakeyvalue
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature/ds:KeyInfo/ds:KeyValue/ds:RSAKeyValue)
XPathExpectedResult
false
ExpectedValidationStatus
invalid
ExpectedValidationReason
Validation failure: unable to verify digital signature: null
Audience
${#TestSuite#Audience}
PARALLELL
Username
unsigned
Validation
invalid
Reason
Validation failure: unable to verify digital signature: PL00092: Null Value:Cannot find
Signature element
Xpath
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature)
XpathResult
false
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
missingrsakeymodulus
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature/ds:KeyInfo/ds:RSAKeyValue/ds:Modulus)
XPathExpectedResult
false
ExpectedValidationStatus
invalid
ExpectedValidationReason
Validation failure: unable to verify digital signature: null
Audience
${#TestSuite#Audience}
PARALLELL
Username
unsigned
Validation
invalid
Reason
Validation failure: unable to verify digital signature: PL00092: Null Value:Cannot find
Signature element
Xpath
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature)
XpathResult
false
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
missingrsakeyexponent
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature/ds:KeyInfo/ds:RSAKeyValue/ds:Exponent)
XPathExpectedResult
false
ExpectedValidationStatus
invalid
ExpectedValidationReason
Validation failure: unable to verify digital signature: null
Audience
${#TestSuite#Audience}
PARALLELL
Username
unsigned
Validation
invalid
Reason
Validation failure: unable to verify digital signature: PL00092: Null Value:Cannot find
Signature element
Xpath
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature)
XpathResult
false
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
missingsubjectconfirmation
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/saml2:Subject/saml2:SubjectConfirmation)
XPathExpectedResult
false
ExpectedValidationStatus
valid
ExpectedValidationReason
SAMLV2.0 Assertion successfuly validated (with NO Authz-Consent option)
Audience
${#TestSuite#Audience}
PARALLELL
Username
unsigned
Validation
invalid
Reason
Validation failure: unable to verify digital signature: PL00092: Null Value:Cannot find
Signature element
Xpath
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature)
XpathResult
false
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}
${#TestCase#XPathExpectedResult}
true
false
false
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
invalidversion
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/@Version
XPathExpectedResult
1.9
ExpectedValidationStatus
invalid
ExpectedValidationReason
Error while handling token Request: PL00102: Processing Exception:Error unmarshalling
assertion
Audience
${#TestSuite#Audience}
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}
${#TestCase#XPathExpectedResult}
true
false
false
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
missingversion
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/@Version)
XPathExpectedResult
false
ExpectedValidationStatus
invalid
ExpectedValidationReason
Error while handling token Request: PL00102: Processing Exception:Error unmarshalling
assertion
Audience
${#TestSuite#Audience}
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}
${#TestCase#XPathExpectedResult}
true
false
false
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
missingid
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/@ID)
XPathExpectedResult
false
ExpectedValidationStatus
invalid
ExpectedValidationReason
Error while handling token Request: PL00102: Processing Exception:Error unmarshalling
assertion
Audience
${#TestSuite#Audience}
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}
${#TestCase#XPathExpectedResult}
true
false
false
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
invalidid
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/@ID
XPathExpectedResult
testID
ExpectedValidationStatus
invalid
ExpectedValidationReason
Error while handling token Request: PL00102: Processing Exception:Error unmarshalling
assertion
Audience
${#TestSuite#Audience}
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}
${#TestCase#XPathExpectedResult}
true
false
false
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
missingissueinstant
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/@IssueInstant)
XPathExpectedResult
false
ExpectedValidationStatus
invalid
ExpectedValidationReason
Error while handling token Request: PL00102: Processing Exception:Error unmarshalling
assertion
Audience
${#TestSuite#Audience}
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}
${#TestCase#XPathExpectedResult}
true
false
false
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
invalidissueinstant
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/@IssueInstant
XPathExpectedResult
testIssueInstant
ExpectedValidationStatus
invalid
ExpectedValidationReason
Error while handling token Request: PL00102: Processing Exception:Error unmarshalling
assertion
Audience
${#TestSuite#Audience}
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
lateissueinstant
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/@IssueInstant
XPathExpectedResult
2117-06-16T14:03:18.064Z
ExpectedValidationStatus
valid
ExpectedValidationReason
SAMLV2.0 Assertion successfuly validated (with NO Authz-Consent option)
Audience
${#TestSuite#Audience}
PARALLELL
Username
unsigned
Validation
invalid
Reason
Validation failure: unable to verify digital signature: PL00092: Null Value:Cannot find
Signature element
Xpath
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature)
XpathResult
false
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
missingissuer
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/saml2:Issuer)
XPathExpectedResult
false
ExpectedValidationStatus
valid
ExpectedValidationReason
SAMLV2.0 Assertion successfuly validated (with NO Authz-Consent option)
Audience
${#TestSuite#Audience}
PARALLELL
Username
unsigned
Validation
invalid
Reason
Validation failure: unable to verify digital signature: PL00092: Null Value:Cannot find
Signature element
Xpath
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature)
XpathResult
false
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace dsig='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}${#TestCase#XPathExpectedResult}truefalsefalse
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
missingissuerformat
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/saml2:Issuer/@Format)
XPathExpectedResult
false
ExpectedValidationStatus
invalid
ExpectedValidationReason
Error while handling token Request: PL00102: Processing Exception:Error unmarshalling assertion
Audience
${#TestSuite#Audience}
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace dsig='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}
${#TestCase#XPathExpectedResult}
true
false
false
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
def groovyUtils = new com.eviware.soapui.support.GroovyUtils( context )
def holder = groovyUtils.getXmlHolder( messageExchange.responseContent )
def issuer = holder["//wst:RequestedSecurityToken/saml2:Assertion/saml2:Issuer"]
assert !issuer.contains("@"), "Issuer should be an invalid email"
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
invalidissueremailformat
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/saml2:Issuer/@Format
XPathExpectedResult
urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
ExpectedValidationStatus
invalid
ExpectedValidationReason
Error while handling token Request: PL00102: Processing Exception:Error unmarshalling
assertion
Audience
${#TestSuite#Audience}
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace dsig='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}
${#TestCase#XPathExpectedResult}
true
false
false
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
def groovyUtils = new com.eviware.soapui.support.GroovyUtils( context )
def holder = groovyUtils.getXmlHolder( messageExchange.responseContent )
def issuer = holder["//wst:RequestedSecurityToken/saml2:Assertion/saml2:Issuer"]
assert !issuer.contains("CN="), "Issuer should be an invalid distinguish name"
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
invalidissuerx509format
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/saml2:Issuer/@Format
XPathExpectedResult
urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName
ExpectedValidationStatus
invalid
ExpectedValidationReason
Error while handling token Request: PL00102: Processing Exception:Error unmarshalling
assertion
Audience
${#TestSuite#Audience}
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace dsig='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}${#TestCase#XPathExpectedResult}truefalsefalse
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
def groovyUtils = new com.eviware.soapui.support.GroovyUtils( context )
def holder = groovyUtils.getXmlHolder( messageExchange.responseContent )
def issuer = holder["//wst:RequestedSecurityToken/saml2:Assertion/saml2:Issuer"]
assert !issuer.matches("((\\w+)\\\\)?(\\w+)"),
"Issuer should be an invalid Windows Domaine Qualified Name"
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512'
//wst:RequestedSecurityToken/saml2:Assertion/saml2:Issuer.NotValidWindowsDomain.QualifierName?truefalsefalse
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
invalidissuerwindowsdomainformat
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/saml2:Issuer/@Format
XPathExpectedResult
urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName
ExpectedValidationStatus
invalid
ExpectedValidationReason
Error while handling token Request: PL00102: Processing Exception:Error unmarshalling
assertion
Audience
${#TestSuite#Audience}
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
missingsubject
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/saml2:Subject)
XPathExpectedResult
false
ExpectedValidationStatus
valid
ExpectedValidationReason
SAMLV2.0 Assertion successfuly validated (with NO Authz-Consent option)
Audience
${#TestSuite#Audience}
PARALLELL
Username
unsigned
Validation
invalid
Reason
Validation failure: unable to verify digital signature: PL00092: Null Value:Cannot find
Signature element
Xpath
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature)
XpathResult
false
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}
${#TestCase#XPathExpectedResult}
true
false
false
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
invalidrsapublickeymodulus
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature/ds:KeyInfo/ds:KeyValue/ds:RSAKeyValue/ds:Modulus
XPathExpectedResult
testModulus
ExpectedValidationStatus
invalid
ExpectedValidationReason
Error while handling token Request: PL00102: Processing Exception:Error unmarshalling assertion
Audience
${#TestSuite#Audience}
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}
${#TestCase#XPathExpectedResult}
true
false
false
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
invalidrsapublickeyexponent
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature/ds:KeyInfo/ds:KeyValue/ds:RSAKeyValue/ds:Exponent
XPathExpectedResult
testExponent
ExpectedValidationStatus
invalid
ExpectedValidationReason
Error while handling token Request: PL00102: Processing Exception:Error unmarshalling assertion
Audience
${#TestSuite#Audience}
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}
${#TestCase#XPathExpectedResult}
true
false
false
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
invalidx509certificate
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature/ds:KeyInfo/ds:X509Data/ds:X509Certificate
XPathExpectedResult
testX509Certificate
ExpectedValidationStatus
invalid
ExpectedValidationReason
Error while handling token Request: PL00102: Processing Exception:Error unmarshalling assertion
Audience
${#TestSuite#Audience}
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
missingsubjectnameid
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/saml2:Subject/saml2:NameID)
XPathExpectedResult
false
ExpectedValidationStatus
valid
ExpectedValidationReason
SAMLV2.0 Assertion successfuly validated (with NO Authz-Consent option)
Audience
${#TestSuite#Audience}
PARALLELL
Username
unsigned
Validation
invalid
Reason
Validation failure: unable to verify digital signature: PL00092: Null Value:Cannot find
Signature element
Xpath
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature)
XpathResult
false
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}
${#TestCase#XPathExpectedResult}
true
false
false
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
invalidsubjectnameidformat
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/saml2:Subject/saml2:NameID/@Format
XPathExpectedResult
testFormat
ExpectedValidationStatus
invalid
ExpectedValidationReason
Error while handling token Request: PL00102: Processing Exception:Error unmarshalling
assertion
Audience
${#TestSuite#Audience}
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}
${#TestCase#XPathExpectedResult}
true
false
false
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
missingsubjectconfirmationmethod
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/saml2:Subject/saml2:SubjectConfirmation/@Method)
XPathExpectedResult
false
Audience
${#TestSuite#Audience}
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}
${#TestCase#XPathExpectedResult}
true
false
false
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
missingsubjectconfdata
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/saml2:Subject/saml2:SubjectConfirmation/saml2:SubjectConfirmationData)
XPathExpectedResult
false
ExpectedValidationStatus
invalid
ExpectedValidationReason
Error while handling token Request: PL00102: Processing Exception:Error unmarshalling
assertion
Audience
${#TestSuite#Audience}
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}
${#TestCase#XPathExpectedResult}
true
false
false
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
missingsubjectconfirmationkeyinfo
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/saml2:Subject/saml2:SubjectConfirmation/saml2:SubjectConfirmationData/ds:KeyInfo)
XPathExpectedResult
false
ExpectedValidationStatus
invalid
ExpectedValidationReason
Error while handling token Request: PL00102: Processing Exception:Error unmarshalling
assertion
Audience
${#TestSuite#Audience}
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}
${#TestCase#XPathExpectedResult}
true
false
false
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
missingsubjectconfrsapublickeyexponent
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/saml2:Subject/saml2:SubjectConfirmation/saml2:SubjectConfirmationData/ds:KeyInfo/ds:KeyValue/ds:RSAKeyValue/ds:Exponent)
XPathExpectedResult
false
ExpectedValidationStatus
invalid
ExpectedValidationReason
Error while handling token Request: PL00102: Processing Exception:Error unmarshalling
assertion
Audience
${#TestSuite#Audience}
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}
${#TestCase#XPathExpectedResult}
true
false
false
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
invalidsubjectconfrsapublickeymodulus
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/saml2:Subject/saml2:SubjectConfirmation/saml2:SubjectConfirmationData/ds:KeyInfo/ds:KeyValue/ds:RSAKeyValue/ds:Modulus
XPathExpectedResult
testModulus
ExpectedValidationStatus
invalid
ExpectedValidationReason
Error while handling token Request: PL00102: Processing Exception:Error unmarshalling assertion
Audience
${#TestSuite#Audience}
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace
wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace
wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace
wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}
${#TestCase#XPathExpectedResult}
true
false
false
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
Username
invalidsubjectconfrsapublickeyexponent
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/saml2:Subject/saml2:SubjectConfirmation/saml2:SubjectConfirmationData/ds:KeyInfo/ds:KeyValue/ds:RSAKeyValue/ds:Exponent
XPathExpectedResult
testExponent
ExpectedValidationStatus
invalid
ExpectedValidationReason
Error while handling token Request: PL00102: Processing Exception:Error unmarshalling
assertion
Audience
${#TestSuite#Audience}
02cebd89-e8da-493a-8a9c-decdee26ffa5
Username
acpvalid
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/saml2:AuthzDecisionStatement/saml2:Evidence/saml2:Assertion)
XPathExpectedResult
true
ExpectedValidationStatus
valid
ExpectedValidationReason
SAMLV2.0 Assertion successfuly validated (with NO Authz-Consent option)
Audience
${#TestSuite#Audience}
PARALLELL
STSBinding
IssueToken
true
false
false
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Validate
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
support@nextgen.com
9LMWecArGmd+RG0cyJE34sObm2I=
APYRsw9z/6fLKvhLT6T4wF65HZgX+I3R9aoY+dGaSNgDPgGjBgcr8A5V+rnUDdd4SptyX/nuGMXxIEP/93duA0/nM4LcHrBTnNByKY8zzuOgfhW8jsPe+9jCy1BmBvQUU3JUSIvQEoKHgYZTpE0NyaJZCs3/b8cenUaxw8HnZvJzl8zBNxv4c+OpPMB3ghyZMDnUn7emfOK1aLlfUKEVWbAGIW3rrEThsvVbBcuFQCRC1V93yqQBxNwf9b27sbIuPTk21IRcwEZs27AWPnsfEqf8oDPtS27bn2R4Lx48culkNfHhJBwZurJb2jDDJZXMLhLuHaf8BEoLLFxQqPtbSQ==
wVWsFatpYllnRF/PS09NvMqX9l6yA8PgOpNexpZGvk9HXE/8YZtBCystKDurmkGUJaHHD/86CkVI
KEzp2F9dNlMDlg2hmtKvlpdfLpAO4Myh36WPr3vwzl5IiBwhRMYbFvLomWbqGHYqVLA6sRZOQZSv
FteB8jEmlSqUhMddcitlVF0VZ04JkLmXTlPIOW5IMgcmMvij6OWt7LbXQqGCmqcWggxVBUQS22Sz
5tbsMpkxucbhSQac3VF7RtONmRn4fJRDaDNDNgku2WAp3rKZwb3eqr7PYCjzGF92+b9O5E7pM6UL
Vh3sCCgqxkKAxViYp6p8+eTI9d0IV3dxUqsbcQ==
AQAB
MIIHQDCCBiigAwIBAgIEW4oABDANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzEQMA4GA1UE
ChMHRW50cnVzdDEiMCAGA1UECxMZQ2VydGlmaWNhdGlvbiBBdXRob3JpdGllczExMC8GA1UECxMo
RW50cnVzdCBORkkgVGVzdCBTaGFyZWQgU2VydmljZSBQcm92aWRlcjAeFw0yMDAzMDMxNTQxMDNa
Fw0yMTAzMDMxNjExMDNaMFgxCzAJBgNVBAYTAnVzMQ0wCwYDVQQKEwROSElOMRIwEAYDVQQLEwlO
SElOLVRlc3QxJjAkBgNVBAMTHW1jLXFyLWVoeC1wcm9kLmxhbmVzbGFzeXMub3JnMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVWsFatpYllnRF/PS09NvMqX9l6yA8PgOpNexpZGvk9H
XE/8YZtBCystKDurmkGUJaHHD/86CkVIKEzp2F9dNlMDlg2hmtKvlpdfLpAO4Myh36WPr3vwzl5I
iBwhRMYbFvLomWbqGHYqVLA6sRZOQZSvFteB8jEmlSqUhMddcitlVF0VZ04JkLmXTlPIOW5IMgcm
Mvij6OWt7LbXQqGCmqcWggxVBUQS22Sz5tbsMpkxucbhSQac3VF7RtONmRn4fJRDaDNDNgku2WAp
3rKZwb3eqr7PYCjzGF92+b9O5E7pM6ULVh3sCCgqxkKAxViYp6p8+eTI9d0IV3dxUqsbcQIDAQAB
o4ID8jCCA+4wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCC
AX0GCCsGAQUFBwEBBIIBbzCCAWswVQYIKwYBBQUHMAKGSWh0dHA6Ly9uZml0ZXN0d2ViLm1hbmFn
ZWQuZW50cnVzdC5jb20vQUlBL0NlcnRzSXNzdWVkVG9ORklNZWRpdW1TU1BDQS5wN2MwgccGCCsG
AQUFBzAChoG6bGRhcDovL25maXRlc3RkaXIubWFuYWdlZC5lbnRydXN0LmNvbS9vdT1FbnRydXN0
JTIwTkZJJTIwVGVzdCUyMFNoYXJlZCUyMFNlcnZpY2UlMjBQcm92aWRlcixvdT1DZXJ0aWZpY2F0
aW9uJTIwQXV0aG9yaXRpZXMsbz1FbnRydXN0LGM9VVM/Y0FDZXJ0aWZpY2F0ZTtiaW5hcnksY3Jv
c3NDZXJ0aWZpY2F0ZVBhaXI7YmluYXJ5MEgGCCsGAQUFBzABhjxodHRwOi8vbmZpdGVzdG9jc3Au
bWFuYWdlZC5lbnRydXN0LmNvbS9PQ1NQL05GSVRlc3RSZXNwb25kZXIwggGnBgNVHR8EggGeMIIB
mjCCAQGggf6ggfuGPGh0dHA6Ly9uZml0ZXN0d2ViLm1hbmFnZWQuZW50cnVzdC5jb20vQ1JMcy9O
RklUZXN0U1NQQ0EyLmNybIaBumxkYXA6Ly9uZml0ZXN0ZGlyLm1hbmFnZWQuZW50cnVzdC5jb20v
Y249V2luQ29tYmluZWQyLG91PUVudHJ1c3QlMjBORkklMjBUZXN0JTIwU2hhcmVkJTIwU2Vydmlj
ZSUyMFByb3ZpZGVyLG91PUNlcnRpZmljYXRpb24lMjBBdXRob3JpdGllcyxvPUVudHJ1c3QsYz1V
Uz9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0O2JpbmFyeTCBkqCBj6CBjKSBiTCBhjELMAkGA1UE
BhMCVVMxEDAOBgNVBAoTB0VudHJ1c3QxIjAgBgNVBAsTGUNlcnRpZmljYXRpb24gQXV0aG9yaXRp
ZXMxMTAvBgNVBAsTKEVudHJ1c3QgTkZJIFRlc3QgU2hhcmVkIFNlcnZpY2UgUHJvdmlkZXIxDjAM
BgNVBAMTBUNSTDI1MCsGA1UdEAQkMCKADzIwMjAwMzAzMTU0MTAzWoEPMjAyMTAzMDMxNjExMDNa
MB8GA1UdIwQYMBaAFI8Jc8FggvBRsUpDLtsUoJuCygbRMB0GA1UdDgQWBBRE5cC6biCfdGBtljUk
oZSO0XJTqDAJBgNVHRMEAjAAMBkGCSqGSIb2fQdBAAQMMAobBFY4LjMDAgOoMA0GCSqGSIb3DQEB
CwUAA4IBAQBzobmRTubwGyK2sQeMweMD5hCZDSUSfS67AA8nste7Ib84Sih08UZ5TU7MR9Mw5hCz
XXzdlLzj+qegQuIEiqgjbX/vaETUq2mjjHDDtejPmhzbH7dn8AxuJT6WwTlWXrcI9pU73y1ofP1J
EqoP+G4cGknNdUEx+li2uUIXh26stQvs/NurLERusOdUTifLEiWTInDvx2K33sfp2Vwu0bbbikrX
wPJdmstV1DHmACQSWiy1KHnCUiia/ZY7FqhJkYEEn+VMLnGYXRBf6oeMBI4uQm2u73Fa8H9eMqDN
LpwGJ9BKHcFCRTeVZnZqxJZ6qyGqWw6zy1CLPEuztfNvcFmU
CN=mc-qr-ehx-prod.laneslasys.org,OU=NHIN-Test,O=NHIN,C=us
wVWsFatpYllnRF/PS09NvMqX9l6yA8PgOpNexpZGvk9HXE/8YZtBCystKDurmkGUJaHHD/86CkVI
KEzp2F9dNlMDlg2hmtKvlpdfLpAO4Myh36WPr3vwzl5IiBwhRMYbFvLomWbqGHYqVLA6sRZOQZSv
FteB8jEmlSqUhMddcitlVF0VZ04JkLmXTlPIOW5IMgcmMvij6OWt7LbXQqGCmqcWggxVBUQS22Sz
5tbsMpkxucbhSQac3VF7RtONmRn4fJRDaDNDNgku2WAp3rKZwb3eqr7PYCjzGF92+b9O5E7pM6UL
Vh3sCCgqxkKAxViYp6p8+eTI9d0IV3dxUqsbcQ==
AQAB
MIIHQDCCBiigAwIBAgIEW4oABDANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzEQMA4GA1UE
ChMHRW50cnVzdDEiMCAGA1UECxMZQ2VydGlmaWNhdGlvbiBBdXRob3JpdGllczExMC8GA1UECxMo
RW50cnVzdCBORkkgVGVzdCBTaGFyZWQgU2VydmljZSBQcm92aWRlcjAeFw0yMDAzMDMxNTQxMDNa
Fw0yMTAzMDMxNjExMDNaMFgxCzAJBgNVBAYTAnVzMQ0wCwYDVQQKEwROSElOMRIwEAYDVQQLEwlO
SElOLVRlc3QxJjAkBgNVBAMTHW1jLXFyLWVoeC1wcm9kLmxhbmVzbGFzeXMub3JnMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVWsFatpYllnRF/PS09NvMqX9l6yA8PgOpNexpZGvk9H
XE/8YZtBCystKDurmkGUJaHHD/86CkVIKEzp2F9dNlMDlg2hmtKvlpdfLpAO4Myh36WPr3vwzl5I
iBwhRMYbFvLomWbqGHYqVLA6sRZOQZSvFteB8jEmlSqUhMddcitlVF0VZ04JkLmXTlPIOW5IMgcm
Mvij6OWt7LbXQqGCmqcWggxVBUQS22Sz5tbsMpkxucbhSQac3VF7RtONmRn4fJRDaDNDNgku2WAp
3rKZwb3eqr7PYCjzGF92+b9O5E7pM6ULVh3sCCgqxkKAxViYp6p8+eTI9d0IV3dxUqsbcQIDAQAB
o4ID8jCCA+4wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCC
AX0GCCsGAQUFBwEBBIIBbzCCAWswVQYIKwYBBQUHMAKGSWh0dHA6Ly9uZml0ZXN0d2ViLm1hbmFn
ZWQuZW50cnVzdC5jb20vQUlBL0NlcnRzSXNzdWVkVG9ORklNZWRpdW1TU1BDQS5wN2MwgccGCCsG
AQUFBzAChoG6bGRhcDovL25maXRlc3RkaXIubWFuYWdlZC5lbnRydXN0LmNvbS9vdT1FbnRydXN0
JTIwTkZJJTIwVGVzdCUyMFNoYXJlZCUyMFNlcnZpY2UlMjBQcm92aWRlcixvdT1DZXJ0aWZpY2F0
aW9uJTIwQXV0aG9yaXRpZXMsbz1FbnRydXN0LGM9VVM/Y0FDZXJ0aWZpY2F0ZTtiaW5hcnksY3Jv
c3NDZXJ0aWZpY2F0ZVBhaXI7YmluYXJ5MEgGCCsGAQUFBzABhjxodHRwOi8vbmZpdGVzdG9jc3Au
bWFuYWdlZC5lbnRydXN0LmNvbS9PQ1NQL05GSVRlc3RSZXNwb25kZXIwggGnBgNVHR8EggGeMIIB
mjCCAQGggf6ggfuGPGh0dHA6Ly9uZml0ZXN0d2ViLm1hbmFnZWQuZW50cnVzdC5jb20vQ1JMcy9O
RklUZXN0U1NQQ0EyLmNybIaBumxkYXA6Ly9uZml0ZXN0ZGlyLm1hbmFnZWQuZW50cnVzdC5jb20v
Y249V2luQ29tYmluZWQyLG91PUVudHJ1c3QlMjBORkklMjBUZXN0JTIwU2hhcmVkJTIwU2Vydmlj
ZSUyMFByb3ZpZGVyLG91PUNlcnRpZmljYXRpb24lMjBBdXRob3JpdGllcyxvPUVudHJ1c3QsYz1V
Uz9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0O2JpbmFyeTCBkqCBj6CBjKSBiTCBhjELMAkGA1UE
BhMCVVMxEDAOBgNVBAoTB0VudHJ1c3QxIjAgBgNVBAsTGUNlcnRpZmljYXRpb24gQXV0aG9yaXRp
ZXMxMTAvBgNVBAsTKEVudHJ1c3QgTkZJIFRlc3QgU2hhcmVkIFNlcnZpY2UgUHJvdmlkZXIxDjAM
BgNVBAMTBUNSTDI1MCsGA1UdEAQkMCKADzIwMjAwMzAzMTU0MTAzWoEPMjAyMTAzMDMxNjExMDNa
MB8GA1UdIwQYMBaAFI8Jc8FggvBRsUpDLtsUoJuCygbRMB0GA1UdDgQWBBRE5cC6biCfdGBtljUk
oZSO0XJTqDAJBgNVHRMEAjAAMBkGCSqGSIb2fQdBAAQMMAobBFY4LjMDAgOoMA0GCSqGSIb3DQEB
CwUAA4IBAQBzobmRTubwGyK2sQeMweMD5hCZDSUSfS67AA8nste7Ib84Sih08UZ5TU7MR9Mw5hCz
XXzdlLzj+qegQuIEiqgjbX/vaETUq2mjjHDDtejPmhzbH7dn8AxuJT6WwTlWXrcI9pU73y1ofP1J
EqoP+G4cGknNdUEx+li2uUIXh26stQvs/NurLERusOdUTifLEiWTInDvx2K33sfp2Vwu0bbbikrX
wPJdmstV1DHmACQSWiy1KHnCUiia/ZY7FqhJkYEEn+VMLnGYXRBf6oeMBI4uQm2u73Fa8H9eMqDN
LpwGJ9BKHcFCRTeVZnZqxJZ6qyGqWw6zy1CLPEuztfNvcFmU
urn:oasis:names:tc:SAML:2.0:ac:classes:X509
Michael Monisky
LANES
urn:oid:2.16.840.1.113883.3.2106
urn:oid:2.16.840.1.113883.3.2106
58809^^^&2.16.840.1.113883.3.2106&ISO
]]>
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns1='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
//wst:Status[1]/wst:Codehttp://docs.oasis-open.org/ws-sx/ws-trust/200512/status/${#TestCase#ExpectedValidationStatus}falsefalsefalse
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns1='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
//wst:Status[1]/wst:Reason${#TestCase#ExpectedValidationReason}falsefalsefalse
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
UsernamevalidXPathTest//wst:RequestedSecurityToken/saml2:Assertion/saml2:Conditions/saml2:AudienceRestriction/saml2:AudienceXPathExpectedResulthttps://gazelle.ihe.netExpectedValidationStatusinvalidExpectedValidationReasonAssertion should have conditions elementsAudiencehttps://gazelle.ihe.net
Audience
https://validation.sequoiaproject.org
In order to execute the test cases of this test suite, you will have to set/edit the property "Enabled" in your /opt/sts/picketlink-sts.xml file.
SEQUENTIAL
13758f54-f928-442e-8579-5bfdfd220ca3
Username
notrustpropertyandvalidmodulus
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature/ds:KeyInfo/ds:KeyValue/ds:RSAKeyValue/ds:Modulus)
XPathExpectedResult
true
ExpectedValidationStatus
valid
ExpectedValidationReason
SAMLV2.0 Assertion successfuly validated (with NO Authz-Consent option)
Audience
${#TestSuite#Audience}
PARALLELL
Username
notrustpropertyandvalidmodulus
Validation
valid
Xpath
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature/ds:KeyInfo/ds:KeyValue/ds:RSAKeyValue/ds:Modulus)
XpathResult
true
13758f54-f928-442e-8579-5bfdfd220ca3
Username
notrustpropertyandinvalidmodulus
XPathTest
//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature/ds:KeyInfo/ds:KeyValue/ds:RSAKeyValue/ds:Modulus
XPathExpectedResult
testModulus
ExpectedValidationStatus
invalid
ExpectedValidationReason
Validation failure: unable to verify digital signature: org.apache.xml.security.exceptions.Base64DecodingException: It should be divisible by four
Audience
${#TestSuite#Audience}
PARALLELL
Username
notrustpropertyandinvalidmodulus
Validation
invalid
Reason
Error while handling token Request: PL00102: Processing Exception:Error unmarshalling assertion
Xpath
//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature/ds:KeyInfo/ds:KeyValue/ds:RSAKeyValue/ds:Modulus
XpathResult
testModulus
13758f54-f928-442e-8579-5bfdfd220ca3
Username
trustpropertyandvalidmodulus
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature/ds:KeyInfo/ds:KeyValue/ds:RSAKeyValue/ds:Modulus)
XPathExpectedResult
true
ExpectedValidationStatus
valid
ExpectedValidationReason
SAMLV2.0 Assertion successfuly validated (with NO Authz-Consent option)
Audience
${#TestSuite#Audience}
PARALLELL
13758f54-f928-442e-8579-5bfdfd220ca3
Username
trustpropertyandinvalidmodulus
XPathTest
boolean(//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature/ds:KeyInfo)
XPathExpectedResult
false
ExpectedValidationStatus
invalid
ExpectedValidationReason
Validation failure: unable to verify digital signature: PL00092: Null Value:Cannot find X509Certificate element in Signature
Audience
${#TestSuite#Audience}
PARALLELL
Username
trustpropertyandinvalidmodulus
Validation
valid
Reason
Validation failure: unable to verify digital signature: PL00092: Null Value:Cannot find Signature element
Xpath
//wst:RequestedSecurityToken/saml2:Assertion/ds:Signature/ds:KeyInfo/ds:KeyValue/ds:RSAKeyValue/ds:Modulus
XpathResult
testModulus
Audience
https://validation.sequoiaproject.org
SEQUENTIAL
STSBinding
IssueToken
true
truefalse
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}${#TestCase#XPathExpectedResult}truefalsefalse
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}connectathonBasicBasicGlobal HTTP Settings
UsernamevalidXPathTest//wst:RequestedSecurityToken/saml2:Assertion/saml2:Conditions/saml2:AudienceRestriction/saml2:AudienceXPathExpectedResulthttps://gazelle.ihe.netExpectedValidationStatusvalidExpectedValidationReasonSAMLV2.0 Assertion successfuly validated (with NO Authz-Consent option)Audiencehttps://gazelle.ihe.net
STSBinding
IssueToken
true
truefalse
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
Property file not foundfalsefalse
${#TestCase#Username}connectathonBasicBasicGlobal HTTP Settings
UsernamevalidXPathTest//wst:RequestedSecurityToken/saml2:Assertion/saml2:Conditions/saml2:AudienceRestriction/saml2:AudienceXPathExpectedResulthttps://gazelle.ihe.netExpectedValidationStatusvalidExpectedValidationReasonSAMLV2.0 Assertion successfuly validated (with NO Authz-Consent option)Audiencehttps://gazelle.ihe.net
STSBinding
IssueToken
true
truefalse
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
Missing property with keyfalsefalse
${#TestCase#Username}connectathonBasicBasicGlobal HTTP Settings
UsernamevalidXPathTest//wst:RequestedSecurityToken/saml2:Assertion/saml2:Conditions/saml2:AudienceRestriction/saml2:AudienceXPathExpectedResulthttps://gazelle.ihe.netExpectedValidationStatusvalidExpectedValidationReasonSAMLV2.0 Assertion successfuly validated (with NO Authz-Consent option)Audiencehttps://gazelle.ihe.net
1
SEQUENTIAL
STSBinding
IssueToken
true
truefalse
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}${#TestCase#XPathExpectedResult}truefalsefalse
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}connectathonBasicBasicGlobal HTTP Settings
assertion request
Response
Issue
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
//wst:RequestedSecurityToken[1]/saml2:Assertion[1]
Request
Validate
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
//wst:RequestSecurityToken[1]/wst:ValidateTarget[1]/saml2:Assertion[1]
true
STSBinding
IssueToken
true
false
false
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Validate
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
CN=validation.sequoiaproject.org, OU=NHIN-Test, O=NHIN, C=US
GTH3fHBW9WNfYCL+SJ8e65Gdc0Y=
dZldBvYFbLL98Q09HUoMVRfYEOyg62TlPL/ONw/2av+Z4nob3Yr6SQ1UUloO/RcEhYgHBuDNyMqIDb7yDE+In+5dfzSwiQpmDAzm5ai5nry58KnPkcJGAok3MF/do2QC22psNf3UxvTYKbA1oV91VaWMzAm0jYKWXdHxMxAq0oxf+MlY6Hjm2ut0uEqWI1c3r9B9VkiaFI/qVVCsXvkFnxID3dVenuDrjyqg7YiWIPsNQMPJDGHum3H1t6bPQy5fSccAZdYeyHEk8mKCO3I/rUlT21UAVb3Z8FspSYZYQLhF444MdPg4dp/GxQBIB5KGcHre9OypNmbGS6BdpbTgIw==
MIIHhTCCBm2gAwIBAgIEW4oH5DANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzEQMA4GA1UEChMHRW50cnVzdDEiMCAGA1UECxMZQ2VydGlmaWNhdGlvbiBBdXRob3JpdGllczExMC8GA1UECxMoRW50cnVzdCBORkkgVGVzdCBTaGFyZWQgU2VydmljZSBQcm92aWRlcjAeFw0yMDAzMjcwNzQ0MzJaFw0yMTAzMjcwODE0MzJaMFgxCzAJBgNVBAYTAlVTMQ0wCwYDVQQKEwROSElOMRIwEAYDVQQLEwlOSElOLVRlc3QxJjAkBgNVBAMTHXZhbGlkYXRpb24uc2VxdW9pYXByb2plY3Qub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHuzZPtoOlBi4vkSeHBkMHNOH5hg3EJh8y3JovH54jHLjjye0koku7pHWg7pMVq/lLs4BegwRkDZCCVEQSvOTgMd2kHnc973CSXiy/z5GzsR3ngySsDA3TVM7J3xE4hfH36NenoTv8G7IQ3D0E4VVCuWVtNHg9LSOcyrrzHamYwQpD6PF4ldw4DVBkZTc0L1CkNEbcxpxCu2XFWDRC1r3f8MWzbGfOaZVf9w9/oNQePUD7RQvWRiFX9ahInPpZWsEkqCgkVyMqJR2GpAd0YwI8kz3bRS26oX66+cX0djU46veyiyiMeVQjkymdLZTdgllc2b0W9LTbeUvJEZ8aI63QIDAQABo4IENzCCBDMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCCAX0GCCsGAQUFBwEBBIIBbzCCAWswVQYIKwYBBQUHMAKGSWh0dHA6Ly9uZml0ZXN0d2ViLm1hbmFnZWQuZW50cnVzdC5jb20vQUlBL0NlcnRzSXNzdWVkVG9ORklNZWRpdW1TU1BDQS5wN2MwgccGCCsGAQUFBzAChoG6bGRhcDovL25maXRlc3RkaXIubWFuYWdlZC5lbnRydXN0LmNvbS9vdT1FbnRydXN0JTIwTkZJJTIwVGVzdCUyMFNoYXJlZCUyMFNlcnZpY2UlMjBQcm92aWRlcixvdT1DZXJ0aWZpY2F0aW9uJTIwQXV0aG9yaXRpZXMsbz1FbnRydXN0LGM9VVM/Y0FDZXJ0aWZpY2F0ZTtiaW5hcnksY3Jvc3NDZXJ0aWZpY2F0ZVBhaXI7YmluYXJ5MEgGCCsGAQUFBzABhjxodHRwOi8vbmZpdGVzdG9jc3AubWFuYWdlZC5lbnRydXN0LmNvbS9PQ1NQL05GSVRlc3RSZXNwb25kZXIwQwYDVR0RBDwwOoITYXNzdXJpdHkuZHluZG5zLm9yZ4IjdmFsaWRhdGlvbi10YW5nby5zZXF1b2lhcHJvamVjdC5vcmcwggGnBgNVHR8EggGeMIIBmjCCAQGggf6ggfuGPGh0dHA6Ly9uZml0ZXN0d2ViLm1hbmFnZWQuZW50cnVzdC5jb20vQ1JMcy9ORklUZXN0U1NQQ0EyLmNybIaBumxkYXA6Ly9uZml0ZXN0ZGlyLm1hbmFnZWQuZW50cnVzdC5jb20vY249V2luQ29tYmluZWQyLG91PUVudHJ1c3QlMjBORkklMjBUZXN0JTIwU2hhcmVkJTIwU2VydmljZSUyMFByb3ZpZGVyLG91PUNlcnRpZmljYXRpb24lMjBBdXRob3JpdGllcyxvPUVudHJ1c3QsYz1VUz9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0O2JpbmFyeTCBkqCBj6CBjKSBiTCBhjELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0VudHJ1c3QxIjAgBgNVBAsTGUNlcnRpZmljYXRpb24gQXV0aG9yaXRpZXMxMTAvBgNVBAsTKEVudHJ1c3QgTkZJIFRlc3QgU2hhcmVkIFNlcnZpY2UgUHJvdmlkZXIxDjAMBgNVBAMTBUNSTDI2MCsGA1UdEAQkMCKADzIwMjAwMzI3MDc0NDMyWoEPMjAyMTAzMjcwODE0MzJaMB8GA1UdIwQYMBaAFI8Jc8FggvBRsUpDLtsUoJuCygbRMB0GA1UdDgQWBBTRIyqTLTv/eKH1tAzVo12Gg2yAajAJBgNVHRMEAjAAMBkGCSqGSIb2fQdBAAQMMAobBFY4LjMDAgOoMA0GCSqGSIb3DQEBCwUAA4IBAQBSl7AEVS6hePvatC8HjJocXoGSboRTRZTo23Sxp966DIrwUGcNki9yjfQExJgRc3CaE7oHPP2wL0UJvDf63ppiihgWMiQiJpEfmgOG/A1+bvvI2koU0scHuwxg3Bz4qjv0dqEeHGHstDM6nCn8vxRxpzA3T6NgAXQxffdHObCqdTsHzpCDS60zatE0VtWfG15Bbra0/X89mbtXCz2OLpdcmESxEbC6YOkl+MbnyjkbXrBi9fxXk7gaAR3T2KrV/2kiu75VZeZGhlMw/6J/orhCZibMVm5nG+R6NzFqWzT4NdfYdJoo4jCu6/+HivCFOJtkQydFk3UEt1E1qgzOOvQG
sHuzZPtoOlBi4vkSeHBkMHNOH5hg3EJh8y3JovH54jHLjjye0koku7pHWg7pMVq/lLs4BegwRkDZCCVEQSvOTgMd2kHnc973CSXiy/z5GzsR3ngySsDA3TVM7J3xE4hfH36NenoTv8G7IQ3D0E4VVCuWVtNHg9LSOcyrrzHamYwQpD6PF4ldw4DVBkZTc0L1CkNEbcxpxCu2XFWDRC1r3f8MWzbGfOaZVf9w9/oNQePUD7RQvWRiFX9ahInPpZWsEkqCgkVyMqJR2GpAd0YwI8kz3bRS26oX66+cX0djU46veyiyiMeVQjkymdLZTdgllc2b0W9LTbeUvJEZ8aI63Q==
AQAB
valid@ihe-europe.net
https://gazelle.ihe.net
urn:oasis:names:tc:SAML:2.0:ac:classes:Password
valid
IHE-Europe
urn:oid:1.2.3
urn:oid:1.2.3.4.5
]]>
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns1='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
//wst:Status[1]/wst:Codehttp://docs.oasis-open.org/ws-sx/ws-trust/200512/status/${#TestCase#ExpectedValidationStatus}falsefalsefalse
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns1='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
//wst:Status[1]/wst:Reason${#TestCase#ExpectedValidationReason}falsefalsefalse
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
UsernamevalidXPathTest//wst:RequestedSecurityToken/saml2:Assertion/saml2:Conditions/saml2:AudienceRestriction/saml2:AudienceXPathExpectedResulthttps://gazelle.ihe.netExpectedValidationStatusvalidExpectedValidationReasonSAMLV2.0 Assertion successfuly validated (with NO Authz-Consent option)Audiencehttps://gazelle.ihe.net
STSBinding
IssueToken
true
true
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
${#TestCase#Audience}
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
]]>
declare namespace ds='http://www.w3.org/2000/09/xmldsig#';
declare namespace wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
declare namespace wsse11='http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
declare namespace wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
declare namespace ns1='urn:hl7-org:v3';
declare namespace xs='http://www.w3.org/2001/XMLSchema';
declare namespace wsp='http://schemas.xmlsoap.org/ws/2004/09/policy';
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns2='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
declare namespace wsa='http://www.w3.org/2005/08/addressing';
declare namespace hl7="urn:hl7-org:v3";
${#TestCase#XPathTest}${#TestCase#XPathExpectedResult}truefalsefalse
= 0), "Assertion validity period should be 3 hours"
// Verify validity delay according to the username
if(username == "notyetvalid" || username == "expired") {
if(username == "notyetvalid"){
duration = dateNotBefore - now
}else{
duration = now - dateNotBefore
}
log.info "Assertion delay from now: days=" + duration.days + " hours=" + duration.hours + " minutes=" + duration.minutes
assert((duration.days == 0 && duration.hours == 23 && duration.minutes >= 59) || (duration.days == 1 && duration.hours == 0 && duration.minutes <= 1)), "Assertion validity should be delayed from 1 day"
}
}
}else{
assert false, "Username property is not defined"
}
]]>
${#TestCase#Username}connectathonBasicBasicGlobal HTTP Settings
assertion request
Response
Issue
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
//wst:RequestedSecurityToken[1]/saml2:Assertion[1]
Request
Validate
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace saml2='urn:oasis:names:tc:SAML:2.0:assertion';
//wst:RequestSecurityToken[1]/wst:ValidateTarget[1]/saml2:Assertion[1]
true
STSBinding
IssueToken
true
false
UTF-8
${#Project#ServiceBaseURL}/gazelle-sts
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
urn:uuid:9901f17a-14c4-4dc0-a639-132b96d5fd0d
https://gazelle.ihe.net/gazelle-sts
http://www.w3.org/2005/08/addressing/anonymous
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Validate
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0
urn:ihe-europe:sts
ZJDQOMqIRnCRIoEnV48fSVfFs8Q=
e380W6KVnal+Usof1mEhFJJ8kSKPos89X4ZjHZ/ptPB4NGxIheKoyRFOFfuOoXjSF2ToFLIfF0oUlYD55Fk7n2pMVxRtr19k9ngK+3BWmcXSBi7l+scL5lpW7IceXb7ON1A5wy6LlGYyWmtaxlykfJ0QM/Xmx4VZJ6JMAV4AJN8=
MIIDfDCCAuWgAwIBAgIBBTANBgkqhkiG9w0BAQ0FADBFMQswCQYDVQQGEwJDSDEMMAoGA1UECgwDSUhFMSgwJgYDVQQDDB9laGVhbHRoc3Vpc3NlLmloZS1ldXJvcGUubmV0IENBMB4XDTE3MDMyMjE1NDMzMVoXDTI3MDMyMjE1NDMzMVowODELMAkGA1UEBhMCQ0gxEzARBgNVBAoMCklIRSBFdXJvcGUxFDASBgNVBAMMC2dhemVsbGUtc3RzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCgP+XdpOpE6+bqLOc1cX5OS5rs9VwSg7EAgKeen9s+l95f+q9rAW9BD7sqIRF8t0VJ++FSKZiVxWCQqN8tgYMPtx7Meen+Q2n2ZMAkIw4p++DsQUxo2AwGtssBM64KNMClFaJuzVk673dvVouFKc7aO1uR1WpY0DzcRv75kxX54wIDAQABo4IBhzCCAYMwSgYDVR0fBEMwQTA/oD2gO4Y5aHR0cHM6Ly9laGVhbHRoc3Vpc3NlLmloZS1ldXJvcGUubmV0L2dzcy9jcmwvMjIvY2FjcmwuY3JsMEgGCWCGSAGG+EIBBAQ7FjlodHRwczovL2VoZWFsdGhzdWlzc2UuaWhlLWV1cm9wZS5uZXQvZ3NzL2NybC8yMi9jYWNybC5jcmwwSAYJYIZIAYb4QgEDBDsWOWh0dHBzOi8vZWhlYWx0aHN1aXNzZS5paGUtZXVyb3BlLm5ldC9nc3MvY3JsLzIyL2NhY3JsLmNybDAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIE8DARBglghkgBhvhCAQEEBAMCBeAwHQYDVR0OBBYEFDRG6TMbdIAZZNziNIA41s7nVf6qMB8GA1UdIwQYMBaAFCiX793eMVhsVvKGRuIR5D44cV8vMDMGA1UdJQQsMCoGCCsGAQUFBwMCBggrBgEFBQcDBAYKKwYBBAGCNxQCAgYIKwYBBQUHAwEwDQYJKoZIhvcNAQENBQADgYEAYER9PUmhS6RFNl+CXWSvNXwmnYDwZ7P5WfAes5/41XL4aBadzytY4Ezvy0XAmvKB+MAvTrjWv6pAN1oBy4pPWzOa5iYfGnzKvE806OAaN43wuMxplVF50M8RAzFJUQK4ZRtRg9q/VcdyxFUfq0F0vT8WPSGmd+2G/7JmqYiE19g=
oD/l3aTqROvm6iznNXF+Tkua7PVcEoOxAICnnp/bPpfeX/qvawFvQQ+7KiERfLdFSfvhUimYlcVgkKjfLYGDD7cezHnp/kNp9mTAJCMOKfvg7EFMaNgMBrbLATOuCjTApRWibs1ZOu93b1aLhSnO2jtbkdVqWNA83Eb++ZMV+eM=
AQAB
valid
https://validation.sequoiaproject.org
urn:oasis:names:tc:SAML:2.0:ac:classes:Password
valid
IHE-Europe
urn:oid:1.2.3
urn:oid:1.2.3.4.5
]]>
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns1='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
//wst:Status[1]/wst:Codehttp://docs.oasis-open.org/ws-sx/ws-trust/200512/status/${#TestCase#ExpectedValidationStatus}falsefalsefalse
declare namespace wst='http://docs.oasis-open.org/ws-sx/ws-trust/200512';
declare namespace ns1='http://www.w3.org/2005/08/addressing';
declare namespace env='http://www.w3.org/2003/05/soap-envelope';
//wst:Status[1]/wst:Reason${#TestCase#ExpectedValidationReason}falsefalsefalse
${#TestCase#Username}
connectathon
Basic
Basic
Global HTTP Settings
UsernamevalidXPathTest//wst:RequestedSecurityToken/saml2:Assertion/saml2:Conditions/saml2:AudienceRestriction/saml2:AudienceXPathExpectedResulthttps://validation.sequoiaproject.orgExpectedValidationStatusvalidExpectedValidationReasonSAMLV2.0 Assertion successfuly validated (with NO Authz-Consent option)Audiencehttps://validation.sequoiaproject.org
https://sake.irisa.fr/gazelle-sts
ServiceBaseURL
http://localhost