Search Criteria : 55 assertions found for this search Review filtered assertions

Assertion

Applies to

Applied to
Not applied to

Coverage

Covered by
Not covered by
Id scheme
Assertion id
Status
Testable?
#Coverage
#Applies to
Comment
Predicate
Page
Tags
Last changed
Actions
ITI40ITI40-003reviewedTestable 10 3 The X-Service User is configurable as to when [ITI-40] Provide X-User Assertion is necessary144Section 3.40.4.1.19/10/19 11:55:46 AM by aeschlimann
ITI40ITI40-004reviewedTestable 8 3 The X-Service Provider is configurable as to when [ITI-40] Provide X-User Assertion is necessary144Section 3.40.4.1.19/10/19 11:55:50 AM by aeschlimann
ITI40ITI40-005reviewedTestable 2 3 The X-Service User shall include the OASIS Web Services Security (WSS) Header144Section 3.40.4.1.23/8/24 11:02:45 AM by vhofman
ITI40ITI40-006reviewedTestable 2 3 The X-Service User shall include a SAML 2.0 Assertion as the security token144Section 3.40.4.1.23/8/24 11:02:47 AM by vhofman
ITI40ITI40-007reviewedTestable 0 3 Any ATNA Audit Messages that the X-Service User records in relationship to a transaction protected by the XUA shall have the user identity recorded according to the XUA specific ATNA encoding rules in Section 3.40.4.2 ATNA Audit encoding).145Section 3.40.4.1.29/17/19 11:07:26 AM by ceoche
ITI40ITI40-009reviewedTestable 7 3 The SAML assertion sent by the X-Service User shall contain a Subject. The Subject contains the logical identifier of the principal performing the original service request145Section 3.40.4.1.29/17/19 4:38:14 PM by mtoudic
ITI40ITI40-010reviewedTestable 0 3 The Subject in the SAML assertion sent by the X-Service User shall remain unchanged through operations acting on the assertion.144Section 3.40.4.1.25/2/19 11:31:13 AM by NicolasBailliet
ITI40ITI40-011reviewedTestable 7 3 The Subject in the SAML assertion sent by the X-Service User shall contain a SubjectConfirmation element.144Section 3.40.4.1.29/17/19 4:38:17 PM by mtoudic
ITI40ITI40-012reviewedTestable 0 3 The X-Service User shall support the bearer confirmation method as defined in the SAML 2.0 Profile specification, Section 3.144Section 3.40.4.1.25/2/19 11:31:13 AM by NicolasBailliet
ITI40ITI40-013Testable 7 3 In the SAML Assertion Conditions element, the NotBefore element shall be populated with the issue instant of the Assertion144Section 3.40.4.1.29/17/19 4:38:20 PM by mtoudic
ITI40ITI40-014Testable 7 3 The SAML Assertion Conditions element, sall contain an AudienceRestriction containing an Audience whose value is a URI identifying the X-Service Provider.144Section 3.40.4.1.29/17/19 4:38:22 PM by mtoudic
ITI40ITI40-015reviewedNot testable 0 3 An X-Service User may ignore a ProxyRestriction condition.144Section 3.40.4.1.29/17/19 4:56:07 PM by mtoudic
ITI40ITI40-016reviewedNot testable 0 3 An X-Service Provider may ignore a ProxyRestriction condition. (ie if the Assertion contains that condition, it is not a test failure if it is not enforced.)144Section 3.40.4.1.29/17/19 4:56:13 PM by mtoudic
ITI40ITI40-017reviewedNot testable 0 3 An X-Service User may ignore a OneTimeUsecondition.144Section 3.40.4.1.29/17/19 4:56:18 PM by mtoudic
ITI40ITI40-018reviewedNot testable 0 3 An X-Service Provider may ignore a OneTimeUse condition. (ie if the Assertion contains that condition, it is not a test failure if it is not enforced.)144Section 3.40.4.1.29/17/19 4:56:24 PM by mtoudic
ITI40ITI40-019Testable 7 3 The SAML assertion sent by the X-Service User shall contain an AuthnStatement to specify the AuthnContextClassRef or AuthnContextDeclRef 144Section 3.40.4.1.29/17/19 4:38:27 PM by mtoudic
ITI40ITI40-020reviewedNot testable 7 3 The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with a Subject ID attribute.144Section 3.40.4.1.29/17/19 4:56:30 PM by mtoudic
ITI40ITI40-021Testable 7 3 If the Subject ID is present, this <Attribute> element shall have the Name attribute set to “urn:oasis:names:tc:xspa:1.0:subject:subject-id”. The name of the user shall be placed in the value of the <AttributeValue> element.144Section 3.40.4.1.29/17/19 4:39:20 PM by mtoudic
ITI40ITI40-022reviewedNot testable 7 3 The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with an Subject Organization attribute. If present, the value of the Subject Organization shall be a plain text description of the organization.144Section 3.40.4.1.29/17/19 4:56:34 PM by mtoudic
ITI40ITI40-023reviewedNot testable 7 3 The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with a Organization ID attribute. If present, this <Attribute> element shall have the Name attribute set to “urn:oasis:names:tc:xspa:1.0:subject:organization-id”.144Section 3.40.4.1.29/17/19 4:56:39 PM by mtoudic