Id

13350

Keyword

CHXUA_X-SERV-USR_GXUA_ASS

Name

CHXUA_X-SERV-USR_GXUA_ASS

Version

1.1

Test Author

wbars

Last modifier

vhofman

Status

ready

Type

master type

Is external tool ?

Is Orchestrable

is Validated ?

Peer Type

No Peer

Test validated by

NicolasBailliet

Test permanent link

https://ehealthsuisse.ihe-europe.net/gazelle/test.seam?id=13350

Short Description

X-Service User requests an assertion to a simulated X-Assertion Provider for an Assistant.

Last changed

1/26/24 7:28:49 AM

Special Instructions

As X-Service User, this test might be easier to perform after XUA_Authenticate_User test.
X-Service User will have to perform a valid Get X-User Assertion transaction using the Assistant extension. But because it is required to include the SAML UserAuthenticationResponse in the GetXUserAssertionRequest, you will need to perform also an Authenticate User transaction.
Moreover if your system does not allow to perform a Get X-User Assertion transaction alone, you will have to trigger an action that leads to an ITI-40 Provide X-User Assertion transaction, such a PIXv3 Query or an XDS.b Stored Query.

Important : TLS is mandatory to every request in the XUA profile, as a consequence every endpoint has to use HTTPS.

Description

X-Service User will have to initiate a valid Get X-User Assertion transaction for an Assistant. The request must contains the Identity Assertion and the following attributes in the claims:

• The Purpose of Use MUST be provided as purposeofuse
• The Role of the subject MUST be provided as role
• The EPR-SPID of the targeted patient must be provided as resource-id
• The GLN of the healthcare professional the assistant is acting on behalf of MUST be provided as principal-id
• The name of the healthcare professional the assistant is acting on behalf of MUST be provided as principal-name
• The name of the subject's organization MAY be provided as organization
• The ID of the subject's organization MAY be provided as organization-id
  
  
  

The data recognized by the Assertion Provider Simulator and the IdP Simulator can be found here : https://ehealthsuisse.ihe-europe.net/authentication-simulator/home.seam

Then the X-Assertion Provider will check the validity of the GetXUserAssertionRequest and issue an assertion.

The endPoint to use to play the X-Assertion Provider role as a simulator is: https://ehealthsuisse.ihe-europe.net:10443/STS?wsdl

For the Get X-User Assertion, the messages exchanged between your SUT and the Assertion Provider should have been recorded and be available in Gazelle Webservice Tester :

1. Access the messages in Gazelle Webservice Tester from the "Mock messages";
2. Find out the message of interest, you can use the filters to ease your search (we also recommand to do it before you move to the next step);
3. We want to verify the conformance of the request sent by your SUT, click on the play icon next to the request type;
4. You have been redirected to EVSClient, select CH:XUA in the EPR group and click on the "Go" button;
5. Once the page of the validator opens, select the appropriate entry in the drop-down list and click on "Validate";
6. When the validation report shows up, a pop-up raises, click on "OK";
7. Copy the permanent link of the message in the test step using the "add link" feature.

Evaluation

The validation global result for the entire XUA request must be PASSED and include the UserAuthenticationResponse.

The GetXUserAssertionResponse must not be a SOAP Fault and contain an assertion. No need for EVSClient validation.