Please use a compatible browser :Google Chrome or Mozilla Firefox
Page expired. Any change will be lost. Try to refresh the page.
Gazelle update scheduled, unsaved changes will be lost :
Your session will timeout :
Redeployed...
Logged out...
The server is restarting. Any change will be lost.
 

Test : ADR_due_to_XDS

Test Summary

Id
13012
Keyword
ADR_due_to_XDS
Name
ADR_due_to_XDS
Version
Bern2020
Test Author
ycadoret
Last modifier
aeschlimann
Status
ready
Type
connectathon
Is external tool ?
Is Orchestrable
is Validated ?
Peer Type
Peer To Peer
Short Description
An ADR Consumer sends an ADR request to an ADR Provider to access XDS ressources.
Last changed
8/31/20 4:47:14 PM

Test Description in English

1 - Goal

This use case test verifies that:

  • the ADR Consumer can request access to XDS resources, and get access accordingly to the response of the ADR Provider.
  • the ADR Provider can contact the PPQ Policy Repository of its community in order to access and interpret its policies.


2 - Prerequisite

The Policy Repository of the community must contain policies to be queried.

The ADR profiles needs TLS for the communication. However, to record the transaction with the Gazelle proxy, you shall disable the TLS communication. If you cannot disable the TLS communication, you shall save the transaction to your log.

The ADR request must also be grouped with provide a valid XUA assertion.


3 - Description

In this test scenario the test participants shall:

  • The ADR Consumer sends an ADR Authorization Access Request (XAMLAuthzDecisionQueryRequest) grouped with an approved XUA assertion to the ADR Provider.
  • The ADR Provider accesses the PPQ Policy Repository, retrieves the authorization decision, interprets the policy and sends a response to the ADR Consumer according the stored policies.
  • According to the response of the ADR provider, the ADR consumer shall or shall not obtain access to the requested ressources.


In its request, the ADR consumer shall precise the following information:

Subject part
  • subject-id
  • subject-id-qualifier
  • homeCommunityId
  • organization-id

Resource part (x3)

  • resource-id
  • epr-spid : @root  @extension
  • confidentiality-code : @displayName

Action part

  • action-id
If you need help, you can find exemples here.


4 - Evidences

Test participants shall provide the logs of the following messages exchanged during the test:

  • ADR Authorization Access Request from the ADR Consumer to ADR Provider
  • The retrieved decision of the PPQ Policy Repository by the ADR Provider
  • The response of the ADR Provider to the ADR Consumer


5 - Evaluation

Ideally, the Projectathon monitor can observe all queries and evaluate response.
Additionally, the gazelle proxy offers the opportunity to examine messages in the exchanges between Consumer and Provider.
Additionaly, we expect that all the messages exchanged to be validated in EVSClient.

Test Roles

Keyword
# to realize
Card Min
Card Max
Optionality
URL
URL Doc
CH_ADR_CONSUMER_XDS
Integration profileActorOptionIs tested ?
Keyword
Keyword
Keyword
Keyword
IntegrationProfile XDS.b-Cross-Enterprise Document SharingActor DOC_REGISTRY-Document RegistryNONEfalse
IntegrationProfile CH:ADR-Authorization Decision RequestActor AUTH_DECI_CONS-Authorization Decision ConsumerNONEtrue
111Required
CH_ADR_PROVIDER
Integration profileActorOptionIs tested ?
Keyword
Keyword
Keyword
Keyword
IntegrationProfile XUA-Cross Enterprise User AssertionActor X-SERV-PROV-X-Service ProviderNONEfalse
IntegrationProfile CH:ADR-Authorization Decision RequestActor AUTH_DECI_PROV-Authorization Decision ProviderNONEtrue
111Required

Test Steps


Step Index
Initiator Role
Responder Role
Transaction
Secured
Message Type
Option
Description
Assertions
1CH_ADR_CONSUMER_XDSCH_ADR_CONSUMER_XDSNoneRequiredTo ease validation, please use the gazelle proxy with this test.
5CH_ADR_PROVIDERCH_ADR_PROVIDERNoneRequiredThe Provider initializes himself with an access rule for a patient and a document and share it with the consumer
7CH_ADR_CONSUMER_XDSCH_ADR_CONSUMER_XDSNoneRequiredThe ADR consumer build his request with information share by the Provider
10CH_ADR_CONSUMER_XDSCH_ADR_PROVIDERAUTH_DECISION_REQUESTXACMLAuthzDecisionQueryRequiredThe ADR consumer sends XACMLAuthzDecisionQueryRequest. The ADR request must be grouped with approved XUA assertion.
30CH_ADR_CONSUMER_XDSCH_ADR_CONSUMER_XDSNoneRequiredPaste in this step request and response received evidences and validate the messages in EVSClient

Tool index

  • Simulators

    Copyright IHE 2024
  • Gazelle 7.1.7
Back to top