Special Instructions
Testing of the ADR Authorization Decision Consumer actor implemented in your
system is going to be performed in parallel to the testing of the other
transactions protected by ADR. That means that for some test cases,
you will be asked to demonstrate that your system is able to send a proper request to an ADR Decision Provider simulator.
Description
On
each requests performed during tests where your system should act as an ADR Authorization Decision Consumer, your system
must have sent Authorization Decision Query to the ADR Provider simulator.
These queries have been recorded in Gazelle Webservice Tester.
Once per test case, in order to validate the conformity of these request you'll need to :
- Access the messages in Gazelle Webservice Tester from the "Mock messages" menu
- Find
out the message of interest, you can use the filters to ease your
search (we also recommand to do it before you move to the next step)
- The conformance of the request sent by your SUT must be verified, click on the play icon next to the request type
- You have been redirected to EVSClient, select the validator "CH:ADR" in the EPR Group and click on the Go button. Then select CH:ADR_due_to_Profile/transaction_tested_request (i.e. CH:ADR_due_to_ATC_request)
- Once the page of the validator opens, select the appropriate entry in the drop-down list and click on "Validate"
- When the validation report shows up, a pop-up will appear, click on "OK"
- Copy the permanent link of the validation in the corresponding test step on this page using the "add link" feature.
- Click on the play icon next to the response type;
- You have been redirected to EVSClient, select the validator "CH:ADR" in the EPR Group and click on the Go button;
- Then select the right validation profile in the list and click on "Validate";
- When the validation report shows up, a pop-up raises for returning the validation report to GWT, click on "OK";
Evaluation
The monitor is expected to review each message validation referenced in the
test steps section below, a result Passed is required.
The monitor will also be required to check that the answer sent by the simulator is in accordance to the Authorization Decision Query sent by the SUT. The following points must be verified :
- The StatusCode of the response is : urn:oasis:names:tc:xacml:1.0:status:ok
- The resource decision is : Permit
Special case : Error/Invalid Cases :
When playing the invalid cases for the tests for the XDS:Document
Registry ITI-18 and ITI-42 transactions and the test step Error cases / authorization / authorization from CHATC_ARR_ITI81_ErrorCases , the ressource decision changes :
- The resource decision is NotApplicable (for most cases) or
- The resource decision is Deny
in the case of a request sent by an HCP on exclusion list, this case
will only occur for XDS:Docment Registry, the rights of the HCP for each query can
be found in the Test Case name in GWT
It is required to verify every ADR Provider answer for these cases