Please use a compatible browser :Google Chrome or Mozilla Firefox
Page expired. Any change will be lost. Try to refresh the page.
Gazelle update scheduled, unsaved changes will be lost :
Your session will timeout :
Redeployed...
Logged out...
The server is restarting. Any change will be lost.
 

Test : XUA_X-SERVICE-USER_ITI-40

Test Summary

Id
13521
Keyword
XUA_X-SERVICE-USER_ITI-40
Name
XUA_X-SERVICE-USER_ITI-40
Version
1.0
Test Author
aberge
Last modifier
vhofman
Status
ready
Type
master type
Is external tool ?
Is Orchestrable
is Validated ?
Peer Type
No Peer
Short Description
This test is used to synthesis the testing of the XUA X-Service-User actor.
Last changed
1/26/24 7:29:36 AM

Test Description in English

Special Instructions

Testing of the XUA X-Service-User actor implemented in your system is going to be performed in parallel to the testing of the other transactions protected by XUA. That means that for some of the tests, you will be asked to demonstrate that your system incorporates a SAML assertion in the SOAP header of the sent request. The presence of a SAML token shall be reflected in the audit message produced by your system. 

Description

In order to conduct the tests correctly, your system is expected to use the Syslog collector as an ATNA Audit Record Repository. In other words, before the testing starts, configure your systems acting as XUA X-Service-User actor to send its audit messages to the simulator.

When executing a test which requires your system to support the XUA X-Service User actor and to generate an audit message, you need to demonstrate that the information from SAML token has been incorporated in the audit message. 

The audit messages produced by SUT should have been recorded by the Syslog collector and be available in Gazelle Security Suite. For one of the step which requires a SAML token:

  1. Access the audit messages in Gazelle Security Suite from the "Audit Trail" > "Syslog collector" menu;
  2. Find out the message of interest, you can use the filters to ease your search (we also recommand to do it before you move to the next step);
  3. Download the audit message
  4. Upload the audit message file into the "Audit message" section of your ATNA questionnaire.
  5. Copy/Paste the link to the test instance into the test step below which relates to the IHE actor you are testing.

Evaluation

The monitor is expected to review each test instance referenced in the test steps section below to verify that

  1. a SAML assertion is present in the SOAP Header of the message produced by the system acting as X-Service User;
  2. an audit message has been recorded in the ATNA questionnaire and the audit message complies with the requirements from IHE technical framework: the ATNA Audit message UserName element records the X-User Assertion using the following encoding: alias<user@issuer> where:
    • alias is the optional string within the SAML Assertion's Subject element SPProvidedID attribute
    • user is the required content of the SAML Assertion's Subject element 
    • issuer is the X-Assertion Provider entity ID contained with the content of SAML Assertion's Issuer element
    • The “<” and “>” represent XML control characters

Example: JD<John.Doe@example.com>

If those requirements are met, mark the step "verified" (green check), otherwise, mark it as "failed" (red cross).

At the end of the test session, the test shall be marked as verified only if all the steps related to actors supported by the system under test are marked as "verified". Otherwise, this test is failed.

Test Roles

Keyword
# to realize
Card Min
Card Max
Optionality
URL
URL Doc
X_SERVICE_USER-XUA
Integration profileActorOptionIs tested ?
Keyword
Keyword
Keyword
Keyword
IntegrationProfile XUA-Cross Enterprise User AssertionActor X-SERV-USR-X-Service UserNONEtrue
IntegrationProfile ATNA-Audit Trail and Node Authentication Actor SA-Secure ApplicationNONEfalse
111Required

Test Steps


Step Index
Initiator Role
Responder Role
Transaction
Secured
Message Type
Option
Description
Assertions
1X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Required[INSTRUCTION] Mark as "skip" the test steps which relate to actors your system does not support.
2X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Optional[EVIDENCE] Copy/Paste the permanent link to the test instance where your system acts as a XDS.b Document Consumer for ITI-18 transaction.
3X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Optional[EVIDENCE] Copy/Paste the permanent link to the test instance where your system acts as a CH:XDS-I Imaging Document Consumer for RAD-69 transaction.
10X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Optional[EVIDENCE] Copy/Paste the permanent link to the test instance where your system acts as a CH:XDS-I Imaging Document Source for RAD-68 transaction.
19X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Optional[EVIDENCE] Copy/Paste the permanent link to the test instance for one of the test cases where your system acts as a PPQ Policy Repository for PPQ-1 transaction..
20X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Optional[EVIDENCE] Copy/Paste the permanent link to the test instance for one of the test cases where your system acts as a PPQ Policy Repository for PPQ-2 transaction..
21X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Optional[EVIDENCE] Copy/Paste the permanent link to the test instance for one of the test cases where your system acts as a PPQ Policy Consumer.
22X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Optional[EVIDENCE] Copy/Paste the permanent link to the test instance for one of the test cases where your system acts as a PPQ Policy Source.
30X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Optional[EVIDENCE] Copy/Paste the permanent link to the test instance where your system acts as a XDS-MU Document Administrator for ITI-57 transaction.
40X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Optional[EVIDENCE] Copy/Paste the permanent link to the test instance where your system acts as a XDS.b Document Source for ITI-41 transaction.
50X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Optional[EVIDENCE] Copy/Paste the permanent link to the test instance for the test case where your system acts as a RMU Update Initiator.
51X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Optional[EVIDENCE] Copy/Paste the permanent link to the test instance for the test case where your system acts as a RMU Update Responder.
55X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Optional[EVIDENCE] Copy/Paste the permanent link to the test instance for the test case where your system acts as an ATC Patient Audit Record Repository grouped with an ADR Consumer when sending an Authorization Decision Query for the ITI-81 transaction
56X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Optional[EVIDENCE] Copy/Paste the permanent link to the test instance where your system acts as a XDS.b Document Registry coupled with and ADR Decision Provider when sending an AuthorizationDecision request concerning an ITI-18 transaction.
57X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Optional[EVIDENCE] Copy/Paste the permanent link to the test instance where your system acts as a XDS.b Document Registry coupled with and ADR Decision Provider when sending an AuthorizationDecision request concerning an ITI-42 transaction.
58X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Optional[EVIDENCE] Copy/Paste the permanent link to the test instance where your system acts as a XDS.b Document Registry coupled with and ADR Decision Provider when sending an AuthorizationDecision request concerning an ITI-57 transaction.
59X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Optional[EVIDENCE] Copy/Paste the permanent link to the test instance where your system acts as a XDS.b Document Repository for ITI-42 transaction.
60X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Optional[EVIDENCE] Copy/Paste the permanent link to the test instance for one of the test cases where your system acts as a XCA Initiating Gateway.
70X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Optional[EVIDENCE] Copy/Paste the permanent link to the test instance for one of the test cases where your system acts as a XCA Responding Gateway.
80X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Optional[EVIDENCE] Copy/Paste the permanent link to the test instance for the test case where your system acts as a XCA-I Initiating Imaging Gateway.
90X_SERVICE_USER-XUAX_SERVICE_USER-XUA-Optional[EVIDENCE] Copy/Paste the permanent link to the test instance for the test case where your system acts as a XCA-I Responding Imaging Gateway.

Tool index

  • Simulators

    Copyright IHE 2024
  • Gazelle 7.1.7
Back to top