Id

13360

Keyword

CHXUA_X-ASSERT-PROV_PADM

Name

CHXUA_X-ASSERT-PROV_PADM

Version

1.1

Test Author

wbars

Last modifier

vhofman

Status

ready

Type

master type

Is external tool ?

Is Orchestrable

is Validated ?

Peer Type

No Peer

Test validated by

NicolasBailliet

Test permanent link

https://ehealthsuisse.ihe-europe.net/gazelle/test.seam?id=13360

Short Description

This test checks the conformance of the assertion issued by the X Assertion Provider when the Authenticate User is a Policy Administrator.

Last changed

1/26/24 7:28:38 AM

Special Instructions

This test is about validating assertions issued by CH X-Assertion-Providers using EVSClient.

Important : TLS is mandatory to every request in the XUA profile, as a consequence every endpoint has to use HTTPS.

Description

As CH X-Assertion Provider you will have to trigger the generation of an assertion. To do so, please run a real CH:XUA Get-X-User-Assertion transaction for the Policy Administrator extension against your system using Gazelle Webservice Tester.

The requests will be sent to your SUT from Gazelle Webservice Tester. To execute this test:

1. Access Gazelle Webservice Tester and log into the application;
2. Go to the menu "Run";
3. Select the test project name EPR CH:XUA X-Service User from the drop-down list;
4. Select test case PADM authentication and XUA by ticking the checkbox in front of its name;
5. Enter the URL of your system under test endpoint (shall be a secured endpoint)
6. Click on "Run" button
7. Wait for the script to complete its execution;
8. When the script stops, copy the permanent link of the execution to the test step in Gazelle Test Management

The conformance of the responses sent back by your system shall be assessed. In Gazelle Webservice Tester, for the XUA Response, validate the message in EVSClient. To do so:

1. Click on the play icon next to the response type;
2. You have been redirected to EVSClient, click on "Analyze message content" button to be redirected to Message Content Analyzer (MCA) tool;
3. Save the link of the analysis by pasting it to the appropriate [EVIDENCE] step.
   
4. Click on the green play button next to XML, then select CH:XUA in the EPR group and hit the "Go" button;
5. Once the page of the validator opens, select the appropriate entry in the drop-down list and click on "Validate";
6. When the validation report shows up, a pop-up raises for returning the validation report to GWT, click on "OK";
7. Open a new tab and paste the saved link to go back to the MCA analysis;
8. Click on the green Play button next to SAML, then select validator: SAML-EPD and hit the "Go" button;
9. Once the page of the validator opens, select the appropriate entry in the drop-down list and click on "Validate";
10. When the validation report shows up, a pop-up raises for returning the validation report to GWT, click on "OK".

Evaluation

The validation global result for the entire XUA response must be PASSED.

The validation global result for the SAML assertion (extracted from XUA response) must be PASSED.