Difference between revisions of "I5:FeatureTest-OpenID RP rejects certs that are expired"

From OSIS Open Source Identity Systems
Jump to: navigation, search
(New page: {{FeatureTest |name = OpenID RP rejects certs that are expired |testtype = OpenID Authentication |identifier = FTR-orp-ssl-7 |areatested = ...)
 
 
Line 18: Line 18:
 
## You should need to temorarily accept the cert for your browser.  This is a test of the RP.
 
## You should need to temorarily accept the cert for your browser.  This is a test of the RP.
 
# The RP should detect the expired cert during discovery and present an error message. You must not be allowd to loggin. (note this verisign cert may not chin to a valid root,  I am looking for a better expired cert for testing)
 
# The RP should detect the expired cert during discovery and present an error message. You must not be allowd to loggin. (note this verisign cert may not chin to a valid root,  I am looking for a better expired cert for testing)
 +
# Success is receiving an error that the certificate has expired or or being able to log in.
 
# If you receive a login this is a failure.
 
# If you receive a login this is a failure.
 
# Set outcome in the results page:
 
# Set outcome in the results page:

Latest revision as of 09:17, 21 April 2009

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|FeatureTest-OpenID RP rejects certs that are expired}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID RP rejects certs that are expired|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=FeatureTest,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=FeatureTest,title={{#var:page}},namespace=I5|as XML]]  edit
}}
{{#if:|Feature Test |Feature Test }}   OpenID RP rejects certs that are expired
Test Type   bgcolor={{{color}}}}}|OpenID Authentication
Identifier   bgcolor={{{color}}}}}|FTR-orp-ssl-7  
Description   bgcolor={{{color}}}}}|Tests that the OpenID RP rejects certs that are expired  
Role tested   bgcolor={{{color}}}}}|OpenID Identity Relying Party  
Known Successful Reference Solution(s)   bgcolor={{{color}}}}}|{{ #if: |
[[I5:]]}}{{ #if: |
[[I5:]]}} {{ #if: |
}} {{ #if: |
}}  
Success Criteria   bgcolor={{{color}}}}}|OpenID authentication succeeds  
Failure Criteria   bgcolor={{{color}}}}}|OpenID not accepted or other failures  

Features Proven

{{#dpl:debug=1

 |resultsheader=\n
 |noresultsheader= {|\n|bgcolor=#eeeeee|No matching Feature found.\n|}\n
 |category=Feature
 |namespace=I5
 |linksto=I5:FeatureTest-OpenID RP rejects certs that are expired
 |nottitlematch = Feature.edit
 |include={Feature}.viewfromtest
 |includematch=/FeatureTest-OpenID RP rejects certs that are expired/s
 |table=class=sortable,-,Feature,feature_type,solution_role

}}

Instructions

  1. Open the result page for your solution and this test.
  2. Open the OpenID login page for your relying party.
  3. Enter the OpenID https://expired.test-id.net:444/RP/AffirmativeIdentity.aspx into the OpenID login field of the page.
    1. This ID will not ask for a password.
    2. You should need to temorarily accept the cert for your browser. This is a test of the RP.
  4. The RP should detect the expired cert during discovery and present an error message. You must not be allowd to loggin. (note this verisign cert may not chin to a valid root, I am looking for a better expired cert for testing)
  5. Success is receiving an error that the certificate has expired or or being able to log in.
  6. If you receive a login this is a failure.
  7. Set outcome in the results page:
    1. If the success criteria was met, set the outcome to "Works".
    2. If the test failed, set the outcome to "Failed" and enter information about the failure in the Notes section.
    3. If other issues occurred set the result to "Issues" and describe them in the Notes section.
  8. Add either four tilde ~~~~ signs or a text name into the "Tested by" parameter.
  9. Update the Date Tested, Browser, and Operating System lines of the results page.