I5:FeatureTest-OpenID Relying Party Verify X.509 certificate associated with Identity Provider

From OSIS Open Source Identity Systems
Revision as of 21:29, 14 April 2009 by Ve7jtb (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|FeatureTest-OpenID Relying Party Verify X.509 certificate associated with Identity Provider}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:OpenID Relying Party Verify X.509 certificate associated with Identity Provider|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=FeatureTest,from={{#var:page}},namespace=I5|copy]]  [[Special:Call/DT Articles list XML,type=FeatureTest,title={{#var:page}},namespace=I5|as XML]]  edit
}}
{{#if:|Feature Test |Feature Test }}   OpenID Relying Party Verify X.509 certificate associated with Identity Provider
Test Type   bgcolor={{{color}}}}}|OpenID Authentication
Identifier   bgcolor={{{color}}}}}|FTR-orp-ssl-2  
Description   bgcolor={{{color}}}}}|Tests OpenID Relying Party Verify X.509 certificate associated with Identity Provider  
Role tested   bgcolor={{{color}}}}}|OpenID Identity Relying Party  
Known Successful Reference Solution(s)   bgcolor={{{color}}}}}|{{ #if: |
[[I5:]]}}{{ #if: DotNetOpenId_Relying_Party |
I5:DotNetOpenId_Relying_Party}} {{ #if: |
}} {{ #if: |
}}  
Success Criteria   bgcolor={{{color}}}}}|OpenID authentication succeeds  
Failure Criteria   bgcolor={{{color}}}}}|OpenID not accepted or other failures  

Features Proven

{{#dpl:debug=1

 |resultsheader=\n
 |noresultsheader= {|\n|bgcolor=#eeeeee|No matching Feature found.\n|}\n
 |category=Feature
 |namespace=I5
 |linksto=I5:FeatureTest-OpenID Relying Party Verify X.509 certificate associated with Identity Provider
 |nottitlematch = Feature.edit
 |include={Feature}.viewfromtest
 |includematch=/FeatureTest-OpenID Relying Party Verify X.509 certificate associated with Identity Provider/s
 |table=class=sortable,-,Feature,feature_type,solution_role

}}

Instructions

  1. Open the result page for your solution and this test.
  2. Open the OpenID login page for your relying party.
  3. Enter the OpenID https://www.test-id.net/RP/AffirmativeIdentity.aspx into the OpenID login field of the page.
    1. This ID will not ask for a password.
    2. Depending on your browser It may warn you about the certificate being invalid.
    3. This is normal select "accept once" or continue, This is intended to test the RP not the browser.
  4. The OP should warn you that the certificate for the OP has been revoked, and reject the positive login response from the OP.
    1. There are real cases where OP certificates have been compromised, and revoked.
  5. If the RP logs you in or creates an account this is a failure.
  6. Set outcome in the results page:
    1. If the success criteria was met, set the outcome to "Works".
    2. If the test failed, set the outcome to "Failed" and enter information about the failure in the Notes section.
    3. If other issues occurred set the result to "Issues" and describe them in the Notes section.
  7. Add either four tilde ~~~~ signs or a text name into the "Tested by" parameter.
  8. Update the Date Tested, Browser, and Operating System lines of the results page.