I4:FeatureTest-OpenID Provider redirects http URLs to https URLs for discovery
From OSIS Open Source Identity Systems
|list help copy as XML edit|
|Feature Test||OpenID Provider redirects http URLs to https URLs for discovery|
|Test Type||OpenID Security|
|Description||Tests OpenID Provider's support for consistant URI normalisation of the scheme and path.|
|Role tested||OpenID Identity Provider|
|Known Successful Reference Solution(s)|
I4:Yahoo OpenID Provider
|Success Criteria||http redirect to https: version of openID and the X-XRDS-Location, X-YADIS-Location headers contain https URI|
|Failure Criteria||No redirect to https or headers contain http: URI|
|OpenID Provider redirects http URLs to https URLs for discovery||OpenID Identity Provider||interop|
- Open the result page for your solution and for this test.
- Enter the http: version of the test openID in the browser
- You should be directed to a openID identity page.
- Check to see if the URI in the browser bar has changed to https:
- Look at the page source.
- Verify that the Meta-Data contined in the page has the XRDS documents retreved via https: URI look for X-XRDS-Location and X-YADIS-Location
- Set outcome:
- If the success criteria was met, set the outcome to "Works".
- If the test failed, set the outcome to "Failed" and enter information about the failure in the Notes section.
- If other issues occurred set the result to "Issues" and describe them in the Notes section.
- Add either four tilde ~~~~ signs or a text name into the "Tested by" parameter.
- Update the Date Tested, Browser, and Operating System lines of the results page.