I5:FeatureTest-RP Rejection of Tokens Outside Reasonable Validity Windows

From OSIS Open Source Identity Systems

list help  copy  as XML  edit

Feature Test	RP Rejection of Tokens Outside Reasonable Validity Windows
Test Type	Token Validation
Identifier	FTR-irp-tokenval-1
Description	Tests that a Relying Party will not accept either a very old or a very futuristic token. Our definition of being outside a reasonable validity window is either plus or minus 30 days.
Role tested	Information Card Relying Party
Known Successful Reference Solution(s)	I5:CardSpace .NET Framework 3.5
Success Criteria	Relying party rejects token gracefully
Failure Criteria	Relying party crashes or continues

Features Proven

Feature	feature_type	solution_role
Token with out-of-range SAML notBefore or notOnOrAfter elements	Information Card Relying Party Features	condition

Instructions

Instructions

1. Open the result page for the Solution being tested with this FeatureTest.
2. If you don't already have it, import the test card from the file (sts-munge) into the Selector being tested.
3. Open the relying party site
4. Invoke the selector and select the "I5 STS Munge Tests" Card
5. When prompted for the username, type "future" as the username (password doesn't matter)
   1. If you forget what to type, you can open the IdP privacy policy for a reminder
   2. Note success/failure
6. Return to the Relying Party
7. Invoke the selector again and select the "I5 STS Munge Tests" Card
8. When prompted for username, type "past" as the username
   1. Note Success/Failure
9. Set outcome:
   1. If both tokens were rejected gracefully by the relying party, set outcome to "Works".
   2. If both tokens were accepted by the relying party, set outcome to "Failed".
   3. If other issues occurred set the result to "Issues" and describe them in the Notes section.
10. Enter either four tilde ~~~~ signs or your name into the "testedby" parameter.
11. Update the date tested, operating systems, and tested solutions parameters of the results page.