WS-R WS-S Interop

WS-Reliability/WS-Security
Interoperability Test Specification

Working Draft 01, April 11 200
!ocation"
http://www.standards-oss.org/documents/ws-r_wss_interop.pdf
#$itors"
Hamid Ben Malek (hmalek@us.fujitsu.com

!ac"ues #urand (jdurand@us.fujitsu.com
%ontributors"
Abstract"
$his document descri%es the test cases as well as the tools (applications and &'(s used for
interopera%ilit) tests a%out the composition of *+-,elia%ilit) and *++ profiles. $his document
does not prescri%e a conformance test suite.
*+-,elia%ilit)/*++ (nteropera%ilit) $est +pecification &pril --. /001
2op)right 3 4&+(+ 4pen /005. &ll ,ights ,eser6ed. 'age - of 7
/
8
5
1
9
:
7
;
-0
--
-/
-8
-5
-1
-9
-:
-7
-;
/0
/-
//
1 Intro$uction
$his document pro6ides a documentation a%out the 6arious test cases in6ol6ed. as well as the we%
ser6ice applications. its &'(s. and its tools. and on how to deplo) the ser6ice application and hook up a
client application with the client &'( of the test suite. $he test suite can %e downloaded from
http://www.standards-oss.org
Basic securit) features that translate into specific message processing fall into four main areas identified
in <Hand%ook of &pplied 2r)ptograph)= (%) &. Mene>es. '. 6an 4orschot. and +. ?anstone. 2,2 'ress.
-;;9: www.cacr.math.uwaterloo.ca/hac . from which other features ca %e deri6ed:
- &uthentication
- #ata integrit)
- 2onfidentialit)
- @on-repudiation
$he o%jecti6es of this test plan is to 6erif) composa%ilit) of the ,elia%ilit) function (as defined in *+-
,elia%ilit) with the most popular wa)s the a%o6e securit) functions are implemented in an *+-+ecurit)
compliant manner.
$he test suite designed here will re"uire that the implementations of *+-+ecurit) and *+-,elia%ilit) are
composed in a particular wa). $his architecture should not need %e modified from one test case to the
other. Aach candidate implementation (supporting %oth securit) and relia%ilit) must %e such that it can
eBecute all test cases. $hese test cases are not s)mmetric: in order to demonstrate that end-points & and
B ha6e e"ui6alent capa%ilit) regarding composition of relia%ilit) and securit). the same test suite must %e
eBecuted twice. once dri6en from &. once dri6en from B.
1&1 Aut'entication
&uthentication ma) appl) to an entit) (e.g. a person or to data. (n our conteBt. it can %e 6erified %):
- username / password (e.g. in6ol6ing wsse:Csername$oken
- digital (DME signature. in6ol6ing a pri6ate ke) on sender side (e.g. in6ol6ing +&ME:&ssertion
token. and/or B10; token
2omposa%ilit) of these authentication use cases with relia%ilit) should %e 6erified. *e distinguish two
scopes: pa)load (+4&' %od) and entire message (+4&' headers F %od). including ,elia%ilit) headers
$he test cases will restrict to the practice recommended %) *+-+ecurit) and *+-( B+' -.0.
1&2 Data Integrity
&t minimum. this in6ol6es a signed digest of the data (e.g. HM&2. &s the DME +ignature
(+ignatureMethod used will include computation of such a digest and its signing (e.g.
2op)right 3 4&+(+ 4pen /005. &ll ,ights ,eser6ed. 'age / of 7
/8
/5
/1
/9
/:
/7
/;
80
8-
8/
88
85
81
89
8:
87
8;
50
5-
5/
58
55
51
59
5:
57
5;
10
1-
1/
18
15
11
19
1:
17
1;
90
9-
9/
98
95
http://www.w8.org//000/0;/BmldsigGhmac-sha-. composa%ilit) of this use case with relia%ilit) will re"uire
6erif)ing composa%ilit) of the signing method in6ol6ed. *e distinguish the same scopes as for
authentication.
$he test cases will restrict to the practice recommended %) *+-+ecurit) and *+-( B+' -.0.
1&( %onfi$entiality
(n6ol6es encr)ption of the pri6ate sections. using DME Ancr)ption. *e distinguish the same scopes as for
authentication.
$he test cases will restrict to the practice recommended %) *+-+ecurit) and *+-( B+' -.0 (with the
eBception of en6eloped signatures in the latter.
1&) *on-repu$iation
$wo cases are usuall) considered: non-repudiation of origin and non-repudiation of receipt.
@on-repudiation of origin t)picall) in6ol6es the same techni"ues as authentication of sent data a%o6e. and
therefore no new test case will %e pro6ided.
@on-repudiation of receipt usuall) gi6es to the <receipt= some application-le6el semantics. such as schema
6alidation. etc. (n this case. a signed receipt message is sent %ack to the initial sender. $he securit)
pattern in6ol6ed here is no different from the authentication use case a%o6e (%esides the fact it applies to
an application-le6el receipt. @o test case need %e pro6ided here. that would 6erif) composa%ilit) aspects
not 6erified %) the authentication test cases.
$here is another option for @on-repudiation of receipt: since in *+-,elia%ilit) the acknowledgement is
sent <on deli6er)=. we could consider that in some cases a deli6er) semantics (from the relia%ilit) module
is sufficient for a receipt. (n this case a signed ,M ,epl) would %e sufficient. Howe6er. since it is not
re"uired from *+-,elia%ilit) that the reception of ,M ,eplies (signed or not %e notified to the application
('roducer la)er. no test case will %e proposed for this option.
(n summar). the composa%ilit) of non-repudiation use cases with relia%ilit) will either in6ol6e similar
patterns as 6erified %) pre6ious test cases. or will in6ol6e a specific case (signed ,M ,eplies that would
re"uire a securit)-aware implementation of the ,elia%ilit) module H which will not %e re"uired in this test
suite.
2op)right 3 4&+(+ 4pen /005. &ll ,ights ,eser6ed. 'age 8 of 7
91
99
9:
97
9;
:0
:-
:/
:8
:5
:1
:9
::
:7
:;
70
7-
7/
78
75
71
79
7:
77
7;
;0
;-
;/
;8
;5
;1
;9
2 Test Suite
$his document pro6ides a documentation a%out the 6arious test cases in6ol6ed. as well as the we%
ser6ice applications. its &'(s. and its tools. and on how to deplo) the ser6ice application and hook up a
client application with the client &'( of the test suite.
2&1 %o+ponents
$he components of the test suite. descri%ed %) this specification. are the following:
A ,eb ser-ice application" this application is represented %) a sample 'urchase 4rder e-
commerce application.

Database Ser-er" this is the data%ase ser6er used %) the purchase order application to persists
the re"uest messages.

Au$it Application" this is a we%-%ased application that pro6ide a 6iew of the contents of the
data%ase. $hrough this application. a user can find out whether a certain purchase order re"uest
has %een recei6ed %) the we% ser6ice application or not.

.ayloa$ /iles" these are DME files representing 6arious +4&' messages to %e used %) the test
cases.

%onfiguration /ile" this is an DME file that will reside on the client side. and prescri%es *+-
,elia%ilit) agreement to %e used in each test case.
2&2 T'e ,eb ser-ice application
$his is a sample purchase order application. $he %inaries of this application as well as a documentation
on how to deplo) it will %e pro6ided with this specification.
2&( Au$it Application
$his is a we%-%ased application that will %e deplo)ed on the ser6er side with the purchase order
application. (ts purpose is to pro6ide a 6iew to remote users of what messages ha6e %een recei6ed %) the
purchase order.
2&) Database Ser-er
$his will %e a M)+IE #ata%ase +er6er. used %) the purchase order application to persists all the re"uest
messages it recei6es. $he installation of this data%ase ser6er and its data%ase will %e pro6ided.
;:
;7
;;
-00
-0-
-0/
-08
-05
-01
-09
-0:
-07
-0;
--0
---
--/
--8
--5
--1
--9
--:
--7
--;
-/0
-/-
-//
-/8
-/5
-/1
-/9
-/:
-/7
-/;
-80
-8-
-8/
-88
-85
-81
2& .ayloa$s an$ %onfiguration files
$he pa)load will %e represented %) a set of DME files containing the +4&' messages that will %e used %)
the test cases when calling the <#ocument-Based= purchase order application. $hese DME files are not
used if the client applications are calling the <,'2-%ased= purchase order.
2&0 TestSuite %lient A.I
Ctilit) classes together with a documentation on their &'( will %e pro6ided with this specification. $he
purpose of these utilit) classes is to ease the integration of client applications with the test suite. $hese
utilit) classes perform the following tasks:
'ro6ide a proB) for the we% ser6ice. $he client application wonJt ha6e to compile the *+#E file to
generate a proB). &ll what the client application will ha6e to do is simpl) use the utilit) classes to send the
+4&' messages.
Eoad the pa)load data: the utilit) classes can pre-load the pa)load data from the Bml files. and pro6ide the
client application with a +4&' message read) to send. &ll what the client application will ha6e to do is onl)
append the *+-,elia%ilit) headers to the +4&' message and then send it to the endpoint we% ser6ice.
Eoad the *+-,elia%ilit) &greement: the utilit) classes can load a *+-,elia%ilit) agreement. represented
in the form of an DME file. $he client application can ask the utilit) classes for the different parameters to
use. and accordingl) will populate the +4&' message with the *+-,elia%ilit) headers and then send it. (n
other words. the client application wonJt ha6e to %e a%le to parse the *+-,elia%ilit) agreement file.
-89
-8:
-87
-8;
-50
-5-
-5/
-58
-55
-51
-59
-5:
-57
-5;
-10
-1-
-1/
-18
-15
-11
-19
-1:
-17
( Test %ases
$here will %e a minimum of ten test cases for com%ining *+-,elia%ilit) and *++. $hese test cases are
not a su%stitute for *+-,elia%ilit) interopera%ilit) tests. (t is assumed that the +4&' processors in6ol6ed
in this interopera%ilit) test ha6e alread) passed the *+-,elia%ilit) interopera%ilit) test.
(n all the ten test cases descri%ed %elow. from the point of 6iew of relia%ilit). all the +4&' message
re"uests are to ha6e guaranteed deli6er) with duplicate elimination and a <2all%ack= repl) pattern. $his
com%ination is enough. %ecause the goal of this test suite is not a%out *+-,elia%ilit) interopera%ilit). %ut
a%out the composition of securit) and relia%ilit). Kurthermore. the relia%ilit) interopera%ilit) tests are
assumed to ha6e %een passed prior to this composition test suite.
&ll signatures and encr)ptions in this composition test suite. are accomplished using an D.10; certificate
store. and the signatures are alwa)s detached.
(&1 1serna+e Security Token Test 2T13
$his the first test case ($est G- and it consists in sending a <login= +4&' message re"uest with
username/password in the *++ headers. $he we% ser6ice would response %) sending a %oolean 6alue
indicating whether the login re"uest succeeded or not.
(&2 SA4! Security Token Test 2T23
$his the second test case ($est G/ and it consists in sending a <login= +4&' message re"uest with a
+&ME securit) token for authentication. $he we% ser6ice would response %) sending a %oolean 6alue
(&( 506 Security Token Test 2T(3
$his the third test case ($est G 8 and it consists in sending a <login= +4&' message re"uest with an
D.10; securit) token for authentication. $he we% ser6ice would response %) sending a %oolean 6alue
(&) Sign 7o$y Test 2T)3
$his is the fourth test case ($est G 5 and it consists in sending a purchase order +4&' message re"uest
with the +4&' %od) %eing signed. $he signature is a detached signature using an D.10; certificate store.
-1;
-90
-9-
-9/
-98
-95
-91
-99
-9:
-97
-9;
-:0
-:-
-:/
-:8
-:5
-:1
-:9
-::
-:7
-:;
-70
-7-
-7/
-78
-75
-71
-79
-7:
-77
-7;
-;0
-;-
-;/
-;8
-;5
-;1
-;9
-;:
-;7
(& Sign 7o$y an$ Reliability 'ea$ers Test 2T3
$his the fifth test case ($est G 1 and it consists in sending a purchase order +4&' message re"uest with
the +4&' %od) and relia%ilit) headers %eing signed. $he signature would %e a detached signature using
D.10;.
(&0 7o$y #ncryption Test 2T03
$his is test case G 9 and it consists in sending a purchase order +4&' message re"uest with the +4&'
%od) %eing encr)pted with D.10;.
(&8 #ncryption of bo$y an$ reliability 'ea$ers Test 2T83
$his is test case G : and it consists in sending a purchase order +4&' message re"uest where %oth the
+4&' %od) and relia%ilit) headers %eing encr)pted with D.10;.
(&9 /irst Test an$ /ourt' Test co+bine$ 2T93
$his is test case G 7 and it consists in sending a purchase order +4&' message re"uest with the +4&'
%od) %eing signed. and the *++ header containing a username securit) token. $he signature is a
detached one using D.10;.
(&6 T'ir$ Test an$ Se-ent' Test co+bine$ 2T63
$his is test case G ; and it consists in sending a purchase order +4&' message re"uest with the +4&'
%od) and relia%ilit) headers %eing encr)pted with D.10;. and the *++ header containing an D.10; for
authentication.
(&10 /irst, /ift', an$ Si:t' Test co+bine$ 2T103
This is test case G -0 and it consists in sending a purchase order +4&' message re"uest with the +4&'
%od) and relia%ilit) headers %eing signed. the +4&' %od) %eing encr)pted. and the *++ header
containing a securit) username token for authentication. $he signature is detached. and %oth the
signature and encr)ption are using D.10;.
2op)right 3 4&+(+ 4pen /005. &ll ,ights ,eser6ed. 'age : of 7
-;;
/00
/0-
/0/
/08
/05
/01
/09
/0:
/07
/0;
/-0
/--
/-/
/-8
/-5
/-1
/-9
/-:
/-7
/-;
//0
//-
///
//8
//5
//1
//9
//:
//7
//;
/80
/8-
/8/
A& *otices
4&+(+ takes no position regarding the 6alidit) or scope of an) intellectual propert) or other rights that
might %e claimed to pertain to the implementation or use of the technolog) descri%ed in this document or
the eBtent to which an) license under such rights might or might not %e a6aila%leL neither does it represent
that it has made an) effort to identif) an) such rights. (nformation on 4&+(+Js procedures with respect to
rights in 4&+(+ specifications can %e found at the 4&+(+ we%site. 2opies of claims of rights made
a6aila%le for pu%lication and an) assurances of licenses to %e made a6aila%le. or the result of an attempt
made to o%tain a general license or permission for the use of such proprietar) rights %) implementors or
users of this specification. can %e o%tained from the 4&+(+ ABecuti6e #irector.
4&+(+ in6ites an) interested part) to %ring to its attention an) cop)rights. patents or patent applications. or
other proprietar) rights which ma) co6er technolog) that ma) %e re"uired to implement this specification.
'lease address the information to the 4&+(+ ABecuti6e #irector.
%opyrig't ; <ASIS <pen 200)& All Rights Reserved.
$his document and translations of it ma) %e copied and furnished to others. and deri6ati6e works that
comment on or otherwise eBplain it or assist in its implementation ma) %e prepared. copied. pu%lished and
distri%uted. in whole or in part. without restriction of an) kind. pro6ided that the a%o6e cop)right notice and
this paragraph are included on all such copies and deri6ati6e works. Howe6er. this document itself does
not %e modified in an) wa). such as %) remo6ing the cop)right notice or references to 4&+(+. eBcept as
needed for the purpose of de6eloping 4&+(+ specifications. in which case the procedures for cop)rights
defined in the 4&+(+ (ntellectual 'ropert) ,ights document must %e followed. or as re"uired to translate it
into languages other than Anglish.
$he limited permissions granted a%o6e are perpetual and will not %e re6oked %) 4&+(+ or its successors
or assigns.
$his document and the information contained herein is pro6ided on an <&+ (+= %asis and 4&+(+
#(+2E&(M+ &EE *&,,&@$(A+. AD',A++ 4, (M'E(A#. (@2EC#(@M BC$ @4$ E(M($A# $4 &@N
*&,,&@$N $H&$ $HA C+A 4K $HA (@K4,M&$(4@ HA,A(@ *(EE @4$ (@K,(@MA &@N ,(MH$+ 4,
&@N (M'E(A# *&,,&@$(A+ 4K MA,2H&@$&B(E($N 4, K($@A++ K4, & '&,$(2CE&, 'C,'4+A.
/88
/85
/81
/89
/8:
/87
/8;
/50
/5-
/5/
/58
/55
/51
/59
/5:
/57
/5;
/10
/1-
/1/
/18
/15
/11
/19
/1:
/17
/1;

WS-R WS-S Interop

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

WS-R WS-S Interop

Caricato da

Copyright:

Formati disponibili

WS-Reliability/WS-Security

Interoperability Test Specification

Potrebbero piacerti anche