11110: Authentication error cases
Overview of the test
*** If your ATNA Secure Node/Secure Application is only a client (ie it only initiates transactions), then this test case is not applicable for you. Skip it. ***
This test exercises several error cases. You will use the TLS Tool in the Gazelle Security Suite as a simulated client, trying to connect to a Secure Node (SN) or Secure Application (SA) acting as a server.
Prerequisite for this test
Perform test 11109 Authentication Test before running this 'error cases' test.
Location of the ATNA Tools: Gazelle Security Suite
Log in to the GSS tool
When logging in to GSS, you will use your username & password from Gazelle Test Management for your testing event. There are separate CAS systems for different instances of Gazelle Test Management, and you will have to take this into account when logging in to GSS:
- The European CAS is linked to Gazelle Test Management at http://gazelle.ihe.net/TM/ <---This will be used for the 2022 IHE Connectathon
- The North American CAS is linked to Gazelle Test Management at https://gazelle.iheusa.org/gazelle-na/
- If you don't have an account, you can create a new on the Gazelle Test Management home page.
On the GSS home page (http://gazelle.ihe.net/gss) find the "Login" link at the upper right of the page.
- Select either "European Authentication" or "North American Authentication"
- Enter the username and password from either Gazelle Test Management linked above.
Instructions
- Select menu TLS/SSL-->Testing-->Test Cases
- Run each of the error test cases listed:
- IHE_ErrorCase_Corrupted
- IHE_ErrorCase_Expired
- IHE_ErrorCase_Revoked
- IHE_ErrorCase-Self-Signed
- IHE_ErrorCase_Unknown
- IHE_ErrorCase_Without_Authentication
- IHE_ErrorCase_Wrong_Key
- Once you are on the 'Run a test' page, use the 'Client type' dropdown list to select the transport supported on your server (HL7v2, DICOM, HL7, DICOM_ECHO, WEBSERVICE, SYSLOG, or RAW)
- Input the host / IP address and port of your system and click on 'Run'.
- If you implement several transports as a server, you should mix message types over those error test cases in order to have at least one implemented protocol covered by one step. It is not necessary to run each of the test cases for each transport.
- After each test case, find your result in the list of Test Executions.
- Capture the permanent links to your PASSED results. Copy/paste the links into Gazelle Test Management as your results for test 11110.
Evaluation
Depending on the testing event, the results of this test may be reviewed in advance. More typically, it will be reviewed and graded by a Monitor during the test event itself (e.g. during Connectathon week).
Each error case must have a result of 'PASSED'.
Each transport type (HL7v2, DICOM, HL7, DICOM_ECHO, WEBSERVICE, SYSLOG, or RAW) implemented by your system as a server must have been tested at least one time in the list of error cases.
If you are performing this test in preparation for a Connectathon, a Connectathon monitor will verify your results pasted into each test step.