xNF communication security enhancements - Tests Description and Status

Owned by Marcin Przybysz
Last updated: May 04, 2020
1 min read

Currently VES supports authentication methods certBasicAuth. It is possible to run as a option noAuth method, hovewer HTTP it is not supported by default.



High level test cases for auth.method = "certBasicAuth"  :



TC ID

Test Case Name

Test Case Execution

Expected Result 

 Test Status

TC ID

Test Case Name

Test Case Execution

Expected Result 

 Test Status

T01

Client with correct basic auth and correct certificate

curl -vk --cert cert.pem --key key.pem -u sample1:sample1 -X POST https://{xdcae-ves-collector_ip}:30417/eventListener/v7 -d @event.json --header "Content-Type: application/json"

PASS. HTTP/1.1 202

PASSED

T02

Client with incorrect basic auth and correct certificate

curl -vk --cert cert.pem --key key.pem -u sample1:sample2 -X POST https://{xdcae-ves-collector_ip}:30417/eventListener/v7 -d @event.json --header "Content-Type: application/json"

PASS. HTTP/1.1 202

PASSED

T03

Client without basic auth and with correct certificate

curl -vk --cert cert.pem --key key.pem -X POST https://{xdcae-ves-collector_ip}:30417/eventListener/v7 -d @event.json --header "Content-Type: application/json"

PASS. HTTP/1.1 202

PASSED

T04

Client with correct basic auth and incorrect certificate

curl -vk --cert incorrect.crt --key rootCA.key --pass collector -u sample1:sample1 -X POST https://{xdcae-ves-collector_ip}:30417/eventListener/v7 -d @event.json --header "Content-Type: application/json"

FAIL, connection closed because of bad certificate

PASSED

T05

Client with correct basic auth and without certificate

curl -vk -u sample1:sample1 -X POST https://{xdcae-ves-collector_ip}:30417/eventListener/v7 -d @event.json --header "Content-Type: application/json"

PASS. HTTP/1.1 202

PASSED

T06

Client with incorrect certificate and incorrect basic auth

curl -vk --cert incorrect.crt --key rootCA.key --pass collector -u dummy:sample1 -X POST https://{xdcae-ves-collector_ip}:30417/eventListener/v7 -d @event.json --header "Content-Type: application/json"

FAIL, connection closed because of bad authentication

PASSED

T07

Client without certificate and without basic auth

curl -vk -X POST https://{xdcae-ves-collector_ip}:30417/eventListener/v7 -d @event.json --header "Content-Type: application/json"

FAIL, HTTP/1.1 401

PASSED