Currently VES supports 2 authentication methods:
certBasicAuth→ Default setting.
noAuth --> Option, can be changed in Consul.
High level test cases for auth.method = "certBasicAuth" :
TC ID | Test Case Name | Test Case Description | Expected Result | Test Status |
---|---|---|---|---|
T01 | Client with correct basic auth and correct certificate | curl -vk --cert rootCA.crt --key rootCA.key --pass collector -u sample1:sample1 -X POST https://192.168.0.22:30417/eventListener/v7 -d @event.json --header "Content-Type: application/json" | PASS. HTTP/1.1 202 | PASSED |
T02 | Client with incorrect basic auth and correct certificate | curl -vk --cert rootCA.crt --key rootCA.key --pass collector -u sample1:sample2 -X POST https://192.168.0.22:30417/eventListener/v7 -d @event.json --header "Content-Type: application/json" | PASS. HTTP/1.1 202 | PASSED |
T03 | Client without basic auth and with correct certificate | curl -vk --cert rootCA.crt --key rootCA.key --pass collector -X POST https://192.168.0.22:30417/eventListener/v7 -d @event.json --header "Content-Type: application/json" | PASS. HTTP/1.1 202 | PASSED |
T04 | Client with correct basic auth and incorrect certificate | curl -vk --cert incorrect.crt --key rootCA.key --pass collector -u sample1:sample1 -X POST https://192.168.0.22:30417/eventListener/v7 -d @event.json --header "Content-Type: application/json" | PASS. HTTP/1.1 202 | PASSED |
T05 | Client with correct basic auth and without certificate | curl -vk -u sample1:sample1 -X POST https://192.168.0.22:30417/eventListener/v7 -d @event.json --header "Content-Type: application/json" | PASS. HTTP/1.1 202 | PASSED |
T06 | Client with incorrect certificate and incorrect basic auth | curl -vk --cert incorrect.crt --key rootCA.key --pass collector -u dummy:sample1 -X POST https://192.168.0.22:30417/eventListener/v7 -d @event.json --header "Content-Type: application/json" | FAIL, connection closed because of bad certificate | PASSED |
T07 | Client without certificate and without basic auth | curl -vk -X POST https://192.168.0.22:30417/eventListener/v7 -d @event.json --header "Content-Type: application/json" | FAIL, HTTP/1.1 401 | PASSED |
High level test cases for auth.method = "noAuth" :
TC ID | Test Case Name | Test Case Description | Expected Result | Test Status |
---|---|---|---|---|
T01 | Any HTTPS request is refused | curl -vk --cert rootCA.crt --key rootCA.key --pass collector -u sample1:sample1 -X POST https://192.168.0.22:30417/eventListener/v7 -d @event.json --header "Content-Type: application/json" | FAIL. Connection refused | PASSED |
T02 | HTTP POST request is handled | curl -vX POST http://localhost:8080/eventListener/v7 -d @event.json --header "Content-Type: application/json" | PASS. HTTP/1.1 200 | PASSED |