AssertionManagerGui

Id scheme	Assertion id	Status	Testable?	#Coverage	#Applies to	Predicate	Page	Tags	Last changed

ITI40	ITI40-038	reviewed	Testable	1	3	The X-Service Provider shall validate the X-User Assertion by processing the Web-Services Security header in accordance with the Web-Services Security Standard, and SAML 2.0 Standard processing rules	155	Section 3.40.4.1.3	2/15/17 6:00:11 PM by ceoche
ITI40	ITI40-039	reviewed	Testable	1	3	If the validation of the X-User assertion performed by the X-Service Provider fails, the actor grouped with the X-Service Provider (ie the one performing the underlying web services transaction), shall return with an error code as described in WS-Security core specification Section 12 (Error Handling, using the SOAP Fault mechanism),	155	Section 3.40.4.1.3	2/15/17 6:00:11 PM by ceoche
ITI40	ITI40-040	reviewed	Testable	1	3	If the validation of the X-User assertion performed by the X-Service Provider fails, the X-Service Provder shall send an ATNA Audit Message for Authentication Failure.	155	Section 3.40.4.1.3	2/15/17 6:00:11 PM by ceoche
ITI40	ITI40-049	reviewed	Testable	3	3	When an ATNA Audit message needs to be generated and the user is authenticated by way of an X-User Assertion, the ATNA Audit message UserNameelement shall record the X-User Assertion using the following encoding: alias"<"user"@"issuer">" where: • alias is the optional string within the SAML Assertion's Subject element SPProvidedID attribute • user is the required content of the SAML Assertion's Subject element	156	Section 3.40.4.2	2/15/17 6:00:11 PM by ceoche
ITI40	ITI40-050	reviewed	Testable	3	3	When an ATNA Audit message needs to be generated and the user is authenticated by way of an X-User Assertion, the ATNA Audit message UserNameelement shall record the X-User Assertion using the following encoding: alias"<"user"@"issuer">" where: • alias is the optional string within the SAML Assertion's Subject element SPProvidedID attribute • user is the required content of the SAML Assertion's Subject element • issuer is the X-Assertion Provider entity ID contained with the content of SAML Assertion's Issuer element	156	Section 3.40.4.2	2/15/17 6:00:11 PM by ceoche

reviewed

Testable

The X-Service Provider shall validate the X-User Assertion by processing the Web-Services Security header in accordance with the Web-Services Security Standard, and SAML 2.0 Standard processing rules

155

Section 3.40.4.1.3

2/15/17 6:00:11 PM by ceoche

ITI40

ITI40-039

reviewed

Testable

1

3

If the validation of the X-User assertion performed by the X-Service Provider fails, the actor grouped with the X-Service Provider (ie the one performing the underlying web services transaction), shall return with an error code as described in WS-Security core specification Section 12 (Error Handling, using the SOAP Fault mechanism),

155

Section 3.40.4.1.3

2/15/17 6:00:11 PM by ceoche

ITI40

ITI40-040

reviewed

Testable

1

3

If the validation of the X-User assertion performed by the X-Service Provider fails, the X-Service Provder shall send an ATNA Audit Message for Authentication Failure.

155

Section 3.40.4.1.3

2/15/17 6:00:11 PM by ceoche

ITI40

ITI40-049

reviewed

Testable

3

When an ATNA Audit message needs to be generated and the user is authenticated by way of an X-User Assertion, the ATNA Audit message UserNameelement shall record the X-User Assertion using the following encoding: alias"<"user"@"issuer">" where: • alias is the optional string within the SAML Assertion's Subject element SPProvidedID attribute • user is the required content of the SAML Assertion's Subject element

156

Section 3.40.4.2

2/15/17 6:00:11 PM by ceoche

ITI40

ITI40-050

reviewed

Testable

3

When an ATNA Audit message needs to be generated and the user is authenticated by way of an X-User Assertion, the ATNA Audit message UserNameelement shall record the X-User Assertion using the following encoding: alias"<"user"@"issuer">" where: • alias is the optional string within the SAML Assertion's Subject element SPProvidedID attribute • user is the required content of the SAML Assertion's Subject element • issuer is the X-Assertion Provider entity ID contained with the content of SAML Assertion's Issuer element

156

Section 3.40.4.2

2/15/17 6:00:11 PM by ceoche

Search Criteria : 5 assertions found for this search Review filtered assertions

Assertion

Applies to

Coverage