This wiki is obsolete, see the NorduGrid web pages for up to date information.

Testing/test arched daemon EMI1 RC3

From NorduGrid
Jump to navigationJump to search

F1: ARCHED daemon

  • Gabor Szigeti and Ivan Marton
  • 1 April
  • Deployment of an echo service using arched container and different MCC types
  • Test of authentication, responses and stability of deployed service using arcecho command

The tests have been executed on a dedicated server with a brand new SL5 installation used the RC2 packages.

During the tests we were using an altering message chain depending from the test itself with an echo service and an echo client on the two sides.

The actual chain will be described the following way. (The picture will always mean the server side configuration. The client side is something very similar just in the reverse order.) For example: tcp->tls->http->soap->plexer->echo

This means a TCP MCC connected to a TLS MCC, a TLS MCC connected to a HTTP MCC and so on. Finally all of them leads into an echo service.

F1.1: Without TLS

  • Description of the test:

We create this ( tcp->http->soap->plexer->echo ) MCC chain on server side and after we use the arcecho command on client side. 

arcecho http://localhost:66000/Echo message
  • Testbed:

arched deployed on resource described.

  • Expected result:

We will get the follows response from the server. 

[message]
  • Result: PASSED

F1.2: Without TLS and Plexer

  • Description of the test:

We create this ( tcp->http->soap->echo ) MCC chain on server side and after we use the arcecho command on client side. 

arcecho http://localhost:66000/Echo message

arcecho http://localhost:66000/ message
  • Testbed:

arched deployed on resource described.

  • Expected result:

We will get the follows response from the server. 

[message]

[message]
  • Result: PASSED

F1.3: With TLS

  • Description of the test:

We create this ( tcp->tls->http->soap->plexer->echo ) MCC chain on server side and after we use the arcecho command on client side. 

arcecho https://localhost:66000/Echo message
  • Testbed:

arched deployed on resource described.

  • Expected result:

We will get the follows response from the server after the authentication. 

ERROR: Can not access proxy file: /tmp/x509up_u500
Enter PEM pass phrase:
[message]
  • Result: PASSED

F1.4: With TLS and without Plexer

  • Description of the test:

We create this ( tcp->tls->http->soap->echo ) MCC chain on server side and after we use the arcecho command on client side. 

arcecho https://localhost:66000/Echo message

arcecho https://localhost:66000/ message
  • Testbed:

arched deployed on resource described.

  • Expected result:

We will get the follows response from the server after the authentication. 

ERROR: Can not access proxy file: /tmp/x509up_u500
Enter PEM pass phrase:
[message]

ERROR: Can not access proxy file: /tmp/x509up_u500
Enter PEM pass phrase:
[message]

Result: PASSED

F1.5: Username token authentication together - unexisting username/password file

  • Description of the test:

We create this ( tcp->tls->http->soap->plexer->echo ) MCC chain on server side and after we use the arcecho command on client side. 

arcecho https://localhost:66000/Echo message

In case of configured but unexisting username/password file. (With and without TLS.)


  • Testbed:

arched deployed on resource described.

  • Expected result:

We will get the follows response from the server after the authentication. 

ERROR: Can not access proxy file: /tmp/x509up_u500
Enter PEM pass phrase:
Not existing credentials.
  • Result: Failed

Output was: 

$ arcecho https://localhost:66000/Echo szilva
ERROR: Can not access proxy file: /tmp/x509up_u500
Enter PEM pass phrase:

$

server log: 

[2011-04-04 10:03:49] [Arc.Plexer] [VERBOSE] [22236/216410512] Operation on path "/Echo"
No wsse namespace in SOAP Header
[2011-04-04 10:03:49] [Arc.SecHandler] [ERROR] [22236/216410512] Failed to parse Username Token from incoming SOAP
[2011-04-04 10:03:49] [Arc.Service] [DEBUG] [22236/216410512] Security processing/check for 'incoming' failed
[2011-04-04 10:03:49] [Arc.Echo] [ERROR] [22236/216410512] echo: Unauthorized
[2011-04-04 10:03:49] [Arc.MCC.SOAP] [WARNING] [22236/216410512] next element of the chain returned error status: ???: GENERIC_ERROR (No explanation.)
  • BUG

[#2362]

F1.6: Username token authentication together - wrong username/password

  • Description of the test:

We create this ( tcp->tls->http->soap->plexer->echo ) MCC chain on server side and after we use the arcecho command on client side. 

arcecho https://localhost:66000/Echo message

In case of configured and existing but invalid username/password. (With and without TLS.)

  • Testbed:

arched deployed on resource described.

  • Expected result:

We will get the follows response from the server after the authentication. 

ERROR: Can not access proxy file: /tmp/x509up_u500
Enter PEM pass phrase:
Invalid username/password.
  • Result: Failed

Output was: 

$ arcecho https://localhost:66000/Echo szilva
ERROR: Can not access proxy file: /tmp/x509up_u500
Enter PEM pass phrase:

$

server log: 

Generated Password Digest does not match that in wsse:Password: hBUYO+KVz9X4ijcOv/1xwofa1Xw= != t2dwtJnXxBWuPiyGgEOtkqENVGs=
[2011-04-04 12:35:53] [Arc.SecHandler] [ERROR] [22817/361136800] Failed to authenticate Username Token inside the incoming SOAP
[2011-04-04 12:35:53] [Arc.Service] [DEBUG] [22817/361136800] Security processing/check for 'incoming' failed
[2011-04-04 12:35:53] [Arc.Echo] [ERROR] [22817/361136800] echo: Unauthorized
[2011-04-04 12:35:53] [Arc.MCC.SOAP] [WARNING] [22817/361136800] next element of the chain returned error status: ???: GENERIC_ERROR (No explanation.)

F1.7: Username token authentication together - with valid credentials

  • Description of the test:

We create this ( tcp->tls->http->soap->plexer->echo ) MCC chain on server side and after we use the arcecho command on client side. 

arcecho https://localhost:66000/Echo message
  • Testbed:

arched deployed on resource described.

  • Expected result:

We will get the follows response from the server after the authentication. 

ERROR: Can not access proxy file: /tmp/x509up_u500
Enter PEM pass phrase:
[message]
  • Result: PASSED

F1.8: Username token authentication together without Plexer

  • Description of the test:

We create this ( tcp->tls->http->soap->echo ) MCC chain on server side and after we use the arcecho command on client side. 

arcecho https://localhost:66000/ message
  • Testbed:

arched deployed on resource described.

  • Expected result:

We will get the follows response from the server. 

ERROR: Can not access proxy file: /tmp/x509up_u500
Enter PEM pass phrase:
[message]
  • Result: PASSED

F1.9: Username token authentication together without TLS

  • Description of the test:

We create this ( tcp->http->soap->plexer->echo ) MCC chain on server side and after we use the arcecho command on client side. 

arcecho http://localhost:66000/Echo message
  • Testbed:

arched deployed on resource described.

  • Expected result:

We will get the follows response from the server. 

[message]
  • Result: PASSED

F1.10: Username token authentication together without TLS and Plexer

  • Description of the test:

We create this ( tcp->http->soap->echo ) MCC chain on server side and after we use the arcecho command on client side. 

arcecho http://localhost:66000/ message
  • Testbed:

arched deployed on resource described.

  • Expected result:

We will get the follows response from the server. 

[message]
  • Result: PASSED
Retrieved from "https://wiki.nbi.ku.dk/w/index.php?title=Testing/test_arched_daemon_EMI1_RC3&oldid=4264"