Policy Server Guides › Policy Server Configuration Guide › SiteMinder Test Tool › Run a Functionality Test

Run a Functionality Test

The SiteMinder Test Tool allows you to test the functionality of policies in a simulated real-world environment. To perform a functionality test, you must have the following:

• A Policy Server that is configured and running
• A SiteMinder Agent that is configured in the Administrative UI

  Note: If the Test Tool is simulating a SiteMinder Agent v5.x, that Agent must have 4.x support enabled.

• A policy domain configured with any type of user directory
• A policy that pairs a rule with a user(s)

SiteMinder allows you to perform the following functionality tests:

• IsProtected

  Indicates whether or not a policy is protecting the resource you specified.

• IsAuthenticated

  Indicates whether or not the Policy Server can authenticate a set of user credentials against a user directory.

  When user credentials are authenticated, the Policy Server compares the credentials to entries in a user directory. If the credentials match an entry, the Policy Server creates a session ticket and authenticates the user.

  In a "real" SiteMinder deployment, SiteMinder confirms that a user's session ticket is valid instead of rechecking the user's credentials against a directory when an authenticated user makes additional requests. By default, the Test Tool authenticates the user each time the IsAuthenticated test is run, regardless of whether or not the user has a session ticket.

  You can configure the Test Tool to validate a user's session ticket by entering Validate in the Comment field in the Test Tool before running an IsAuthenticated test; however, SiteMinder must authenticate the user before validating the session ticket.

  Note: You can specify Validate when you run multiple tests in Interactive mode (using the Repeat count field), and in Playback mode.

• IsAuthorized

  Indicates whether or not the Policy Server can authorize a user based on a policy.

These tests must be run in the order they appear above. For example, you must run IsProtected before running IsAuthenticated. The order reflects the steps that SiteMinder uses to determine a user's access rights.

While running functionality tests, you can also use the Test Tool to perform the following tasks:

• DoAccounting

  Logs the most recent accounting server transactions.

• DoManagement

  Requests Agent commands, such as cache flush commands that clear the Agent cache. Running DoManagement ensures that the Test Tool receives current information from the Policy Server.

To run a functionality test

1. Configure a test environment.

   Note: You can also test policies using the Scripting Interface. See the Programming Guide for Perl.

2. (Optional) Specify the number of times you want the Test Tool to run your test in the Repeat Count field in the Command group box.
3. In the Command group box, select one of the following tests to run:
   • IsProtected
   • IsAuthenticated
   • IsAuthorized
4. If you are running an IsAuthenticated test and you want the Test Tool to validate an authenticated user's session ticket instead of authenticating the user's credentials against a user directory, enter Validate in the Comment field.

Note: Before validating a user's session ticket, the user must be authenticated. Once the user is authenticated, SiteMinder creates a session ticket for the user.