Run a Functionality Test

Policy Server Guides › Policy Design Guide › SiteMinder Test Tool › Run a Functionality Test

Run a Functionality Test

The SiteMinder Test Tool allows you to test the functionality of policies in a simulated real-world environment. To perform a functionality test, you must have the following:

A SiteMinder Policy Server that is configured and running
A SiteMinder Agent that is configured in the Policy Server User Interface
Note: If the Test Tool is simulating a SiteMinder Agent v5.x, that Agent must have 4.x support enabled.
A policy domain configured with any type of user directory
A policy that pairs a rule with a user(s)

Important! Before running a SiteMinder utility or executable on Windows Server 2008, open the command line window with Administrator permissions. Open the command line window this way, even if your account has Administrator privileges. For more information, see the release notes for your SiteMinder component.

SiteMinder allows you to perform the following functionality tests:

IsProtected

Indicates whether or not a policy is protecting the resource you specified.

IsAuthenticated

Indicates whether or not the Policy Server can authenticate a set of user credentials against a user directory.

When user credentials are authenticated, the Policy Server compares the credentials to entries in a user directory. If the credentials match an entry, the Policy Server creates a session ticket and authenticates the user.

In a "real" SiteMinder deployment, SiteMinder confirms that a user’s session ticket is valid instead of rechecking the user’s credentials against a directory when an authenticated user makes additional requests. By default, the Test Tool authenticates the user each time the IsAuthenticated test is run, regardless of whether or not the user has a session ticket.

You can configure the Test Tool to validate a user’s session ticket by entering Validate in the Comment field in the Test Tool before running an IsAuthenticated test; however, SiteMinder must authenticate the user before validating the session ticket.

Note: You can specify Validate when you run multiple tests in Interactive mode (using the Repeat count field), and in Playback mode.

IsAuthorized

Indicates whether or not the Policy Server can authorize a user based on a policy.

These tests must be run in the order they appear above. For example, you must run IsProtected before running IsAuthenticated. The order reflects the steps that SiteMinder uses to determine a user’s access rights.

While running functionality tests, you can also use the Test Tool to perform the following tasks:

DoAccounting: Logs the most recent accounting server transactions.
DoManagement: Requests Agent commands, such as cache flush commands that clear the Agent cache. Running DoManagement ensures that the Test Tool receives current information from the Policy Server.

To run a functionality test

Configure a test environment.
Note: You can also test policies using the Scripting Interface. See the SiteMinder Scripting Guide for Perl.
(Optional) Specify the number of times you want the Test Tool to run your test in the Repeat Count field in the Command group box.
In the Command group box, select one of the following tests to run:
- IsProtected
- IsAuthenticated
- IsAuthorized
If you are running an IsAuthenticated test and you want the Test Tool to validate an authenticated user’s session ticket instead of authenticating the user’s credentials against a user directory, enter Validate in the Comment field.

Note: Before a user’s session ticket is validated, the user must be authenticated. Once the user is authenticated, SiteMinder creates a session ticket for the user.

More information:

Configure Your Test Environment Agent

Calculate an Average Elapsed Time

Email CA Technologies about this topic