daml/security-evidence.md
2022-10-26 18:13:38 +00:00

46 KiB

Security tests, by category

Authentication:

  • TLS configuration is parsed correctly from the config file: CliSpec.scala
  • connect normally with tls on: TlsTest.scala
  • redirect to the configured callback URI after login: TriggerServiceTest.scala
  • the /login endpoint should redirect and set the cookie: TestMiddleware.scala
  • the /login endpoint should return OK and set cookie without redirectUri: TestMiddleware.scala
  • the /login endpoint with an oauth server checking claims should redirect to the configured middleware callback URI: TestMiddleware.scala
  • the /login endpoint with an oauth server checking claims should refuse requests when max capacity is reached: TestMiddleware.scala
  • the /login endpoint with an oauth server checking claims should refuse requests when max capacity is reached: TestMiddleware.scala
  • the TestMiddlewareClientAutoRedirectToLogin client should not redirect to /login for JSON request: TestMiddleware.scala
  • the TestMiddlewareClientAutoRedirectToLogin client should redirect to /login for HTML request: TestMiddleware.scala
  • the TestMiddlewareClientNoRedirectToLogin client should not redirect to /login: TestMiddleware.scala
  • the TestMiddlewareClientYesRedirectToLogin client should redirect to /login: TestMiddleware.scala

Authorization:

Availability:

Confidentiality:

Integrity: