Inheritance diagram for tests.security_test.SecurityTest:
Public Member Functions | |
| def | test_mtls (self) |
| def | test_mtls_error (self) |
| def | test_plaintext_fallback (self) |
| def | test_server_authz_error (self) |
| def | test_tls (self) |
Static Public Member Functions | |
| bool | is_supported (skips.TestConfig config) |
Detailed Description
Definition at line 33 of file security_test.py.
Member Function Documentation
◆ is_supported()
|
static |
Definition at line 36 of file security_test.py.
◆ test_mtls()
| def tests.security_test.SecurityTest.test_mtls | ( | self | ) |
mTLS test. Both client and server configured to use TLS and mTLS.
Definition at line 44 of file security_test.py.
◆ test_mtls_error()
| def tests.security_test.SecurityTest.test_mtls_error | ( | self | ) |
Negative test: mTLS Error. Server expects client mTLS cert, but client configured only for TLS. Note: because this is a negative test we need to make sure the mTLS failure happens after receiving the correct configuration at the client. To ensure that we will perform the following steps in that sequence: - Creation of a backendService, and attaching the backend (NEG) - Creation of the Server mTLS Policy, and attaching to the ECS - Creation of the Client TLS Policy, and attaching to the backendService - Creation of the urlMap, targetProxy, and forwardingRule With this sequence we are sure that when the client receives the endpoints of the backendService the security-config would also have been received as confirmed by the TD team.
Definition at line 103 of file security_test.py.
◆ test_plaintext_fallback()
| def tests.security_test.SecurityTest.test_plaintext_fallback | ( | self | ) |
Plain-text fallback test. Control plane provides no security config so both client and server fallback to plaintext based on fallback-credentials.
Definition at line 82 of file security_test.py.
◆ test_server_authz_error()
| def tests.security_test.SecurityTest.test_server_authz_error | ( | self | ) |
Negative test: AuthZ error. Client does not authorize server because of mismatched SAN name. The order of operations is the same as in `test_mtls_error`.
Definition at line 153 of file security_test.py.
◆ test_tls()
| def tests.security_test.SecurityTest.test_tls | ( | self | ) |
TLS test. Both client and server configured to use TLS and not use mTLS.
Definition at line 63 of file security_test.py.
The documentation for this class was generated from the following file: