Un-WAP-ing the mystery of WAP WAP External Identity Phase 2 PM: Kathy Shipe Project Owners: Melinda Mattox and Lynn Windhorst
Objectives • Demystify WAP and ADFS • Obtain a better understanding of WAP as service • Understand how WAP and web applications are inter-related • Provide participants with tools
WAP Overview Topics 1. What is the WAP project and how does it align 2. What is WAP 3. How is IAM and WAP related 4. What’s happening with UAG
WAP as a project eGov Business Provide services in a one-stop shop, with single sign-on and Objectives invisible silos Migrate and onboard selected Enable the secure access of applications so that internal and Project Objectives published web applications external users can access them Fully automated Project Benefits Increase uptime Increase stability Scalability failover
What is it? A service in Windows Server 2012 R2 that EB allows end users to access applications from outside the corporate (county) network on any device (Rouse 2013) PPLICATION WAP ADFS3.0 ROXY Windows Server
WAP and Windows Server 2012 R2 Windows Server 2012 R2 has a suit of service offerings. • WAP is a service that we’ve turned on and configured • We’ve also installed Active Directory Federation Service (ADFS) 3.0
WAP ADFS and Windows Server 2012 R2 Windows Server We installed Windows Server 2012 R2 2012 R2 Which allowed us to… ADFS3.0 Select the ADFS server role Which let us… Set up WAP Voila! WAP
The IAM Connection dentity A frame work for business processes ccess that facilitates the management of electronic identities (Rouse IAM) anagement Microsoft orefront Set of applications that form a Create Manage complete identity and access SSPR dentity Account Account management platform (Currie 2013) anager eb Provides the ability to publish these applications pplication and access these applications in a secure manner so people can use them roxy
Where did the UAG go? Sun setting out of scope • • Separate login screens
What does WAP and ADFS do Topics 1. High level overview 2. User experience
Access Applications- First steps WAP ADFS User navigates to User is redirected User submits System verifies Proxy an app to a secure login credentials for credentials verification
Access Applications- Next steps ADFS Application WAP System creates a cookie (SSO) Proxy presents ADFS Application grants application with user access based the token on claims information System creates a token
Users of WAP External User: eGov or public users who may register for a Hennepin County identity through the registration application Internal User: Hennepin County employees, internal contractors, and consultants
As an external user, I want to access an eGov application User attempts to access an application 1. Enter user name and password jenny@mailinator.com *************** 2. Click Sign in 3. User is logged in
What does the internal user see Housing Key SharePoint Internal External SSPR Application Application HCFR eGov Account Exchange Federation Federation Registration Service Service Manage Profile HC Connect Henn Place
As an employee, I need to access an internal (HCFR) application Only displayed while outside of the network ***************
As an employee I need to access an eGov (external) application Enter userid (Only displayed while outside of the network)
WAP- Testing Process • Execution of predefined test cases • Defect logging, defect resolution, re-testing Test • Total tests completed versus in progress • Total defects opened versus closed Track Accept • User Acceptance Testing Sign Off Form
How To: Testing Tracker Tester : Name of the person doing the test Actual Results: What happened Pass/Fail: First Attempt Pass/Fail 2: Second Attempt Defect ID: Associated Defect(s) Overall Pass/Fail: Test Results (do not modify) Pass/Fail Pass/Fail 2 Overall Pass/Fail Pass Pass Check-out>Edit>Save>Check-in Fail Fail Fail Pass Pass
How To: User Acceptance Testing Sign Off Form Navigate to the Release Management Complete the User Acceptance Testing Save the form page and select: new document Signoff form
How To: Log and Manage Defects Presenter: Ragha Mulbagal WAP QA Lead
Defect Management Cycle 2.0 Triage Defect (Team) Team: Core WAP Team 1.0 Log Defect 3.0 Resolve Defect QA: Quality Assurance Lead (User) (Team) User: UAT Tester 5.0 Re-Test 4.0 Re-Test (User) (QA)
Defect Severity Definition SEVERITY • * Severity #1 = (High) The system will not be moved to production with a severity level 1 defect. This is a defect with no workarounds. Overriding the decision and allowing the move to production requires a statement accepting the risks by business and the project team. • * Severity #2 = (Medium) The system will not be moved to production with a severity level 2 defect. The defect causes system failure and the integrity of the application is diminished. A valid workaround allows testing to continue. Overriding the decision and allowing the move to production requires a statement accepting the risks by business and the project team. • * Severity #3 = (Low) The system can go into production with a severity level 3 defect. The defect is a failure or may cause a failure to the system. This impacts functionality but non- critical functionality within the system. A work around may or may not exist but would not significantly impact the end user. • * Severity#4= (Trivial) This is primarily a cosmetic problem or other small distractions that ought to be corrected.
Defect Priority Definition PRIORITY • * Priority #1 = (High) Must Fix. This defect tends to be very reproducible through a relatively simple sequence of events. It is also a severe defect blocking some piece of functionality, is blocking further testing or development work, or is a show stopper. A severity 4 defect is generally not a priority 1, unless the customer name is spelled wrong or it’s a User Experience related issue. • * Priority #2 = (Medium) Should Fix. This defect is usually very reproducible through a more complex series of events and/or has a relatively easy, low risk fix. While it is important to fix this defect, progress can still be made without it being fixed. • * Priority #3 = (Fix if time permits). This defect is generally only intermittently reproducible or requires a convoluted sequence of events to reproduce. A fix is not intuitively obvious and should not be pursued until all higher priority defects are resolved. Alternatively, this defect could be cosmetic and/or has a low severity. Some P3 defects are never fixed. • * Priority#4 = Low Priority. Generally used to indicate cosmetic defects that are very difficult to reproduce and/or occur only intermittently. Fixed only if the developer comes across a low risk solution. These defects will not affect solution release. Some P4 defects are never fixed.
UAT: Important Links 1. All UAT Test cases are posted in SharePoint https://dept.hennepin.us/it/Projects/WAP/Shared%20Documents/WAP_UAT%20Testing.xl sx?Web=1 2. All UAT Defects will be logged in SharePoint https://dept.hennepin.us/it/Projects/WAP/Lists/WAP%20Defects/AllItems.aspx 3. All final UAT Acceptance will be logged in SharePoint https://community.hennepin.us/releasemanagement/User%20Acceptance%20Testing%2 0Sign%20Off%20Form/Forms/AllItems.aspx
Recommend
More recommend