SLIDE 1
Objectives
- Demystify WAP and ADFS
- Obtain a better understanding of WAP as service
- Understand how WAP and web applications are
inter-related
- Provide participants with tools
Un-WAP-ing the mystery of WAP WAP External Identity Phase 2 PM: - - PowerPoint PPT Presentation
Un-WAP-ing the mystery of WAP WAP External Identity Phase 2 PM: - - PowerPoint PPT Presentation
Un-WAP-ing the mystery of WAP WAP External Identity Phase 2 PM: Kathy Shipe Project Owners: Melinda Mattox and Lynn Windhorst Objectives Demystify WAP and ADFS Obtain a better understanding of WAP as service Understand how WAP
SLIDE 2
SLIDE 3
WAP Overview
Topics 1. What is the WAP project and how does it align 2. What is WAP 3. How is IAM and WAP related 4. What’s happening with UAG
SLIDE 4
WAP as a project
Provide services in a one-stop shop, with single sign-on and invisible silos Enable the secure access of published web applications Migrate and onboard selected applications so that internal and external users can access them eGov Business Objectives Project Objectives
Increase uptime
Project Benefits
Increase stability Fully automated failover Scalability
SLIDE 5
What is it?
EB PPLICATION ROXY
A service in Windows Server 2012 R2 that allows end users to access applications from
- utside the corporate (county) network on
any device (Rouse 2013)
ADFS3.0 Windows Server WAP
SLIDE 6
WAP and Windows Server 2012 R2
Windows Server 2012 R2 has a suit of service
- fferings.
- WAP is a service that we’ve
turned on and configured
- We’ve also installed Active
Directory Federation Service (ADFS) 3.0
SLIDE 7
WAP ADFS and Windows Server 2012 R2
Windows Server 2012 R2 ADFS3.0 WAP
We installed Windows Server 2012 R2 Which allowed us to… Select the ADFS server role Which let us… Set up WAP Voila!
SLIDE 8
The IAM Connection
dentity ccess anagement Microsoft orefront dentity anager
Set of applications that form a complete identity and access management platform (Currie 2013) A frame work for business processes that facilitates the management of electronic identities (Rouse IAM)
eb pplication roxy
Provides the ability to publish these applications and access these applications in a secure manner so people can use them
SSPR Create Account Manage Account
SLIDE 9
Where did the UAG go?
- Sun setting out of scope
- Separate login screens
SLIDE 10
What does WAP and ADFS do
Topics
- 1. High level overview
- 2. User experience
SLIDE 11
Access Applications- First steps
User navigates to an app User is redirected to a secure login User submits credentials for verification System verifies credentials
WAP ADFS
Proxy
SLIDE 12
Access Applications- Next steps
System creates a cookie (SSO) System creates a token Proxy presents application with the token Application grants user access based
- n claims
information
WAP ADFS ADFS Application
SLIDE 13
Users of WAP
External User: eGov or public users who may register for a Hennepin County identity through the registration application Internal User: Hennepin County employees, internal contractors, and consultants
SLIDE 14
As an external user, I want to access an eGov application
User attempts to access an application
- 1. Enter user name and password
- 2. Click Sign in
jenny@mailinator.com
***************
- 3. User is logged in
SLIDE 15
What does the internal user see
HCFR Federation Service eGov Federation Service SharePoint Exchange HC Connect
Housing Key Henn Place SSPR Account Registration Manage Profile Internal Application External Application
SLIDE 16
As an employee, I need to access an internal (HCFR) application
Only displayed while outside of the network
***************
SLIDE 17
As an employee I need to access an eGov (external) application
Enter userid
(Only displayed while outside of the network)
SLIDE 18
WAP- Testing Process
Test
- Execution of predefined test cases
- Defect logging, defect resolution, re-testing
Track
- Total tests completed versus in progress
- Total defects opened versus closed
Accept • User Acceptance Testing Sign Off Form
SLIDE 19
How To: Testing Tracker
Tester: Name of the person doing the test Actual Results: What happened Pass/Fail: First Attempt Pass/Fail 2: Second Attempt Defect ID: Associated Defect(s) Overall Pass/Fail: Test Results (do not modify)
Pass/Fail Pass/Fail 2 Overall Pass/Fail Pass Pass Fail Fail Fail Pass Pass
Check-out>Edit>Save>Check-in
SLIDE 20
How To: User Acceptance Testing Sign Off Form
Navigate to the Release Management page and select: new document Complete the User Acceptance Testing Signoff form Save the form
SLIDE 21
How To: Log and Manage Defects Presenter: Ragha Mulbagal WAP QA Lead
SLIDE 22
Defect Management Cycle
2.0 Triage Defect (Team) 3.0 Resolve Defect (Team) 4.0 Re-Test (QA) 5.0 Re-Test (User) 1.0 Log Defect (User)
Team: Core WAP Team QA: Quality Assurance Lead User: UAT Tester
SLIDE 23
Defect Severity Definition
SEVERITY
- * Severity #1 = (High) The system will not be moved to production with a severity level 1
- defect. This is a defect with no workarounds. Overriding the decision and allowing the
move to production requires a statement accepting the risks by business and the project team.
- * Severity #2 = (Medium) The system will not be moved to production with a severity level 2
- defect. The defect causes system failure and the integrity of the application is diminished. A
valid workaround allows testing to continue. Overriding the decision and allowing the move to production requires a statement accepting the risks by business and the project team.
- * Severity #3 = (Low) The system can go into production with a severity level 3 defect. The
defect is a failure or may cause a failure to the system. This impacts functionality but non- critical functionality within the system. A work around may or may not exist but would not significantly impact the end user.
- * Severity#4= (Trivial) This is primarily a cosmetic problem or other small distractions that
- ught to be corrected.
SLIDE 24
Defect Priority Definition
PRIORITY
- * Priority #1 = (High) Must Fix. This defect tends to be very reproducible through a
relatively simple sequence of events. It is also a severe defect blocking some piece of functionality, is blocking further testing or development work, or is a show stopper. A severity 4 defect is generally not a priority 1, unless the customer name is spelled wrong or it’s a User Experience related issue.
- * Priority #2 = (Medium) Should Fix. This defect is usually very reproducible through a more
complex series of events and/or has a relatively easy, low risk fix. While it is important to fix this defect, progress can still be made without it being fixed.
- * Priority #3 = (Fix if time permits). This defect is generally only intermittently reproducible
- r requires a convoluted sequence of events to reproduce. A fix is not intuitively obvious
and should not be pursued until all higher priority defects are resolved. Alternatively, this defect could be cosmetic and/or has a low severity. Some P3 defects are never fixed.
- * Priority#4 = Low Priority. Generally used to indicate cosmetic defects that are very difficult
to reproduce and/or occur only intermittently. Fixed only if the developer comes across a low risk solution. These defects will not affect solution release. Some P4 defects are never fixed.
SLIDE 25
UAT: Important Links
- 1. All UAT Test cases are posted in SharePoint
https://dept.hennepin.us/it/Projects/WAP/Shared%20Documents/WAP_UAT%20Testing.xl sx?Web=1
- 2. All UAT Defects will be logged in SharePoint
https://dept.hennepin.us/it/Projects/WAP/Lists/WAP%20Defects/AllItems.aspx
- 3. All final UAT Acceptance will be logged in SharePoint
https://community.hennepin.us/releasemanagement/User%20Acceptance%20Testing%2 0Sign%20Off%20Form/Forms/AllItems.aspx