Security Test Plan can be used to take a snapshot of the Account access (Users and Groups) and compare it with their latest access so that any changes in the access levels can be identified. This test plan can also be used to identify differences in security settings across environments. In case of an OBIEE connection, this test plan captures the privileges too.
For Users, their access to the corresponding groups are captured and compared. For Groups, their corresponding user list are captured and compared.
For information on the BI tools supported by the Security Test Plan, please see here.
High-Level Steps for Adding a Security Test Plan
Below are the high-level steps for adding a Security Test Plan.
On the side menu, click Test Plans.
Click Add New.
- In the New Test Plan page, select Security Test Plan.
In the Properties page, do the following,
In the Basic Information screen, enter all the required details and click Next.
In the Options screen, complete the desired fields and click Save.
In the Home page, do the following:
Click Add test cases to add add Users, Groups and Privileges (OBIEE only) to the test plan.
Click Run to execute the test plan.
Click the > arrow menu button (next to Home) and select Run History to view the test plan results and manage test run history.
Click the > arrow menu button (next to Home) and select Statistics to view detailed statistics of previous runs in graphical charts.
Setting up and Working with Security Test Plan
This section walks you through the pages and the detailed explanation of options in a Security Test Plan.
Set up Properties
The Properties are divided into Basic Information and Options.
In Basic Information, complete the following:
Test Plan Name
Enter a name for the Security Test Plan.
Create a label for easy identification and grouping of test plan. To create a label, click the Click to add label link, enter a name, and press Enter
Select a connection for the BI tool.
Select a user who has access to the BI tool.
BI Validator Groups
Select one or more groups to assign to the test plan.
In Options, complete any of the following:
Parallel accounts. Number of accounts to run in parallel.
Time out. If the account type running exceeds the time specified, a timeout message is shown.
Connection. Select a connection to run the test plan in a different environment. The Test Plan can be run for the same BI Connection to compare the latest security access with the benchmarked values or it can used to compare with another BI connection.
User: Select a user for the connection.
Add Test Cases
Users, Groups or Privileges (OBIEE only) can be added to the Test Plan. As soon as the accounts are added, their corresponding group membership or user list is captured (benchmarked). Clicking the 'View' link will show the corresponding list in a pop-up window.
How to Add Accounts?
You use Users and Groups as Accounts to add them in the Security Test Plan and find the differences in the access levels. The following steps will walk you through the procedure to add accounts in the Accounts page of the Security Test Plan.
Click Add Accounts at the bottom.
In the Add Accounts screen, select Users or Groups from the Type drop-down list.
If you don’t remember the item you want to select, click Search. Or, type the search criteria in the Name field and then click Search.
In the results that appear under the Accounts on the left portion of the screen, select the items and click Add To Selection.
After the selected items appear under the Selected Accounts on the right portion of the screen, click Add To Benchmark.
Additional Tasks Post Test Case Addition
After the test cases are added, you can perform the following additional tasks:
Click the View link under the "Benchmark Result" column to view the benchmarked account. The Update link is used to benchmark the account. Users can also click the Benchmark button to benchmark selected accounts.
Click the Delete icon to delete the selected the account(s) from the test plan.
Allows you to refresh the page (if any benchmark schedule is running in the background).
Allows you to set up email addresses of the recipients for whom you want to send notifications about the test plan. To configure notifications, click More available besides the Home button at the right-hand side and select Notify.
Schedule Test Plan
Allows you to schedule test plan run process at specified time/date selected from the schedule window. To schedule a test plan, click and select Schedule. To schedule test plan, click More available besides the Home button at the right-hand side and select Schedule.
Run Security Test Plan
After adding the test cases, you click the Run button on the Home page to execute test cases. When you click Run, you will be navigated to the Run page, where you will need to click either Run or Run Test Cases. By any chance if you are not in the Home page, click More available besides the Home button at the right-hand side and select Run. At any point, you can click the Stop button to stop the ongoing execution of the test cases.
Additional Tasks Post Test Plan Execution
After the test plan is run, you can peform the following additional tasks:
User can add/edit comments by clicking the Edit link under the Disposition column.
Click the View link in the Result column to view Accounts data.
View Run History
In this page, the run history of the test plan is shown. Different time stamps of the test plan are available on the left-hand side. Each time stamp indicates when the test plan was run. By default, the latest Test Plan run details are shown. To view previous runs details, select a particular time stamp that interests you. Each run time stamp displays counts for all status, passed, fail, warning, error and running status. When selecting any status count, dashboards will be shown based on the selected status category. The report rows at the bottom can also be exported.
This page contains the following options:
Click the Refresh icon to refresh test plan results.
Select the time stamp and click the Delete icon to remove the test run.
Click the Delete All icon to remove the complete test run history.
© Datagaps. All rights reserved.
Send feedback on this topic to Datagaps Support