AuditLogging-Standard

Owned by Tran Tang
Last updated: Aug 29, 2019 by Eric McDonald
5 min read


Overview:

AuditLogging-Standard project is used to test CONNECT's audit logging functionality for AD, DQ, DR, DS, DSDeferred, PD and PDDeferred services in Standard mode. This project got g0, g1 suites with one test case for each service. When this project is executed, there is a script for each test case which validates number of audit entries logged in auditrepo.auditrepository table. The script will also fetch and validate the blob message to make sure it is complying as per Sequoia project checklist and Exchange spec. When auditing turned off using the script, it is verified that there are no entries in auditrepo.auditrepository table.

This project works only in loop back setup. 

Test Suite Details: 

g1 Suite:  This test suite is used to test CONNECT auditing functionality that supports the endpoints implement July-2011 specs. 

g0 Suite:  This test suite is used to test CONNECT auditing functionality that supports the endpoints implement prior to July-2011 specs.


The two test suites have the following services that are tested: Admin Distribution, Document Query, Document Retrieve, Document Submission, Document Submission Deferred Request, Document Submission Deferred Response,  Patient Discovery, Patient Discovery Deferred Request and Patient Discovery Deferred Response.  In order to target endpoints and make configuration settings to the gateway, the NwHIN config directory in the server must be known to the test project. This information is captured in a custom SoapUI property at the project level: GatewayPropDir. Alternatively, as of CONNECT 4.6.0, you can set the GatewayPropDir key/value pair in the global SoapUI properties.

Test Case Details:

Admin Distribution

This test case is used to test Admin Distribution (AD) service auditing functionality. When this test case is executed, the script will first clear auditrepo.auditrepository table and then submit Admin Distribution request to targeted endpoint. When request sent out and response comes in, auditing will happen and audit entries will be logged into auditrepo.auditrepository table. The script will verify audit entries.  NOTE: Audit refactoring for AD service is out of scope for CONNECT-4.6 release, and it functions as per CONNECT-4.5 audit approach.

Document Query: 

This test case is used to test Document Query (DQ) service auditing functionality. When this test case is executed, the script will first clear auditrepo.auditrepository table and then submit Document Query request to targeted endpoint. When request sent out and response comes in, auditing will happen and audit entries will be logged into auditrepo.auditrepository table. The script will verify and validate audit entries, audit blob message to make sure audit message are ATNA compliance.  The script sets LogToDatabase property to false and verifies auditing is not happening. 

Document Retrieve: 

This test case is used to test Document Retrieve (DR) service auditing functionality. When this test case is executed, the script will first clear auditrepo.auditrepository table and then submit Document Retrieve request to targeted endpoint. When request sent out and response comes in, auditing will happen and audit entries will be logged into auditrepo.auditrepository table. The script will verify and validate audit entries, audit blob message to make sure audit message are ATNA compliance. The script sets LogToDatabase property to false and verifies auditing is not happening. 

Document Submission: 

This test case is used to test Document Submission (DS) service auditing functionality. When this test case is executed, the script will first clear auditrepo.auditrepository table and then submit Document Submission Request to targeted endpoint. When request sent out and response comes in, auditing will happen and audit entries will be logged into auditrepo.auditrepository table. The script will verify and validate audit entries, audit blob message to make sure audit message are ATNA compliance. The script sets LogToDatabase property to false and verifies auditing is not happening. 

Document Submission Deferred Request: 

This test case is used to test DS Deferred Request service auditing functionality. When this test case is executed, the script will first clear auditrepo.auditrepository table and then submit Document Submission Deferred Request to targeted endpoint. When request sent out and response comes in, auditing will happen and audit entries will be logged into auditrepo.auditrepository table. The script will verify and validate audit entries, audit blob message to make sure audit message are ATNA compliance.  The script sets LogToDatabase property to false and verifies auditing is not happening. 

Document Submission Deferred Response:

This test case is used to test DS Deferred Response service auditing functionality. When this test case is executed, the script will first clear auditrepo.auditrepository table and then submit Document Submission Deferred Response to targeted endpoint. When request sent out and response comes in, auditing will happen and audit entries will be logged into auditrepo.auditrepository table. The script will verify and validate audit entries, audit blob message to make sure audit message are ATNA compliance. The script sets LogToDatabase property to false and verifies auditing is not happening. 

Patient Discovery: 

This test case is used to test Patient Discovery (PD) service auditing functionality. When this test case is executed, the script will first clear auditrepo.auditrepository table and then submit Patient Discovery request to targeted endpoint. When request sent out and response comes in, auditing will happen and audit entries will be logged into auditrepo.auditrepository table. The script will verify and validate audit entries, audit blob message to make sure audit message are ATNA compliance.  The script sets LogToDatabase property to false and verifies auditing is not happening. 


Patient Discovery Deferred Request: 

This test case is used to test PD Deferred Request service auditing functionality. When this test case is executed, the script will first clear auditrepo.auditrepository table and then submit Patient Discovery Deferred Request to targeted endpoint. When request sent out and response comes in, auditing will happen and audit entries will be logged into auditrepo.auditrepository table. The script will verify and validate audit entries, audit blob message to make sure audit message are ATNA compliance. The script sets LogToDatabase property to false and verifies auditing is not happening. 


Patient Discovery Deferred Response: 

This test case is used to test PD Deferred Response service auditing functionality. When this test case is executed, the script will first clear auditrepo.auditrepository table and then submit Patient Discovery Deferred Response to targeted endpoint. When request sent out and response comes in, auditing will happen and audit entries will be logged into auditrepo.auditrepository table. The script will verify and validate audit entries, audit blob message to make sure audit message are ATNA compliance. The script sets LogToDatabase property to false and verifies auditing is not happening. 


Note for all test cases above except Admin Distribution: As of CONNECT-4.6 audit happens asynchronously. Since it is an async call, sometimes audit happens even before response comes in. Due to this, there is a delay added before and after actual service step to give enough time for the database to refresh.

Preparation & Execution:

  1. Make sure to copy CONNECT common properties from \\CONNECT\Product\Production\Common\Properties\src\main\resources to application server properties folder. (If using WildFly 8.2.1 , copy into \\wildfly-8.2.1.Final\modules\system\layers\base\org\connectopensource\configuration\main).
  2. In audit.properties, make sure LogToDatabase=true, LogToFile=false and other services are true (ex: QueryForDocuments=true) Note: By default LogToDatabase=true in CONNECT-4.6 codebase.
  3. Make sure to enable Standard mode for services in gateway.properties. Note: By default all services will be in Standard mode in gateway.properties as of CONNECT-4.6 release.
  4. In AuditRepositoryProxyConfig.xml make sure to have securedImplementation or javaImplementation.
  5. Restart application server.
  6. Deploy CONNECT ear (mvn clean install -P AD,DQ,DR,DS,PD) 
  7. In SoapUI, make sure to have GatewayPropDir value set either by using global SOAPUI properties are by setting custom SOAPUI property at the project level.
  8. In SoapUI, load AuditLogging-Standard project and execute.
  9. Make sure all test cases for g1, g0 are passed and green.