Testing a Combined IdP and SP¶
Test both local-authentication and proxy scenarios.
Validate Syntax¶
Debug Mode¶
Local Realm Test¶
Use a local institutional account and confirm:
- request remains local
- inner authentication succeeds
- expected VLAN or role is returned
- accounting is written
Foreign Realm Test¶
Use a valid account from another participating institution and confirm:
- the request is proxied upstream
- the proxy reply is received successfully
- the user lands in the expected visitor policy
- accounting is recorded locally if required
Failure Scenarios to Test¶
- upstream federation primary unavailable
- expired RADIUS certificate
- incorrect NAS shared secret
- SQL unavailable
- LDAP or AD unavailable
Production readiness means these scenarios are understood and documented before service launch.