Trusted Tests

Trusted tests verify API implementation behavior for signed MIDlet suites. In most cases, these tests verify that specification assertions related to signed MIDlet suites are properly implemented.

Trusted MIDlet suites can be permitted to access APIs that are considered sensitive or to which access is restricted without any user action. The required permissions are granted without any explicit user action. Trusted tests must not be run in untrusted security mode. See “Marking Trusted Tests” on page 62 for a description of how to use keywords to mark trusted tests.

Double-duty Tests

Double-duty tests verify API implementation behavior that depends on security factors. For example, tests for a security sensitive API that require specific permissions to be granted or denied. Double-duty tests must be run in both the trusted and untrusted security mode. See “Using an Attribute to Mark Double-Duty Tests” on page 63 for a description of how to use the DoubleDutySecurity attribute to mark double-duty tests.

Using Keywords to Mark Security Tests

When developing security tests, tests writer should use an appropriate keyword in the test description to mark the type of test. The keyword enables users to select or exclude tests from a test run based on the security mode.

Marking Untrusted Tests

When developing untrusted tests, the test writers should include the untrusted keyword in the test description. With the untrusted keyword included in the test description, the untrusted test is selected and executed during a test run in untrusted security mode. Tests marked with the trusted keyword are not selected and executed in the untrusted security mode.

The following is an example of an untrusted keyword entry added to a test description file.

CODE EXAMPLE 4-13untrusted Keyword Entry in the Test Description

<TR>

<TD SCOPE="row"> <B>keywords</B> </TD> <TD>untrusted</TD>

</TR>

Chapter 4 Writing Tests 61

Page 81
Image 81
Sun Microsystems 1.2 Using Keywords to Mark Security Tests, Trusted Tests, Double-duty Tests, Marking Untrusted Tests