Surefire Report

Summary

Tests	Errors	Failures	Skipped	Success Rate	Time
129	0	0	32	75.2%	382.5 s

Note: failures are anticipated and checked for with assertions while errors are unanticipated.

Package List

[Summary] [Package List] [Test Cases]

Package	Tests	Skipped	Success Rate	Time
-	64	32	50.0%	233.4 s
ut.pk.lucidxpo.ynami	15	0	100%	1.454 s
migration.pk.lucidxpo.ynami.test	22	0	100%	5.945 s
ut.pk.lucidxpo.ynami.controller.sample	17	0	100%	3.109 s
acceptance.pk.lucidxpo.ynami.test	9	0	100%	138.5 s
ut.pk.lucidxpo.ynami.persistence.model.sample	2	0	100%	0.137 s

Note: package statistics are not computed recursively, they only sum up all of its testsuites numbers.

Class	Tests	Skipped	Success Rate	Time
Some sample feature file	6	0	100%	78.41 s
Some sample feature file 2	3	0	100%	48.45 s
Automated Application Security Scanning	16	2	87.5%	91.22 s
Authentication	7	5	28.6%	7.519 s
Authorisation and Access Control - Users can view restricted resources for which they are authorised - Examples	3	3	0%	0 s
Authorisation and Access Control - Users must not be able to view resources for which they are not authorised - Examples	4	4	0%	0 s
Authorisation and Access Control - Un-authenticated users should not be able to view restricted resources - Examples	3	3	0%	0 s
Data confidentiality - Prevent browser caching of sensitive data - Examples	1	1	0%	0 s
Host Configuration - Only the required ports should be open - Examples	1	1	0%	0 s
Security settings on HTTP headers	5	5	0%	0 s
Nessus Scan	1	1	0%	0 s
Passive Application Security Scanning	1	1	0%	0 s
Session Management	5	5	0%	0 s
SSL	8	1	87.5%	7.764 s

ut.pk.lucidxpo.ynami

Class	Tests	Success Rate	Time
DatabaseExecutionListenerUsageVerifierTest	2	100%	0.365 s
RepositoryExtendsVerifierTest	1	100%	0.012 s
EntityExtendsVerifierTest	1	100%	0.061 s
PackageVerifierTest	9	100%	0.433 s
ContextConfigurationExtendsVerifierTest	2	100%	0.583 s

migration.pk.lucidxpo.ynami.test

Class	Tests	Success Rate	Time
EntityArchiveTableTest	2	100%	0.419 s
DBMigrationScriptTest	4	100%	0.622 s
DBDataPatchScriptTest	1	100%	3.171 s
DBMigrationScriptsChecksumTest	1	100%	0.012 s
DBMigrationCheckTest	4	100%	0.176 s
MigrationScriptFetcherTest	5	100%	0.097 s
MultiSqlExecutorTest	3	100%	1.182 s
DBCleanerTest	2	100%	0.266 s

ut.pk.lucidxpo.ynami.controller.sample

-	Class	Tests	Errors	Failures	Skipped	Success Rate	Time
	SampleControllerTest	15	0	0	0	100%	0.753 s
	SampleFeatureControllerTest	2	0	0	0	100%	2.356 s

acceptance.pk.lucidxpo.ynami.test

Class	Tests	Success Rate	Time
Login3SeleniumTest	3	100%	44.25 s
LoginSeleniumTest	3	100%	44.01 s
Login2SeleniumTest	3	100%	50.22 s

ut.pk.lucidxpo.ynami.persistence.model.sample

-	Class	Tests	Errors	Failures	Skipped	Success Rate	Time
	EntityAndDtoConversionTest	2	0	0	0	100%	0.137 s

Test Cases

[Summary] [Package List] [Test Cases]

EntityArchiveTableTest

	shouldHaveSameDBStructureBetweenEntityTableAndRelatedArchiveTable	0.197 s
	shouldGetExceptionWhenCheckStructureForTableInIgnoredList	0.001 s

DatabaseExecutionListenerUsageVerifierTest

	shouldVerifyThatIntegrationTestsAnnotatedWithSqlHaveDatabaseExecutionListenerAsTheirTestExecutionListeners	0.154 s
	shouldVerifyThatIntegrationTestsChangingStateOfFeatureTogglesHaveDatabaseExecutionListenerAsTheirTestExecutionListeners	0.206 s

Some sample feature file

	Some sample feature file - Scenario	44.53 s
	Some sample feature file - Scenario	16.86 s
	Some sample feature file - Scenario	15.39 s
	Some sample feature file - Scenario	0.550 s
	Some sample feature file - Scenario	0.551 s
	Some sample feature file - Scenario	0.535 s

Some sample feature file 2

	Some sample feature file 2 - Scenario	16.29 s
	Some sample feature file 2 - Scenario	16.41 s
	Some sample feature file 2 - Scenario	15.76 s

DBMigrationScriptTest

	shouldCreateAuditEntryAndAuditEntryArchiveTables	0.156 s
	shouldCreateSampleTable	0.153 s
	shouldAddAuditColumnsToSampleTable	0.148 s
	shouldCreateBaselineSchemaTables	0.154 s

DBDataPatchScriptTest

	shouldVerifyThatSampleHasBeenActivated	3.170 s

DBMigrationScriptsChecksumTest

	shouldVerifyThatAllMigrationScriptsHaveProperChecksum	0.012 s

EntityAndDtoConversionTest

	shouldConvertSampleEntityToSampleCreationDtoCorrectly	0.091 s
	shouldVerifyConversionsBetweenEntityAndDtos	0.013 s

SampleControllerTest

	shouldPrepareExistingSampleUpdationSuccessfully	0.348 s
	shouldUpdateSampleSuccessfully	0.092 s
	shouldGetSampleById	0.026 s
	shouldCreateNewSampleSuccessfully	0.024 s
	shouldNotUpdateSamplePartiallyAndReturnWith404NotFoundWhenSampleWithProvidedIdIsNotFound	0.047 s
	shouldPrepareNewSampleCreation	0.024 s
	shouldNotPrepareExistingSampleUpdationAndReturnWith404NotFoundWhenSampleWithProvidedIdIsNotFound	0.020 s
	shouldReturn404NotFoundWhenSampleWithProvidedIdIsNotFound	0.018 s
	shouldNotCreateNewSampleWhenSampleAlreadyExistsAndReturnWith409ConflictStatus	0.021 s
	shouldNotDeleteAndReturnWith404NotFoundWhenSampleWithProvidedIdIsNotFound	0.016 s
	shouldDeleteSampleSuccessfully	0.015 s
	shouldReturnDefaultMessage	0.025 s
	shouldUpdateSamplePartiallySuccessfully	0.021 s
	shouldNotUpdateAndReturnWith404NotFoundWhenSampleWithProvidedIdIsNotFound	0.018 s
	shouldGetAllSamples	0.019 s

DBMigrationCheckTest

	shouldNotFetchAndExecuteMigrationScriptWhenPrecheckThrowsException	0.154 s
	shouldCleanDatabaseDoPrecheckExecuteScriptUnderTestDoPostCheckAndCleanTheDatabaseUnderTransaction	0.012 s
	shouldExecuteTheCompleteScriptIncludingTheRollback	0.005 s
	shouldExecuteTheCompleteScriptExcludingTheRollback	0.004 s

RepositoryExtendsVerifierTest

	shouldVerifyThatAllTheRepositoriesAreExtendedFromJpaRepository	0.012 s

Login3SeleniumTest

	shouldVerifySuccessfulLoginAndLogoutWithCorrectCredentialsForSupportUser	14.46 s
	shouldVerifySuccessfulLoginAndLogoutWithCorrectCredentialsForAdminUser	14.12 s
	shouldVerifySuccessfulLoginAndLogoutWithCorrectCredentialsForUser	14.69 s

EntityExtendsVerifierTest

	shouldVerifyThatAllTheEntitiesAreExtendedFromAuditable	0.060 s

MigrationScriptFetcherTest

	shouldReturnContentOfScriptWithCertainScriptNumber	0.052 s
	shouldReturnAllMigrationScriptsBeforeACertainScriptNumber	0.007 s
	shouldAlwaysGetMigrationScriptInOrderBasedOnFileName	0.003 s
	shouldSkipIgnoredScriptNumber	0.006 s
	shouldThrowRuntimeExceptionWhenTryingToFindScriptNumberThatDoesNotExists	0.004 s

MultiSqlExecutorTest

	shouldSplitSqlStatementBySemicolonAndExecute	1.166 s
	shouldNotExecuteEmptySqlStatement	0.008 s
	shouldNotExecuteAnySqlStatementAfterUndoComment	0.005 s

SampleFeatureControllerTest

	shouldExpectEnabledMessageWhenCorrespondingFeatureToggleIsEnabled	2.337 s
	shouldExpectDisabledMessageWhenCorrespondingFeatureToggleIsNotEnabled	0.016 s

LoginSeleniumTest

	shouldVerifySuccessfulLoginAndLogoutWithCorrectCredentialsForSupportUser	14.31 s
	shouldVerifySuccessfulLoginAndLogoutWithCorrectCredentialsForAdminUser	14.47 s
	shouldVerifySuccessfulLoginAndLogoutWithCorrectCredentialsForUser	14.25 s

PackageVerifierTest

	shouldVerifyThatAllThePageAssertsAreDefinedInsidePageAssertsPackage	0.065 s
	shouldVerifyThatAllTheServicesAreDefinedInsideServicePackage	0.050 s
	shouldVerifyThatAllTheEntityBuildersAreDefinedInsideBuilderPackage	0.027 s
	shouldVerifyThatAllTheControllersAreDefinedInsideControllerPackage	0.043 s
	shouldVerifyThatAllTheEntitiesAreDefinedInsideModelPackage	0.067 s
	shouldVerifyThatAllTheConfigurationsAreDefinedInsideSpringPackage	0.069 s
	shouldVerifyThatAllTheRepositoriesAreDefinedInsideDaoPackage	0.039 s
	shouldVerifyThatAllThePageObjectsAreDefinedInsidePageObjectsPackage	0.047 s
	shouldVerifyThatAllTheDtosAreDefinedInsideDtoPackage	0.017 s

DBCleanerTest

	shouldDropTableWithConstraints	0.172 s
	shouldExecuteDBCleanScript	0.091 s

Automated Application Security Scanning

	Automated Application Security Scanning - The application should not contain SQL injection vulnerabilities	44.74 s
	Automated Application Security Scanning - The application should not contain Cross Site Scripting vulnerabilities	5.250 s
	Automated Application Security Scanning - The application should not contain path traversal vulnerabilities	2.395 s
	Automated Application Security Scanning - The application should not contain remote file inclusion vulnerabilities	2.321 s
	Automated Application Security Scanning - The application should not contain Server side include vulnerabilities	2.274 s
	Automated Application Security Scanning - The application should not contain Server side code injection vulnerabilities	2.198 s
	Automated Application Security Scanning - The application should not contain Remote OS Command injection vulnerabilities	2.217 s
	Automated Application Security Scanning - The application should not contain CRLF injection vulnerabilities	2.208 s
	Automated Application Security Scanning - The application should not contain external redirect vulnerabilities	2.264 s
	Automated Application Security Scanning - The application should not disclose source code	5.993 s
	Automated Application Security Scanning - The application should not be vulnerable to Remote Code Execution - Shell Shock	5.781 s
	Automated Application Security Scanning - The application should not be vulnerable to LDAP injection	5.726 s
	Automated Application Security Scanning - The application should not be vulnerable to XPATH injection + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	Automated Application Security Scanning - The application should not be vulnerable to Xml External Entity Attacks	5.636 s
	Automated Application Security Scanning - The application should not be vulnerable to the Generic Padding Oracle attack	2.221 s
	Automated Application Security Scanning - The application should not expose insecure HTTP methods + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-

Authentication

	Authentication - Passwords should be case sensitive + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	Authentication - Present the login form itself over an HTTPS connection	1.847 s
	Authentication - Transmit authentication credentials over HTTPS + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	Authentication - When authentication credentials are sent to the server, it should respond with a 3xx status code. + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	Authentication - Disable browser auto-completion on the login form	5.672 s
	Authentication - Disable browser auto-completion on the password field + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	Authentication - Lock the user account out after 4 incorrect authentication attempts + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-

Authorisation and Access Control - Users can view restricted resources for which they are authorised - Examples

	Authorisation and Access Control - Users can view restricted resources for which they are authorised - Examples - Example #1.1 + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	Authorisation and Access Control - Users can view restricted resources for which they are authorised - Examples - Example #1.2 + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	Authorisation and Access Control - Users can view restricted resources for which they are authorised - Examples - Example #1.3 + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-

Authorisation and Access Control - Users must not be able to view resources for which they are not authorised - Examples

	Authorisation and Access Control - Users must not be able to view resources for which they are not authorised - Examples - Example #1.1 + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	Authorisation and Access Control - Users must not be able to view resources for which they are not authorised - Examples - Example #1.2 + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	Authorisation and Access Control - Users must not be able to view resources for which they are not authorised - Examples - Example #1.3 + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	Authorisation and Access Control - Users must not be able to view resources for which they are not authorised - Examples - Example #1.4 + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-

Authorisation and Access Control - Un-authenticated users should not be able to view restricted resources - Examples

	Authorisation and Access Control - Un-authenticated users should not be able to view restricted resources - Examples - Example #1.1 + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	Authorisation and Access Control - Un-authenticated users should not be able to view restricted resources - Examples - Example #1.2 + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	Authorisation and Access Control - Un-authenticated users should not be able to view restricted resources - Examples - Example #1.3 + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-

Data confidentiality - Prevent browser caching of sensitive data - Examples

	Data confidentiality - Prevent browser caching of sensitive data - Examples - Example #1.1 + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-

Host Configuration - Only the required ports should be open - Examples

	Host Configuration - Only the required ports should be open - Examples - Example #1.1 + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-

Security settings on HTTP headers

	Security settings on HTTP headers - Restrict other sites from placing it in an iframe in order to prevent ClickJacking attacks + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	Security settings on HTTP headers - Enable built in browser protection again Cross Site Scriping + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	Security settings on HTTP headers - Force the use of HTTPS for the base secure Url + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	Security settings on HTTP headers - Restrict HTML5 Cross Domain Requests to only trusted hosts + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	Security settings on HTTP headers - Enable anti-MIME sniffing prevention in browsers + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-

Nessus Scan

	Nessus Scan - The host systems should not expose known security vulnerabilities + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-

Passive Application Security Scanning

	Passive Application Security Scanning - The application should not contain vulnerabilities identified using passive scanning + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-

Session Management

	Session Management - Issue a new session ID after authentication + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	Session Management - Invalidate the session when the user logs out + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	Session Management - Invalidate the session after a period of inactivity + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	Session Management - Set the 'secure' flag on the session cookie + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	Session Management - Set the 'httpOnly' flag on the session cookie + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-

SSL

	SSL - Disable SSL deflate compression in order to mitigate the risk of the CRIME attack	6.677 s
	SSL - Disable client renegotiations	0.075 s
	SSL - Disable client renegotiations	0.065 s
	SSL - Patch OpenSSL against the Heartbleed vulnerability	0.055 s
	SSL - The minimum cipher strength should meet requirements	0.080 s
	SSL - Disable weak SSL protocols due to numerous cryptographic weaknesses	0.221 s
	SSL - Support TLSv1.2 + - [ Detail ]	0 s
-	'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario	-
	SSL - Enable Perfect forward secrecy	0.591 s

ContextConfigurationExtendsVerifierTest

	shouldVerifyThatAllTheIntegrationTestsAreExtendedFromAbstractIntegrationTest	0.392 s
	shouldVerifyThatAllTheIntegrationTestsAreExtendedFromFluentTest	0.162 s

Login2SeleniumTest

	shouldVerifySuccessfulLoginAndLogoutWithCorrectCredentialsForSupportUser	16.82 s
	shouldVerifySuccessfulLoginAndLogoutWithCorrectCredentialsForAdminUser	14.46 s
	shouldVerifySuccessfulLoginAndLogoutWithCorrectCredentialsForUser	15.54 s

Failure Details

[Summary] [Package List] [Test Cases]

	Automated Application Security Scanning - The application should not be vulnerable to XPATH injection
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Automated Application Security Scanning - The application should not expose insecure HTTP methods
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Authentication - Passwords should be case sensitive
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Authentication - Transmit authentication credentials over HTTPS
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Authentication - When authentication credentials are sent to the server, it should respond with a 3xx status code.
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Authentication - Disable browser auto-completion on the password field
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Authentication - Lock the user account out after 4 incorrect authentication attempts
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Authorisation and Access Control - Users can view restricted resources for which they are authorised - Examples - Example #1.1
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Authorisation and Access Control - Users can view restricted resources for which they are authorised - Examples - Example #1.2
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Authorisation and Access Control - Users can view restricted resources for which they are authorised - Examples - Example #1.3
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Authorisation and Access Control - Users must not be able to view resources for which they are not authorised - Examples - Example #1.1
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Authorisation and Access Control - Users must not be able to view resources for which they are not authorised - Examples - Example #1.2
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Authorisation and Access Control - Users must not be able to view resources for which they are not authorised - Examples - Example #1.3
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Authorisation and Access Control - Users must not be able to view resources for which they are not authorised - Examples - Example #1.4
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Authorisation and Access Control - Un-authenticated users should not be able to view restricted resources - Examples - Example #1.1
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Authorisation and Access Control - Un-authenticated users should not be able to view restricted resources - Examples - Example #1.2
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Authorisation and Access Control - Un-authenticated users should not be able to view restricted resources - Examples - Example #1.3
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Data confidentiality - Prevent browser caching of sensitive data - Examples - Example #1.1
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Host Configuration - Only the required ports should be open - Examples - Example #1.1
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Security settings on HTTP headers - Restrict other sites from placing it in an iframe in order to prevent ClickJacking attacks
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Security settings on HTTP headers - Enable built in browser protection again Cross Site Scriping
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Security settings on HTTP headers - Force the use of HTTPS for the base secure Url
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Security settings on HTTP headers - Restrict HTML5 Cross Domain Requests to only trusted hosts
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Security settings on HTTP headers - Enable anti-MIME sniffing prevention in browsers
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Nessus Scan - The host systems should not expose known security vulnerabilities
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Passive Application Security Scanning - The application should not contain vulnerabilities identified using passive scanning
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Session Management - Issue a new session ID after authentication
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Session Management - Invalidate the session when the user logs out
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Session Management - Invalidate the session after a period of inactivity
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Session Management - Set the 'secure' flag on the session cookie
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	Session Management - Set the 'httpOnly' flag on the session cookie
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario
	SSL - Support TLSv1.2
-	skipped: 'cucumber.filter.tags=( ( ( not ( @wip ) and not ( @slow ) ) and not ( @broken-since-zap-2.13.0 ) ) and not ( @broken-since-zap-2.16.1 ) )' did not match this scenario