This page contains a Flash digital edition of a book.
T.E.S.T Digest | D11


SOA Testing Tool Requirements


• WS-I Interoperability Checks • Schema Checks • Service Virtualization • Test Data injection • Database interaction • Web Page interaction • Penetration testing • Performance testing


The important thing to note though is that you should not need the entire application to be available to start doing scenario testing. As the services become available, they simply replace the stubbed elements. One more thought to be considered


is if any human interaction will be required to facilitate the conclusion on a test scenario. Perhaps we are testing a loan approval process, and if the loan request is greater than a specified amount then the loan must be approved manually before the testing process can complete. So now we are looking for a testing tool that can be easily configured to check the loan amount, and then run a set of web page actions to approve the loan before the rest of the message layer tests complete, all being done integrally to the same test flow.


Performance testing Is there any reason that performance testing should be left right to the end of a project? A simple performance test should be set up for each SOA operation. This should then be run on a daily basis with the results being logged. As the application matures, these results can be compared and the effect of any changes to the application noted. Quality of service metrics should be assigned, and when they are broken, the developers can be immediately notified that, left as it is, the application will not meet the specified response times under load. It is entirely possible to take the functional tests already developed and run them in a load scenario; this therefore takes little time to set up.


Penetration testing Again, this is an item that should not be left to the end of the project. Security must be designed in, not tested in. Penetration tests should be set up right from the word go. Run on a daily basis these tests will give developers the heads up immediately that their application is not meeting security requirements. Catch bugs early, and you reduce the development


www.testmagazineonline.com


time needed to fix them – it is a proven fact. Penetration testing is provided as standard within SOAtest!


Other issues to consider Applications that rely on passing messages from one place to another, whether that be client-server style, or business-to-business communication, all rely on having good data. To this end, it is often a practise to use existing customer data during testing. After all, what could be better than that? Well aside from the obvious data protection issues, and the fact you may not cover all required paths. Integration between test data tools, such as that provided by Grid Tool’s ‘SOA Data Pro’ and Parasoft’s SOAtest, provide an excellent alternative. Test data can be created to your specific requirements, and then injected directly into your functional or scenario tests that have already been set up. While we are on the topic of data,


consider whether you need to validate your response data against the contents of a database. For instance an account enquiry has return balance ‘A’ in the response, but is this the true balance as depicted in the database? Adding a database query to the set of functional tests will be useful.


In summary There are many great message layer testing tools on the market. Some are free, some are not. Some are great at service virtualisation, and some concentrate on web pages. There are horses for courses as they say, and one particular tool will not be a panacea to all testing requirements. Check your requirements carefully, and ensure your choice will be a good fit for the majority of your testing requirements.


SOAtest covers all of the requirements discussed here, and is compatible with a range of transport protocols such as HTTP, JMS, MQ and .Net WCF to name a few, Free evaluations of Parasoft SOAtest can be requested at www.parasoft.com.


Andrew Thompson Managing director Parasoft UK www.parasoft.com


There are many great message layer testing tools on the market. Some are free, some are not. Some are great at service virtualisation, and some concentrate on web pages. There are horses for courses as they say, and one particular tool will not be a panacea to all testing requirements. Check your requirements carefully, and ensure your choice will be a good fit for the majority of your testing requirements.


June 2010 | T.E.S.T DIGEST


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52
Produced with Yudu - www.yudu.com