Skip to main content

Web services: Testing


It’s constantly stress-free for a tester to transfer from one technology to other but at times it's additional difficult to move from one methodology to other. Jumping from custom application to COTs (Commercial Off-The-Shelf) is still an easy transition; tester has a better idea like what part they need to focus or which modules are more susceptible than others. When testers take up web services it tosses many challenges, it’s continuously important to know what you need to do, rather than you first do and then learn.

With the dispersed architecture of loosely coupled systems which may be technically apart but frequently need to communicate in terms of data requirements. Web Services arise in the picture when such is the requirement. A Web service provides an artless interface for commutation among these loosely coupled systems using a typical data transfer mechanism.

Ladders in Web service testing:
  • The first and foremost challenge is to imagine what is expected from a Web service bearing in mind the business requirements.
  • Gathering and Understanding requirements are one part and understanding data transfer standards are second.
  • Next part is to design test cases and several data scenarios bearing in mind business requirements, more data scenarios you have healthier will be the quality of deliverable.
  • Executing test cases. It’s a thornier task to test complete end to end business flows with all the possible data scenarios, the trick is to have an automated tool which can shorten testing of Web services like Optimyz, SOAP UI etc.
Web Services: What all we need to test?
  • Functionality: Following are things to look while carrying out functional testing
    • SR (Specification Review)
    • TCD (Test Case Development)
    • Test Execution, examination of requests & responses.
  • Performance: Testing web services performance may be complicated, basic is to have thresholds mentioned upfront and clear. Another key is to have the performance requirements perfect. For e.g.:
A good requirement: This service has been identified as serving 50000 concurrent users with 10 sec of response time.
A bad requirement: This service should serve >4000 concurrent users, the response should be fast.
  • Security: Web Services are wide-open in a network, this element opens up a host of vulnerabilities, such as penetration, DOS (denial-of-service) attacks, great volumes of spam data, etc. Distinctive security policies have to be imposed at the network level to create sound SOA. There are certain security policies which are likewise enforced during data transfer, user token or certificate is such a common example where data is protected with the password. Precise test cases aimed at directing these policies need to be designed to completely test Web service security.
  • Compliance: Compliance testing is required to ensure :
    • Web services meet certain specified standards
    • Authorize SOAP request/response messages
    • Authenticate WSDL definitions




Comments

Popular posts from this blog

How to Unzip files in Selenium (Java)?

1) Using Java (Lengthy way) : Create a utility and use it:>> import java.io.BufferedOutputStream; import org.openqa.selenium.io.Zip; import java.io.File; import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.IOException; import java.util.zip.ZipEntry; import java.util.zip.ZipInputStream;   public class UnzipUtil {     private static final int BUFFER_SIZE = 4096;     public void unzip (String zipFilePath, String destDirectory) throws IOException {         File destDir = new File(destDirectory);         if (!destDir.exists()) {             destDir.mkdir();         }         ZipInputStream zipIn = new ZipInputStream(new FileInputStream(zipFilePath));         ZipEntry entry = zipIn.getNextEntry();         // to iterates over entries in the zip folder         while (en...

The use of Verbose attribute in testNG or POM.xml (maven-surefire-plugin)

At times, we see some weird behavior in your testNG execution and feel that the information displayed is insufficient and would like to see more details. At other times, the output on the console is too verbose and we may want to only see the errors. This is where a verbose attribute can help you- it is used to define the amount of logging to be performed on the console. The verbosity level is 0 to 10, where 10 is most detailed. Once you set it to 10, you'll see that console output will contain information regarding the tests, methods, and listeners, etc. <suite name="Suite" thread-count="5" verbose="10"> Note* You can specify -1 and this will put TestNG in debug mode. The default level is 0. Alternatively, you can set the verbose level through attribute in "maven-surefire-plugin" in pom.xml, as shown in the image. #testNG #automationTesting #verbose # #testAutomation

Encode/Decode the variable/response using Postman itself

We get a lot of use cases where we may have to implement Base64 encoding and/or decoding while building our APIs. And, if you are wondering if it is possible to encode/decode the variable/response using Postman itself or how to encode/decode the token or password in postman and save it in a variable? To Base64 encode/decode, the quickest way is to use JavaScript methods btoa, atob: atob - It turns base64-encoded ASCII data back to binary. btoa - It turns binary data to base64-encoded ASCII. Sample code : var responseBody = pm.response.json(); var parsedPwd = JSON.parse(atob(responseBody.password)); // presuming password is in the payload pm.collectionVariables.set("password", parsedPwd);