Web Services Testing

What are Web Services?

A web service is defined as a software system designed to support interoperable machine-to-machine interaction over a network. It has an interface described in a machine-process able format.

A web service contains defined functions and methods which can be used by sending XML requests to it using WSDL, Which can be called as interface of a web service. WSDL stands for Web Services Description Language. It is a document written in XML. This document describes a Web service. It specifies the location of the service and the operations (or methods) the service exposes.

Why Web Services?

Advantages of web services: Reusable application-components: Web services can offer application-components like: currency conversion, weather reports, or even language translation as services Interoperability: Web-applications are simple applications that run on the web. These are built around the Web browser standards and can be used by any browser on any platform

How the Web Services work?

Web services are published in a service registry from where all the service customers can identify the services.
UDDI (Universal Description, Discovery and Integration) is a repository

where Web services are published.

Service customers register and search for the required web services in UDDI and send a request to the corresponding web services. The response will be send to customer. Both request and responses are in SOAP messages.

Continued
SOAP is a simple XML-based protocol to let applications exchange information over HTTP. It stands for Simple

Object Access Protocol. Or simply SOAP is a protocol to access web services.

SOAP provides a way to communicate between applications

running on different operating systems, with different technologies and programming languages.

What is SOA?
The web services architecture is also known as Service Oriented Architecture (SOA).

Continued..
The diagram shows a architecture of two services integrated by ESB (Enterprise Service Bus). Here the application A has to call a method in application B. But the XML formats of request/response messages are different for both the applications, A sends a request to ESB which makes a XSLT conversion to the request so that application B understands it. Again the response from B is converted to understandable format for A. Services can be integrated with out ESB also, If the XSLTs of the request/response messages match.

What to test in Web Services?

The four areas to test in Web Services Architecture : Functionality Non Functionality Integration Governance

Functionality testing:
Functionality test of each layer Test from individual points of view; from service provider, consumer and registry Test for happy path, exceptions and boundary conditions Validation of messages, transactions Manual, script based and automated testing

Non Functionality testing:

Security: authentication, authorization, non-repudiation, data & channel security Performance: Latency, Response time, Throughput Interoperability: Forward and backward interoperability checks Service Reliability, Availability

Integration and Governance testing

Integration testing: Validation of contexts and Contracts Validation of standards, routing rules, mediations etc. Workflows and business rules Service Orchestration Testing data driven business logic Governance testing: Certify Quality of Service against standards and policies,
SLAs

Compliance against W3C, WS1 standards Standards and Compliance requirements specific to the Industry

How to validate SOAP messages?

SOAP request/response contains 4 elements in it. They are, 1. SOAP Envelop: An element that identifies the XML document as a SOAP message 2. SOAP Header: An element that contains header information 3. SOAP Body: An element which contains request or response information 4. SOAP Fault: An element which contains errors and status information
A SOAP message skeleton is shown.
When ever SOAP messages are to be validated, Header contains the type of the call (name of the request/ response)

In body element the request data and response data are to be validated given/received by interface
In fault element, the status of the response and the error information (error message) is to be validated