Because of the focus on support of the business or organization, the emphasis in this course is placed on business-oriented black-box and gray-box testing, although other views of testing are also covered, such as integration and interoperability testing, security testing and performance testing.

You will start by learning the basics of SOAs and then learn how to create a testing strategy for your own SOA implementations. Then, you will learn effective processes and techniques for implementing detailed SOA tests.

Since SOAs may be deployed in a variety of environments, this course does not assume a particular environment or tool set. However, the testing techniques will address many of the most common types of SOA implementations and will show examples of some of the more popular SOA test tools.

This course is centered around a common case study which builds throughout the course.

Attendees will learn:

• The basic issues and risks of testing Service-oriented Architectures
• How to create a test strategy for your own Service-oriented Architectures
• Processes and techniques for SOA testing in diverse environments, including business process validation
• The nature and purpose of SOA test tools
• How to leverage SOA test tools in diverse environments
• The process for performing security, perform and integration testing in SOAs.
• How to build and manage a test environment that starts to simulate the operational environment

Who Will Benefit

• Test analysts
• Testers
• Test engineers
• Software developers
• Project managers
• Test lab managers
• QA analysts

• What is Service-oriented Architecture?
• Why SOA?
• SOA Principles
• Basic SOA Terminology
  • Service Providers
  • Service Consumers
  • Service Repository
• The SOA Reference Architecture
• A Traditional Approach
• The Five-Tier Approach
• A Focus on Integration
• Lifecycle Management
• Service Contracts
• Risks and Challenges of SOAs
• SOA and Business Architecture
• Varieties of SOA Implementations
• The "Wrapping" of Legacy Systems
• Case Study

• Testing Differences and Challenges
  • Testability (Lack of Access to GUI or Code)
  • Distributed Nature - Functionality that Spans Multiple Areas
  • The Testing of Composite Applications
  • Importance of Integration
  • Performance
  • Compliance Testing
  • Platform and Language Neutral
  • Dependencies on 3rd Party Web Services
  • Stakeholder Sharing of Web Services Ownership
  • Frequent Business and Application Changes
  • High Demands for Quality of Service (Service Levels)
  • Reuse of Existing Components and Systems
• Looking at the Test Views
  • Black-box
  • White-box
  • Grey-box
• Phases of SOA Testing
  • Unit (Component) Testing
    • Services
    • Adapters
    • Data Maps
    • Business Processes
    • User Interfaces
    • Structural (White-box) Testing for SOA
    • Why Unit Testing Alone Isn’t Enough
  • Integration Testing
  • System Testing
  • User Acceptance Testing
• Functional Testing
  • Top-down Test Design
  • Bottom-up Test Execution
  • End-to-end Business Process Testing
  • Regression Testing
• Performance Testing
• Integration and Interoperability Testing
  • The Differences Between Integration and Interoperability Testing
• Security Testing
• Compatibility Testing
• Aligning SOA Testing with Development Activities
• Case Study

Module 4 (SOAC) - Developing an SOA Testing Strategy (1.5 hrs.)

• What Should be in a Test Strategy?
• How to Design and Document a Test Strategy for Your SOA Implementation
• Understanding the Uniqueness of Your Architecture
  • Types of Testing
  • Phases of Testing
  • Critical Success Factors
  • Risks
  • Assumptions
  • Constraints
• Case Study - Designing an SOA Test Strategy

Module 5 (SOAD) – Testing Web Services (2.5 hrs.)

• SOAD –Testing Web Services and SOA
• Why Web Services?
• Web Service Architecture
• Important Things to Understand About Web Services
• Service Discovery
• About UDDI
• Types of Registries
• WSIL - Web Services Inspection Language
• What is WSDL?
• Why Get Into the WSDL?
• WSDL in Context
• WSDL Document Structure
• Main Structure of a WSDL Document
• WSDL Details
• WSDL Example
• WSDL Operation Types
• WSDL Bindings
• SOAP Binding Example
• RPC vs. Document Language Bindings
• Document Example
• RPC Example
• Service Contracts
• Service Contracts Elements
• Operational Information
• Service Contract Principles
• Two Levels of Service Contracts in WSDL
• WSDL Service-level Data Model
• Reconciling Disparate Data Models
• XML-Related Technologies for SOA
• A Little More About XML…
• SOAP Defined
• XML Namespaces
• XML Schemas
• XML Schema Example
• The “Payload”
• Testing Payloads
• Sample WSDL
• Methods of Testing Web Services
• Representative Web Services Test Tools
• SoapUI Features
• Web Services Inspection
• Web Services Invocation
• SOAP Monitoring
• Web Services Message Validation
• Web Services Functional Testing
• Test Suite Generation
• Sample Test Suite
• Test Coverage Monitor
• Create Test Report
• Sample soapUI Report
• Web Services Load Testing
• Exercises
• Summary

• What is Functional Testing?
• The Role of Subject Matter Experts in Testing SOAs
• Understanding the Business and Its Processes
• Taking the Organizational View vs. an Application View
• Tests Based on Business Scenarios - Example
• Identifying the Business Processes to be Tested
• A Tool For Prioritizing Processes
• Dealing with Data
• Defining Business Entities
• A Closer Look at Test Data
• Specification of Test Data
• Example of Creating Test Data
• Test Cases
• Evaluating Test Data
• Evaluating Test Data Using Tools
• Maintaining Test Data
• Restoring Test Data
• Coordinating Process-Driven Testing
• Messaging
• Working with BPEL and Business Integration (BI)
• The Role of Use Cases
• The Role of Requirements
• Summary

• Stateless vs. Stateful Tests
• Key Objectives for SOA Performance Testing
• Testing Scalability
• Testing Robustness
• XML Parsing
• Persistence
• Transformation
• Aggregation and Federation
• Data Mitigation
• What to Measure
• Throughput
• Response Times
• Latency
• Endurance
• Markov Chains
• A Basic Process for Performance Testing
• Choosing the Right Test Cases
• Knowing What to Test
• Applying an Appropriate Tool
• What to Look for in an SOA Performance Test Tool
• Running the Right Volume of Tests and Data
• How to Determine the Performance Profiles
• Reaching the Right Conclusions
• Understanding the Test Results and Taking the Right Actions
• SOA Performance Testing at the Unit Level
• Profiling the Unit
• Unit Performance Testing Tools
• Service Level Agreements
• Sample Service Management Dashboard
• Summary

• Where the Complexity is in SOA's
• The Value of Early Integration Testing
• Testing Integration and Interoperability at All Phases of Testing
  • Unit or Component
  • System
  • UAT
• End-to-end Testing of SOAs
• Testing Services
• Testing Business Processes
• Taking the Organizational View vs. an Application View
• Eliminating Silos
• Working in Cross-Functional Teams
• The Role of Regression Testing for Integration
• The Use of Simulations

• The Security Concern
• Basic Levels of SOA Security
• Web Services Vulnerabilities
  • Generic Vulnerabilities
    • Open User Access
    • Cross-site Scripting
    • SQL Injection
    • Buffer Overflows
  • Web Services Vulnerabilities
    • Deeply Nested Nodes
    • Recursive Payloads
    • Schema Poisoning
    • Malware Traveling Over SOAP Messages
• The Role of Scanning Tools and Other Security Tools
• Testing SOAP Encryption
• Steps to Securing an SOA
• XML Encryption
• XML Signature
• WS-Security Standard
• Other SOA Security Standards
• XrML
• Steps to SOA Security
• What Can We Test?
• How Can We Test Security?
  • A 5-Step Process
• Two Golden Rules of Security Testing

• Creating an SOA Testing Strategy
• Creating an SOA Test Plan
• Defining Business Processes
• The Role of Use Cases
• The Role of Requirements
• Boiling it Down to Test Cases, Scripts and Procedures
  • Basing Test Scenarios on Business Processes
  • Designing Test Cases to Support Integrated Business Processes
  • Prioritizing Business and Test Scenarios
• A Closer Look at Test Data
  • Specification
  • Creation
  • Evaluation
  • Maintenance
  • Restoration
• Coordinating Process-Driven Testing

• Web Services
• Legacy and Composite Application
• Commercial Applications (COTS)

• SOA Test Co-ordination and Management
• How to Evaluate SOA Test Results
• How to Know What is Important in SOA Test Results
• Sample SOA Test Reports

• The Purposes and Benefits of SOA Test Tools
• Major SOA Tools and Vendors
  • Itko - LISA
  • Parasoft - SOATest
  • Mindreef - SOAPScope
  • Greenhat Consulting - GH Tester
  • Borland - SilkPerformer SOA Edition
  • Junit - Open Source Tool for Unit Testing
  • Agitar - AgitarOne  - Unit Testing
• How the Tools Work
• What to Look for in SOA Test Tools
  • Test-aware Interfaces
  • Message-Based Test Automation
  • Accurate Simulation of Application Behavior
  • Adaptability to Change
  • Ease of Use

• Key Course Concepts
• Final Q&A

Resources

• Checklists and Templates
• Glossary
• Bibliography

Deliverables

• Course notebook with slides images, worksheets, checklists, complete examples and supporting text
• You will have the basic information needed to perform effective SOA testing in your organization.

Instructor
To be announced

1. Channabasavaiah, Holley and Tuggle, Migrating to a service-oriented architecture, IBM DeveloperWorks, 16 Dec 2003

All materials on this site copyright 1996 - 2008, Rice Consulting Services, Inc.

Rice Consulting Services, Inc.
P.O. Box 892003
Oklahoma City, OK  73189
405-691-8075

"Leaders are made, they are not born. They are made by hard effort, which is the price which
all of us must pay to achieve any goal that is worthwhile." -- Vince Lombardi

This site best viewed with the Mozilla Firefox
browser!