(If you are interested in having this course presented in your company, contact us to arrange a presentation.)

Level: Intermediate

Length: Three days

Register for the Online Version

Take the Online Demo

This course teaches the unique considerations for testing Service-Oriented Architectures (SOAs).

Service-Oriented Architectures are comprised of "loosely coupled software services to support the requirements of the business processes and software users. In an SOA environment, resources on a network are made available as independent services that can be accessed without knowledge of their underlying platform implementation."

Because of the focus on support of the business or organization, the emphasis in this course is placed on business-oriented black-box and gray-box testing, although other views of testing are also covered, such as integration and interoperability testing, security testing and performance testing.

You will start by learning the basics of SOAs and then learn how to create a testing strategy for your own SOA implementations. Then, you will learn effective processes and techniques for implementing detailed SOA tests.

Since SOAs may be deployed in a variety of environments, this course does not assume a particular environment or tool set. However, the testing techniques will address many of the most common types of SOA implementations and will show examples of some of the more popular SOA test tools.

This course is centered around a common case study which builds throughout the course.

Course Objectives

Attendees will learn:

  • The basic issues and risks of testing Service-oriented Architectures
  • How to create a test strategy for your own Service-oriented Architectures
  • Processes and techniques for SOA testing in diverse environments, including business process validation
  • The nature and purpose of SOA test tools
  • How to leverage SOA test tools in diverse environments
  • The process for performing security, perform and integration testing in SOAs.
  • How to build and manage a test environment that starts to simulate the operational environment


Who Will Benefit

  • Test analysts
  • Testers
  • Test engineers
  • Software developers
  • Project managers
  • Test lab managers
  • QA analysts

This program requires basic testing and IT knowledge.


Module 1 (SOAA) - SOAs Explained (1.5 hrs.)

  • What is Service-oriented Architecture?
  • Why SOA?
  • SOA Principles
  • Basic SOA TerminologyThe SOA Reference Architecture
    • Service Providers
    • Service Consumers
    • Service Repository
  • A Traditional Approach
  • The Five-Tier Approach
  • A Focus on Integration
  • Lifecycle Management
  • Service Contracts
  • Risks and Challenges of SOAs
  • SOA and Business Architecture
  • Varieties of SOA Implementations
  • The "Wrapping" of Legacy Systems
  • Case Study

Module 2 (SOAB) - Key Components of SOA Testing (1 hr.)

  • Testing Differences and Challenges
    • Testability (Lack of Access to GUI or Code)
    • Distributed Nature - Functionality that Spans Multiple Areas
    • The Testing of Composite Applications
    • Importance of Integration
    • Performance
    • Compliance Testing
    • Platform and Language Neutral
    • Dependencies on 3rd Party Web Services
    • Stakeholder Sharing of Web Services Ownership
    • Frequent Business and Application Changes
    • High Demands for Quality of Service (Service Levels)
    • Reuse of Existing Components and Systems
  • Looking at the Test Views
    • Black-box
    • White-box
    • Grey-box
  • Phases of SOA Testing
    • Unit (Component) TestingIntegration Testing
      • Services
      • Adapters
      • Data Maps
      • Business Processes
      • User Interfaces
      • Structural (White-box) Testing for SOA
      • Why Unit Testing Alone Isn’t Enough
    • System Testing
    • User Acceptance Testing
  • Functional TestingPerformance Testing
    • Top-down Test Design
    • Bottom-up Test Execution
    • End-to-end Business Process Testing
    • Regression Testing
  • Integration and Interoperability TestingSecurity Testing
    • The Differences Between Integration and Interoperability Testing
  • Compatibility Testing
  • Aligning SOA Testing with Development Activities
  • Case Study

Module 4 (SOAC) - Developing an SOA Testing Strategy (1.5 hrs.)

  • What Should be in a Test Strategy?
  • How to Design and Document a Test Strategy for Your SOA Implementation
  • Understanding the Uniqueness of Your ArchitectureCase Study - Designing an SOA Test Strategy
    • Types of Testing
    • Phases of Testing
    • Critical Success Factors
    • Risks
    • Assumptions
    • Constraints

Module 5 (SOAD) – Testing Web Services (2.5 hrs.)

      • SOAD –Testing Web Services and SOA
      • Why Web Services?
      • Web Service Architecture
      • Important Things to Understand About Web Services
      • Service Discovery
      • About UDDI
      • Types of Registries
      • WSIL - Web Services Inspection Language
      • What is WSDL?
        • Why Get Into the WSDL?
        • WSDL in Context
        • WSDL Document Structure
        • Main Structure of a WSDL Document
        • WSDL Details
        • WSDL Example
        • WSDL Operation Types
        • WSDL Bindings
        • SOAP Binding Example
        • RPC vs. Document Language Bindings
        • Document Example
        • RPC Example
      • Service Contracts
        • Service Contracts Elements
        • Operational Information
        • Service Contract Principles
        • Two Levels of Service Contracts in WSDL
        • WSDL Service-level Data Model
        • Reconciling Disparate Data Models
      • XML-Related Technologies for SOAMethods of Testing Web Services
        • A Little More About XML…
        • SOAP Defined
        • XML Namespaces
        • XML Schemas
        • XML Schema Example
        • The “Payload”
        • Testing Payloads
        • Sample WSDL
      • Representative Web Services Test Tools
      • SoapUI FeaturesExercises
        • Web Services Inspection
        • Web Services Invocation
        • SOAP Monitoring
        • Web Services Message Validation
        • Web Services Functional Testing
        • Test Suite Generation
        • Sample Test Suite
        • Test Coverage Monitor
        • Create Test Report
        • Sample soapUI Report
        • Web Services Load Testing

Module 6 (SOAQ) – Testing REST Services and WADL (1 hr.)

  • What is REST?
  • What is WADL?
  • REST vs. SOAP
  • Examples of REST
  • Example of WADL
  • Impact on Testing
  • Key Elements of REST Architecture
  • What Can We Test?
  • How Can We Test?
  • Summary
  • Exercise

Module 7 (SOAE) - Functional Testing of SOAs (2 hrs.)

  • What is Functional Testing?
  • The Role of Subject Matter Experts in Testing SOAs
  • Understanding the Business and Its Processes
    • Taking the Organizational View vs. an Application View
    • Tests Based on Business Scenarios - Example
    • Identifying the Business Processes to be Tested
    • A Tool For Prioritizing Processes
  • Dealing with DataCoordinating Process-Driven Testing
    • Defining Business Entities
    • A Closer Look at Test Data
    • Specification of Test Data
    • Example of Creating Test Data
    • Test Cases
    • Evaluating Test Data
    • Evaluating Test Data Using Tools
    • Maintaining Test Data
    • Restoring Test Data
  • Messaging
  • Working with BPEL and Business Integration (BI)
  • The Role of Use Cases
  • The Role of Requirements
  • Summary

Module 8 (SOAF) - Performance Testing of SOAs (1 hr.)

  • Stateless vs. Stateful Tests
  • Key Objectives for SOA Performance Testing
  • Testing Scalability
  • Testing Robustness
  • XML Parsing
  • Persistence
  • Transformation
  • Aggregation and Federation
  • Data Mitigation
  • What to Measure Markov Chains
    • Throughput
    • Response Times
    • Latency
    • Endurance
  • A Basic Process for Performance TestingSOA Performance Testing at the Unit Level
    • Choosing the Right Test Cases
      • Knowing What to Test
    • Applying an Appropriate Tool
      • What to Look for in an SOA Performance Test Tool
    • Running the Right Volume of Tests and Data
      • How to Determine the Performance Profiles
    • Reaching the Right Conclusions
      • Understanding the Test Results and Taking the Right Actions
  • Profiling the Unit
  • Unit Performance Testing Tools
  • Service Level Agreements
  • Sample Service Management Dashboard
  • Summary

Module 9 (SOAG) - Integration and Interoperability Testing of SOAs (1 hr.)

  • Where the Complexity is in SOA's
  • The Value of Early Integration Testing
  • Testing Integration and Interoperability at All Phases of TestingEnd-to-end Testing of SOAs
    • Unit or Component
    • System
    • UAT
  • Testing Services
  • Testing Business Processes
  • Taking the Organizational View vs. an Application View
  • Eliminating Silos
  • Working in Cross-Functional Teams
  • The Role of Regression Testing for Integration
  • The Use of Simulations

Module 10 (SOAH) - Security Testing of SOAs (1 hr.)

  • The Security Concern
  • Basic Levels of SOA Security
  • Web Services VulnerabilitiesThe Role of Scanning Tools and Other Security Tools
    • Generic Vulnerabilities
      • Open User Access
      • Cross-site Scripting
      • SQL Injection
      • Buffer Overflows
    • Web Services Vulnerabilities
      • Deeply Nested Nodes
      • Recursive Payloads
      • Schema Poisoning
      • Malware Traveling Over SOAP Messages
  • Testing SOAP Encryption
  • Steps to Securing an SOA
  • XML Encryption
  • XML Signature
  • WS-Security Standard
  • Other SOA Security Standards
  • XrML
  • Steps to SOA Security
  • What Can We Test?
  • How Can We Test Security?Two Golden Rules of Security Testing
    • A 5-Step Process

Module 11 (SOAI) - Testing Services and Processes (2 hrs.)

  • Creating an SOA Testing Strategy
  • Creating an SOA Test Plan
  • Defining Business Processes
  • The Role of Use Cases
  • The Role of Requirements
  • Boiling it Down to Test Cases, Scripts and Procedures
    • Basing Test Scenarios on Business Processes
    • Designing Test Cases to Support Integrated Business Processes
    • Prioritizing Business and Test Scenarios
  • A Closer Look at Test DataCoordinating Process-Driven Testing
    • Specification
    • Creation
    • Evaluation
    • Maintenance
    • Restoration

Module 12 (SOAJ) - Testing Considerations for Specific Environments (1 hr.)

  • Web Services
  • Legacy and Composite Application
  • Commercial Applications (COTS)

Module 13 (SOAK) - SOA Test Performance & Evaluation (1.5 hrs.)

  • SOA Test Co-ordination and Management
  • How to Evaluate SOA Test Results
  • How to Know What is Important in SOA Test Results
  • Sample SOA Test Reports

Module 14 (SOAL) - SOA Test Tools (1.5 hrs.)

  • The Purposes and Benefits of SOA Test Tools
  • Major SOA Tools and VendorsHow the Tools Work
    • Itko - LISA
    • Parasoft - SOATest
    • Mindreef - SOAPScope
    • Greenhat Consulting - GH Tester
    • Borland - SilkPerformer SOA Edition
    • Junit - Open Source Tool for Unit Testing
    • Agitar - AgitarOne  - Unit Testing
  • What to Look for in SOA Test Tools
    • Test-aware Interfaces
    • Message-Based Test Automation
    • Accurate Simulation of Application Behavior
    • Adaptability to Change
    • Ease of Use

Module 15 (SOAM) - Summary (15 mins.)

  • Key Course Concepts
  • Final Q&A


  • Checklists and Templates
  • Glossary
  • Bibliography


  • Course notebook with slides images, worksheets, checklists, complete examples and supporting text
  • You will have the basic information needed to perform effective SOA testing in your organization.