Book Image

Mastering SoapUI

By : Pranai Nandan, Surendra Mohan
Book Image

Mastering SoapUI

By: Pranai Nandan, Surendra Mohan

Overview of this book

SoapUI is an open-source cross-platform testing application that provides complete test coverage and supports all the standard protocols and technologies. This book includes real-time examples of implementing SoapUI to achieve quality and business assurance. Starting with the features and functionalities of SoapUI, the book will then focus on functional testing, load testing, and security testing of web services. Furthermore, you will learn how to automate your services and then design data-driven, keyword-driven, and hybrid-driven frameworks in SoapUI. Then the book will show you how to test UIs and services using SoapUI with the help of Selenium. You will also learn how to integrate SoapUI with Jenkins for CI and SoapUI test with QC with backward- and forward-compatibility. The final part of the book will show you how to virtualize a service response in SoapUI using Service Mocking. You will finish the journey by discovering the best practices for SoapUI test automation and preparing yourself for the online certification of SoapUI.
Table of Contents (18 chapters)
Mastering SoapUI
About the Author
About the Reviewer
SoapUI Integration with Jenkins and HP QC

A real time example of security testing in web services

Now let's take a real time example of security testing a web service to be tested: the authentication service.

Web service functionality: The authentication service takes as input, username and password and validates whether the credentials are correct or not.

The test to be configured for this service:

  • SQL injection

  • XPath injection

  • Boundary values scan

Why should we use these? Why the preceding scans only?

Well as we can see, the service is an authentication service and takes as input, username and password. When an attacker attacks this service, it will test techniques to gain unauthorized access to the systems, therefore we use the following attack types to test the service:

  • SQL injection

  • XPath injection

  • Boundary value scans.

Request of the service:

<soapenv:Envelope xmlns:soapenv="" xmlns:v1="http://xyz/xsd/resource/common/commondefinitions/msf/messagecontext/v1" xmlns:v11="http://xyz/xsd/interface...