Testing Web Applications SEII - Lecture 19

Testing Web ApplicationsSEII-Lecture 19Dr. Muzafar KhanAssistant ProfessorDepartment of Computer ScienceCIIT, Islamabad.RecapQuality dimensionsContent, function, structure, usability, navigability, performance, compatibility, interoperability, securityTesting strategyContent testingDatabase testingUser interface testingTesting interface mechanisms, usability tests, compatibility tests2Component-Level Testing [1/2]Function testingErrors related to WebApp functionsTest cases are often derived from forms-level inputEquivalence partitioningInput categories or classesInput form is assessed for particular classTest cases for each input class are derived and executedOther classes are held constantExample: postal code3Component-Level Testing [2/2]Boundary value analysisForms data are tested for their boundariesExample: minimum and maximum delivery timePath testingLogical complexity of functionEvery independent path should be testedForced error testingPurposely drive component into an error conditionErrors related to error handling e.g. incorrect message and WebApp failure4Navigation TestingVisitor walks through a storeMany pathways, stops, things to look and learn, activities, or decisionsEvery visitor has a set of objectivesNavigation process can be unpredictable Objectives of navigation testing are to ensureNavigation mechanisms are functionalNavigation semantic unit can be achieved5Testing Navigation Syntax [1/2]Navigation linksInternal linksExternal linksAnchors within a specific web pageRedirectsIn case of nonexistent URL / contents removedAppropriate message and redirection to other pageBookmarksBrowser functionMeaningful page title and creation6Testing Navigation Syntax [2/2]Frames and framesetsFrame contains the content of pageFrameset contains multiple framesNesting of frames and framesetsTesting for correct content, proper layout and sizing, download performance, and browser compatibilitySite mapsComplete table of contentsInternal search enginesThousands of content objectsKeyword searchValidates accuracy and completeness of search, error-handling properties of the search engine, and advanced search feature7Testing Navigation Semantics [1/3]Navigation Semantic Unit (NSU)A set of information and related navigation structures to fulfill specific user’s goalA set of navigation paths and associated navigation nodesTesting of NSUQuestions to answerIs the NSU achieved in its entirety without error?Is every navigation node (defined for an NSU) reachable within the context of the navigation paths defined for the NSU?8Testing Navigation Semantics [2/3]If the NSU can be achieved using more than one navigation path, has every relevant path been tested?If guidance is provided by the user interface to assist in navigation, are directions correct and understandable as navigation proceeds?Is there a mechanism (other than the browser "back" arrow) for returning to the preceding navigation node and to the beginning of the navigation path?Do mechanisms for navigation within a large navigation node (i.e. a long web page) work properly?If a function is to be executed at a node and the user chooses not to provide input, can the remainder of the NSU be completed?9Testing Navigation Semantics [3/3]If a function is executed at a node and an error in function processing occurs, can the NSU be completed?Is there a way to discontinue the navigation before all nodes have been reached, but then return to where the navigation was discontinued and proceed from there?Is every node reachable from the site map? Are node names meaningful to end users?If a node within an NSU is reached from some external source, is it possible to process to the next node on the navigation path? Is it possible to return to the previous node on the navigation path?Does the user understand his location within the content architecture as the NSU is executed10Configuration Testing [1/3]Configuration variability and instabilityDifferent factors e.g. hardware and operating system are difficult to predict for each userUsers’ experience variesObjective is to test probable set of client-side and server-side configurations11Configuration Testing [2/3]Server-side issuesTest cases for the projected server configurationQuestions to answerIs the WebApp fully compatible with the server OS?Are system files, directories, and related system data created correctly when the WebApp is operational?Do system security measures (e.g., firewalls or encryption) allow the WebApp to execute and service users without interference or performance degradation?12Configuration Testing [3/3]Has the WebApp been tested with the distributed server configuration (if one exists) that has been chosen?Is the WebApp properly integrated with database software? Is the WebApp sensitive to different versions of database software?Do server-side WebApp scripts execute properly?Have system administrator errors been examined for their effect on webApp operations?If proxy server are used, have differences in their configuration been addressed with on-site testing?13Client-Side IssuesPossible configurationsHardwareCPU, memory storage, and printing devicesOperating systemsLinux, Macintosh OS, Microsoft Windows, a mobile-based OSBrowser software Firefox, safari, internet explorer, opera, chrome, and othersUser interface componentsActive X, java applets, and othersPlug-insQuickTime, RealPlayer, and many othersConnectivity cable, DSL, regular modem, WiFi14Security Testing [1/2]Hackers, employees, competitorsModified content, degrade performance, disable functionalityObjective is to probe vulnerabilitiesClient-side, communication, server-sideFirewallFiltering mechanismExamines incoming packetAuthenticationVerification mechanism15Security Testing [2/2]EncryptionAn encoding mechanismDigital certificatesAuthorizationFiltering mechanismAuthorized usersSometimes outsourced to others16Performance Testing [1/6]Performance problemsLack of server-side resources, inappropriate network bandwidth, inadequate database capabilities, faulty/weak operating system capabilities, poorly designed WebApp functionalityObjectives are to Understand how system responses as loading increasesCollect metrics to improve performance17Performance Testing [2/6]Questions to answerDoes the server response time degrade to a point where it is noticeable and unacceptable?At what point (in terms of users, transactions, or data loading) does performance become unacceptable?What system components are responsible for performance degradation?What is the average response time for users under a variety of loading conditions?18Performance Testing [3/6]Does performance degradation have an impact on system security?Is WebApp reliability or accuracy affected as the load on the system grows?What happens when loads that are greater than maximum server capacity are applied?Does performance degradation have an impact on company revenues?19Performance Testing [4/6]Load testingN, number of concurrent usersT, number of online transactions per unit of timeD, data load processed by the server per transactionP = N * T * DStress testingSpike / bounce testingContinuation of load testingOperational limits exceed20Performance Testing [5/6]Stress testingQuestions to answerDoes the system degrade gently or does the server shutdown as capacity is exceeded?Does server software generate "server not available" messages? More generally, are users aware that they cannot reach the server?Does the server queue resource requests and empty the queue once capacity demands diminish?Are transactions lost as capacity is exceeded?Is data integrity affected as capacity is exceeded?21Performance Testing [6/6]Stress testingWhat values of N, T and D force the server environment to fail? How does failure manifest itself? Are automated notifications sent to technical support staff at the server site?If the system does fail, how long will it take to come back on line?Are certain webApp functions (e.g., compute intensive functionality, data streaming capabilities) discontinued as capacity reaches the 80 or 90 percent level?22SummaryComponent-level testingEquivalence partitioning, boundary value analysis, path testingNavigation testingTesting navigation syntax and semanticsConfiguration testingServer-side and client-side issuesSecurity testingFirewall, authentication, encryption, authorizationPerformance testingLoad and stress testing23