As our clients expand on their customer base and communication needs, the common method of exchanging information across several various software components is to implement a brand of Service Oriented Architecture (SOA). SOA provides software clients to access information from various services, for example, a call center retrieving credit card information from an account, without having to front-load the client end with database queries. By using Web Services to make these calls, applications can be designed and developed with core application presentation at the center of the effort, rather than focusing on driving the back-end.

These web services use Simple Object Access Protocol (SOAP) to exchange this structured information, and rely on XML as its message format. The SOAP standard frequently uses readable language in the Web Services Description Language (WSDL), which is a report of how the service can be called, what parameters it expects, and what data structures it returns. While not required, many organizations now consider the SOAP and WSDL combination the standard definition of a web service. In web-based development projects, along with user acceptance testing of the interface, system testing regarding web services is expected. Ensuring that requests and responses are accurately being transmitted and logged as expected can be accomplished through several tools, however in my experience SoapUI has been the most effective and scalable in validating requirements and functionality before and after deployments.

A typical web service that may appear in a credit-card development project would be for basic user authentication and risk assessment. Developers create their Java based application and would provide QA resources with the WSDL files and XML requests/responses. SoapUI allows for the creation of new projects by loading these WSDL files and connecting to the Oracle, or whatever the case may be, environment. In our sample web service, a request would be sent to validate a user name and password combination, and also check a database for any identified risks, such as stolen card or potential fraud. If any of these risks were returned, the response would be fed to the client application, and any appropriate messages from this returned result would be displayed as programmed. Also, if any faults were found during the web service request, such as database down or invalid account, the response would reflect this, and be handled appropriately by the client application.

SoapUI provides an interface that allows the tester to view the various services and operations that are being invoked. These operations can be run from SoapUI, and reports on connectivity, expected behavior, returned responses, and regression control. By setting these all up in a Test Suite, the tester is allowed to run array of tests using multiple variables, providing a results report of the various requests and responses of the web service.

Several tutorials, courses, and WSDL/XML samples exist through the SoapUI website. An additional bonus of SoapUI is its core application is currently a free download. If there is potential for your company or clients to be developing applications utilizing web services, consider using such a tool to enhance the coverage and depth of your quality management.