This invention relates to the field of functional testing of web services. In particular, the invention relates to providing context in functional testing of web services.
Web services are a fundamental cornerstone of the web, providing online functionality for web applications as well as other web services. As such, web services have become an important subject of functional testing, including security testing, typestate checking, etc.
An important challenge in testing web services is to ensure that the test payload reaches the business logic of the web service. Otherwise, if the payload is invalid, then the web method typically reports a SOAP (Simple Object Access Protocol) fault, and there is little gain from submitting the payload.
One of the most prevalent reasons for the rejection of an input by a web method is if the method is invoked outside its appropriate context. For example, for a “DeleteCustomer” method to process its input data, this method must be called after a corresponding call to “CreateCustomer”.
Existing testing tools for web services do not support this context problem. The strategy used to decide the order of invocation of web methods is largely arbitrary, for example, invoking all the web methods in the web service's WSDL (Web Services Description Language) file in a serial order.
This leads to many situations where testing misses important problems (for example, critical security vulnerabilities) simply because a method was invoked without its preconditions being met, which leads to immediate rejection of the input data.
Therefore, there is a need in the art to address the aforementioned problems.