Application Security: OWASP top 10
By: Avinash K Tiwari
The Open Web Application Security Project (OWASP) is a worldwide free and open community focused on improving the security of application software. The OWASP community includes corporations, educational organizations, and individuals from around the world. This community works to create freely-available articles, methodologies, documentation, tools, and technologies. Purpose of OWASP is working for finding and fighting the causes of insecure software.
Official web site: www.owasp.org
OWASP’s most successful projects include the book-length OWASP Guide and the widely adopted OWASP Top 10 awareness document.
In this post, I am going to focus on “What OWASP Top Ten” is all about.
The Open Web Application Security Project (OWASP) Top Ten Project provides a minimum standard for web application security. It lists the top ten most critical web application security vulnerabilities, representing a broad concensus. Project members include a variety of security experts from around the world who have shared their expertise to produce this list. You should consider adopting security standards and begin assessing that your web applications do not contain these security flaws. Addressing the OWASP Top Ten is an effective first step towards changing your software development culture into one that produces secure code for your web applications.
Following are the OWASP top 10 vulnerabilities with a brief description
Cross-site scripting (XSS) flaws:
Hackers can impersonate legitimate users, and control their accounts.
Impact : Identity Theft, Sensitive Information Leakage, …
Injection flaws:
Hackers can access backend database information, alter it or steal it.
Impact: Attacker can manipulate queries to the DB / LDAP / Other system
Malicious File Execution
Execute shell commands on server, up to full control
Impact: Site modified to transfer all interactions to the hacker.
Broken authentication and session management:
Session tokens not guarded or invalidated properly
Impact : Hacker can “force” session token on victim; session tokens can be stolen after logout
Cross-Site Request Forgery
Attacker can invoke “blind” actions on web applications, impersonating as a trusted user
Impact : Blind requests to bank account transfer money to hacker
Information Leakage and Improper Error Handling
Attackers can gain detailed system information
Malicious system inFORMATION may assist in developing further attacks
Insecure storage
Weak encryption techniques may lead to broken encryption
Impact: Confidential information (SSN, Credit Cards) can be decrypted by malicious users
Insecure Communication:
Sensitive info sent unencrypted over insecure channel
Impact: Unencrypted credentials “sniffed” and used by hacker to impersonate user
Failure to Restrict URL Access
Hacker can forcefully browse and access a page past the login page
Impact : Hacker can access unauthorized resources
Insecure Direct Object Reference
Web application returns contents of sensitive file (instead of harmless one)
Impact: Attacker can access sensitive files and resources
We will be discussing each one the vulnaribilities in detail in the coming posts.
Moreover, more information about the following critical web application security vulnerabilities is on the OWASP website: http://www.owasp.org/index.php/OWASP_Top_Ten_Project
(Copyrighted by CresTech Software Systems Pvt. Ltd.)
Your Testing Partner
http://www.qacampus.com
http://www.crestech.in
http://www.crestechsoftware.com.au
Tuesday, May 26, 2009
Sample code to click on dynamic link using Browser DOM
Sample code to click on dynamic link using Browser DOM
By Navneesh Garg
Let us try to understand a practical scenario. You have webpage. On this web-page the total number of links changes dynamically. Also the links on this webpage are not static links and are created dynamically based on inputs on the previous page. User needs to click on a link with a particular title on this page.
There can be multiple solutions to this problem. Please find below the solution which uses Document Object Model of Browser to browse through the links and click on the specified link.
Solution:
1. User uses DOM of Browser to get reference to the webpage
2. User get reference to collection of links on the webpage
3. Use for Loop to get to each link and based on the required property match click on the required link
Sample Code
************************************************************************
Function (Expected_Title)
Set obj = Browser(”Simple Validation”).Page(”Simple Validation”).Object.body.document
set Linkcollections= obj.Links
msgbox “No. of Links is” & Linkcollections.Length
dim counter
counter=0
For each Element in Linkcollections
StrTitle = Element.GetROProperty (“title”)
If StrTitle = Expected_Title then
Element.Click
Exit For
Else
Counter = Counter + 1
End If
Next
End Function
************************************************************************
Another Possible solution could be to use Description Object to get reference to all objects in the page.
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
http://www.qacampus.com
http://www.crestech.in
http://www.crestechsoftware.com.au
By Navneesh Garg
Let us try to understand a practical scenario. You have webpage. On this web-page the total number of links changes dynamically. Also the links on this webpage are not static links and are created dynamically based on inputs on the previous page. User needs to click on a link with a particular title on this page.
There can be multiple solutions to this problem. Please find below the solution which uses Document Object Model of Browser to browse through the links and click on the specified link.
Solution:
1. User uses DOM of Browser to get reference to the webpage
2. User get reference to collection of links on the webpage
3. Use for Loop to get to each link and based on the required property match click on the required link
Sample Code
************************************************************************
Function (Expected_Title)
Set obj = Browser(”Simple Validation”).Page(”Simple Validation”).Object.body.document
set Linkcollections= obj.Links
msgbox “No. of Links is” & Linkcollections.Length
dim counter
counter=0
For each Element in Linkcollections
StrTitle = Element.GetROProperty (“title”)
If StrTitle = Expected_Title then
Element.Click
Exit For
Else
Counter = Counter + 1
End If
Next
End Function
************************************************************************
Another Possible solution could be to use Description Object to get reference to all objects in the page.
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
http://www.qacampus.com
http://www.crestech.in
http://www.crestechsoftware.com.au
A Beginner’s Blog to Performance testing’ continued
HTTP (’A Beginner’s Blog to Performance testing’ continued…..)
By Happy Himanshu Gupta
As I read more on Performance testing, I thought of going on a practical application to test my college website. The search results on Google presented the name of an open-source performance testing tool named OpenSTA. It was not difficult to get familiar with the interface of the tool and I began with what is called as script recording of the application.
After the recording was complete, I opened the script to see how it actually looks like. You know guys, something more horrible than any general software code appeared on the screen, and I had never read such kind of a text before in any of my course books. It was then I realized that something more important needs to be learned, before I play around with performance measuring tools. The concept I missed out reading was HTTP, the global language of web.
Most of us open our mailbox daily and go through a number of other websites. But do we ever think, what helps us in accessing our mails and the unlimited information around the globe. Well, I never thought of it, before this question actually struck me a few days ago. Is my dumb machine intelligent enough to obey my orders every time I ask it to do so? Well friends lets now understand the way the computer listens to our request and returns back the response.
HTTP which stands for “Hypertext Transfer Protocol” is a common language which lays the path of communication for all the web clients, servers and the related web applications. HTTP Clients and HTTP Servers together make the basic component of the World Wide Web (www).
The browser that we use every day is the one that plays the role of a web client. When we wish to access a page, say, www.google.com, the browser sends an HTTP request to the server (web server) www.google.com sitting at the backend. On accepting the request, the server, makes a search for the desired object/page. On a successful search it returns back the object to the waiting browser in the form of an HTTP response.
The content that transfers over the web is composed of various Resources. The web content can be as simple as a static file. These files are composed of images, html content, video contents, movies, word files etc. The web content also has the dynamic resources which are generated on demand.
Now, the question that comes to my mind is how to locate these resources on the World Wide Web. The Uniform Resource Locator (URL) is the most common form for resource identification on www. The descriptive format of the URLs, tell us the way to fetch a resource from some particular location on the server.
Now let’s take a look at the concepts of HTTP request and response messages. The messages which are sent from web clients to web servers are called request messages. The response which the web client receives from the server is called response message. The structure of response and request messages is almost similar. HTTP messages are composed of three parts primarily: Start Line, Header Fields and Body.
Start Line:
All HTTP messages begin with a Start Line. The Start line for the request messages contains information which asks the server to do something to the resource. It contains a method which describes the function that the server needs to perform on the resource described by the URL. Similarly in a response message, the start line conveys back the status information and any resulting data to the client, thus completing the operation.
Header Fields:
HTTP headers just add more info to the request and response messages, appending after the start line. They are basically the name-value pairs that give additional info about the message being transferred. A simple HTTP header has the following syntax: a name, followed by a colon (:), followed with whitespace (optional), followed by the field value, followed by a CRLF.
Body:
The HTTP messages were actually designed to transfer this part of the message, which carry varied kinds of digital data. Images, videos, html documents, software applications, e-business applications, e-mail applications and so on, all form a part of the arbitrary binary data contained in the HTTP body. Of course, the body can also contain text.
Friends, I would recommend you all to read more on HTTP, and explore the terms better. I personally find it interesting and a rich source to understand the areas of World Wide Web which are difficult to comprehend. HTTP also forms the core for performance testing of any web application.
I will continue with a few left over headings covered under HTTP, in my next blog. Till then, happy reading… :)
http://www.qacampus.com
http://www.crestech.in
http://www.crestechsoftware.com.au
By Happy Himanshu Gupta
As I read more on Performance testing, I thought of going on a practical application to test my college website. The search results on Google presented the name of an open-source performance testing tool named OpenSTA. It was not difficult to get familiar with the interface of the tool and I began with what is called as script recording of the application.
After the recording was complete, I opened the script to see how it actually looks like. You know guys, something more horrible than any general software code appeared on the screen, and I had never read such kind of a text before in any of my course books. It was then I realized that something more important needs to be learned, before I play around with performance measuring tools. The concept I missed out reading was HTTP, the global language of web.
Most of us open our mailbox daily and go through a number of other websites. But do we ever think, what helps us in accessing our mails and the unlimited information around the globe. Well, I never thought of it, before this question actually struck me a few days ago. Is my dumb machine intelligent enough to obey my orders every time I ask it to do so? Well friends lets now understand the way the computer listens to our request and returns back the response.
HTTP which stands for “Hypertext Transfer Protocol” is a common language which lays the path of communication for all the web clients, servers and the related web applications. HTTP Clients and HTTP Servers together make the basic component of the World Wide Web (www).
The browser that we use every day is the one that plays the role of a web client. When we wish to access a page, say, www.google.com, the browser sends an HTTP request to the server (web server) www.google.com sitting at the backend. On accepting the request, the server, makes a search for the desired object/page. On a successful search it returns back the object to the waiting browser in the form of an HTTP response.
The content that transfers over the web is composed of various Resources. The web content can be as simple as a static file. These files are composed of images, html content, video contents, movies, word files etc. The web content also has the dynamic resources which are generated on demand.
Now, the question that comes to my mind is how to locate these resources on the World Wide Web. The Uniform Resource Locator (URL) is the most common form for resource identification on www. The descriptive format of the URLs, tell us the way to fetch a resource from some particular location on the server.
Now let’s take a look at the concepts of HTTP request and response messages. The messages which are sent from web clients to web servers are called request messages. The response which the web client receives from the server is called response message. The structure of response and request messages is almost similar. HTTP messages are composed of three parts primarily: Start Line, Header Fields and Body.
Start Line:
All HTTP messages begin with a Start Line. The Start line for the request messages contains information which asks the server to do something to the resource. It contains a method which describes the function that the server needs to perform on the resource described by the URL. Similarly in a response message, the start line conveys back the status information and any resulting data to the client, thus completing the operation.
Header Fields:
HTTP headers just add more info to the request and response messages, appending after the start line. They are basically the name-value pairs that give additional info about the message being transferred. A simple HTTP header has the following syntax: a name, followed by a colon (:), followed with whitespace (optional), followed by the field value, followed by a CRLF.
Body:
The HTTP messages were actually designed to transfer this part of the message, which carry varied kinds of digital data. Images, videos, html documents, software applications, e-business applications, e-mail applications and so on, all form a part of the arbitrary binary data contained in the HTTP body. Of course, the body can also contain text.
Friends, I would recommend you all to read more on HTTP, and explore the terms better. I personally find it interesting and a rich source to understand the areas of World Wide Web which are difficult to comprehend. HTTP also forms the core for performance testing of any web application.
I will continue with a few left over headings covered under HTTP, in my next blog. Till then, happy reading… :)
http://www.qacampus.com
http://www.crestech.in
http://www.crestechsoftware.com.au
SOA Testing Simplified (Series-II)
SOA Testing Simplified (Series-II)
By Pallavi Sharma
In the last article ‘Series-I’ we got familiar with SOA architecture, and its some components. We saw how a web service ‘wsdl’ file looks like and learnt how we decipher the complex information present in the file, so that we understand the web service better. In this series we will dig deeper into SOA architecture and try to figure out how exactly the various components of SOA architecture communicate with each other to solve the complex business need.
http://www.qacampus.com
http://www.crestech.in
http://www.crestechsoftware.com.au
By Pallavi Sharma
In the last article ‘Series-I’ we got familiar with SOA architecture, and its some components. We saw how a web service ‘wsdl’ file looks like and learnt how we decipher the complex information present in the file, so that we understand the web service better. In this series we will dig deeper into SOA architecture and try to figure out how exactly the various components of SOA architecture communicate with each other to solve the complex business need.
http://www.qacampus.com
http://www.crestech.in
http://www.crestechsoftware.com.au
Sending Mail from QTP using OutLook
Sending Mail from QTP using OutLook
By Navneesh Garg
As a generic Automation requirement most of the projects look at automatic emails being sent after QTP script executes or ends in a failure. Generally, outlook is configured on the systems on whissing Outlook from QTP.
‘*******************************************************************************
‘ Function: Outlook_SendEmail
‘
‘ Sends an email using Outlook.
‘
‘ Input Parameters:
‘
‘ strTo - The email address or Outlook contact to whom the email should be sent.
‘ strSubject - The email’s subject.
‘ strBody - The email’s body (this may of course include newline characters).
‘
‘ Output Parameters:
‘
‘ None.
‘
‘ Returns:
‘
‘ Not applicable. This is a sub, not a function.
‘
Sub Outlook_SendEmail(strTo, strSubject, strBody)
‘TODO: maybe add support for CC, BCC, etc?
‘Create an Outlook object
Dim Outlook ‘As New Outlook.Application
Set Outlook = CreateObject(”Outlook.Application”)
‘Create a new message
Dim Message ‘As Outlook.MailItem
Set Message = Outlook.CreateItem(0)
With Message
‘You can display the message To debug And see state
‘.Display
.Subject = Subject
.Body = TextBody
‘Set destination email address
.Recipients.Add (strTo)
‘Set sender address If specified.
‘Const olOriginator = 0
‘If Len(aFrom) > 0 Then .Recipients.Add(aFrom).Type = olOriginator
‘Send the message
.Send
End With
End Sub
http://www.qacampus.com
http://www.crestech.in
http://www.crestechsoftware.com.au
By Navneesh Garg
As a generic Automation requirement most of the projects look at automatic emails being sent after QTP script executes or ends in a failure. Generally, outlook is configured on the systems on whissing Outlook from QTP.
‘*******************************************************************************
‘ Function: Outlook_SendEmail
‘
‘ Sends an email using Outlook.
‘
‘ Input Parameters:
‘
‘ strTo - The email address or Outlook contact to whom the email should be sent.
‘ strSubject - The email’s subject.
‘ strBody - The email’s body (this may of course include newline characters).
‘
‘ Output Parameters:
‘
‘ None.
‘
‘ Returns:
‘
‘ Not applicable. This is a sub, not a function.
‘
Sub Outlook_SendEmail(strTo, strSubject, strBody)
‘TODO: maybe add support for CC, BCC, etc?
‘Create an Outlook object
Dim Outlook ‘As New Outlook.Application
Set Outlook = CreateObject(”Outlook.Application”)
‘Create a new message
Dim Message ‘As Outlook.MailItem
Set Message = Outlook.CreateItem(0)
With Message
‘You can display the message To debug And see state
‘.Display
.Subject = Subject
.Body = TextBody
‘Set destination email address
.Recipients.Add (strTo)
‘Set sender address If specified.
‘Const olOriginator = 0
‘If Len(aFrom) > 0 Then .Recipients.Add(aFrom).Type = olOriginator
‘Send the message
.Send
End With
End Sub
http://www.qacampus.com
http://www.crestech.in
http://www.crestechsoftware.com.au
Siebel: Testing Challenges And Siebel Test Automation Tool
Siebel: Testing Challenges & Siebel Test Automation Tool
By Pratham Kailash
Customer relationship management (CRM) is a term applied to processes implemented by a company to handle their contact with their customers. CRM software is used to support these processes, storing information on customers and prospective customers. Information in the system can be accessed and entered by employees in different departments, such as sales, marketing, customer service, training, professional development, performance management, human resource development, and compensation. Details on any customer contacts can also be stored in the system. The rationale behind this approach is to improve services provided directly to customers and to use the information in the system for targeted marketing and sales purposes.
Oracle’s Siebel CRM product suite of applications is market leader in CRM software domain, which enables organizations to transform the customer experience. With solutions tailored to more than 20 industries, Siebel CRM delivers:
• Comprehensive CRM capabilities
• Tailored industry solutions
• Role-based customer intelligence and pre-built integration
It helps organizations in successfully managing their important needs like:
• Sales
• Marketing
• Contact Center Infrastructure and Service
• Customer Data Integration
• Quote, Order and Billing
• Partner Relationship Management
• Business Intelligence Applications
• Price Management
Oracle’s Siebel CRM technology provides the server framework to support Siebel applications. It delivers solutions for:
• Development
• Deployment
• Diagnostic
• Integration
• Productivity
• Mobile services
Quality Assurance challenges and testing tool for Siebel CRM applications
Any organization that relies on CRM application(s) to serve the needs of internal clients or customers recognizes that application quality is a prerequisite for success, not an option. A crucial ingredient for this success is an efficient, disciplined testing process to verify that applications have achieved a level of fitness that either meets or exceeds project expectations. Slipping schedules, frequently changing application user interfaces, and recurrent feature regression introduce variables that ad-hoc testing practices are unable to handle.
IBM Rational Functional Tester Extension for Siebel Test Automation is one of the tools built to address these issues. Rational Functional Tester Extension for Siebel Test Automation records user interactions with Siebel 7.7 applications, creating a test script that - when executed - reproduces those actions. During recording, the user can insert verification points that extract specified data or properties from the application under test. During playback, these verification points are used to compare recorded information with live information to ensure consistency. Following any test recording activity, testers have the option of adding custom code to the test script to perform an unlimited array of tasks, including the data manipulation and environment configuration activities that are often necessary to ensure the test lab is properly constituted for the test run. Following test execution, Rational Functional Tester Extension for Siebel Test Automation generates a report listing the results of the verification point comparisons. With Rational Functional Tester Extension for Siebel Test Automation, teams are able to more reliably and efficiently expose problems in Siebel 7.7 applications, increasing the opportunity for defect capture and repair before product deployment.
Features and benefits of IBM Rational Functional Tester Extension for Siebel Test Automation:
• Supports Siebel controls for GUI automated testing
Siebel 7.7 delivers a rich UI comprised of standard and complex controls. Rational Functional Tester Extension for Siebel integrates with Siebel Test Automation interfaces to provide robust automation support for this rich environment. By supporting standard web controls in addition to Siebel Standard-Interactivity and High-Interactivity controls Functional Tester Extension for Siebel generates scripts consisting of advanced UI control recognition and readability.
• Support for testing of Java, Web and Visual Studio .NET WinForm-based applications
Test teams are often required to assess applications built upon more than one technology base. IBM Rational Functional Tester provides equally robust automation support for applications constructed using Java, HTML/DHTML and Visual Studio .NET WinForm technologies.
• Choice of language - Java or Visual Basic .NET - for test script customization
Test script customization is mandatory in order to perform anything but the most basic tests Functional Tester for Siebel gives you a choice of powerful, mainstream scripting languages to make this possible. Choose between either Java or Visual Basic .NET - both options can be used with all the supported user interface technologies. By working with Functional Tester for Siebel, testers quickly learn to work with basic language constructs and acquire programming skills that facilitate more productive communication with developers.
• Native Java and Visual Basic .NET editor and debugger for advanced testers
Test script editing is important, but it can be difficult without a good editor and debugger. Functional Tester for Siebel delivers industrial-strength options to address this concern. Testers using Java can work in the Eclipse Java Development Toolkit (JDT), and those using Visual Basic .NET can work in Visual Studio .NET. Both integrated development environments offer a host of options to simplify test enhancement, including a helpful code-complete feature that suggests code to accelerate editing. GUI developers will find this feature particularly useful, as they can access it within the IDE they use to build the user interface.
• ScriptAssure technology to accommodate frequent UI modifications
Frequent changes to an application’s user interface can break tests, which embody assumptions about how to identify the interface’s objects during playback. Functional Tester for Siebel introduces an advanced ScriptAssure™ technology to accommodate these changes and avoid increases in maintenance overhead. ScriptAssure uses configurable algorithms to locate objects during test execution, even if the objects have changed since test creation.
• Automated data correlation and data-driven testing eliminate need for manual coding
Functional tests typically need to vary data during playback to properly simulate true users. Functional Tester for Siebel can automatically detect data entered during test recording and prepare the test for data-driven testing. Using a spreadsheet-like data editor, you can then create customized data sets to be inserted into the script during playback. In this way, you can produce highly personalized tests without manual coding.
• Multiple verification points with regular expression pattern matching support
Verification points help to ensure there is no regression from one build of the application under test to the next. Functional Tester for Siebel provides a wide range of verification points to test various aspects of your application, and it includes pattern matching support for tests in which you cannot predict the exact data response.
• Advanced object map maintenance capabilities
Functional Tester for Siebel uses an object map to store information used during test execution to locate user interface objects. It also provides maintenance capabilities to update this object map automatically whenever changes are made to the application’s user interface.
• Ships with IBM Rational Manual Tester
For teams not yet prepared to automate all of their testing efforts; IBM Rational Manual Tester is included in the Functional Tester for Siebel product box. Rational Manual Tester brings control and organization to manual testing efforts, introducing a novel test step reuse technology to improve the resiliency of manual tests despite changes made to the applications under test.
• Ships with IBM Rational ClearCase LT for automated version control
Typically, more than one version of an application is deployed within an organization, and testers must therefore maintain groups of tests for each version. Without the help of automated version control, this can be extremely difficult. Functional Tester for Siebel is designed to support automated version control, which not only provides a mechanism to maintain multiple test sets, but also enables parallel development and supports geographically dispersed teams, To help teams take advantage of this support, a full version of IBM Rational ClearCase LT, an entry-level version control tool designed for small project workgroups, is included in the product box. Rational Functional Tester users also have the option of upgrading to the standard version of IBM Rational ClearCase.
http://www.qacampus.com
http://www.crestech.in
http://www.crestechsoftware.com.au
By Pratham Kailash
Customer relationship management (CRM) is a term applied to processes implemented by a company to handle their contact with their customers. CRM software is used to support these processes, storing information on customers and prospective customers. Information in the system can be accessed and entered by employees in different departments, such as sales, marketing, customer service, training, professional development, performance management, human resource development, and compensation. Details on any customer contacts can also be stored in the system. The rationale behind this approach is to improve services provided directly to customers and to use the information in the system for targeted marketing and sales purposes.
Oracle’s Siebel CRM product suite of applications is market leader in CRM software domain, which enables organizations to transform the customer experience. With solutions tailored to more than 20 industries, Siebel CRM delivers:
• Comprehensive CRM capabilities
• Tailored industry solutions
• Role-based customer intelligence and pre-built integration
It helps organizations in successfully managing their important needs like:
• Sales
• Marketing
• Contact Center Infrastructure and Service
• Customer Data Integration
• Quote, Order and Billing
• Partner Relationship Management
• Business Intelligence Applications
• Price Management
Oracle’s Siebel CRM technology provides the server framework to support Siebel applications. It delivers solutions for:
• Development
• Deployment
• Diagnostic
• Integration
• Productivity
• Mobile services
Quality Assurance challenges and testing tool for Siebel CRM applications
Any organization that relies on CRM application(s) to serve the needs of internal clients or customers recognizes that application quality is a prerequisite for success, not an option. A crucial ingredient for this success is an efficient, disciplined testing process to verify that applications have achieved a level of fitness that either meets or exceeds project expectations. Slipping schedules, frequently changing application user interfaces, and recurrent feature regression introduce variables that ad-hoc testing practices are unable to handle.
IBM Rational Functional Tester Extension for Siebel Test Automation is one of the tools built to address these issues. Rational Functional Tester Extension for Siebel Test Automation records user interactions with Siebel 7.7 applications, creating a test script that - when executed - reproduces those actions. During recording, the user can insert verification points that extract specified data or properties from the application under test. During playback, these verification points are used to compare recorded information with live information to ensure consistency. Following any test recording activity, testers have the option of adding custom code to the test script to perform an unlimited array of tasks, including the data manipulation and environment configuration activities that are often necessary to ensure the test lab is properly constituted for the test run. Following test execution, Rational Functional Tester Extension for Siebel Test Automation generates a report listing the results of the verification point comparisons. With Rational Functional Tester Extension for Siebel Test Automation, teams are able to more reliably and efficiently expose problems in Siebel 7.7 applications, increasing the opportunity for defect capture and repair before product deployment.
Features and benefits of IBM Rational Functional Tester Extension for Siebel Test Automation:
• Supports Siebel controls for GUI automated testing
Siebel 7.7 delivers a rich UI comprised of standard and complex controls. Rational Functional Tester Extension for Siebel integrates with Siebel Test Automation interfaces to provide robust automation support for this rich environment. By supporting standard web controls in addition to Siebel Standard-Interactivity and High-Interactivity controls Functional Tester Extension for Siebel generates scripts consisting of advanced UI control recognition and readability.
• Support for testing of Java, Web and Visual Studio .NET WinForm-based applications
Test teams are often required to assess applications built upon more than one technology base. IBM Rational Functional Tester provides equally robust automation support for applications constructed using Java, HTML/DHTML and Visual Studio .NET WinForm technologies.
• Choice of language - Java or Visual Basic .NET - for test script customization
Test script customization is mandatory in order to perform anything but the most basic tests Functional Tester for Siebel gives you a choice of powerful, mainstream scripting languages to make this possible. Choose between either Java or Visual Basic .NET - both options can be used with all the supported user interface technologies. By working with Functional Tester for Siebel, testers quickly learn to work with basic language constructs and acquire programming skills that facilitate more productive communication with developers.
• Native Java and Visual Basic .NET editor and debugger for advanced testers
Test script editing is important, but it can be difficult without a good editor and debugger. Functional Tester for Siebel delivers industrial-strength options to address this concern. Testers using Java can work in the Eclipse Java Development Toolkit (JDT), and those using Visual Basic .NET can work in Visual Studio .NET. Both integrated development environments offer a host of options to simplify test enhancement, including a helpful code-complete feature that suggests code to accelerate editing. GUI developers will find this feature particularly useful, as they can access it within the IDE they use to build the user interface.
• ScriptAssure technology to accommodate frequent UI modifications
Frequent changes to an application’s user interface can break tests, which embody assumptions about how to identify the interface’s objects during playback. Functional Tester for Siebel introduces an advanced ScriptAssure™ technology to accommodate these changes and avoid increases in maintenance overhead. ScriptAssure uses configurable algorithms to locate objects during test execution, even if the objects have changed since test creation.
• Automated data correlation and data-driven testing eliminate need for manual coding
Functional tests typically need to vary data during playback to properly simulate true users. Functional Tester for Siebel can automatically detect data entered during test recording and prepare the test for data-driven testing. Using a spreadsheet-like data editor, you can then create customized data sets to be inserted into the script during playback. In this way, you can produce highly personalized tests without manual coding.
• Multiple verification points with regular expression pattern matching support
Verification points help to ensure there is no regression from one build of the application under test to the next. Functional Tester for Siebel provides a wide range of verification points to test various aspects of your application, and it includes pattern matching support for tests in which you cannot predict the exact data response.
• Advanced object map maintenance capabilities
Functional Tester for Siebel uses an object map to store information used during test execution to locate user interface objects. It also provides maintenance capabilities to update this object map automatically whenever changes are made to the application’s user interface.
• Ships with IBM Rational Manual Tester
For teams not yet prepared to automate all of their testing efforts; IBM Rational Manual Tester is included in the Functional Tester for Siebel product box. Rational Manual Tester brings control and organization to manual testing efforts, introducing a novel test step reuse technology to improve the resiliency of manual tests despite changes made to the applications under test.
• Ships with IBM Rational ClearCase LT for automated version control
Typically, more than one version of an application is deployed within an organization, and testers must therefore maintain groups of tests for each version. Without the help of automated version control, this can be extremely difficult. Functional Tester for Siebel is designed to support automated version control, which not only provides a mechanism to maintain multiple test sets, but also enables parallel development and supports geographically dispersed teams, To help teams take advantage of this support, a full version of IBM Rational ClearCase LT, an entry-level version control tool designed for small project workgroups, is included in the product box. Rational Functional Tester users also have the option of upgrading to the standard version of IBM Rational ClearCase.
http://www.qacampus.com
http://www.crestech.in
http://www.crestechsoftware.com.au
IIS Performance Settings
IIS Performance Settings
Blog Home »
*
Calender
May 2009 M T W T F S S
« Apr
1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31
*
Recent Posts
o Updates about QTP 10 (I)
o Agent Controller Issue on Starting RAServer Process
o Oracle Tunning
o Bridging the Gap between Open Source & Commercial Tools
o Necessity- the Mother of all Invention (Part II)
*
Archives
o May 2009
o April 2009
o March 2009
o February 2009
o January 2009
o October 2008
o September 2008
o August 2008
o July 2008
*
Tags
Agile Mode CRM | Database Document Object Model | Functional Automation Functional Testing | General General Concepts human resource Human Resources | Open Source Tools Oracle Performance Testing | QTP SRS Telecom Testing
Search Blog
*
Categories
o Catch The Latest
o CRM |
o Functional Automation
o Functional Testing |
o General
o General Concepts
o Human Resources |
o Open Source tools
o Open Source tools
o Other Commercial Tools
o Performance Testing |
o Quick Test Professional
o Rational Functional Tester
o Security Testing
o Telecom Testing
o Testing SOA
o Uncategorized
*
Recent Comments
o Abhay on Sample code to click on dynamic link using Browser DOM
o parul wahi on Testing Ajax Application using QTP
o Pankaj Goel on Testing Ajax Application using QTP
o Pankaj Goel on Oracle Tunning
o Pankaj Goel on Bridging the Gap between Open Source & Commercial Tools
*
Blogger
o Roshi Malhotra
o Kuldeep Singh
o Vaibhav Agarwal
o Rajat Singhal
o Avinash K. Tiwari
o Ravinder Singroha
o Vivek Goyal
o Sudha Sharma
o Betsy Joy
o Shalini Rawal
IIS Performance Settings
July 28th, 2008 admin Posted in Performance Testing | |
By Pankaj Goel
Performance tuning tips for IIS 6.0
The IIS server tuning is slightly involved in terms of understanding the performance critical parameters and tuning them to meet the performance specifications. Some of the ways to improve performance hosted on dot net platform are
a) Recycling Worker process
b) Reducing thread contention
c) Kernel Mode caching
a) Recycling Worker Processes
If a Web application contains code that causes problems, and you cannot easily rewrite the code, it might be useful to limit the extent of the problems by periodically recycling the worker process that services the application. You can accomplish this by using what is known as Worker Process Recycling. Worker process recycling is the replacing of the instance of the application in memory. IIS 6.0 can automatically recycle worker processes by restarting the worker process, or worker processes, that are assigned to an application pool. This helps keep problematic applications running smoothly, and minimizes problems such as memory leaks. You can trigger the recycling of the worker processes assigned to an application pool by using worker process recycling methods that are based on elapsed time, the number of Hypertext Transfer Protocol (HTTP) requests, a set time of day, and two kinds of memory consumption, in addition to recycling on demand.
To configure all the above settings, go to the Properties window of the application pool in which your Web application is running using the IIS manager. Using the Recycling, Performance, and Heal
You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.
AddThis Social Bookmark Button
Leave a Reply
Name (required)
Mail (will not be published) (required)
Website
(Required)
Type the two words:Type what you hear:Incorrect. Try again.
Get a new challenge
Get an audio challengeGet a visual challenge
Help
« SOA Testing Simplified (Series-I)
Telecom Testing »
http://www.qacampus.com
http://www.crestech.in
http://www.crestechsoftware.com.au
Blog Home »
*
Calender
May 2009 M T W T F S S
« Apr
1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31
*
Recent Posts
o Updates about QTP 10 (I)
o Agent Controller Issue on Starting RAServer Process
o Oracle Tunning
o Bridging the Gap between Open Source & Commercial Tools
o Necessity- the Mother of all Invention (Part II)
*
Archives
o May 2009
o April 2009
o March 2009
o February 2009
o January 2009
o October 2008
o September 2008
o August 2008
o July 2008
*
Tags
Agile Mode CRM | Database Document Object Model | Functional Automation Functional Testing | General General Concepts human resource Human Resources | Open Source Tools Oracle Performance Testing | QTP SRS Telecom Testing
Search Blog
*
Categories
o Catch The Latest
o CRM |
o Functional Automation
o Functional Testing |
o General
o General Concepts
o Human Resources |
o Open Source tools
o Open Source tools
o Other Commercial Tools
o Performance Testing |
o Quick Test Professional
o Rational Functional Tester
o Security Testing
o Telecom Testing
o Testing SOA
o Uncategorized
*
Recent Comments
o Abhay on Sample code to click on dynamic link using Browser DOM
o parul wahi on Testing Ajax Application using QTP
o Pankaj Goel on Testing Ajax Application using QTP
o Pankaj Goel on Oracle Tunning
o Pankaj Goel on Bridging the Gap between Open Source & Commercial Tools
*
Blogger
o Roshi Malhotra
o Kuldeep Singh
o Vaibhav Agarwal
o Rajat Singhal
o Avinash K. Tiwari
o Ravinder Singroha
o Vivek Goyal
o Sudha Sharma
o Betsy Joy
o Shalini Rawal
IIS Performance Settings
July 28th, 2008 admin Posted in Performance Testing | |
By Pankaj Goel
Performance tuning tips for IIS 6.0
The IIS server tuning is slightly involved in terms of understanding the performance critical parameters and tuning them to meet the performance specifications. Some of the ways to improve performance hosted on dot net platform are
a) Recycling Worker process
b) Reducing thread contention
c) Kernel Mode caching
a) Recycling Worker Processes
If a Web application contains code that causes problems, and you cannot easily rewrite the code, it might be useful to limit the extent of the problems by periodically recycling the worker process that services the application. You can accomplish this by using what is known as Worker Process Recycling. Worker process recycling is the replacing of the instance of the application in memory. IIS 6.0 can automatically recycle worker processes by restarting the worker process, or worker processes, that are assigned to an application pool. This helps keep problematic applications running smoothly, and minimizes problems such as memory leaks. You can trigger the recycling of the worker processes assigned to an application pool by using worker process recycling methods that are based on elapsed time, the number of Hypertext Transfer Protocol (HTTP) requests, a set time of day, and two kinds of memory consumption, in addition to recycling on demand.
To configure all the above settings, go to the Properties window of the application pool in which your Web application is running using the IIS manager. Using the Recycling, Performance, and Heal
You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.
AddThis Social Bookmark Button
Leave a Reply
Name (required)
Mail (will not be published) (required)
Website
(Required)
Type the two words:Type what you hear:Incorrect. Try again.
Get a new challenge
Get an audio challengeGet a visual challenge
Help
« SOA Testing Simplified (Series-I)
Telecom Testing »
http://www.qacampus.com
http://www.crestech.in
http://www.crestechsoftware.com.au
Subscribe to:
Comments (Atom)