End to End Testing

Parasoft's solution offers the unique ability to create end-to-end test suites that cross application layers, SDLC phases, and testing methods:

• With a single test suite, you can continuously validate all critical aspects of complex transactions which may extend through web interfaces, backend services, ESBs, databases, and everything in between.
• "Unit tests" can be created as soon as a single "unit of work is completed, then this test suite can be incrementally enhanced to verify additional components as they are added, test the integration of components, and audit end-to-end business processes that span across composite applications.
• The same end-to-end test suites that are created for functional testing can also be leveraged for security as well as load testing— and all of these tests can easily be integrated into a robust regression testing suite.
• During test execution, you can visualize and trace the intra-process events triggered by tests, facilitating rapid diagnosis of problems directly from the test environment. You can also continuously validate whether critical events continue to satisfy functional expectations as the system evolves.

View a demo of end-to-end testing

Functional Validation

Web interface testing is difficult to automate. Too often teams abandon automated testing in favor of manual testing, due to too many false positives or too much effort required to maintain the test suites. Parasoft's solution facilitates creation of automated test suites that are reliable and dependable. Its ability to isolate testing to specific elements of the Web application eliminates noise and provides accurate results.

Parasoft's solution isolates and tests individual application components for correct functionality across multiple browsers without requiring scripts. Additionally, dynamic data can be stubbed out with constant data to reduce test case noise.

Validations can be performed at the page object level as well as the HTTP message level. We verify the client-side JavaScript engine under expected and unexpected conditions through asynchronous HTTP message stubbing. Test cases are flexible and can be easily reused and shared.

You can automatically create regression tests that ignore expected content changes for entire pages, or you can create specific regression tests on individual page elements, thus eliminating the noise of annoying false positives.

View a demo of functional testing

RIA/AJAX

AJAX and Rich Internet Applications deliver a richer user experience as well as bring a greater level of complexity to the architecture and development of Web applications. Parasoft's solution delivers an automated framework to isolate and test the unique components of an AJAX/RIA application and then aggregates those components into a comprehensive test suite.

We validate the format and content of client/server messaging to ensure that the data is expected and correct. In addition, server messages are "frozen" and inserted in place of dynamic messages to validate that errors seen in the user interface elements are due to defects in the Ajax engine and not due to changes in dynamic application data.

Low-Noise, Script-less Tests

It can be challenging to create robust, noiseless regression tests for highly dynamic Web applications. In many testing environments, complex test creation means writing endless proprietary scripts and generating many false positives.

Parasoft's solution eliminates the need for writing scripts, and instead provides a simple GUI interface to create tests. To provide additional flexibility, tests that are more suited to the control that scripting offers can be generated as JUnit tests and extended using the Java programming language.

You can automatically create regression tests that ignore expected content changes for entire pages, or you can create specific regression tests on individual page elements, thus eliminating the noise of annoying false positives. [ back to top ]

End to End Testing

Parasoft's solution offers the unique ability to create end-to-end test suites that cross application layers, SDLC phases, and testing methods:

• With a single test suite, you can continuously validate all critical aspects of complex transactions which may extend through web interfaces, backend services, ESBs, databases, and everything in between.
• "Unit tests" can be created as soon as a single "unit of work is completed, then this test suite can be incrementally enhanced to verify additional components as they are added, test the integration of components, and audit end-to-end business processes that span across composite applications.
• The same end-to-end test suites that are created for functional testing can also be leveraged for security as well as load testing— and all of these tests can easily be integrated into a robust regression testing suite.
• During test execution, you can visualize and trace the intra-process events triggered by tests, facilitating rapid diagnosis of problems directly from the test environment. You can also continuously validate whether critical events continue to satisfy functional expectations as the system evolves.

View a demo of end-to-end testing

Web Services

Functional testing ensures that the server delivers appropriate responses for the given requests. The Parasoft's solution facilitates server testing by automatically creating a test suite from Web service assets such as:

• WSDL documents
• WSIL documents
• UDDI registries
• HTTP traffic
• BPEL files
• Oracle Enterprise Repository
• SoftwareAG CentraSite
• Amberpoint
• Progress Sonic ESB
• TIBCO EMS
• JMS

Additionally, user-defined scenario-based tests that span multiple Web service invocations can be rapidly defined. Test cases can be dependent on the success or failure of previous tests-allowing you to create an efficient workflow within the test suite.

A test suite containing any combination of user-defined and automatically-generated tests can instantly be converted to a regression test, which helps you determine whether functionality changes over time. The same tests can also be leveraged for load testing and security testing.

View a demo of functional testing

REST Services

REST style services do not use SOAP and are typically invoked by passing URL parameters in an HTTP request. Parasoft's solution fully supports the testing of RESTful services. Messages can be sent with HTTP GET, POST, PUT, DELETE, HEAD, OPTIONS, or custom methods. For instance, our messaging client can be used to perform HTTP requests as well as easily manage URL parameters visually and with parameterization options. It also allows for validating and manipulating both XML and JSON responses.

Other Services (PoX, JMS, etc.)

Parasoft's solution can be used to test POX (Plain Old XML) services that are not necessarily SOAP Web services. If a schema for the XML messages is available, tests can be generated automatically, without the need to provide sample XML messages.
Our support for plain XML services includes emulating a client that sends XML over one of the supported protocols and APIs (e.g. HTTP, JMS, and so on), or emulating a server that responds with XML. [ back to top ]

Composite Applications/ESBs

Parasoft's solution facilitates the testing of composite applications. Our service emulation capability can generate and deploy stubs that replace specific application components that you do not want to test (or cannot test). This enables you to verify specific components in isolation as well as reduce the complexity of the test environment. Moreover, our broad protocol support provides teams an integrated environment for performing comprehensive testing of heterogeneous composite applications.

Functional tests can be automatically generated from monitoring the transaction messages that touch JMS endpoints in ESBs and middleware systems. You can also visualize and trace the intra-process events that take place as part of the transactions that are triggered by the tests, and then dissect them for validation. In addition to providing visibility into the system's intermediate messages, this allows you replay transactions directly from the Parasoft's solution and verify that the monitored functionality continues to work as expected. As a result, test engineers gain the ability to identify problem causes and validate multi-endpoint, integrated transaction systems that have been traditionally handled only by specialized development teams.

View a demo of Parasoft's support for native environments and ESBs

Runtime Error Detection

Parasoft performs runtime error detection as functional tests or penetration tests execute. We analyze the executing application and detect defects that actually occurred during execution. Defects detected include race conditions, exceptions, resource leaks, and security attack vulnerabilities.

Asynchronous Testing

In this age of flexible, high performance Web services, asynchronous communication is often used in long-running transactions, allowing the client to continue with other processing rather than blocking until a response is received.

Parasoft's solution comes packaged with a Web server that runs in the background and manages the asynchronous Call Back messages received. We support the major asynchronous communication protocols including Parlay, SCP, and WS-Addressing.

Rich Data Validation

Parasoft's solution provides an advanced XML validation capability that enables you to easily create and maintain validation assertions on their XML messages, ranging from composition of assertions on individual XML element values, to pattern-based assertions, to comparison of the entire message based on a specified regression control baseline. This allows for tests to be executed automatically without the need for manual inspection of messages.

Test Case Parameterization

Parasoft's solution enables you to increase the scope and comprehensiveness of your Web service testing by parameterizing functional tests using values stored in a data source. For example, you can configure Parasoft SOA Quality Solution to iterate over MS Excel spreadsheet values as part of the requests to a server. The values that are received in response can then be compared to another set of values to check if the response received matches the expected values.

Data-Driven Test Cases

Parasoft's solution can use values from any of the following types of data sources for test case inputs as well as data validation:

• CSV files
• Databases
• Excel spreadsheets
• Tables created in (or copied into) the internal table editor.
• File

Scenario Modeling

Parasoft's solution can graphically model and test complex, multi-layered transactions over multiple protocols. Any use case can be rapidly constructed, reused and placed into a continuous regression suite. Such scenarios can include combinations of transactions from multiple different services and across different protocols and interfaces. For example, a message can be sent to update a record, and then verify the update results in a relational database.

Functional JUnit Test Generation

Parasoft's unique Tracer technology provides a fast and easy way to create the realistic test cases required for functional testing. Simply use Parasoft's SOA or Web test clients (or the application's UI) to execute the use cases you want to verify.

As the use case is executed, Tracer monitors all the objects that are created, all the data that comes in and goes out, and then it creates a unit test that represents this operation-and even sets up the proper initial conditions. No coding or scripting is required. If the functionality associated with your "traced" use cases later breaks, you will be alerted by the failure of the related test cases.

You can then take this unit test case and execute it on a separate machine, away from the original system. This means that you can use a single machine-even a standard developer desktop-to reproduce the behavior of a complicated system during your verification procedure.

Since the generated unit tests directly correlate tests to source code, this improves error identification and diagnosis, and allows developers to run these test cases without having to depend on access to the production environment or set up a complex staging environment. This facilitates collaboration between QA and Development: QA can provide developers traced test sessions with code-level test results, and these tests help developers identify, understand, and resolve the problematic code.

EJB/ Java EE Testing

Parasoft provides multiple levels of testing for EJBs and other code written for the Java EE framework.
As code is being written, a special rule library checks compliance to EJB and other Java EE best practices; these rules can be applied along with industry standard rules and rules that enforce your organization's specific polices.
Upon component completion, unit tests can be generated and executed to test the code outside and/or inside the container.
Once the application is deployed to a local or actual server, functional test cases for specified components can be generated via "test case tracing" as you run your use cases on the working application. Additionally, our EJB Client tool can test the remote interface of deployed EJBs. This allows functional and load testing of EJBs through their remote interfaces-without having to go through a Web or Web service interface. [ back to top ]

Continuous Regression Testing Framework

Testing activities, done by both developers and QA, often consume the bulk of project resources. It is essential that resources are optimized to deliver maximum agility without compromising quality.

With Parasoft's solution, you can execute a component-based testing strategy that ultimately allows you to focus on the impact of change. Parasoft's continuous regression tests are applied to the multiple layers throughout your system. These tests will then immediately alert you when modifications impact application behavior providing a safety net that reduces the risk of change, enabling rapid and agile responses to business demands.

You can evolve regression suites for heterogeneous systems rapidly and easily, then leverage the same functional regression test suites-including complex business scenarios and rich message validation assertions-into load tests without scripting.

Automated Nightly Process

Parasoft's solution gives you the ability to completely automate the testing process by running your tests on a nightly basis from the command line. This allows you to fully automate the testing process. Once your tests are built using the solution's GUI, they can be saved into project files, which can then be run in a nightly process.

A powerful command line interface allows easy integration of your Parasoft's solution and test assets with existing test processes or automated build environments, such as ones supported by Ant and Cruise Control.

Cross-Server Execution

Parasoft's solution facilitates execution of regression tests in different server environments (development, QA, staging, production). For example, a developer may start with tests on a server deployed on his or her local machine, and then as the server is deployed to a development build server, the same tests would need to be executed against that server, then QA and testing teams would need to run the same regression tests on their own integration server.

Parasoft's solution includes an "Environments" management feature which makes such tasks easy, because reusing and sharing test assets is critical for achieving a highly efficient process.

Low-Maintenance Test Suite

For message layer tests, Parasoft's solution implemented the heuristics that allow tests to be rapidly adapted to changes in the services or the underlying application. For example, if the WSDL or associated schema types change, the message structure can be updated accordingly without losing existing test data. As a result, you never need to throw away existing tests and start over from scratch. Rather, you only need to make minor adjustments.

When working with large test suites, this is critical for reducing the time and effort required to keep the test suite in synch with the evolving application. Furthermore, capabilities such as test parameterization, environment variables and global search & replace, and test suite referencing allow for easy and efficient maintenance of large numbers of test cases. [ back to top ]

Behavior Virtualization

Evolving services in a distributed environment and across multiple teams is a complex endeavor due to the interdependencies between the system and business processes. For example, in a system that incorporates multiple endpoints such as credit card processing, billing, shipping, and so on, it may be difficult for one team to test the responses from another team without interrupting normal business transactions.

Parasoft's solution can test complex and distributed environments by automatically generating server stubs based on existing test suites. We can quickly and easily automate server emulation across multiple environments, thereby streamlining the collaborative development and testing activities of multiple teams and ultimately speeding the SDLC.

Read the white paper "Eliminate Testing Delays through Virtualization: Application Behavior Emulation"

Intelligent Stub Generation and Deployment

Stub construction needs to be both rapid and intelligent in order to truly capture and exercise realistic system behavior. This not only makes testing more comprehensive and a better predictor of actual system behavior; it also significantly reduces the resources required for effective testing.

Parasoft offers a wide range of capabilities to assist you in rapidly configuring stubs that meet any data, performance or behavior conditions in real-time. All stubs can be deployed locally or made available as a service so that different teams or business partners can collaborate on evolving their components within a business system.

Virtualization Based on Historical Data

Parasoft automatically emulates services based on real-world historical data (request/reply sets) collected from the runtime environment. Once you have captured a set of messages from the actual system (via monitoring, tracing, log files, etc.), we can create an emulated version of the service based on the same messages. For example, you can obtain runtime message sets from a runtime monitoring system such as Amberpoint SOA Validation System, then we can automatically generate stubs that represent the monitored behavior. [ back to top ]

Contextual Virtualization

In some cases, it's necessary to have a better understanding of the context around these messages in order to produce these emulated services intelligently. When this contextual understanding is important, you can visually model the scenario that you want emulated (you simply interact with the actual components to be emulated), then have Parasoft automatically generate stubs that emulate the behavior monitored when executing the modeled scenario. This significantly reduces the resources required to intelligently mirror the real-world behavior of complex, distributed, and heterogeneous environments.

Behavior Definition for Unavailable Services

Even if a system is completely unavailable, you can rapidly create an emulated version of necessary services from scratch. For example, you can automatically create a stub skeleton from a WSDL, use spreadsheets or other data sources to define the desired behavior, and then visually correlate request parameter values with desired response values.

Extending Beyond Services

Parasoft's intelligent stub generation is not limited to service virtualization. The solution's extreme extensibility and easy customization allows you to stub any component or protocol that is creating a dependency problem in the test environment.

Easy Extensibility and Configurability

To ensure that the emulated assets are flexible and robust enough to represent even the most complex test scenarios, Parasoft provides easy ways to configure stubs. For example, a simple graphical interface is provided to customize stubs with different request/response use cases, error conditions, delays, and so forth.

To quickly configure responses with a wide variety of values, you can set the stub to use automatically-generated inputs for specified operations, or feed it a range of values that are stored in a data source. In addition, if you have scripts or code that represents a custom response, you can integrate it directly into the emulated environment. This means that you can extend the stub to mimic any level of processing–no matter how complex or sophisticated.

Flexible Deployment Options

The configured stubs can be deployed locally or made available as a service so that different teams or business partners can collaborate on evolving their components within the distributed architecture. If the emulated asset changes as the application evolves (for example, the WSDL for an emulated service is extended to include a new operation), the associated stub does not need to be re-created; it can be updated. Providing additional flexibility, Parasoft's stubs can be made available for continuous access or they can be integrated into an end-to-end test suite.

Collaboration and Continuous Access

Parasoft works from a central repository–continuously-running machines that host stubs to provide all team members and project stakeholders uninterrupted, stable access to virtualized resources. This centralized access to shared quality assets eliminates roadblocks typically associated with testing today's heterogeneous applications, where various components are incomplete, evolving, unstable, inaccessible, or otherwise unavailable for testing. [ back to top ]

BPEL

The size, scope, complexity of typical BPEL processes-with multiple business partner links and references to multiple WSDL files that describe external resources-makes effective testing difficult and time-consuming.

Parasoft's solution facilitates BPEL testing by allowing teams to automatically create test cases from vendor-specific BPEL deployment artifacts and to arrange these test cases into suites that reflect different aspects of testing a BPEL process.

With the solution's BPEL testing capabilities, organizations using BPEL to optimize and emulate complex business processes can more reliably and consistently ensure the quality and completeness of these processes.

We support BPEL testing by automating the creation of the following types of tests:

• BPEL Semantics tests, which verify semantic and schema validity of BPEL files.
• WSDL tests, which check WSDL files referenced in the BPEL deployment for schema validity, semantic validity, WS-I interoperability, and regression.
• BPEL Process tests, which emulate external business partners accessing the deployed BPEL process.
• BPEL Partner tests, which allow direct testing of BPEL process business partners.

End to End Testing

Parasoft's solution offers the unique ability to create end-to-end test suites that cross application layers, SDLC phases, and testing methods:

• With a single test suite, you can continuously validate all critical aspects of complex transactions which may extend through web interfaces, backend services, ESBs, databases, and everything in between.
• "Unit tests" can be created as soon as a single "unit of work is completed, then this test suite can be incrementally enhanced to verify additional components as they are added, test the integration of components, and audit end-to-end business processes that span across composite applications.
• The same end-to-end test suites that are created for functional testing can also be leveraged for security as well as load testing— and all of these tests can easily be integrated into a robust regression testing suite.
• During test execution, you can visualize and trace the intra-process events triggered by tests, facilitating rapid diagnosis of problems directly from the test environment. You can also continuously validate whether critical events continue to satisfy functional expectations as the system evolves.

View a demo of end-to-end testing

API Penetration Testing

Parasoft's solution automatically generates tests to perform security penetration testing at the message layer. By testing the SOA with penetration attacks and analyzing the responses, security vulnerabilities can be discovered and fixed earlier in the software development cycle. The following penetration tests are currently supported: Parameter fuzzing, SQL injections, XPath injections, XML bombs, external entities, malformed XML, invalid XML, username harvesting, large XML.

Message Layer Security Policy Validation

Parasoft's solution includes security support for testing Web services with security layers. At the transport level, we support SSL (both server and client authentication), basic, Digest and Kerberos authentication. At the message level, we support WS-Security including X509, SAML, Username security tokens, XML Encryption and XML Digital Signature. The solution allows for security token validation as well as negative tests that ensure proper enforcement of message integrity and authentication.

Web Interface Penetration Testing

Parasoft's solution automatically generates tests to perform security penetration testing of Web interfaces. By simulating a hacker and "attacking" a Web site with malformed input data, we can uncover OWASP top ten issues such as SQL injection, cross site scripting, buffer overflow, command injection, unvalidated input, and more.

Additionally, we utilize a database of over 4,000 checks to find vulnerabilities related to outdated server applications, default installations, and so on. This helps secure and standardize HTML to enforce best practices related to login forms, comments, hidden fields, and other security-relevant HTML issues.

Language-Level Security Validation

Parasoft's pattern-based code analysis verifies that your organization's security policy is implemented in your application code (JavaScript, VBScript/ASP, HTML, JSP, Java, .NET, and so on). It also identifies common security vulnerabilities. Parasoft's static analysis rule set is the most comprehensive in the industry, and is constantly being extended.

In addition, Parasoft's data flow static analysis detects injection vulnerabilities, XSS, exposure of sensitive data, and other vulnerabilities without test cases or application execution. Moreover, Parasoft's peer code review process automation facilitates the high-level code review that is often required for regulatory compliance (PCI DSS, etc.). [ back to top ]

Performance and Stress Testing

Parasoft solution's performance testing not only monitors the server's response rate with the specified number and mixture of simultaneous requests, but also verifies whether the test loads cause functionality problems. We facilitate performance testing by allowing you to load test your existing end-to-end functional test suites (which may span from the web interface, through services, to the database) according to preset or customized load test scenarios.

Preset scenarios can be used to verify robustness, scalability and durability. You can easily customize these scenarios to use different test cases, load levels, load distributions, and so on. You can also distribute virtual users across remote server machines to simulate extreme loads and/or test from different locations.

Support is also provided for load testing non-Parasoft components such as JUnits or lightweight socket-based components. This provides teams an integrated solution for their various load testing needs.

Monitoring Tools

To help you collect network information and system performance data during load testing, Parasoft's solution provides builtin and extensible monitoring capabilities--for instance, over perfmon, SNMP or rstat (for platforms such as Windows, UNIX, and Linux) and over JMX (for .NET, Java-based applications, and ESBs). The solution's extensible and deployable monitoring framework allows you to extract just about any set of metrics from the system that is being subjected to load, graph and correlate those metrics visually to identify causes of performance issues, and apply expected quality of service policies on those metrics to get a high-level view of the system's compliance with performance and reliability requirements.

Concurrency Testing

Parasoft's load testing can also uncover concurrency issues in applications. For instance, if someone writes a JUnit test case for classes in the team's Java code, we can simulate threads accessing the code simultaneously to expose issues. This is increasingly important as today's applications are more and more multi-threaded and concurrent. In addition to applying load tests to uncover possible concurrency issues, Parasoft also provides advanced static analysis to uncover or prevent potential concurrency or deadlock issues.

Expected Quality of Service Management

Parasoft's solution defines and enforces expected Quality of Service (QoS) metrics that are important for setting and measuring SLAs (Service Level Agreements) during development and QA. You can define success metrics before testing and set performance thresholds.

Having the capability to establish and measure the QoS early in the development lifecycle allows you to achieve more predictable outcomes. You can execute load tests automatically as "regression performance tests." These tests can run passively as part of the automated continuous testing process, without manual overhead or intrusion on development activities.

Continuous Load Testing

Parasoft solution's Load Test Continuum allows you to access load test data through the browser interface. This enables you to track performance throughout the SDLC-so you can discover and resolve issues before they become a problem. [ back to top ]

Reusing Existing Tests for Runtime Error Detection

Parasoft performs runtime error detection as functional tests or penetration tests execute. We analyze the executing application, applying a configurable set of dynamic "runtime rules" that verify the runtime behavior of the application. The rule violations reported indicate runtime errors that actually occurred during execution.

Correlation with Use Cases

We correlate each reported error with the functional test that was being run when the error was detected. This correlation between violations and functional tests allows you to trace each reported error to particular use cases against your application.

Defects Detected

Categories of errors detected include:

• Application crashes
• Eclipse development
• Exceptions
• Functional Errors
• File I/O
• Graphical User Interface
• Database
• Network
• Optimization
• Portability
• Security
• Servlets
• Threads & Synchronization

[ back to top ]

Trace Code Execution

Identifying, isolating, then reproducing bugs in a multi-layered system is a challenging, time-consuming endeavor. Parasoft has a unique technology that allows you to trace the execution of Java applications at the JVM level (without a need to change any code or to recompile), and in the context of a larger integrated system. The trace results are then used to generate contextual JUnit test cases that replay the same actions in isolation, on the developer's desktop, without the need to access all the application dependencies.

This unique technology also allows teams with little or no existing regression tests to evolve their application functionalities, allowing them to meet new business demands with greater agility, and without fear of breaking existing functionality. This is achieved by executing existing test case scenarios while the business application is being traced, and then establishes a snapshot of the current functionality to serve as a regression baseline for these scenarios.

Implementation Layer Verification (Java, .NET, C/C++)

Parasoft ingrains quality into the team's application development process. As developers write code, our automated infrastructure monitors the team's compliance to the organization's policies for ensuring that quality is built into the code and maintained in response to changing business needs. This can include static analysis, peer code review, unit and component testing, and regression testing.

Parasoft's expertise in unobtrusively integrating these software verification methods into existing development workflows is key to establishing a practical and sustainable quality process. Moreover, to ensure that the resulting quality process remains on track, reports provide managers visibility into policy adherence and alert them to areas where process improvement might be valuable.

Another unique and powerful layer of verification that Parasoft provides is application monitoring—the ability to gain visibility into the application's internal behavior as end-to-end functional tests execute. This allows you to better identify the causes of test failures as well as enrich the use case validation criteria in your regression tests. In addition to validating the messages returned by the system and the intermediate messages/steps monitored via the ESB, you can also validate events within the application being invoked. For example, you can validate that an EJB method call or a remote call to another system is taking place with the expected parameters.

Database Verification

Parasoft's solution can validate the database layer as part of our multi-layer verification capabilities. For example, assume you are testing a Web service invocation that is supposed to add a record to the database. With Parasoft's solution, you can not only ensure that the service returned the expected response, but also query the database to verify whether the data was added to the database correctly. In addition, you can use the solution to perform database setup or cleanup actions as needed to support your testing efforts.

Web Interface Validation

Parasoft's solution offers comprehensive testing for the Web interface as well as the message layer. As detailed in other categories, we support Web interface testing through:

• Web interface compliance audits
• Web language code analysis
• Functional verification and regression testing
• Load testing
• Security testing

Since Parasoft's solution provides an integrated framework for "end-to-end" testing, a single test suite can verify operations that cross the messaging layer, the Web interface, the database, and EJBs. [ back to top ]

SOA-Aware Solution

Parasoft's solution is "SOA Aware." This means that the rich metadata structure which drives the service transaction is managed and verified. As a result, both technical and non-technical users gain the ability to build, manage, and analyze quality tasks rapidly and effectively. In order to control how Web services are defined, developed, and deployed, companies utilize internal standards and policies, XML schemas, and various Web services specifications such as WS-I Basic Profile and WS-Security. Parasoft enforces design and development policies on SOA XML artifacts. This ensures consistent security, reusability, maintainability, and standards compliance.

Shareable Tests

The role of quality is shifting. As application components become more distributed, no single technical team is responsible for the entire application, shifting the onus of quality onto the individual development teams for each component. The person responsible for the functionality of the entire application tends to be less technical-QA or a business analyst. These less technical teams need to be able to communicate problems to the technical development teams efficiently and easily.
Parasoft's solution facilitates this by creating non-technical test assets in an easy-to-use interface, then allowing those assets to be easily converted to technical assets that developers can understand.

Robust Reporting Interface

Parasoft's solution provides a robust reporting interface, including support for the following reports:

• Functional reports: We generate functional test reports containing information about test runs, including success/failure information along with test data. These reports can be generated in HTML, XML, PDF, and CSV formats. The reports can be easily customized to include the desired level of detail, ranging from high-level summaries to detailed reports with error details and traffic.
• Load testing reports: We generate detailed load test reports at the conclusion of a load test. These reports can be fully customized and can contain graphs as well as detailed statistical information. These reports can be generated in HTML, XML, CSV, and a custom binary format. To view sample reports please view the files in the examples/reports directory.
• Structure reports: Design-time report type exports test scenario descriptions to an XML or HTML document. Also provides details about the test setup which allows managers and reviewers to determine whether specified test requirements were accomplished.

Flexible Scripting

In the ever-changing world of heterogeneous distributed applications, there may be situations in which you have a testing requirement which requires you to add custom functionality or logic to your tests cases. Thanks to the flexible nature of Parasoft's SOA Quality Solution, you can easily integrate custom scripts into your testing environment. Parasoft allows you to integrate custom scripts written in Jython (Java enabled Python), Java, or JavaScript. This means that almost any testing situation can be handled with ease, even if the situation is not directly supported by our solution.

Test Management

The complexity of a Service-Oriented Architecture demands a large number of test cases to ensure and enforce proper functionality. The broad scope of test coverage, combined with the need for routine test execution, leads to the question of how to manage and share test assets in a team environment. Parasoft's solution provides visibility to the results through its own test management and reporting capability. We can correlate test cases with requirements and bug tracking systems, automate test execution, and provide consolidated results in the format you choose or within the test management framework you may already have in place. [ back to top ]

AmberPoint

One of the greatest challenges of business system quality is how to validate realistic transactions involving distributed services that may not be available for testing. Consider the example of a services-based account provisioning system that’s losing orders. To solve this problem, the development team has to test the fixed application in a safe sandbox that replicates the transaction flows of the production environment–or risk breaking the system upon redeploying the application.

Parasoft and AmberPoint deliver an integrated solution that helps teams overcome this challenge by automatically emulating–or virtualizing–services based on real-world historical data collected from the runtime environment. With this baseline established, teams can exercise distributed services in context–without impacting partners’ normal business transactions.

The integrated solution:

• Bases tests on running reality, not just synthetic messages.
• Collects comprehensive runtime data on individual services as well as end-to-end transactions.
• Detects the impact of erroneous changes before they affect production environments.
• Significantly reduces manual steps by automating baseline collection and test suite generation.
• Enables organizations to censor sensitive production data to comply with Sarbanes Oxley, HIPAA and other industry regulations.
• Improves the accuracy of quality processes.
• Improves team collaboration.
• Reduces the testing lifecycle and resolution times.
• Facilitates secure, reliable, compliant business processes.

Computer Associates (Wily)

The Parasoft's solution complements Wiley Interscope: Parasoft allows users to easily create load test scenarios while Interscope monitors system internals for deeper performance analysis and issue resolution. [ back to top ]

HP/Mercury

Parasoft's solution test cases can be mapped to specific requirements in Quality Center (or TestDirector). Once a test case is mapped to a requirement, the testing of the requirement becomes as simple as pressing a button inside Quality Center (or TestDirector). Parasoft test cases can then be run from inside Quality Center (or TestDirector) and the results are reported back to Quality Center (or TestDirector).

Furthermore, HP SiteScope can complement Parasoft's solution: Parasoft helps create and generate load tests while SiteScope monitors system internals for deeper performance analysis and issue resolution.

IBM

Parasoft's solution test cases can be mapped to specific requirements or test plans in Rational TestManager. Once a test case is mapped to a test plan, the testing of the requirement becomes as simple as pressing a button inside TestManager. Parasoft test cases can be run from inside Rational TestManager and the results are reported back to TestManager.

Additionally, Parasoft's solution provides native support for the IBM WebSphere MQ API; tests JMS, EJB and Web services on WebSphere; and provides WebSphere JMX performance monitoring which exposes the metrics typically available on WebSphere Tivoli.

For IBM WebSphere ESB, functional tests can be automatically generated from monitoring the transaction messages that touch JMS endpoints. You can also visualize and trace the intra-process events that take place as part of the transactions that are triggered by the tests, and then dissect them for validation. In addition to providing visibility into the system's intermediate messages, this allows you replay transactions directly from the solution and verify that the monitored functionality continues to work as expected. As a result, test engineers gain the ability to identify problem causes and validate multi-endpoint, integrated transaction systems that have been traditionally handled only by specialized development teams.

Additionally, the solution integrates with the WebSphere CEI (Common Event Infrastructure) and can interpret Common Base Events.

View a demo of Parasoft's support for native environments and ESBs

Microsoft

Microsoft .NET WCF (Windows Communication Foundation) allows for the creation of rich Web services. However, due to proprietary service bindings (protocols) and complexities within the WS-* standards that it supports, .NET WCF poses testing challenges. Given this, the Microsoft environment truly necessitates a "SOA-Aware" and "WCF-Aware" testing solution such as Parasoft's solution.

In addition, Parasoft's solution integrates with Microsoft Visual Studio Team System (VSTS) Edition for Testers. Integration with MS VSTS allows for the management and execution of test projects, and obtaining results directly within Visual Studio, thereby streamlining testing for users of VSTS within their Visual Studio native environment. [ back to top ]

Oracle/BEA

Registry-Based Policy Management

Parasoft's solution associates SOA artifacts with the OER (Oracle Enterprise Repository), previously known as AquaLogic Enterprise Repository (ALER). This integration enables teams to automatically execute a quality workflow and correlate quality data in context of an SOA Governance initiative.

Parasoft's solution can automatically generate tests at the time the services are published to the OER registry-including functional test cases and WSDL verification tests to ensure WSDLs are compliant to best practices and organizational policies. Policy compliance results are then reported back to the registry and updated in real-time. This provides continuous visibility into a service's quality throughout its lifecycle.

Business partners can access the service "health report". This "health report" is based on jointly agreed QA standards, eliminating the finger pointing that can occur during integration activities. This process visibility facilitates continuous process improvement through the SDLC, increasing productivity and reducing cost.

Environment Management and End-to-End Testing

Parasoft's solution tests JMS, EJB and Web services on WebLogic (including WebLogic based WS-Security policies), the Oracle Fusion Middleware, and other Oracle packaged application solutions. It also provides WebLogic JMX performance monitoring.

For Oracle Service Bus (OSB) or BEA AquaLogic Service Bus (ALSB), functional tests can be automatically generated from monitoring the transaction messages that touch JMS endpoints. You can also visualize and trace the intra-process events that take place as part of the transactions that are triggered by the tests, and then dissect them for validation. In addition to providing visibility into the system's intermediate messages, this allows you replay transactions directly from the solution and verify that the monitored functionality continues to work as expected. As a result, test engineers gain the ability to identify problem causes and validate multi-endpoint, integrated transaction systems that have been traditionally handled only by specialized development teams.

View a demo of Parasoft's support for native environments and ESBs

Database Validation

Database validation is a critical component of business process testing. Business transactions involve heavy database access and manipulation, which needs to be verified to ensure end-to-end process validity. Parasoft's solution supports Oracle databases, including PL/SQL. This allows for data to be set, reset, and updated in a database as part of end-to-end scenario test executions– making scenario tests repeatable for automated execution, and allowing SQL queries to be executed in order to validate database content at select steps of your business transactions. Data may also be leveraged to parameterize and drive your tests. [ back to top ]

Progress Sonic

Parasoft's solution provides native support for Progress SonicMQ as well as JMS and SOAP/XML messaging.

Functional tests can be automatically generated from monitoring the transaction messages that touch JMS endpoints in Progress Sonic ESB. You can also visualize and trace the intra-process events that take place as part of the transactions that are triggered by the tests, and then dissect them for validation. In addition to providing visibility into the system's intermediate messages, this allows you replay transactions directly from the solution and verify that the monitored functionality continues to work as expected. As a result, test engineers gain the ability to identify problem causes and validate multi-endpoint, integrated transaction systems that have been traditionally handled only by specialized development teams.

View a demo of Parasoft's support for native environments and ESBs

Software AG/webMethods

Registry-Based Policy Management

Parasoft's solution associates SOA artifacts with the Software AG CentraSite registry. This integration enables teams to automatically execute a quality workflow and correlate quality data in context of an SOA Governance initiative.

Parasoft's solution can automatically generate tests at the time the services are published to the Software AG CentraSite registry-including functional test cases and WSDL verification tests to ensure WSDLs are compliant to best practices and organizational policies. Policy compliance and functional test results are then reported back to the registry and updated in real-time. This provides continuous visibility into a service's quality throughout its lifecycle.

Business partners can access the service "health report" as well as an emulated stub with test data that mocks the service interactions. This "health report" is based on jointly agreed QA standards, eliminating the finger pointing that can occur during integration activities. This process visibility facilitates continuous process improvement through the SDLC, increasing productivity and reducing cost.

Environment Management and End-to-End Testing

Parasoft's solution facilitates the testing of Web services built on the webMethods platform. Our service emulation capability can automatically generate and deploy stubs that replace specific application components that you do not want to test (or cannot test). This enables you to verify specific components in isolation as well as reduce the complexity of the test environment.

Moreover, our broad protocol support provides teams an integrated environment for performing comprehensive testing of heterogeneous composite applications. In addition to supporting JMS and SOAP/XML messaging, functional tests can be easily be configured to publish and send BrokerEvent objects to Software AG webMethods Broker, as well as subscribe to events and invoke native webMethods Integration Server services. The Parasoft's solution introspects Broker and IS to automatically configure tests and visualizes the incoming and outgoing content. This allows otherwise developer-intensive test activities to be performed visually and without scripting on the webMethods APIs- and with rich validation and data parameterization capabilities.

You can also visualize and trace the Broker events that take place as part of the transactions that are triggered by the webMethods tests, and then dissect them for validation. As a result, test engineers gain the ability to identify problem causes and validate multi-endpoint, integrated transaction systems that have been traditionally handled only by specialized development teams.

View the Software AG CentraSite and Parasoft SOA Solution Data Sheet (PDF)
View a demo of Parasoft's support for native environments and ESBs

TIBCO

Parasoft's solution provides native support for the TIBCO Rendezvous as well as JMS and SOAP/XML messaging.

Functional tests can be automatically generated from monitoring the transaction messages that touch JMS endpoints in TIBCO EMS. You can also visualize and trace messages that take place through EMS as part of the transactions that are triggered by the tests, and then dissect them for validation. In addition to providing visibility into the system's intermediate messages, this allows you replay transactions directly from the solution and verify that the monitored functionality continues to work as expected. As a result, test engineers gain the ability to identify problem causes and validate multi-endpoint, integrated transaction systems that have been traditionally handled only by specialized development teams.

View a demo of Parasoft's support for native environments and ESBs

HTTP, IBM WebSphere MQ, Progress SonicMQ, RMI, SMTP, TIBCO Rendezvous, .NET WCF

To support testing in the heterogeneous environment of today's business systems, Parasoft's solution allows the test client to send and receive messages over the following protocols and messaging APIs:

• HTTP
• IBM WebSphere MQ
• Progress SonicMQ
• RMI
• SMTP
• Tibco Rendezvous
• .NET WCF
• EJB
• JMS
• ISO 8583

Other messaging APIs or test actions are possible via Parasoft's scripting hooks, which allow for extending built-in functionality by plugging in custom code to support specialized needs.

Moreover, our intelligent stubbing for HTTP, JMS, and MQ services fills the necessary gaps across multiple environments quickly and easily so that end-to-end business scenario tests can be executed.

EJB

Parasoft provides multiple levels of testing for EJBs and other code written for the Java EE framework. As code is being written, a special rule library checks compliance to EJB and other Java EE best practices; these rules can be applied along with industry standard rules and rules that enforce your organization's specific polices. Upon component completion, unit tests can be generated and executed to test the code outside and/or inside the container. Once the application is deployed to a local or actual server, functional test cases for specified components can be generated via "test case tracing" as you run your use cases on the working application. Additionally, our EJB Client tool can test the remote interface of deployed EJBs. This allows functional and load testing of EJBs through their remote interfaces-without having to go through a Web or Web service interface.

JMS

Parasoft's solution provides extensive support for generating and consuming JMS messages, and simulating various patterns-including point-to-point and publish-and-subscribe patterns. This allows for end-to-end testing and validation of messaging systems. These same scenarios can be scaled into load tests.

Functional tests can be automatically generated from monitoring the transaction messages that touch JMS endpoints in ESBs or middleware systems. You can also visualize and trace the intra-process JMS messages that take place as part of the transactions that are triggered by the tests, and then dissect them for validation. In addition to providing visibility into the system's intermediate messages, this allows you replay transactions directly from the Parasoft's solution and verify that the monitored functionality continues to work as expected. As a result, test engineers gain the ability to identify problem causes and validate multi-endpoint, integrated transaction systems that have been traditionally handled only by specialized development teams.

View a demo of Parasoft's support for native environments and ESBs

ISO 8583

Parasoft's solution provides a comprehensive testing framework that alleviates the challenges that arise when testing payment card systems and financial transaction systems. We allow teams to establish a consistent, modern way to manage quality for ISO 8583-based systems, making the standard a part of the overall SOA/IT quality governance initiatives. Teams can also leverage Parasoft solution's productivity framework (such as data sources, test suites, rich data validation, and so on), and build a continuous regression testing infrastructure to evolve their electronic payment systems safely.

CORBA

Parasoft's native support for CORBA assists you to construct, continuously execute, and maintain test suites that directly exercise components via the CORBA protocol. This provides visibility into how functional test transactions pass through the components—helping you to truly understand what functionality you have covered and diagnose the cause of any test failures that occur. [ back to top ]

Message Layer

Policy Enforcement
Parasoft's solution provides a complete SOA policy enforcement solution, enforcing policies with executable rules that can be applied to WSDLs, schemas, SOAP messages, and any other XML artifact or SOA meta-data component.

Once an organization has defined their policies to guide their SOA deployments, our solution recognizes these policies and enforces them throughout the development and QA process. For example, we verify schema and semantic validity for W3C and OASIS standards compliance, validate Basic Profile 1.1 for WS-I Interoperability compliance, and implement rules to enforce various other endorsed WS* Standards.

In addition, we enforce compliance to best practices such as customized company guidelines, security, and maintainability and reusability.

Registry-Based Policy Management
Parasoft's solution provides native support for multiple commercial registries. This integration enables teams to automatically execute a quality workflow and correlate quality data in the context of an SOA Governance initiative. Teams can automatically extract the information needed to create tests for design and development policies (such as standards, compliance, security, and best practices) for Web services assets as they are defined in a registry. They can also select a service asset and verify the associated policies, thereby ensuring interoperability and consistency.

Parasoft's solution is capable of querying any UDDI registry from vendors such as IBM, HP, and Microsoft. Furthermore, Parasoft offers even tighter integration with BEA's AquaLogic Enterprise Repository (ALER) and Software AG's CentraSite. We automatically generate tests at the time the services are published to the registry–including functional test cases and WSDL verification tests that ensure WSDLs are compliant to best practices and organizational policies. Policy compliance results are then reported back to the registry and updated in real-time. This provides continuous visibility into a service's quality throughout its lifecycle.

Business partners can access the service "health report" as well as an emulated stub with test data that mocks the service interactions. This "health report" is based on jointly agreed QA standards, eliminating the finger pointing that can occur during integration activities. This process visibility facilitates continuous process improvement through the SDLC, increasing productivity and reducing cost. [ back to top ]

WSDL, Schema, and Semantic Verification
WSDL verification can be considered as the first step in testing Web services. Although WSDLs are generally created automatically by various tools, it doesn't necessarily mean that the WSDLs are correct. When WSDLs are manually altered, WSDL verification becomes even more important. Ensuring correct and compliant WSDLs enables your service consumers to function correctly, and avoids vendor lock-in, thus achieving interoperability and realizing SOA goals of service reuse.

Parasoft's solution can automatically generate a test suite of comprehensive WSDL tests to ensure that your WSDL conforms to the schema and passes XML validation tests. Additionally, it performs an interoperability check to verify that your Web service is WS-I compliant.

WS-* Standards Validation
Parasoft's solution enforces policies with executable rules that can be applied to WSDLs, schemas, SOAP messages and any other XML artifact or SOA meta-data component. For example, we verify schema and semantic validity for W3C and OASIS standards compliance, validates Basic Profile 1.1 for WS-I Interoperability compliance, and implements rules to enforce various other endorsed WS* Standards. In addition, we enforce compliance to best practices such as customized company guidelines, security, and maintainability and reusability.

Interoperability Testing
Parasoft's solution verifies the WSDL and SOAP traffic for conformance to Basic Profile 1.1 using WS-I Testing Tools. Functioning as both a traffic monitor and analyzer, The solution enhances the usability of WS-I Testing Tools by eliminating the need to set up man-in-the-middle Monitor and configuration files for the Analyzer. The only required input is the WSDL URL. [ back to top ]

Web Interface

Web Interface Compliance
Parasoft's solution can perform an automated audit of Web interface content and structure, automatically scanning and analyzing a Web asset for accessibility, branding, intranet standards compliance, and consistency. It inspects and exposes issues that present potential risk to the proper functionality, usability, and accessibility of your Web-based applications.

Our compliance assessment can cover an entire Web application or an individual component or module. Scan results are presented as actionable reports that identify erroneous objects-providing direct linkage to exposed issues for quick analysis and remediation.

The assessment analysis covers the following areas:

• Accessibility: Support for Section 508, WAI, and WCAG 2.0 guidelines.
• Branding: Automatically enforce policies related to site layout and "look and feel."
• Intranet Standards: Identifies use of sensitive corporate data.
• Consistency: Prevents broken links, spelling errors, browser compatibility issues.

Web Accessibility Validation (Section 508, WAI, WCAG)
Parasoft's solution streamlines the accessibility validation process by automatically identifying code that positively or possibly violates Section 508, WAI, and WCAG 2.0 Web accessibility guidelines. During its automated audit. the solution checks whether Web interfaces comply with core accessibility guidelines and helps you identify code and page elements that require further inspection and/or modification.

Read our white paper "Verifying Section 508 and WAI WCAG Web Accessibility Requirements" which explains how Parasoft facilitates compliance with Section 508 and WAI WCAG web accessibility guidelines.

Web Language Compliance
Parasoft's pattern-based code analysis monitors whether Web language code follows industry-standard or customized rules for ensuring that code meets uniform expectations around security, reliability, performance, and maintainability. We provide an extensive rule library with hundreds of configurable rules for Web languages (JavaScript, VBScript/ASP, HTML, CSS, XML, and so on), as well as a graphical RuleWizard module that makes it very simple to construct and maintain customized rules. [ back to top ]

OS

• Windows 2000, 2003, XP, Vista
• Linux
• Solaris

IDEs

• Eclipse 3.2.1 and higher (for plugin version)

Source Control

• AccuRev SCM
• Borland StarTeam
• CVS
• IBM/Rational ClearCase
• Microsoft Visual SourceSafe
• Perforce SCM
• Serena Dimensions
• Subversion (SVN)
• Telelogic Synergy