Webservices Testing Methodologies

4 min readOct 24, 2018

This will be the first blog in a series of Webservices testing. I will be writing this series of blog keeping beginners in mind and make sure to keep it simple and straight.

The series of blog will be divided into:

Part 1: Introduction to webservices

Part 2: Attack vectors of webservices testing- Part 1

Part 3: Attack vectors of webservices testing- Part 2

What is a webservice?

[Wikipedia Definition] A service offered by an electronic device to another electronic device, communicating with each other via the World Wide Web.

Consider two applications, one written in java over linux platform with oracle database and another in C++ over windows platform and uses mysql database wants to interact with each other over the internet then webservices comes in picture( i.e transfer of XML and JSON request and response takes place)

— ->Enables communication between application over the web.

— ->Provides a standard format/protocol for communication

— ->Platform independent

— -> Basically using webservices, two different applications can communicate with each other and exchange data.

Why it is required?

Suppose we need to build an application from scratch for that we need to collect, process and render the modules in our application. For that webservice comes to rescue. Lets take an example where we have one shopping application, so we can take the services from the people who already well-established in processing and publishing such kind of data.

Let’s take a live example how this actually works

Flipkart communicates with Nike, Puma, Reebok, Adidas etc while shopping. Flipkart sends a request, receives response then displays the details of the product. How is it possible for a website like Flipkart to query database of all these websites/applications in real time to provide information of all within few seconds?

Practical example of working of webservice

Possibility one: Flipkart has access to all websites database but this scenario is not possible because of security concerns.

Possibility two: Nike will update the status to Flipkart within few minutes. In real time scenario the delay in few seconds is not affordable.

Possibility three: All websites expose their webservices through API and Flipkart uses those webservices to communicate between shopping stores so it acts as a common format which sends out request and receives response in same format.

How the service available over the web

Components of webservices: WSDL and UDDI

Web service description language(WSDL): Service provider publishes an XML based interface for his webservice that describes all attributes of the webservice. In simple words WSDL is an XML document that describes a web service.

How does webservice work?

Webservice based on Service oriented architecture (SOA) which includes service provider and service consumer.

All the webservice provider publishes his webservice (through wsdl) on an online directory from where consumers can query and search the webservices. This online registry / directory is called Universal Description, Discovery and Integration (UDDI).

Consumer makes query to find out what services are available and how to communicate with provider.

Lets take an example with Nike being service provider publishes webservice in UDDI. Then Flipkart being service consumer, sends query and how to communicate with Nike after that the communication happens with Nike using XML language.

Service consumer and service provider uses SOAP protocol for communication with UDDI