Testing Internet Applications Overview

Just a few years ago, Internetbased applications seemed to be the wave of the future; today, the wave has arrived onshore, and customers, employees, and business partners expect companies to have a Web presence.

Generally, small to medium-size businesses have simple Web pages they use to tout their products and services. Larger enterprises often build full-fledged e-commerce applications to sell their wares, from cookies to cars and from consulting services to entire virtual companies that exist only on the Internet.

Internet applications are essentially client-server applications in which the client is a Web browser and the server is a Web or application server. Although conceptually simple, the complexity of these applications varies wildly. Some companies have applications built for business-to-consumer uses such as banking services or retail stores, while others have business- to-business applications such as supply chain management. Development and user

presentation/user interface strategies vary for these different types of Websites, and, as you might imagine, the testing approach varies for the different types of sites as well.

The goal of testing Internet-based applications is no different from that of traditional

applications. You need to uncover errors in the application before deploying it to the Internet. And, given the complexity of these applications and the interdependency of the components, you likely will succeed in finding plenty of errors.

The importance of rooting out the errors in an Internet application cannot be understated. As a result of the openness and accessibility of the Internet, competition in the business-to-consumer arena is intense. Thus, the Internet has created a buyer’s market for goods and services.

Consumers have developed high expectations, and if your site does not load quickly, respond immediately, and provide intuitive navigation features, chances are that the user will find another site with which to conduct business.

It would seem that consumers have higher quality expectations for Internet applications than they do for shrink-wrapped applications. When people buy products in a box and install them on their computers, as long as the quality is “average,” they will continue to use them. One reason for this behavior is that they have paid for the application and it must be a product they perceive as useful or desirable. Even a less-than-satisfactory program can’t be corrected easily, so if the application at least satisfies the users’ basic needs, they likely will retain the program. On the Internet, an average-quality application will likely cause your customer to use a competitor’s site. Not only will the customer leave your site if it exhibits poor quality, your corporate image becomes tarnished as well. After all, who feels comfortable buying a car from a company that cannot build a suitable Website? Like it or not, your Website has become the new first

impression for business. In general, consumers don’t pay to access your Website, so there is little incentive to remain loyal in the face of mediocre Website design or performance.

This chapter covers some of the basics of testing Internet applications. This subject is large and complex, and many references exist that explore its details. However, you will find that the techniques explained in early chapters apply to Internet testing as well. Nevertheless, because there are, indeed, functional and design differences between Web applications and conventional applications, we wanted to point out some of the particulars of Web-based application testing.

Basic E-commerce Architecture

Before diving into testing Internet-based applications, we will provide an overview of the three- tier client-server (C/S) architecture used in a typical Internet-based e-commerce application.

Conceptually, each tier is treated as a black box with well-defined interfaces. This model allows you to change the internals of each tier without worrying about breaking another tier. Figure 9.1 illustrates each tier and the associated components used by most e-commerce sites.

Figure 9.1: Typical architecture of an e-commerce site.

Although not an official tier in the architecture, the client side and its relevance are worth discussing. Most of the access to your applications occurs from a Web browser running on a computer, although many devices, such as cell phones, refrigerators, pagers, and automobiles, are being developed that can connect to the Internet. Browsers vary dramatically in how they render content from a Website. As we discuss later in this chapter, testing for browser

compatibility is one challenge associated with testing Internet applications. Vendors loosely follow published standards to help make browsers behave consistently, but they also build in proprietary enhancements that cause inconsistent behavior. The remainder of the clients employ custom applications that use the Internet as a pipeline to a particular site. In this scenario, the application mimics a standard client-server application you might find on a company’s local area network.

The Web server represents the first tier in the three-tier architecture and houses the Website. The look and feel of an Internet application comes from the first tier. Thus, another term for this tier is the Presentation tier or layer, so dubbed because it provides the visual content to the end user. The Web server can use static HyperText Markup Language (HTML) pages or Common Gateway Interface (CGI) scripts to create dynamic HTML, but most likely it uses a combination of static and dynamic pages.

Tier 2, or the Business layer, houses the application server. Here you run the software that models your business processes. The following lists some of the functionality associated with the business layer:

• Transaction processing

• User authentication

• Data validation

• Application logging

The third tier focuses on storing and retrieving data from a data source, typically a relational database management system (RDBMS). Another term for Tier 3 is the Data layer. This tier consists of a database infrastructure to communicate with the second tier. The inter- face into the Data layer is defined by the data model, which describes how you want to store data. Sometimes several database servers make up this tier. You typically tune database systems in this layer to handle the high transaction rates encountered in an e-commerce site. In addition to

a database server, some e-commerce sites may place an authentication server in this layer. Most often, you use an LDAP (Lightweight Directory Application Protocol) server for this function.

Testing Challenges

You will face many challenges when designing and testing Internetbased applications due to the large number of elements you cannot control and the number of interdependent components. Adequately testing your application requires that you make some assumptions about the environment that your customers use and how they use the site.

An Internet-based application has many failure points that you should consider when designing a testing approach. The following list provides some examples of the challenges associated with testing Internet-based applications:

• Large and varied user base. The users of your Website possess different skill sets, employ a variety of browsers, and use different operating systems or devices. You can also expect your customers to access your Website using a wide range of connection speeds. Not everyone has T1 or broadband Internet access.

• Business environment. If you operate an e-commerce site, then you must consider issues such as calculating taxes, determining shipping costs, completing financial transactions, and tracking customer profiles.

• Locales. Users may reside in other countries, in which case you will have

internationalization issues such as language translation, time zone considerations, and currency conversion.

• Testing environments. To properly test your application, you will need to duplicate the production environment. This means you should use Web servers, application servers, and database servers that are identical to the production equipment. For the most accurate testing results, the network infrastructure will have to be duplicated as well. This includes routers, switches, and firewalls.

• Security. Because your site is open to the world, you must protect it from hackers. They can bring your Website to a grinding halt with denial-of-service (DoS) attacks or rip off your customers’ credit card information.

Even from this list, which could be expanded considerably as we include viewpoints from a wide variety of developers and businesses, you can see that configuring a testing environment provides one of the most challenging aspects of e-commerce development. Testing applications that process financial transactions requires the most effort and expense. You must replicate all the components, both hardware and software, used for the application to produce valid test results. Configuring such an environment is a costly endeavor. You will incur not only equipment costs, but labor costs as well. Most companies fail to include these expenses when creating a budget for their applications. Those that do include it generally underestimate the time and monetary requirements. In addition, the testing environment needs a maintenance plan to support application upgrade efforts.

Another significant testing challenge you face is testing browser compatibility. There are several different browsers on the market today, and each behaves differently. Although

standards exist for browser operation, most vendors enhance their browsers to try and attract a loyal user base. Unfortunately, this causes the browsers to operate in a nonstandard way. We cover this topic in greater detail later in this chapter.

Although many challenges exist when testing Internet-based applications, you should narrow your testing efforts to specific areas. Table 9.1 identifies some of the most important testing areas that can help ensure that users have a positive experience on your Website.

Table 9.1: Examples of Presentation, Business, and Data Tier Testing Presentation Tier Business Tier Data Tier

• Ensure fonts are the same across browsers.

• Check for proper calculation of sales tax and shipping charges.

• Ensure database operations meet performance goals.

• Check to make sure all links point to valid files or Websites.

• Ensure documented performance rates are met for response times and throughput rates.

• Verify data are stored correctly and

accurately.

• Check graphics to ensure they are the correct resolution and size.

• Verify that transactions complete properly.

• Verify that you can recover using current backups.

• Spell-check each page. • Ensure failed

transactions roll back correctly.

• Test failover or

redundancy operations.

• Allow a copy editor to check grammar and style.

• Ensure data are

collected correctly.

• Check cursor

positioning when page loads to ensure it is in the correct text box.

• Check to ensure default button is selected when the page loads.

Because the first impression is the most important impression, some of your testing will focus on usability and human-factor concerns. This area concentrates on the look and feel of your application. Items such as fonts, colors, and graphics play a major role in whether users accept or reject your application.

System performance also influences a customer’s first impression. As mentioned earlier,

Internet users want instant gratification. They will not wait long for pages to load or transactions to complete. Literally, a few seconds’ delay can cause your customer to try another site. Poor performance may also cause customers to doubt the reliability of your site. Therefore, you should set performance goals and design tests that reveal problems that cause your site to miss the goals.

Users demand that the transaction occur rapidly and accurately when purchasing products or services from your site. They do not, and should not, tolerate inaccurate billings or shipping errors. Probably worse than losing a customer is finding yourself liable for more than the transaction amount if your application does not process financial transactions correctly.

Your application will likely collect data to complete tasks such as purchases or e-mail registrations. Therefore, you should ensure that the data you collect are valid. For example, make sure that phone numbers, ID numbers, currencies, e-mail addresses, and credit card numbers are the correct length and are properly formatted. In addition, you should check the integrity of your data. Localization issues can easily cause data corruption via truncation due to character-set issues.

In the Internet environment, it is critical to keep the Website available for customer use. This requires that you develop and implement maintenance guidelines for all the supporting applications and servers. Items such as the Web server and RDBMS require a high level of management. You must monitor logs, system resources, and backups to ensure that these critical items do not fail. As described in Chapter 6, you want to maximize the mean time between failures (MTBF) and minimize the mean time to recovery (MTTR) for these systems.

Finally, network connectivity provides another area in which to focus your testing efforts. At some point, you can count on network connectivity going down. The source of the failure might be the Internet itself, your service provider, or your internal network. Therefore, you need to create contingency plans for your application and infrastructure to respond gracefully when an outage occurs. Keeping with the theme of testing, you should design your tests to break your contingency plans.