Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL
Help

Chapter 7: Application Testing > Getting Up to Speed Quickly - Pg. 192

192 Chapter7·ApplicationTesting Introduction Application testing involves deploying an application in a configured environment that simulates a real-world scenario. The application is then tested in such a manner as to reveal divergence between the intended use of the application and its actual behavior. In simpler terms, the testers install the application, and then they try to break it in as many ways as possible. While they are exercising the application they monitor it to detect subtle breakage. Using the data collected from monitoring, an experienced application tester can often determine if an application failure has security implications, or if it's just a lowly bug. The time of an application tester is often consumed with the creation of an environment suitable for testing. Merely installing the base operating system on a handful of physical servers can be an all-day task, and this is assuming that there are enough physical servers on hand to deploy a functioning environment. Although this task has been simplified by unattended installation utilities, it can still require a sig- nificant investment of time and resources. A testing environment can be easily deployed using virtualization. Fully configured servers are mere keystrokes away from being ready to go. They can even be stored in a "suspended" state, so the tester doesn't have to wait for the machine to complete a boot cycle. This chapter will discuss how virtualization can significantly reduce the resources required to create a working test environment. It will also discuss some of the pitfalls that testers might encounter, and give recommendations for creating a test environment with testing tools already in place. Getting Up to Speed Quickly I was once one of the people in charge of application testing for a large organization. My role was to examine an application and determine if the application was "secure" enough to host the data for multiple customers. There were two main goals. The first was to ensure that no customer could compromise the data of the other customers. The second was to ensure that no customer could compromise the resources of my employer. Such an undertaking usually required significant planning in order to get resources properly allocated and configured. Setting up even a modest environment of a Web server, database server, and two client machines could take a week or more. I often felt as though I lived in the lab, installing operating systems that were to be