Touchstone Functional Testing - Phase 1 - Test Plan
1.0 Document identifiers
1.1 Document Author
The document author is:
Author |
Title |
Telephone |
Email Address |
Will Smithee |
Senior Practice Manager |
336-232-5208 |
will_smithee@questcon.com |
1.2 Document Revisions
Issue |
Date |
Author |
Reason for Change |
0.1 |
01/27/2008 |
Will Smithee |
Initial draft |
|
|
|
|
1.3 References
The following documents were used as sources of information for this test plan:
- Questcon Technologies, The Questcon Test Management Methodology; 01/07/2005; (Test Management Methodology Release 4.0.doc).
- ISDA IdM Collaboration Accounts-Use Cases
2.0 Introduction
2.1 Purpose
The objective of this test plan is to outline the functional testing effort to be undertaken for the Touchstone project.
2.1.1 Project Description
MIT Touchstone is a new suite of technologies for authenticating a variety of web applications, being introduced by IS&T. MIT Touchstone does provide a single sign-on solution for applications that have been coded and configured to use the system. Within the context of Touchstone enabled applications, users will be able to seamlessly transition between systems without being prompted for additional authentication information.
The intended audience of this document includes all IT personnel involved in the development, testing, and support of Touchstone.
2.1.2 Project Technologies
MIT Touchstone utilizes/integrates with the following technologies:
- Stanford's WebAuth
- Internet 2's Shibboleth
- SAML (the Security Assertion Markup Language)
- A new account management system for some users outside of the traditional MIT community
- HTTP/S (extensive redirects)
- SSL
- MIT X.509 certificates
- Kerberos (via the HTTP/SPNEGO protocol)
- TLS
- OpenID
- Web Services
- MySQL (including replication)
- Apache
- Tomcat
- IDP High Availability Package
- LDAP
- KDC
- DNS load balancing
2.2 Scope
2.2.1 Items To Be Tested
Each of the following UI components and front end functionality developed as part of the Touchstone project will be tested:
- CAMS Use Cases (IdPe)
- Self-initiated account creation
- Users that specify an MIT email address will have their MIT ID number automatically associated with the CAMS account
- Self service password reset
- User may register an OpenID account
- User may set or modify full name information
- User may associate MIT ID number with account
- Accounts manager password reset
- Accounts manager may associate MIT ID number with account
- User may associate alternate security IDs with the account
- User may associate other email addresses with their account
- Administrators may set the status of alt_security_id types
- OverView of Account Admin
- Account Deactivation
- IdPi Use Cases
- TBD
2.2.2 Items Not To Be Tested
The following modules and types of tests are considered to be outside the scope of this test effort and will not be tested by Questcon. Testing may be performed by internal MIT personnel:
- CAMS Use Cases (IdPe)
- Sponsored account creation
- Sponsor may review a list of accounts that they have sponsored
- IdPi Use Cases
- TBD
2.3 Risks & Contingencies
The following risks have been identified, which may impact the testing effort.
Risk |
Contingency |
QA environment not available |
Utilize development or production environment |
Insufficient time to fully test the Touchstone application with all major web browsers |
Execute ~80% of application functionality with MIT's standard browser (Mozilla Firefox 2.0) and ~20% of the functionality with other browsers. |
Test time increases due to changes in scope requiring additional test analysis and/or test case creation |
If test time cannot be increased, reduce/cut overlap in multi-browser testing and execute highest priority test cases initially followed by lower priority tests until test time runs out |
Excessive defect rate or defect correction time |
Execute test cases in unrelated/unblocked functional areas of the application based on designated priority |
3.0 Approach
3.1 Testing Strategy
The overall approach to this test effort will be to validate that the Touchstone UI meets the needs of the MIT to provide a mechanisim for single sign on using a federated id. Validation will be performed based on test cases derived from the documented use cases, front-end functional designs, as well as exploratory testing heuristics.
MIT has indicated that the user community is largely standardized on Mozilla's Firefox v2.0 web browser in a PC or Mac environment. Rather than re-executing all tests with each browser, Questcon will execute approximately 80% of the test cases using Firefox and approximately 20% of the tests using IE 6 and 7 (both in a PC/Windows architecture). There will be some overlap in testing and touch points, but not enough to significantly impact the schedule. Questcon will analyze the test cases to identify the best candidates for execution using IE 6 and 7. IE 6 and 7 test cases will be chosen based on the amount of functionality traversed in the application. In other words Questcon will attempt to "touch" as much of the application as possible using IE 6 and 7.
Furthermore, a significant portion of the user community utilizes the Mac OS X operating system with the Safari browser. Some duplicate testing will be performed by Questcon utilizing Safari and Firefox for the Mac (10% or less). MIT should designate a group of users to execute more tests using the Safari/Mac and Firefox/Mac combination of browser and operating system. Questcon will assist the users in identifying the best tests to execute.
The following table outlines the various types of testing considered for this test effort, any additional comments about the testing, and the individual or group responsible for completing the testing.
Type of Testing |
Included |
Comments |
Team Responsible |
Automation |
N |
MIT personnel will utilize jMeter to automate portions of the backend testing; no test automation tools will be used for the UI testing (use of Flash prevents this). |
N/A |
Conversion |
N |
There is no pre-existing system, therefore no data conversion is necessary. |
N/A |
Exploratory |
Y |
Some level of exploratory testing will be conducted based on heuristics related to typical rich-content internet applications. |
Questcon |
Functional |
Y |
Functional testing will be performed based on test cases derived on the documented use cases and front-end functional design. |
Questcon |
Installation / Upgrade |
N |
Because this is a web application no installation testing is necessary. |
N/A |
Integration |
Y |
Some integration testing will naturally occur as the front-end of the Touchstone application interfaces with and utilizes the back-end APIs. |
Questcon |
Parallel |
N |
There is no existing system that Touchstone is replacing. |
N/A |
Performance |
N |
Performance testing is coved by a separate Test Plan. |
N/A |
Regression |
Y |
Questcon expects to run at least a minimum regression test set prior to release to production. |
Questcon |
Security |
Y |
Backend security testing will be done by MIT. Questcon will execute basic security/login testing on the front-end |
MIT - Tester (backend) |
UAT |
Y |
The user community will be tasked with performing ad-hoc user acceptance testing, domain specific metadata testing (metadata titles, tag lists, etc.), as well as previously designated documented functional test cases for multiple browser/OS configurations (primarily Safari or Firefox/Mac configurations). |
MIT - User Community |
Unit |
Y |
Questcon expects the MIT developers to perform unit testing prior to releasing code to the test environment. |
MIT - Developers |
3.2 Tools
The following tools will be used as part of the overall Touchstone testing effort:
Tool |
Purpose |
Used By |
Atlassian Jira |
Web-based defect tracking system accessed by http://mv.ezproxy.com.ezproxyberklee.flo.org/jira |
Touchstone Project Team (MIT & Questcon) |
3.3 Environmental Needs
Questcon anticipates the following server and client configurations for the QA environment:
3.3.1 IdPe Server Configuration
Hardware |
O/S |
Other |
TBD |
TBD |
|
3.3.2 IdPi Server Configuration
Hardware |
O/S |
Other |
TBD |
TBD |
|
3.3.4 Client Configuration
Hardware |
O/S |
Other |
PC |
Windows XP Professional SP 2 |
|
Macintosh PowerPC |
Mac OS X |
|
4.0 Schedule of Deliverables and Resources
4.1 Deliverables
This section identifies the deliverables, delivery date and resource responsible for each deliverable.
Key Deliverables |
Expected Delivery Date |
Resource |
Functional Test Tree |
TBD |
TBD |
Test Plan |
TBD |
TBD |
Test Case Designs |
TBD |
TBD |
Test Cases |
TBD |
TBD |
Status Reports |
Weekly |
TBD |
Test Logs |
Ongoing during test execution |
TBD |
Defect Reports |
Ongoing during test execution |
TBD |
Test Summary Report |
TBD |
TBD |
4.2 Test Schedule
The planned test schedule of the Touchstone project has an anticipated start date of //2008 and completion date of //2008. The estimated completion date is based on several assumptions, some of which have been identified in 2.3 Risks & Contingencies.
Milestone |
Target Timeframe |
Summation of Activities |
Develop test strategy / plan |
//2008 - //2008 |
|
Review test plan |
//2008 - //2008 |
|
Perform test analysis |
//2008 - //2008 |
|
Review FTT & test case design |
//2008 - //2008 |
|
Build functional test cases / scenarios |
//2008 - //2008 |
|
Setup test environment |
//2008 - //2008 |
|
Setup test data |
//2008 - //2008 |
|
Execute functional & exploratory tests |
//2008 - //2008 |
|
Investigate / correct defects |
//2008 - //2008 |
|
Execute regression tests |
//2008 - //2008 |
|
Execute UAT |
//2008 - //2008 |
|
Create test summary |
//2008 - //2008 |
|