8

Good tests shouldn't shouldn't have duplication and should be concise, however when testing a web application with authentication the test must first get past authentication to perform the desired function.

With many tests this quickly means that the login screen (or equivalent) will be tested numerous times. I would ideally like to avoid this repetition.

One method is to create cookies and sessions to "trick" the browser into thinking the state for the test exists. This method quickly becomes complex with potentially many sessions needing to be created, and also increases the overhead of the test, especially if these need to be combined with database states.

Does anyone have a good solution for a complex applications, or a good pattern for managing multiple sessions, databases, and cookies if this is how they work?

Jon Duffy
  • 468
  • 1
  • 4
  • 11
  • You're not really 'testing' the login function though are you, it's likely to be the same login every time and you will have seperate distinct tests that actually test out the authentication? – Phil Kirkham Jul 11 '14 at 14:12
  • True, but when there are a large number of tests, it seem silly that they all start at the same place. I agree though, once piece of code is used for the login, and its small price to pay. I ideally I would like to be able to have tiny and very specific tests that the devs could run, in a number of seconds when developing a certain area. But I can't see a way of doing this without huge overheads. Just wanted to see if anyone had found the ideal... – Jon Duffy Jul 11 '14 at 15:01
  • so cant the devs test these areas without having to do the whole integration test? – Phil Kirkham Jul 11 '14 at 15:10
  • When developing on their machine, ideally yes. Of course any version of the code will have to pass all test; web driver, code quality, and unit tests etc before the code is approved. – Jon Duffy Jul 11 '14 at 15:13

3 Answers3

4

If I understand correctly, you are looking at ways to make your tests more efficient, so you can get as quickly as possible to the desired state and then perform the actual assertion that the test case is intended to cover. There are a couple of options you have:

  1. Use a class setup method, or application setup method to log in, then re-use your existing, open web browser to execute each test case. You may also need a corresponding cleanup method to execute at the end of each test to get you to a known state for the start of your test case. Most test runners support this, you would need to refer to the documentation of your particular test runner to get syntax.
  2. Incorporate an http library to bypass the UI and send an HTTP request to log in, then set the session cookie value with webdriver's addCookie method so when you navigate to a specific page within your app, you will already be logged in. If you have other crud operations within your app, you can also have non UI versions of those actions as well. I have used this approach for creating new users, creating any kind of user specific content, etc, and have used it in my cleanup methods to delete content at the end of each test case, or test class. This saves time, and is usually more reliable than going through the UI. This is very useful when you have a test case where you want to assert on some behavior on a page showing details about some user created object (let's say an event in a calendar) and that event can have lots of different properties. Since you already have a test to create the calendar event through the UI, you don't need to do it over and over again for all of the tests that require an existing one, so you can send an http request to create the calendar event, then navigate to the page to view the event and execute your test assertion using the UI.
Sam Woods
  • 8,569
  • 24
  • 43
  • Cheers, http library sounds like a good idea. I constantly need to be switching between users in test to see if the interactions between users are working. Deferring already covered actions to none ui requests should save me a lot of time. – Jon Duffy Jul 12 '14 at 10:02
  • @Sam_Woods It's been long time you answered the question. Can you point me to something to learn how the http request can be sent to bypass log in? – saifur Feb 23 '15 at 00:47
  • 1
    It really depends on the authentication mechanism that your application is using, as well as the language which you are wanting to write it for. Most languages have http libraries available like HttpWebRequest in .net, or HTTPBuilder in Java. Essentially, you can use a tool like the network tab in the browser dev tools, or fiddler to capture the traffic going to your web server, and then you would have to create that same request(s) in your code using one of the above mentioned libraries. – Sam Woods Feb 23 '15 at 05:25
0

What I understood from your question. The main concern of yours is to avoid running login process during each test and to avoid this repetition.

I have simple solution for this problem. In your Base Class`, use the following code in "@BeforeClass" (To get cookies) and "@AfterClass" (to store cookies);

public class BaseClass {

    --------------------------- 
    --------------------------- 
    --------------------------- 
    --------------------------- 


    Set<Cookie> cookies;

    @BeforeClass
    public void setup()
    {       

        try
           {
             for(Cookie cookie:cookies)
          {
        driver.manage().addCookie(cookie);
         }
           }
        catch(Throwable e)
           {
        System.err.println("Error While setting Cookies: "+ e.getMessage());
           }

    --------------------------- 
    --------------------------- 
    --------------------------- 
    --------------------------- }


    @AfterClass
    public void tearDown()
    {       

    try
        {
        cookies=driver.manage().getCookies();
        }
        catch(Throwable e)
        {
        System.err.println("Error While getting Cookies:" + e.getMessage());
        }

    driver.quit()   
    --------------------------- 
    --------------------------- 
    --------------------------- 
    --------------------------- }}

Now use the following code into the other test cases by which you can bypass the login steps again and again to avoid repetitions.

@Test
public test1(){

driver.navigate().to("yoururlhere");
-------------------
-------------------
}

This will get login sessions from cookies without repeating login steps.

Usman Kokab
  • 1
  • 1
  • How is your solution different from what Sam Woods proposed in his answer? (in particular in option 2). – dzieciou Jul 23 '19 at 16:53
  • Sam Woods is suggesting to use HTTP request that is good, but in my code I am justing selenium functions; addCookies() and getCookies(). – Usman Kokab Jul 24 '19 at 18:20
0

PageObject design pattern

Every test needs to log in, but code is in one place, and any test will just use it, just 1 line of code. Login is not a problem. Other stuff, to prepare application's data to certain state might be bigger waste of time (but again, can be wrapped as single pageobject call).

If you log just once, then run long trail of tests, they are dependent on the order. Dependency might be a good thing (one test prepares data for next) or not (weak link in the chain and more fragile tests), but you need at least to be aware of it.

Also if you use some trick which bypasses login as user would do it, are you testing your application as user would, or some other configuration? You are opening yourself to to heisenbugs which happen for user and not for your tests.

Community
  • 1
Peter M. - stands for Monica
  • 12,316
  • 26
  • 43
  • 1
    I use the page Object pattern, but when there are a large number of tests a significant percentage of the tests are covering similar screens, like the login page. I'm trying to target issues like this to reduce the running time of the tests. – Jon Duffy Jul 11 '14 at 15:06
  • 2
    so your real issue is that your tests are taking a long time? Are your devs doing unit tests or are you testing everything using integration tests? – Phil Kirkham Jul 11 '14 at 15:11
  • @Phil Kirkham I assume you wanted to ask your question OP (Jon Duffy) not me. – Peter M. - stands for Monica Jul 11 '14 at 15:17
  • 1
    Yeh, my question was below his comment :) – Phil Kirkham Jul 11 '14 at 15:37
  • @Jon Duffy: Phil asked question you, not me. Phil: when you commented on my answer, only I got notification, not Jon Duffy. Use @ to notify person about question – Peter M. - stands for Monica Jul 11 '14 at 16:13
  • 1
    That's not correct Peter. When you post a comment, it automatically notifies the author, the previous commenter, and a single @ user if it exists for a maximum of three notifications per comment. So without an @ notify, you will always get the previous commenter (you in this case) and the post author (you also in this case). – corsiKa Jul 11 '14 at 18:00
  • I stand corrected. Thank you. I remembered only the part of "single @" – Peter M. - stands for Monica Jul 11 '14 at 18:40