A JDK 8 and the
WildFly 10.1.0
Application Server are required for
executing the integration test. Unzip the WildFly distribution into a path without empty spaces to be on the safe side.
Next you need the SecurityPriceService distribution and (optionally) the HttpMonitor
which are available within the Downloads section. The latter one is only needed if you want to monitor the
exchange of the SOAP requests and SOAP responses on the wire. The SecurityPriceService test client is preconfigured to use the
HttpMonitor as intermediary agent, that is if you skip the HttpMonitor
an extra configuration step is required later on. Both the
SecurityPriceService distribution and the HttpMonitor can be unzipped
into a directory of your choice.
 |
First, I will give you an overwiew where to find the subsequent mentioned (configuration) files within the HttpMonitor
and SecurityPriceService projects.
HttpMonitor
- httpmonitor.properties
- setup-java-home
- start-http-monitor
- stop-http-monitor
- log
- WorkTracer-0.log
SecurityPriceService
- certificates.jks
- module.xml
- setup-java-home
- SecurityPriceService-client
- integrationtest.properties
- run-integration-tests
- log
- IntegrationTests.log
- xml
- extra-request.xml
- extra-response.xml
Next, you may carry out the five subsequent configuration steps according to your system environment:
| (1) |
Navigate to the base directory of the SecurityPriceService distribution and enter a path to a JDK1.7+ into
setup-java-home.bat (Windows) or rather
setup-java-home.sh (Linux). The same applies for the HttpMonitor.
|
| (2) |
Copy the certificates.jks file from the base directory of the SecurityPriceService distribution
to the <WILDFLY_HOME>/standalone/configuration directory.
|
| (3) |
You will need to enter the absolute path to your WildFly instance into the
de.christofreichardt.jaxws.securitypriceservice.wildfly_home property
from the integrationtest.properties file of the
SecurityPriceService-client sub-project.
|
1 |
# Path to Wildfly |
2 |
de.christofreichardt.jaxws.securitypriceservice.wildfly_home=C:/Users/Developer/AppServer/wildfly-8.2.0.Final |
3 |
... |
|
integrationtest.properties
|
|
| (4) |
Review the connection data as provided by the httpmonitor.properties of the HttpMonitor
application and the integrationtest.properties of the SecurityPriceService-client
sub-project.
|
By default the connections will be established as shown below:
The HttpMonitor effectively acts as a small proxy server between client and service since multiple concurrent client requests
can be relayed. However, by default only one worker thread will transmit incoming requests.
3 |
... |
4 |
# WSDL location |
5 |
de.christofreichardt.jaxws.securitypriceservice.wsdl_location=http://localhost:8080/SecurityPriceService-server-0.0.1-SNAPSHOT/securitypriceservice?wsdl |
6 |
|
7 |
# service endpoint |
8 |
de.christofreichardt.jaxws.securitypriceservice.endpoint=http://localhost:7070/SecurityPriceService-server-0.0.1-SNAPSHOT/securitypriceservice |
9 |
... |
|
integrationtest.properties
|
|
If the port 7070 is occupied by another application you may configure another port by
editing the de.christofreichardt.jaxws.securitypriceservice.endpoint and
de.christofreichardt.httpmonitor.clientPortNo properties or you
may skip the intermediary HttpMonitor altogether.
12 |
... |
13 |
# the port number of the incoming http requests |
14 |
de.christofreichardt.httpmonitor.clientPortNo = 7070 |
15 |
|
16 |
# the number of worker threads which will monitor and forward the http requests |
17 |
de.christofreichardt.httpmonitor.nThreads = 1 |
|
httpmonitor.properties
|
|
| (5) | Since the service itself connects to the internet you might have to configure a http proxy for the service. By default the service uses no proxy. If you are experiencing problems with the test cases 'Mixed Price Request' and 'Extra Price Request' (see next section) the direct access to the internet might be blocked. Look up for the connection settings of your internet browser or contact your network administrator to retrieve the proxy address. |
12 |
... |
13 |
# proxy host |
14 |
#de.christofreichardt.jaxws.securitypriceservice.http.proxyHost=88.159.122.107 |
15 |
|
16 |
# proxy port |
17 |
#de.christofreichardt.jaxws.securitypriceservice.http.proxyPort=80 |
|
integrationtest.properties
|
|
| (1) | Mixed Price Request |
| This is a price request by a user well known to the service. The request contains ISINs and WKNs of several securities (Shares, Index Certificates and Options). The service should be able to serve all but one Security Identification Number. The test case validates that the service returns the correct number of prices and that the service identifies the correct securities (DAX Index Certificate by Commerzbank, Volkswagen Share, CALL on DAX Performance-Index and Osram Share). | |
| (2) | Price Request by unkown user |
| This is the exact same request as before but by a user unkown to the service. It is expected that the service throws a protocol exception with the message "Unknown user: 'unknown'.". | |
| (3) | Cheating Price Request |
| Again the exact same request as before but by a cheater pretending to be a certain user known by the service. It is expected that the service recognizes the invalid signature and throws thereupon a protocol exception with message "Invalid Signature." | |
| (4) | Offline Price Request |
| This is a request for the offline provider containing only one ISIN. This test case should be executed successfully even if the OnVista site is down. | |
| (5) | Replay Attack |
An attacker could listen in a price request (and response) since the traffic on the wire isn't encrypted. The service must
keep track of the transaction ids belonging to the requests from certain users to avoid
Replay Attacks. Only transaction ids
greater than the transaction id which has been used most recently by a particular user are considered valid.
It is expected that the service throws a SecurityPriceServiceException with
message "Illegal transactionId: x."
|
|
| (6) | Missing Signature |
| The service only processes correctly signed price requests. It is expected that missing signatures lead to a protocol exception with message "No Signature element found." | |
| (7) | Extra Price Request |
This is an extra request for experiments. You may edit the file
./SecurityPriceService-client/xml/extra-request.xml
and insert your own Securities Identification Numbers. The (extracted) response from the service will be
marshalled into the file ./SecurityPriceService-client/xml/extra-response.xml
|
First, you may start the HttpMonitor via start-http-monitor, if applicable.
On Windows systems double-click suffices if anything has configured correctly. Generally, the applications assume that the
working directory is the respective project directory. That is on Linux systems you must use the bash and must navigate to the
project directories to run the provided start scripts.
$ ./start-http-monitor.sh ... Monitoring ... Monitoring ... Monitoring ... ...
I'm using Cargo to instrument the WildFly Application Server.
Hence there is no need to manually manage WildFly. Execution of the integration tests automatically starts the Server.
Thereupon the current SecurityPriceService-server.war will be picked up and deployed to the
configured WildFly instance.
After the completion of the integration tests the server will be shut down again.
$ ./run-integration-tests.sh ... result.getRunCount() = 7 result.getFailureCount() = 0 result.getRunTime() = 24359ms ...
You may review the IntegrationTests.log of the test run for a detailed view.
The HttpMonitor has recorded the following SOAP exchanges during this run:
WorkTracer-0.log. You may stop the HttpMonitor
via stop-http-monitor.
