A real time example of security testing in web services

Now let's take a real time example of security testing a web service to be tested: the authentication service.

Web service functionality: The authentication service takes as input, username and password and validates whether the credentials are correct or not.

The test to be configured for this service:

SQL injection
XPath injection
Boundary values scan

Why should we use these? Why the preceding scans only?

Well as we can see, the service is an authentication service and takes as input, username and password. When an attacker attacks this service, it will test techniques to gain unauthorized access to the systems, therefore we use the following attack types to test the service:

SQL injection
XPath ...

Get Mastering SoapUI now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Mastering SoapUI by Pranai Nandan

A real time example of security testing in web services

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly