What is client-server and web

based testing and how to test

these applications
What is the difference between client-server testing and web based testing and
what are things that we need to test in such applications?
Ans:
Projects are broadly divided into two types of:
2 tier applications
3 tier applications
CLIENT / SERVER TESTING
This type of testing usually done for 2 tier applications (usually developed for LAN)
Here we will be having front-end and backend.
The application launched on front-end will be having forms and reports which will be
monitoring and manipulating data
E.g: applications developed in VB, VC++, Core Java, C, C++, D2K, PowerBuilder etc.,
The backend for these applications would be MS Access, SQL Server, Oracle, Sybase, Mysql,
Quadbase
The tests performed on these types of applications would be
- User interface testing
- Manual support testing
- Functionality testing
- Compatibility testing & configuration testing
- Intersystem testing
WEB TESTING
This is done for 3 tier applications (developed for Internet / intranet / xtranet)
Here we will be having Browser, web server and DB server.
The applications accessible in browser would be developed in HTML, DHTML, XML, JavaScript
etc. (We can monitor through these applications)
Applications for the web server would be developed in Java, ASP, JSP, VBScript, JavaScript,
Perl, Cold Fusion, PHP etc. (All the manipulations are done on the web server with the help
of these programs developed)

The DBserver would be having oracle, sql server, sybase, mysql etc. (All data is stored in the
database available on the DB server)
The tests performed on these types of applications would be
- User interface testing
- Functionality testing
- Security testing
- Browser compatibility testing
- Load / stress testing
- Interoperability testing/intersystem testing
- Storage and data volume testing
A web-application is a three-tier application.
This has a browser (monitors data) [monitoring is done using html, dhtml, xml, javascript]> webserver (manipulates data) [manipulations are done using programming languages or
scripts like adv java, asp, jsp, vbscript, javascript, perl, coldfusion, php] -> database server
(stores data) [data storage and retrieval is done using databases like oracle, sql server,
sybase, mysql].
The types of tests, which can be applied on this type of applications, are:
1. User interface testing for validation & user friendliness
2. Functionality testing to validate behaviors, i/p, error handling, o/p, manipulations,
services levels, order of functionality, links, content of web page & backend coverages
3. Security testing
4. Browser compatibility
5. Load / stress testing
6. Interoperability testing
7. Storage & data volume testing
A client-server application is a two tier application.
This has forms & reporting at front-end (monitoring & manipulations are done) [using vb,
vc++, core java, c, c++, d2k, power builder etc.,] -> database server at the backend [data
storage & retrieval) [using ms access, sql server, oracle, sybase, mysql, quadbase etc.,]

The tests performed on these applications would be

1. User interface testing
2. Manual support testing
3. Functionality testing
4. Compatibility testing
5. Intersystem testing
Some more points to clear the difference between client server, web and desktop
applications:
Desktop application:
1. Application runs in single memory (Front end and Back end in one place)
2. Single user only

Client/Server application:
1. Application runs in two or more machines
2. Application is a menu-driven
3. Connected mode (connection exists always until logout)
4. Limited number of users
5. Less number of network issues when compared to web app.
Web application:
1. Application runs in two or more machines
2. URL-driven
3. Disconnected mode (state less)
4. Unlimited number of users
5. Many issues like hardware compatibility, browser compatibility, version compatibility,
security issues, performance issues etc.
As per difference in both the applications come where, how to access the resources. In
client server once connection is made it will be in state on connected, whereas in case of
web testing http protocol is stateless, then there comes logic of cookies, which is not in
client server.
For client server application users are well known, whereas for web application any user can
login and access the content, he/she will use it as per his intentions.
So, there are always issues of security and compatibility for web application.
Over to you: On which application are you working? Desktop, client-server or web
application? What is your experience while testing these applications?

To test the server based applications, you need to perform typical tests like Volume Testing, Stress
Testing, Performance Testing, Recovery Testing, Back up and Restore Testing, Security Testing etc.
The Stress Testing shows that the system has the capacity to handle large numbers of processing
transactions during peak periods. An example of a peak period is when everyone is logging back onto
an on-line system after it has been down.
You will need to perform Volume Testing to find weaknesses in the system with respect to its
handling of large amounts of data during short time periods. Basically, this kind of testing ensures
that the system will process data across physical and logical boundaries such as across servers or
across disk partitions on one server.
To assess performance under all load conditions, you will need to perform Performance
Testing parallel with Volume and Stress testing. System performance is generally assessed in terms
of response times and throughput rates under differing processing and configuration conditions.
If you have identified any business processing cycles like month-end or Quarter-end etc., the system
performance should be tested under emulations of each processing cycle.

Also, Performance testing should cover performance under all hardware and software system
configurations.
One myth about the Client / Server performance problems is that This problem can be fixed by
simply plugging in a more powerful processor." As a tester you will need to convey the truth that
performance degradation may be related to other system components not just the processor.
Problem may be the network, the computer, the application logic itself. Whatever it is, as a good
tester, you'll want to know it before it happens.
Before starting testing the interaction between the application and the network, look at cache
settings, disk I/O, and network cards. From the development team ask the questions like:
How much application logic should be remotely executed?
How much updating should be done to the server database over the network from the

client workstation?
Look at all of the processes running on the machine and all of the resources each process receives.
One suggestion for developers is that they should design the applications that most of
the processing should be on client machine (90% or even more).
Regardless of performance testing strategy, it is important to have the right tools. Sometimes, we
need to have multiple tools to do performance testing (Form performance testing, I mean to say
testing the performance of application and analyzing the database performance).
As performance testing tools are very costly and performance testing is not necessary for every
application. So many companies do not buy these tools. Now, what can be done if you don't have any
automated tool.
In such situations, you can take some help from developers. You can ask them to write some driver
programs in Java or .net. The program should initiate each of 10 or 20 or 50 SQL queries or classes
designed for the application. Each program should also be able to display the name of each query or
class and compile time etc. This approach is bit tricky. I will explain it in some of my other article.
The best approach, however, is to use good test tools like LoadRunner etc.
Apart from performance testing, the other tests can be like Data Security Testing, Data Backup
Testing and data recovery testing.
For Data Security Testing, controlled tests with third party tools needs to be conducted separately
or as part of the system test. For example tools such as SQLEYE can be used to monitor and restrict
database access with third party tools.
As you might know that Error Trapping logic can record the problem, by-pass the corrupt data,
and continue processing as an alternative to a system shut down. It is your responsibility to assure
that the system can properly trap errors.
The defined backup and restore procedures should be tested as part of server testing. While testing
these procedures, some of the following points need to be considered:
How often and when should the backups be done?
What is the backup medium (cartridge, disk)?
Will the backups be manual or automated?
How will it be verified that the backups occur without errors?

 How long and where will backups be saved? How long will it take to restore the last

backup?
The data layer of Client-Server applications can be difficult to test because their functionality is
"hidden" from direct testing through the GUI. Stored procedures and data base triggers are best
tested using counters and profilers.

Web Testing: Complete guide

on testing web applications
n my previous post I have outlined points to be considered whiletesting web applications.
Here we will see some more details on web application testing with web testing test
cases. Let me tell you one thing that I always like to share practical knowledge, which can
be useful to users in their career life. This is a quite long article so sit back and get relaxed
to get most out of it.
Lets have first web testing checklist.
1) Functionality Testing
2) Usability testing
3) Interface testing
4) Compatibility testing
5) Performance testing
6) Security testing
1) Functionality Testing:
Test for all the links in web pages, database connection, forms used in the web pages for
submitting or getting information from user, Cookie testing.
Check all the links:
Test the outgoing links from all the pages from specific domain under test.
Test all internal links.
Test links jumping on the same pages.
Test links used to send the email to admin or other users from web pages.
Test to check if there are any orphan pages.
Lastly in link checking, check for broken links in all above-mentioned links.
Test forms in all pages:
Forms are the integral part of any web site. Forms are used to get information from users
and to keep interaction with them. So what should be checked on these forms?
First check all the validations on each field.
Check for the default values of fields.

Wrong inputs to the fields in the forms.

Options to create forms if any, form delete, view or modify the forms.

Lets take example of the search engine project currently I am working on, In this project
we have advertiser and affiliate signup steps. Each sign up step is different but dependent
on other steps. So sign up flow should get executed correctly. There are different field
validations like email Ids, User financial info validations. All these validations should get
checked in manual or automated web testing.
Cookies testing:
Cookies are small files stored on user machine. These are basically used to maintain the
session mainly login sessions. Test the application by enabling or disabling the cookies in
your browser options. Test if the cookies are encrypted before writing to user machine. If
you are testing the session cookies (i.e. cookies expire after the sessions ends) check for
login sessions and user stats after session end. Check effect on application security by
deleting the cookies. (I will soon write separate article on cookie testing)
Validate your HTML/CSS:
If you are optimizing your site for Search engines then HTML/CSS validation is very
important. Mainly validate the site for HTML syntax errors. Check if site is crawlable to
different search engines.
Database testing:
Data consistency is very important in web application. Check for data integrity and errors
while you edit, delete, modify the forms or do any DB related functionality.
Check if all the database queries are executing correctly, data is retrieved correctly and also
updated correctly. More on database testing could be load on DB, we will address this in web
load or performance testing below.
2) Usability Testing:
Test for navigation:
Navigation means how the user surfs the web pages, different controls like buttons, boxes
or how user using the links on the pages to surf different pages.
Usability testing includes:
Web site should be easy to use. Instructions should be provided clearly. Check if the
provided instructions are correct means whether they satisfy purpose.
Main menu should be provided on each page. It should be consistent.
Content checking:
Content should be logical and easy to understand. Check for spelling errors. Use of dark
colors annoys users and should not be used in site theme. You can follow some standards
that are used for web page and content building. These are common accepted standards like
as I mentioned above about annoying colors, fonts, frames etc.
Content should be meaningful. All the anchor text links should be working properly. Images
should be placed properly with proper sizes.
These are some basic standards that should be followed in web development. Your task is to
validate all for UI testing

Other user information for user help:

Like search option, sitemap, help files etc. Sitemap should be present with all the links in
web sites with proper tree view of navigation. Check for all links on the sitemap.
Search in the site option will help users to find content pages they are looking for easily
and quickly. These are all optional items and if present should be validated.
3) Interface Testing:
The main interfaces are:
Web server and application server interface
Application server and Database server interface.
Check if all the interactions between these servers are executed properly. Errors are handled
properly. If database or web server returns any error message for any query by application
server then application server should catch and display these error messages appropriately
to users. Check what happens if user interrupts any transaction in-between? Check what
happens if connection to web server is reset in between?
4) Compatibility Testing:
Compatibility of your web site is very important testing aspect. See which compatibility test
to be executed:

Browser compatibility
Operating system compatibility
Mobile browsing
Printing options

Browser compatibility:
In my web-testing career I have experienced this as most influencing part on web site
testing.
Some applications are very dependent on browsers. Different browsers have different
configurations and settings that your web page should be compatible with. Your web site
coding should be cross browser platform compatible. If you are using java scripts or AJAX
calls for UI functionality, performing security checks or validations then give more stress on
browser compatibility testing of your web application.
Test web application on different browsers like Internet explorer, Firefox, Netscape
navigator, AOL, Safari, Opera browsers with different versions.
OS compatibility:
Some functionality in your web application is may not be compatible with all operating
systems. All new technologies used in web development like graphics designs, interface calls
like different APIs may not be available in all Operating Systems.
Test your web application on different operating systems like Windows, Unix, MAC, Linux,
Solaris with different OS flavors.
Mobile browsing:
This is new technology age. So in future Mobile browsing will rock. Test your web pages on
mobile browsers. Compatibility issues may be there on mobile.

Printing options:
If you are giving page-printing options then make sure fonts, page alignment, page graphics
getting printed properly. Pages should be fit to paper size or as per the size mentioned in
printing option.
5) Performance testing:
Web application should sustain to heavy load. Web performance testing should include:
Web Load Testing
Web Stress Testing
Test application performance on different internet connection speed.
In web load testing test if many users are accessing or requesting the same page. Can
system sustain in peak load times? Site should handle many simultaneous user requests,
large input data from users, Simultaneous connection to DB, heavy load on specific pages
etc.
Stress testing: Generally stress means stretching the system beyond its specification
limits. Web stress testing is performed to break the site by giving stress and checked how
system reacts to stress and how system recovers from crashes.
Stress is generally given on input fields, login and sign up areas.
In web performance testing web site functionality on different operating systems, different
hardware platforms is checked for software, hardware memory leakage errors,
6) Security Testing:
Following are some test cases for web security testing:

Test by pasting internal url directly into browser address bar without login. Internal

pages should not open.

If you are logged in using username and password and browsing internal pages then

try changing url options directly. I.e. If you are checking some publisher site
statistics with publisher site ID= 123. Try directly changing the url site ID parameter
to different site ID which is not related to logged in user. Access should denied for
this user to view others stats.
Try some invalid inputs in input fields like login username, password, input text

boxes. Check the system reaction on all invalid inputs.

Web directories or files should not be accessible directly unless given download

option.
Test the CAPTCHA for automates scripts logins.
Test if SSL is used for security measures. If used proper message should get

displayed when user switch from non-secure http:// pages to secure https:// pages
and vice versa.
All transactions, error messages, security breach attempts should get logged in log

files somewhere on web server.

I think I have addressed all major web testing methods. I have worked for around 2
years out of my testing career on web testing. There are some experts who have spent their

whole career life on web testing. If I missed out addressing some important web testing
aspect then let me know in comments below. I will keep on updating the article for latest
testing information.