integration test style missing from 'S-O Design with Ruby and Rails'?
52 views
Skip to first unread message
Lille
Aug 8, 2011, 7:58:27 AM8/8/11
to Service Oriented Design With Ruby
Hey,
I've been reading Paul's 'S-O Design with Ruby and Rails' rather
closely, and something important eludes me. Paul states the importance
of SOA integration testing on pg. 120, his app architecture sketch on
pg. 33 and his suggestion about how to handle joins between service
modules on 74 suggests that Rails can be used as an integrator (front-
end?) for a Ruby SOA. Finally, his code on pg. 138 depicting the
interaction of three example services also indicates that the services
are initiated and orchestrated, e.g., the Hydra manager is started,
from one place. So, I'm hoping someone can suggest the steps by which
one might, say, integrate a service client module into a Rails app and
then confirm the expected interactions are taking place via
integration testing. (For example, since each service is served
independently in some way, I guess I would have to start the service
module services independently of the integration test?)
Thanks,
Lille
I've been reading Paul's 'S-O Design with Ruby and Rails' rather
closely, and something important eludes me. Paul states the importance
of SOA integration testing on pg. 120, his app architecture sketch on
pg. 33 and his suggestion about how to handle joins between service
modules on 74 suggests that Rails can be used as an integrator (front-
end?) for a Ruby SOA. Finally, his code on pg. 138 depicting the
interaction of three example services also indicates that the services
are initiated and orchestrated, e.g., the Hydra manager is started,
from one place. So, I'm hoping someone can suggest the steps by which
one might, say, integrate a service client module into a Rails app and
then confirm the expected interactions are taking place via
integration testing. (For example, since each service is served
independently in some way, I guess I would have to start the service
module services independently of the integration test?)
Thanks,
Lille
Clarence Bakirtzidis
Aug 8, 2011, 7:33:54 PM8/8/11
to service-oriented...@googlegroups.com
Assuming each service has a test suite to test itself in isolation you could then use a HTTP mocking library like WebMock (https://github.com/bblimke/webmock) or FakeWeb to assert the correct HTTP interactions with the module services in the Rails app via your client library. For real integration testing though, you'd need to start the module services first and then run your integration tests (e.g. using Cucumber or RSpec and Capybara/Selenium to drive the rails app) and then assert expected results in the Rails app.
Not sure if this is what you were after but hope it helps.
Regards,
Clarence.
--
You received this message because you are subscribed to the Google Groups "Service Oriented Design With Ruby" group.
To post to this group, send email to service-oriented...@googlegroups.com.
To unsubscribe from this group, send email to service-oriented-desig...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/service-oriented-design-with-ruby?hl=en.
G-man
Aug 9, 2011, 7:53:14 AM8/9/11
to Service Oriented Design With Ruby
Clarence,
Thanks. Yes, I am familiar with the tools to which you refer.
I think my confusion in this area relates to my limited experience
with deployment. In particular, I am grappling with the idea of a
"front-end", say in Rails, that interacts with services, say,
implemented like Paul describes, in a secure environment. Beside the
firewall, Paul discusses other approaches to ensuring only authorized
users access services -- an RBAC service. What's new to me is the idea
that a security service is separate from the application server(?) For
example, I have implemented a module Paul mentions, Authlogic, in my
Rails applications -- but it is involved in the same set of
controllers that responds to user requests for other resources. I
guess I need to eliminate the notion that when building any service,
the mechanism for securing it should be contemplate as inhering in its
server. Rather, it seems, I should expect to implement authentication
services later, when I know the setting for my service, e.g., in a SOA
architecture.
G
On Aug 8, 7:33 pm, Clarence Bakirtzidis <claren...@gmail.com> wrote:
> Assuming each service has a test suite to test itself in isolation you could
> then use a HTTP mocking library like WebMock (https://github.com/bblimke/webmock) or FakeWeb to assert the correct HTTP
> interactions with the module services in the Rails app via your client
> library. For real integration testing though, you'd need to start the
> module services first and then run your integration tests (e.g. using
> Cucumber or RSpec and Capybara/Selenium to drive the rails app) and then
> assert expected results in the Rails app.
>
> Not sure if this is what you were after but hope it helps.
>
> Regards,
> Clarence.
>
Thanks. Yes, I am familiar with the tools to which you refer.
I think my confusion in this area relates to my limited experience
with deployment. In particular, I am grappling with the idea of a
"front-end", say in Rails, that interacts with services, say,
implemented like Paul describes, in a secure environment. Beside the
firewall, Paul discusses other approaches to ensuring only authorized
users access services -- an RBAC service. What's new to me is the idea
that a security service is separate from the application server(?) For
example, I have implemented a module Paul mentions, Authlogic, in my
Rails applications -- but it is involved in the same set of
controllers that responds to user requests for other resources. I
guess I need to eliminate the notion that when building any service,
the mechanism for securing it should be contemplate as inhering in its
server. Rather, it seems, I should expect to implement authentication
services later, when I know the setting for my service, e.g., in a SOA
architecture.
G
On Aug 8, 7:33 pm, Clarence Bakirtzidis <claren...@gmail.com> wrote:
> Assuming each service has a test suite to test itself in isolation you could
> then use a HTTP mocking library like WebMock (https://github.com/bblimke/webmock) or FakeWeb to assert the correct HTTP
> interactions with the module services in the Rails app via your client
> library. For real integration testing though, you'd need to start the
> module services first and then run your integration tests (e.g. using
> Cucumber or RSpec and Capybara/Selenium to drive the rails app) and then
> assert expected results in the Rails app.
>
> Not sure if this is what you were after but hope it helps.
>
> Regards,
> Clarence.
>
Paul Dix
Aug 9, 2011, 1:53:34 PM8/9/11
to service-oriented...@googlegroups.com
I agree with what Clarence said. For the authentication question, it
really depends on who the client of the service is. For example, if
it's only going to be used by other programs internally, it's enough
to just have it behind a firewall. If it's going to be access by other
external programs, the hmac example works well.
really depends on who the client of the service is. For example, if
it's only going to be used by other programs internally, it's enough
to just have it behind a firewall. If it's going to be access by other
external programs, the hmac example works well.
If it's going to be accessed directly by end users, you'll need
something else. For that it's enough to have the front end app
authenticate and set a cookie, which can be sent to the other services
and checked there. If it's going to be external programs accessing the
services on behalf of end users, you'll want to use OAuth.
No matter what you do, if you're going to worry about security, do
everything through SSL (not just the login).
Hope that helps,
Paul
Reply all
Reply to author
Forward
0 new messages