[4.6.4] Boundary tests not working (skipped)

Question

I have used the soapUI tutorial's sample WSDL, modified it slightly to add a constraint to it and then set up a Boundary Scan security test to try the feature. However, the scan gets skipped all the time. (Apologies for the verbose description; I couldn't upload screenshots.)

Here is what I did in detail:

install soapUI 4.6.4

import SoapUI-Tutorials\sample-soapui-project.xml

edit (and save) SoapUI-Tutorials\WSDL-WADL\sample-service.wsdl as outlined below

right-click on "Sample Project", Add WSDL (using default settings)

click Yes (update interface?)

Sample Simple TestSuite > Security Tests (right-click) > New Security Test

OK (default name)

select Test Request: login (0 scans) > Add securityScan > Boundary Scan > OK

set test up as explained below

start mock service, run security test

tests get skipped

Changes to WSDL

    <xsd:schema targetNamespace="http://www.example.org/sample/">

 <!-- CHANGED/ADDED -->
    <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.example.org/sample/" xmlns:tns="http://www.example.org/sample/" >
   <xsd:simpleType name="usernameType">
     <xsd:restriction base="xsd:string">
     <xsd:length value="9"/>
    </xsd:restriction>
   </xsd:simpleType>
   <!-- END ADDED -->

  <wsdl:message name="loginRequest">
    <wsdl:part name="username" type="xsd:string"/>

  <wsdl:message name="loginRequest">
    <wsdl:part name="username" type="tns:usernameType"/> <!-- CHANGED -->

Boundary Scan Setup

Label:

Name:

Enabled:

XPath:

declare namespace sam='http://www.example.org/sample/';
   declare namespace soapenv='http://schemas.xmlsoap.org/soap/envelope/';
   /soapenv:Envelope/soapenv:Body/sam:login/username

Assertions:

Strategy:

Expected result

similar

parameter is missing type in schema

Actual result

docs

tutorial

christianb · Answer

Here's the full WSDL - still not sure what soapUI means by "parameter is missing type in schema"...

<?xml version="1.0" encoding="UTF-8"?>
<wsdl:definitions name="sample" targetNamespace="http://www.example.org/sample/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://www.example.org/sample/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:con="http://eviware.com/soapui/config">
  <wsdl:types>
 <!-- CHANGED/ADDED -->
    <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.example.org/sample/" xmlns:tns="http://www.example.org/sample/" >
   <xsd:simpleType name="usernameType">
     <xsd:restriction base="xsd:string">
     <xsd:length value="9"/>
    </xsd:restriction>
   </xsd:simpleType>
   <!-- END ADDED -->
   <xsd:element name="searchResponse">
        <xsd:complexType>
          <xsd:sequence>
            <xsd:element name="item" type="tns:ItemType"/>
          </xsd:sequence>
        </xsd:complexType>
      </xsd:element>
      <xsd:complexType name="ItemType">
        <xsd:sequence>
          <xsd:element name="id" type="xsd:string"/>
          <xsd:element name="description" type="xsd:string"/>
          <xsd:element name="price" type="xsd:string"/>
        </xsd:sequence>
      </xsd:complexType>
      <xsd:element name="buyResponse">
        <xsd:complexType>
          <xsd:sequence>
            <xsd:element name="purchasestatus" type="tns:PurchaseStatusType"/>
          </xsd:sequence>
        </xsd:complexType>
      </xsd:element>
      <xsd:complexType name="PurchaseStatusType">
        <xsd:sequence>
          <xsd:element name="id" type="xsd:string"/>
          <xsd:element name="stockStatus" type="xsd:string"/>
          <xsd:element name="expectedDelivery" type="xsd:string"/>
        </xsd:sequence>
      </xsd:complexType>
    </xsd:schema>
  </wsdl:types>
  <wsdl:message name="loginRequest">
    <wsdl:part name="username" type="tns:usernameType"/> <!-- CHANGED -->
    <wsdl:part name="password" type="xsd:string"/>
  </wsdl:message>
  <wsdl:message name="loginResponse">
    <wsdl:part name="sessionid" type="xsd:string"/>
  </wsdl:message>
    <wsdl:message name="logoutResponse">
    <wsdl:part name="sessioninfo" type="xsd:string"/>
  </wsdl:message>
  <wsdl:message name="logoutRequest">
    <wsdl:part name="sessionid" type="xsd:string"/>
  </wsdl:message>
  <wsdl:message name="searchRequest">
    <wsdl:part name="sessionid" type="xsd:string"/>
    <wsdl:part name="searchstring" type="xsd:string"/>
  </wsdl:message>
  <wsdl:message name="searchResponse">
    <wsdl:part name="searchresult" element="tns:searchResponse"/>
  </wsdl:message>
  <wsdl:message name="buyRequest">
    <wsdl:part name="sessionid" type="xsd:string"/>
    <wsdl:part name="buystring" type="xsd:string"/>
  </wsdl:message>
  <wsdl:message name="buyResponse">
    <wsdl:part name="buyresult" element="tns:buyResponse"/>
  </wsdl:message>
  <wsdl:message name="login_faultMsg">
    <wsdl:part name="loginFault" type="xsd:string"/>
  </wsdl:message>
  <wsdl:message name="logout_faultMsg">
    <wsdl:part name="logoutFault" type="xsd:string"/>
  </wsdl:message>
  <wsdl:message name="search_faultMsg">
    <wsdl:part name="searchFault" type="xsd:string"/>
  </wsdl:message>
  <wsdl:message name="buy_faultMsg">
    <wsdl:part name="buyFault" type="xsd:string"/>
  </wsdl:message>
  <wsdl:portType name="ISampleService">
    <wsdl:operation name="login">
      <wsdl:input message="tns:loginRequest"/>
      <wsdl:output message="tns:loginResponse"/>
      <wsdl:fault name="fault" message="tns:login_faultMsg"/>
    </wsdl:operation>
    <wsdl:operation name="logout">
      <wsdl:input message="tns:logoutRequest"/>
      <wsdl:output message="tns:logoutResponse"/>
      <wsdl:fault name="fault" message="tns:logout_faultMsg"/>
    </wsdl:operation>
    <wsdl:operation name="search">
      <wsdl:input message="tns:searchRequest"/>
      <wsdl:output message="tns:searchResponse"/>
      <wsdl:fault name="fault" message="tns:search_faultMsg"/>
    </wsdl:operation>
    <wsdl:operation name="buy">
      <wsdl:input message="tns:buyRequest"/>
      <wsdl:output message="tns:buyResponse"/>
      <wsdl:fault name="fault" message="tns:buy_faultMsg"/>
    </wsdl:operation>
  </wsdl:portType>
  <wsdl:binding name="SampleServiceSoapBinding" type="tns:ISampleService">
    <soap:binding style="rpc" transport="http://schemas.xmlsoap.org/soap/http"/>
    <wsdl:operation name="login">
      <soap:operation soapAction="http://www.example.org/sample/login"/>
      <wsdl:input>
        <soap:body use="literal" namespace="http://www.example.org/sample/"/>
      </wsdl:input>
      <wsdl:output>
        <soap:body use="literal" namespace="http://www.example.org/sample/"/>
      </wsdl:output>
      <wsdl:fault name="fault">
        <soap:fault use="literal" name="fault"/>
      </wsdl:fault>
    </wsdl:operation>
    <wsdl:operation name="logout">
      <soap:operation soapAction="http://www.example.org/sample/logout"/>
      <wsdl:input>
        <soap:body use="literal" namespace="http://www.example.org/sample/"/>
      </wsdl:input>
      <wsdl:output>
        <soap:body use="literal" namespace="http://www.example.org/sample/"/>
      </wsdl:output>
      <wsdl:fault name="fault">
        <soap:fault use="literal" name="fault"/>
      </wsdl:fault>
    </wsdl:operation>
    <wsdl:operation name="search">
      <soap:operation soapAction="http://www.example.org/sample/search"/>
      <wsdl:input>
        <soap:body use="literal" namespace="http://www.example.org/sample/"/>
      </wsdl:input>
      <wsdl:output>
        <soap:body use="literal" namespace="http://www.example.org/sample/"/>
      </wsdl:output>
      <wsdl:fault name="fault">
        <soap:fault use="literal" name="fault"/>
      </wsdl:fault>
    </wsdl:operation>
    <wsdl:operation name="buy">
      <soap:operation soapAction="http://www.example.org/sample/buy"/>
      <wsdl:input>
        <soap:body use="literal" namespace="http://www.example.org/sample/"/>
      </wsdl:input>
      <wsdl:output>
        <soap:body use="literal" namespace="http://www.example.org/sample/"/>
      </wsdl:output>
      <wsdl:fault name="fault">
        <soap:fault use="literal" name="fault"/>
      </wsdl:fault>
    </wsdl:operation>
  </wsdl:binding>
  <wsdl:service name="SampleService">
    <wsdl:port name="SamplePort" binding="tns:SampleServiceSoapBinding">
      <soap:address location="http://www.soapui.org/sample"/>
    </wsdl:port>
  </wsdl:service>
</wsdl:definitions>

christianb · Answer

I tried the same thing earlier with one of our own WSDL, and got a slightly different "error" message in the Boundary Scan window:

No restrictions in schema are specified for this parameter!

After doing a bit of digging, I found the following line (36) in main\java\com\eviware\soapui\security\boundary\BoundaryRestrictionUtill.java

if( "xsd:restriction".equals( mynode.getParent().getNodeName() ) )

The reason soapUI didn't pick up our restriction is that our namespace is xs, not xsd:

<xs:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"

From what I understand, that's perfectly valid XML - which leads me to the question: why is the xsd namespace hardcoded into soapUI?!
Sure enough, after changing xs to xsd in our schema, soapUI was only too happy to oblige...

Mind you, that doesn't fix the initial problem from above (that soapUI can't find the type for the element above and throws the error message "parameter is missing type in schema") and both issues might be completely unrelated, but it's a start.

Could you please fix that issue (hard-coded namespace) in soapUI and investigate where the error with your sample WSDL comes from (I'm sure it's just a user issue), and maybe tell me how I can get my two days back...

Kind regards,

Christian

Forum Discussion

[4.6.4] Boundary tests not working (skipped)

Recent Discussions

Windows installation <user>

Automation for SignalingService

Unable to see receive MQTT message in response

Related Content

Boundary refused characters

test skipped status

Loading https endpoints via soapuiPro - 4.6.4