Prevent password leak on test case failure
Hi.
I have a problem with using soapUI in a production environment that I hope you can help me with :-)
We use soapUI via Maven, run from Jenkins to test our production services to see if they are running/working. All the services require authentication, and the test accounts need to be protected since they can access sensitive information.
When a test case fail, though the following is send to the Jenkins console:
[INFO]
[INFO] --- maven-soapui-plugin:3.6.1:test (ServiceChecker1) @ xxx ---
soapUI 3.6 Maven2 TestCase Runner
10:47:25,772 WARN [DefaultSoapUICore] Missing folder [workspace\.\ext] for external libraries
10:47:25,772 INFO [DefaultSoapUICore] Creating new settings at [C:\Documents and Settings\Default User\soapui-settings.xml]
10:47:27,054 INFO [WsdlProject] Loaded project from [file:xxx-soapui-project.xml]
10:47:27,522 INFO [SoapUITestCaseRunner] Running soapUI tests in project [xxx]
10:47:27,522 INFO [SoapUITestCaseRunner] Running Project [xxx], runType = SEQUENTIAL
10:47:27,554 INFO [SoapUITestCaseRunner] Running soapUI testcase [yyy]
10:47:27,569 INFO [SoapUITestCaseRunner] running step [zzz]
10:47:28,710 INFO [WsdlRequestCredentialsProvider] server:80 requires authentication with the realm 'server'
10:47:28,726 INFO [SoapUITestCaseRunner] Assertion [SOAP Response] has status FAILED
10:47:28,726 ERROR [SoapUITestCaseRunner] ASSERTION FAILED -> null/empty response
10:47:28,726 INFO [SoapUITestCaseRunner] Assertion [Contains] has status FAILED
10:47:28,726 ERROR [SoapUITestCaseRunner] ASSERTION FAILED -> null/empty response
10:47:28,726 INFO [SoapUITestCaseRunner] Assertion [XPath Match] has status FAILED
10:47:28,726 ERROR [SoapUITestCaseRunner] ASSERTION FAILED -> null/empty response
10:47:28,726 ERROR [SoapUITestCaseRunner] zzz failed, exporting to [workspace\.\suite-yyy-zzz-0-FAILED.txt]
10:47:28,741 INFO [SoapUITestCaseRunner] Finished running soapUI testcase [yyy], time taken: 1151ms, status: FAILED
10:47:28,741 INFO [SoapUITestCaseRunner] Project [xxx] finished with status [FAILED] in 1203ms
[ERROR] java.lang.Exception: SOAP Response in [zzz] failed;
[null/empty response]
Status: FAILED
Time Taken: 1151
Size: 0
Timestamp: Wed Aug 29 10:47:27 CEST 2012
TestStep: zzz
----------------- Messages ------------------------------
[SOAP Response] null/empty response
[Contains] null/empty response
[XPath Match] null/empty response
----------------- Properties ------------------------------
Encoding: UTF-8
Endpoint: http://server/service.svc
Username: someone
Password: secret
---------------- Request ---------------------------
...dump of request & response
I am not even sure where is comes from. On my local machine this information is not in the suite-yyy-zzz-0-FAILED.txt log file, but does maven-soapui-plugin output this additional data or is maven somehow reading it from somewhere?
And is there a secret switch to prevent this?
A snippet from the maven POM:
<configuration>
<projectFile>xxx-soapui-project.xml</projectFile>
<outputFolder>.</outputFolder>
<testFailIgnore>true</testFailIgnore>
<junitReport>false</junitReport>
<printReport>false</printReport>
</configuration>
Or any workarounds?
- Nikolaj
I have a problem with using soapUI in a production environment that I hope you can help me with :-)
We use soapUI via Maven, run from Jenkins to test our production services to see if they are running/working. All the services require authentication, and the test accounts need to be protected since they can access sensitive information.
When a test case fail, though the following is send to the Jenkins console:
[INFO]
[INFO] --- maven-soapui-plugin:3.6.1:test (ServiceChecker1) @ xxx ---
soapUI 3.6 Maven2 TestCase Runner
10:47:25,772 WARN [DefaultSoapUICore] Missing folder [workspace\.\ext] for external libraries
10:47:25,772 INFO [DefaultSoapUICore] Creating new settings at [C:\Documents and Settings\Default User\soapui-settings.xml]
10:47:27,054 INFO [WsdlProject] Loaded project from [file:xxx-soapui-project.xml]
10:47:27,522 INFO [SoapUITestCaseRunner] Running soapUI tests in project [xxx]
10:47:27,522 INFO [SoapUITestCaseRunner] Running Project [xxx], runType = SEQUENTIAL
10:47:27,554 INFO [SoapUITestCaseRunner] Running soapUI testcase [yyy]
10:47:27,569 INFO [SoapUITestCaseRunner] running step [zzz]
10:47:28,710 INFO [WsdlRequestCredentialsProvider] server:80 requires authentication with the realm 'server'
10:47:28,726 INFO [SoapUITestCaseRunner] Assertion [SOAP Response] has status FAILED
10:47:28,726 ERROR [SoapUITestCaseRunner] ASSERTION FAILED -> null/empty response
10:47:28,726 INFO [SoapUITestCaseRunner] Assertion [Contains] has status FAILED
10:47:28,726 ERROR [SoapUITestCaseRunner] ASSERTION FAILED -> null/empty response
10:47:28,726 INFO [SoapUITestCaseRunner] Assertion [XPath Match] has status FAILED
10:47:28,726 ERROR [SoapUITestCaseRunner] ASSERTION FAILED -> null/empty response
10:47:28,726 ERROR [SoapUITestCaseRunner] zzz failed, exporting to [workspace\.\suite-yyy-zzz-0-FAILED.txt]
10:47:28,741 INFO [SoapUITestCaseRunner] Finished running soapUI testcase [yyy], time taken: 1151ms, status: FAILED
10:47:28,741 INFO [SoapUITestCaseRunner] Project [xxx] finished with status [FAILED] in 1203ms
[ERROR] java.lang.Exception: SOAP Response in [zzz] failed;
[null/empty response]
Status: FAILED
Time Taken: 1151
Size: 0
Timestamp: Wed Aug 29 10:47:27 CEST 2012
TestStep: zzz
----------------- Messages ------------------------------
[SOAP Response] null/empty response
[Contains] null/empty response
[XPath Match] null/empty response
----------------- Properties ------------------------------
Encoding: UTF-8
Endpoint: http://server/service.svc
Username: someone
Password: secret
---------------- Request ---------------------------
...dump of request & response
I am not even sure where is comes from. On my local machine this information is not in the suite-yyy-zzz-0-FAILED.txt log file, but does maven-soapui-plugin output this additional data or is maven somehow reading it from somewhere?
And is there a secret switch to prevent this?
A snippet from the maven POM:
<configuration>
<projectFile>xxx-soapui-project.xml</projectFile>
<outputFolder>.</outputFolder>
<testFailIgnore>true</testFailIgnore>
<junitReport>false</junitReport>
<printReport>false</printReport>
</configuration>
Or any workarounds?
- Nikolaj
