Software Testing

 

What is Software Testing?

Software testing is the process of evaluating and verifying that a software application works as intended, meets requirements, and is free from defects.

In Java/Spring Boot applications, testing ensures

• APIs return expected results.

• Business logic functions correctly.

• The system is performant, secure, and reliable before deployment.

Why Software Testing is Important

• Detects bugs early → Saves cost and time

• Improves code quality → Cleaner, maintainable application

• Ensures business requirements are met

• Enhances performance and security

• Supports CI/CD with confidence

Categories of Testing

Category	Definition	Focus	Spring Boot Example	Common Tools
Functional Testing	Verifies that each function of the software operates according to requirement specifications.	What the system does.	Test /api/orders POST API updates DB and returns confirmation.	Selenium, Postman, RestAssured, JUnit, TestNG, Cucumber
Non-Functional Testing.	Validates performance, security, scalability, and usability aspects.	How the system performs.	Ensure /api/products responds in <200ms under normal load.	JMeter, LoadRunner, OWASP ZAP, Burp Suite, Lighthouse

1. Functional Testing Types (Manual & Automation)

Type	Description	Example (Spring Boot)	Manual Tools	Automation Tools
Unit Testing	Test smallest code units.	Test UserService.getUserById()	IDE Console	JUnit, TestNG, Mockito
Integration Testing	Test interaction between modules.	Controller + Service + Repository.	Postman, DB Client	Spring Boot Test, MockMvc
System Testing	End-to-end full app testing.	Login → Place Order → Verify Invoice	Postman, Browser	Selenium, Cypress
API Testing	Validate REST endpoints.	/api/users POST + GET.	Postman	RestAssured, Newman
Acceptance Testing (UAT)	Verify against business needs.	Client checks order tracking feature.	None specific	Cucumber (BDD)
Smoke Testing	Quick basic checks.	/health endpoint returns OK.	Postman	REST Assured
Sanity Testing	Narrow tests after small changes.	Password reset after update.	Postman	JUnit
Regression Testing	Verify old features after changes.	Re-run login/order/payment flows.	Excel test cases	Jenkins + JUnit/Selenium
Exploratory Testing	Unstructured bug hunt.	Invalid inputs in signup API.	None	None
Usability Testing	Check UX & ease of use.	Verify navigation menus are intuitive.	Browser	Cypress

2. Non-Functional Testing Types

Type	Description	Example (Spring Boot)	Tools
Performance Testing	Test speed, responsiveness, stability.	/api/orders under 500ms for 500 users.	JMeter, Gatling
Load Testing	Test expected workload.	5,000 requests/minute on /api/products.	JMeter
Stress Testing	Test beyond limits.	20k requests until crash.	Locust, JMeter
Security Testing	Identify vulnerabilities.	SQL injection on /api/login.	OWASP ZAP, Burp Suite
Scalability Testing	Measure performance under growth.	Double user load on /api/orders.	JMeter
Compatibility Testing	Works across environments.	API on Chrome, Firefox, Edge.	BrowserStack
Reliability Testing	Consistent output under repeated use.	Multiple DB writes without corruption.	Custom scripts

Manual vs Automated Testing

Manual Testing

• Human executes test cases without tools.

• Best for exploratory, usability, and ad-hoc testing.

• Example: Manually POST /api/login in Postman and verify response.

Automated Testing

• Scripts/tools run tests automatically.

• Best for regression, load, and repetitive tests.

• Example: JUnit + Mockito for service testing; MockMvc for API testing.

Types of Software Testing 

1. Manual Testing Types

Type	Definition	Who Does It
Unit Testing (Manual)	Directly executing code methods in IDE or console to verify logic without automation.	Developer
Integration Testing (Manual)	Manually checking that multiple modules work together correctly.	Developer / QA
System Testing	End-to-end testing of the full application as a complete system.	QA Engineer
User Acceptance Testing (UAT)	Testing done by client/end-users to validate business needs.	Client / Product Owner
Smoke Testing (Manual)	Quick manual check to ensure basic app functionality is working.	QA / DevOps
Sanity Testing	Focused check to confirm a specific bug fix or small change works.	QA Engineer
Regression Testing (Manual)	Re-running previous test cases manually after changes to ensure nothing is broken.	QA Engineer
Ad-hoc / Exploratory Testing	Unstructured creative testing to discover unexpected bugs.	QA Engineer
Usability Testing	Checking user interface for intuitiveness and ease of use.	QA / UX Designer
Compatibility Testing (Manual)	Verifying application works across multiple browsers, devices, or OS.	QA Engineer
Installation Testing	Ensuring the application installs and configures correctly in different environments.	QA / DevOps

2. Automated Testing Types

Type	Definition	Who Does It
Unit Testing (Automated)	Testing the smallest code units automatically using frameworks like JUnit.	Developer
Integration Testing (Automated)	Automated validation that modules and layers interact correctly.	Developer
API Testing (Automated)	Automated testing of REST endpoints for functionality and correctness.	QA / Developer
UI Testing (Automated)	Automated interaction with the web UI to verify expected results.	QA Engineer
Regression Testing (Automated)	Automated re-run of previous tests after code changes.	QA / Automation Engineer
Smoke Testing (Automated)	Automated basic check after deployment/build.	QA / DevOps
Performance Testing	Measuring speed, responsiveness, and scalability of the application.	Performance Engineer
Load Testing	Testing application behavior under expected normal load.	Performance Engineer
Stress Testing	Pushing the application beyond its limits to check stability.	Performance Engineer
Security Testing	Detecting security vulnerabilities in the system.	Security Engineer
Acceptance Testing (BDD)	Automated business-readable tests based on requirements (e.g., Cucumber).	QA / Product Owner
Contract Testing	Ensuring service-to-service API contracts remain intact (e.g., Pact).	Developer
Mutation Testing	Introducing small code changes to ensure tests detect them.	Developer
Chaos Testing	Intentionally breaking infrastructure/components to test resilience.	DevOps / SRE
Accessibility Testing	Ensuring app is usable by people with disabilities.	QA / Accessibility Specialist

Sequence of Testing in a Spring Boot Application

1. Unit Testing → Developer (JUnit + Mockito)

2. Integration Testing → Developer (Spring Boot Test, MockMvc)

3. System Testing → QA (End-to-end API/UI tests)

4. Smoke Testing → QA / DevOps (Quick health check /health)

5. Sanity Testing → QA (Targeted checks after fixes)

6. Regression Testing → QA / Automation Engineer (Automated suite run)

7. Performance & Load Testing → Performance Engineer (JMeter, Gatling)

8. Security Testing → Security Engineer (OWASP ZAP, Burp Suite)

9. User Acceptance Testing (UAT) → Client / Product Owner

10. Production Monitoring Tests → DevOps (Synthetic monitoring with tools like Grafana K6)

Detailed Types of Testing (Java / Spring Boot Context)

Type	Category	Manual / Automated	Who Does It	Description	Example in Spring Boot	Tools
Functional Testing	Functional	Both	QA / Dev	Verifies functional requirements	Test order placement API	JUnit, Postman
Non-Functional Testing	Non-Functional	Automated	QA / Perf Engg	Checks performance, security, scalability	Stress test /api/products	JMeter, Gatling
Unit Testing (Manual)	Functional	Manual	Dev	Direct method calls for debugging	Call UserService.createUser() in IDE	IntelliJ Console
Unit Testing (Automated)	Functional	Automated	Dev	Test smallest code units	UserService.getUserById()	JUnit, Mockito
Integration Testing (Manual)	Functional	Manual	QA / Dev	Manually test module interaction	UI → API → DB check	Postman, DB Client
Integration Testing (Automated)	Functional	Automated	Dev	Verify module interaction	@SpringBootTest with MockMvc	Spring Boot Test, MockMvc
System Testing	Functional	Manual	QA	End-to-end test	Login → Place Order → Download Invoice	Browser, Postman
Smoke Testing (Manual)	Functional	Manual	QA / DevOps	Quick health check	/health endpoint	Postman
Smoke Testing (Automated)	Functional	Automated	CI/CD	Basic CI checks	Test /health in pipeline	RestAssured, Jenkins
Sanity Testing	Functional	Manual	QA	Quick targeted tests	Verify login after bug fix	Postman
Regression Testing (Manual)	Functional	Manual	QA	Retest old features	Re-run payment flow after update	Test case sheet
Regression Testing (Automated)	Functional	Automated	Automation QA	Auto re-run suites	All test cases in CI	JUnit + Selenium
Ad-hoc / Exploratory Testing	Functional	Manual	QA	Creative bug finding	Try invalid payload in signup API	None
Usability Testing	Functional	Manual	QA / UX	User-friendliness test	Navigation flow check	Browser, Figma
API Testing (Automated)	Functional	Automated	QA	Validate REST APIs	/api/orders POST & GET	RestAssured, Postman
UI Testing (Automated)	Functional	Automated	QA	Test web UI	Order page loads correctly	Selenium, Cypress
Performance Testing	Non-Functional	Automated	Perf Engg	Speed under load	500 users hitting /api/products	JMeter, Gatling
Load Testing	Non-Functional	Automated	Perf Engg	Expected workload test	5k req/min	JMeter
Stress Testing	Non-Functional	Automated	Perf Engg	Beyond limits	20k req until crash	JMeter, Locust
Security Testing	Non-Functional	Both	Security Engg	Find vulnerabilities	SQL injection /api/login	OWASP ZAP, Burp Suite
Acceptance Testing (BDD)	Functional	Automated	QA / PO	Business-readable tests	Gherkin login scenario	Cucumber

Common Testing Types & Purposes

Type	Purpose
Unit Testing	Test individual components/modules
Integration Testing	Verify interaction between components
System Testing	Test full integrated system
Acceptance Testing	Validate against business needs
Regression Testing	Ensure updates don’t break old features
Performance Testing	Check speed, responsiveness, stability
Security Testing	Identify vulnerabilities & risks
Usability Testing	Test user-friendliness & UX

Common Tools

• Manual Testing: JIRA, TestRail, Bugzilla (management/bug tracking)

• Automation: Selenium, JUnit, TestNG, Cucumber, Appium

• Performance: JMeter, LoadRunner

• Security: OWASP ZAP, Burp Suite

• CI/CD: Jenkins, GitLab CI/CD

• Coverage: JaCoCo

Example Spring Boot Testing Scenarios

Automated API Test (JUnit + RestTemplate)

@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
class UserApiTest {
    @Autowired
    private TestRestTemplate restTemplate;

    @Test
    void testCreateUser() {
        UserDto user = new UserDto("alice", "alice@example.com", "pass123");
        ResponseEntity<UserDto> res = restTemplate.postForEntity("/api/users", user, UserDto.class);
        assertEquals(HttpStatus.CREATED, res.getStatusCode());
        assertEquals("alice", res.getBody().getUsername());
    }
}

Performance Test (JMeter)

1. Create test plan for /api/orders

2. Set 1000 concurrent users

3. Verify average response time < 500ms

Key Notes in Spring Boot Context

• Use @SpringBootTest for integration tests with full context load

• Mock dependencies using Mockito for isolation

• Use @WebMvcTest for controller-level testing without loading entire app

• Generate coverage reports using JaCoCo in Maven/Gradle builds

• Run tests in CI/CD pipelines before merging to main branch

• Leverage test profiles (application-test.properties) for isolated DB configs

• TestContainers can be used for real DB/integration testing in Docker during CI

• Property-based testing with libraries like jqwik can improve input coverage

• Use WireMock to simulate external service APIs during integration tests

Spring Boot Testing Best Practices

• Unit Tests: JUnit + Mockito for service/repository layer

• Integration Tests: @SpringBootTest for context testing

• API Tests: Postman/RestAssured for endpoint testing

• E2E Tests: Selenium/Cypress for UI flows

• Coverage: Use JaCoCo to track coverage goals