Securing test information

Sometimes, a test must contain sensitive information, such as user names or passwords to access the application being tested. OpenText Functional Testing enables you to make this data harder to access.

GUI testing

  • Use the SetSecure test object method instead of the normal Set method to enter passwords into password fields.

    OpenText Functional Testing automatically records a SetSecure step when you record on a standard password field.

  • When retrieving password data from another source during a run, store the data in a variable and then use the Crypt.Encrypt method to encrypt the value before using it with a SetSecure step.

  • When using the Data Table to provide data for a password field, use the Data > Encrypt right-click option to encrypt the data.

  • To generate an encoded value for a password field, use the Password Encoder tool.

Note: The above tools and methods do not use a global standard for encryption. The encryption is not considered nor intended to be fully secure.

Its purpose is only to ensure that passwords will not be readily visible on the screen while recording, editing or running a test or component.

If you are using real customer data or other sensitive information, you should take additional steps to ensure the security of that data.

API testing

  • Use event handlers to encrypt passwords in your API tests.

  • Set security properties for accessing your Web service calls during API tests which contain HTTP or Web Service call activities.

See also: