UCD Kuali Rice
UCD Kuali Rice
1.0.0
Test Plan
Version 1.0.1
September 1, 2009
Prepared by:
Emerson David
Information and Educational Technology
University of California, Davis
Reviewed by:
Hampton Sublett
Curtis Bray
Deborah Lauriano
Introduction
Kuali Rice is a set of integrated enterprise middleware tools that isolates many of the complications
inherent in J2EE environment, allowing high quality business applications to be built in an agile
fashion. Kuali Rice currently offers workflow (KEW), messaging (KEN), an enterprise service bus
(KSB), identity and access management for Kuali applications (KIM) and a development framework
for implementing the tools (KNS).
It is anticipated that Kuali Rice will become a formal standard for campus-level administrative
services. Further, Rice is expected to become an implementation and investment priority for campuslevel academic services as well as for departmental services that will be scaled, or might be
considered for scaling, across colleges or supported at a campus level.
As a campus standard, Kuali Rice's interfaces and protocols, such as Kuali Service Bus (KSB) and
Kuali Enterprise Workflow (KEW), will be used by departmental applications to interface with major
campus administrative systems. Finally, an expectation of compatibility with or use of Kuali Rice will
be a standard component of our procurement process for major campus software. Specific details
regarding campus standards will be developed, published, and shared with the campus community
through a collaborative, evolutionary process.
The purpose of this Test Plan is to test:
1. integration with UCD CAS
2. integration with UCD LDAP
3. correct assignment of Rice administration-level roles and privileges
4. successful routing of a document via eDocLite
5. successful routing of a document via a Rice-enabled application
Reference Documents
UC Davis Kuali Rice Policy 200-45 Conceptual Review
http://admincomputing.ucdavis.edu/secure/projects/kuali-rice/Kuali-Rice-Conceptual.pdf
A Roadmap for Kuali Rice at UC Davis (DRAFT)
https://confluence.ucdavis.edu/confluence/display/CIAA/A+Roadmap+for+Kuali+Rice+at+UC+Davis
Kuali Rice Foundation Documentation
https://test.kuali.org/confluence/display/KRDOC/Home+(1.0.0)
Software Test Environment
Hardware Configuration: Tester will need a PC or a Mac
Software Configuration and Web Browsers (user must have one of the following configurations):
PC: Internet Explorer 7 or higher, Firefox 3 or higher
MAC: Safari 3 or higher, Firefox 3 or higher
UNIX: Firefox 3 or higher
Test Set-Up: Kerberos login required.
Control
Software Test Plan and Procedure: The test plan will be run by the tester and issues/bugs/questions will be
entered into the results section of this test plan. The completed Test Plan will be returned to Hampton Sublett
(hsublett@ucdavis.edu). Hampton will catalog and prioritize unresolved issues/bugs/questions in Jira (bug
tacking system) for the programmers to resolve. After the programmers resolve the issues Hampton will repeat
failed tests until successful.
Personnel: Execution of this test plan will be performed by Steven Hillman.
Test Cases: The Test Plan is divided into sections in order to test the refactored enhancements against the
Functional Requirements (see below). See Appendix A for the list of Test Cases mapped to requirements.
Results:
Each test case has a procedure, tester inputs/actions, expected results, and actual results.
Test Completion Criteria: Each test results in either a Pass or Fail.
Results Recorded: All testing results will be documented in the results column of each Test Case. If a test
Fails, testers should document all issues/bugs/questions; what went wrong, when, and how, including
screenshots if applicable. All testing results should be represented in this test plan. The results will be ranked
most critical to least critical by the Program Manager (Hampton sublett) and all issues will be entered into Jira
(IET bug tacking system) accordingly.
Suspension/Resumption Requirements: All Test Cases will be run until completed.
If an issue is
encountered that stops the tester from continuing the Test Plan, he/she should contact the Rice Admin and a
decision will be made to suspend or resume testing within specified conditions. If corrections are made to the
system during testing, or as a result of an issue that suspends testing, the testers will resume testing, starting
from the beginning of the Test Case.
Requirements – Kuali Rice 1.0.0
Functional Testing
1. Routing documents using eDocLite
a. Initiate an eDocLite document: eDocLite Example 1
b. Approve a document
c. Disapprove a document
d. Add a Note and attach a file
2. Routing documents using a Rice-embedded application
a. Initiate a document: SampleEmbeddedClientDocument
b. Approve a document
c. Disapprove a document
3. Rice Unsecured Web Page Tests (https://test.kuali.org/confluence/display/KULRICE/Functional+Testing)
Integration Testing
1. Integration with LDAP
a. Searching for users using off-characters such as [ !, &, %, $, #, *, -, etc.]
b. Plugging HTML tags into search fields
Security Testing
1. Authentication via CAS
a. Authenticating as yourself
b. Authenticating while already authenticated into another application
2. Rice Secured Web Page Tests (https://test.kuali.org/confluence/display/KULRICE/Functional+Testing)
a. Workflow
i. Rule Attribute
ii. Rule Template
iii. XML Stylesheet
iv. XML Ingestion
v. Document Operation
b. Notification
i. Manage Content Types
c. Service Bus
i. Message Queue
ii. Thread Pool
iii. Service Registry
iv. Quartz
v. Security Management
3. IBM Rational Appscan Tests
Load Testing
1. Silk Performer Load Tests (https://confluence.ucdavis.edu/confluence/x/cQH1)
Appendix A – Target Instances
Test Suites
Functional Testing



Routing documents using eDocLite
Routing documents using a Rice-embedded application
Rice Unsecured Web Page Tests
Target Instance
DEV-NIGHT
http://rice-dev-night.ucdavis.edu
Integration Testing

Integration with LDAP
Security Testing


Authentication via CAS
Rice Secured Web Page Tests
Functional Testing



Routing documents using eDocLite
Routing documents using a Rice-embedded application
Rice Unsecured Web Page Tests
DEV-INT
http://rice-dev-int.ucdavis.edu
Integration Testing

Integration with LDAP
Security Testing


Authentication via CAS
Rice Secured Web Page Tests
Functional Testing



Routing documents using eDocLite
Routing documents using a Rice-embedded application
Rice Unsecured Web Page Tests
TEST
http://rice-test.ucdavis.edu
Integration Testing

Integration with LDAP
Security Testing


Authentication via CAS
Rice Secured Web Page Tests
Functional Testing



Routing documents using eDocLite
Routing documents using a Rice-embedded application
Rice Unsecured Web Page Tests
Integration Testing

Integration with LDAP
Security Testing




Authentication via CAS
Enforcement of Kuali Service Bus security
Rice Secured Web Page Tests
IBM Rational AppScan Testing
Load Testing

Silk Performer Load Test
STAGE
http://rice-stage.ucdavis.edu
Test Suites
Functional Testing

Rice Unsecured Web Page Tests
Integration Testing

Integration with LDAP
Security Testing


Authentication via CAS
Rice Secured Web Page Tests
Target Instance
PROD
http://rice.ucdavis.edu
Appendix B - Use Cases
Functional Testing
Test Case
Routing documents using eDocLite
A-1
Routing documents using a Rice-embedded application
A-2
Rice Unsecured Web Page Tests
A-3
Integration Testing
Integration with LDAP
B-1
Security Testing
Authentication via CAS
C-1
Enforcement of Kuali Service Bus security
C-2
Rice Secured Web Page Tests
C-3
IBM Rational AppScan Tests (https://confluence.ucdavis.edu/confluence/x/cQH1)
Load Testing
Load Tests (https://confluence.ucdavis.edu/confluence/x/cQH1)
Table A-1
Routing documents via eDocLite
Test Set-up Procedure
Set-up
Step
No.
1.
Set-up Operator Actions
Clear web browser cache (Without clearing your browser cache, the PDF documents tested may not show the new changes and test results may not be accurate.)
Test Procedure
Test
Step
No.
1a.
1b.
2.
3a.
Test Inputs / Operator Actions
Initiate an eDocLite document
1. Authenticate as yourself
2. In the Main Menu tab, under the
Workflow section, click on eDoc Lite
3. Click search
4.
Find Document Type
eDoc.Example1Doctype
5. Click on Create Document
6. Click route (without filling out the form)
Create and Route Test eDocLite
same as 1a, except:
1. fill out the form
2. Click route
3. Note the Document Id
4. Under the Main Menu tab, click Doc
Search
5. Search by the Document Id
6. Open the Document
Approve a Document
1. Authenticate as someone authorized to
approve the Document from 1b
2. Under the Main Menu tab, click Action
List
3. Click on the Document Id
4. Open the Document
5. Click approve
Disapprove a Document
1. Repeat steps 1-2 from 1b and create a
new Document
2. Authenticate as someone authorized to
approve the Document
3. Repeat steps 2-4 from 2
4. Click disapprove
Expected Results
 Get “error: Please enter your full name”
 Get “error: Enter a valid date in the format mm/dd/yyyy.”
 Document shows as ENROUTE status.
 Document fields are protected from editing.
 Document goes into FINAL status.
 Document goes into DISAPPROVED status.
Please indicate what
Operating System:
operating system and
web browser you are
Browser:
using for this test: (PC or
Mac, IE 7 or Firefox 3, etc.)
TESTING / ACTUAL RESULTS
(Pass or Fail - document all Failures)
3b.
1.
2.
3.
4.
5.
4.
Authenticate as the person who initiated
the Document (e.g. yourself)
Under the Main Menu tab, click Action
List
Click on the Document Id
Open the Document
Click acknowledge
Add a Note and attach a file
1. Repeat steps 1-2 from 1b and create a
new Document
2. Type a note in the Note field.
3. Next to the Attachment field, click
Browse
4. Browse for some PDF and click Open
5. Under Action, click save
6. Click route
7. Note the Document Id
6. Under the Main Menu tab, click Doc
Search
7. Click on the Document Id you just
created
8. Open the Document
9. Under the View Notes section, click
download
Tester Recommendations:
 The initiator is prompted to acknowledge the disapproval
 Under Create Note, a section call View Notes appears with
text you typed in.
 At the bottom of the Note, the name of the file you attached
appears
 Next to the file name, a download link appears
 Upon clicking download, the file you attached should open
Table A-2
Routing documents using a Rice-embedded Application
Test Set-up Procedure
Set-up
Step
No.
1.
Set-up Operator Actions
Open a web browser and launch Sample-Embedded Client: http://localhost:8080/sample-embedded-client
Test Procedure
Test
Step
No.
1.
2a.
2b.
3.
Test Inputs / Operator Actions
Expected Results
Initiate a document
1. At the main page, click Create a new
document
2. For Create document as User, enter
your Kerberos ID
3. For Route document as User, enter
someone else’s Kerberos ID
4. You can leave XML Payload empty, but if
you put something in, the content must be
surrounded by well-formed XML tags.
5. Click Route a new Document
6. Note the Document ID that was created
Approve a Document- Authorized
Approver
1. At the main page, click Load an existing
Document
2. Enter the Document Id from 1
3. For Load document as User, enter the
Kerberos ID of the person to whom you
routed the document in 1
4. Click Load the Document
5. Click approve
Approve a Document- Unauthorized
Approver
1. Repeat steps 1-6 from 1
2. At the main page, click Load an existing
Document
3. Enter on the Document Id from 1
4. For Load document as User, enter a
Kerberos ID other than that of the person
to whom you routed the document in 1
5. Click Load the Document
Disapprove a Document
 Get directed to the Document Created screen that says
“Document was successfully created with id <Document ID>
!”
 Get directed to the Document Loaded screen, with an
Approve button and a Disapprove button
 Get directed to the Action Submitted screen
 Get directed to the Document Loaded screen, with neither
an Approve button nor a Disapprove button
 Get directed to the Action Submitted screen
Please indicate what
Operating System:
operating system and
web browser you are
Browser:
using for this test: (PC or
Mac, IE 7 or Firefox 3, etc.)
TESTING / ACTUAL RESULTS
(Pass or Fail - document all Failures)
6.
7.
8.
Repeat steps 1-3 from 2b
For Load document as User, enter the
Kerberos ID of the person to whom you
routed the document in 2b
Click disapprove
Tester Recommendations:
Table A-3
Rice Unsecured Web Page Tests
Test Setup Procedure
Set-up
Step
No.
1.
2.
3.
Test
Step
No.
1.
Set-up Operator Actions
Authenticate to the target Kuali Rice instance.
Click the Administration tab.
Enter your Kerberos login name and password. (Click “OK” through certificate warning messages if any)
Kuali Rice Administration page appears.
Test Inputs / Operator Actions
Execute Rice Unsecured Page Tests
Use section C-3 as a guide to secure/unsecure
pages.
Expected Results
https://test.kuali.org/confluence/display/KULRICE/Functional
+Testing#FunctionalTesting-Pages
For all Lookup pages, try at least a blank search and two
combinations of different search terms, trying every button at
least once, including each of the field Help buttons and the
Clear/Cancel buttons on bottom.
As an example, one possible run-thru of Document Lookup
would be the following:

Perform a blank search (no fields filled)

Perform a Date Created From search (using the
calendar button) with a Document ID entered

Perform a nested Type search (using the search
button by Type)- in Doc Type Lookup perform
another nested search by Parent Doc Type- with a
Date Created To (using the calendar button)

Perform a nested Initiator search (search button by
Initiator), with a Date (typed in)
Note that the nested searches will leave you with fewer
potential combinations to check for Person Lookup and
Document Type. Also try to do at least one double nested
search wherever possible.
1a.
Backdoor Login appears/doesn’t appear
As you go through pages, ensure that the
backdoor login appears for DEV-NIGHT/INT and
TEST, and does not appear for STAGE and PROD
For DEV-NIGHT/INT and TEST

Backdoor login box/button appears to the right of
“Logged in User: <your Kerberos User Name>”
For STAGE and PROD

Backdoor login box does not appear on any page
Please indicate what
Operating System:
operating system and
web browser you are
Browser:
using for this test: (PC
or Mac, IE 7 or Firefox 3,
etc.)
TESTING / ACTUAL RESULTS
(Pass or Fail - document all Failures)
2.
After Obtaining Proper Role, Execute Rice
Secure Page Tests
Tester Recommendations:
Same as step 1/1a on secure pages.
Table B-1
Integration with LDAP
Test Setup Procedure
Set-up
Step
No.
1.
2.
3.
Set-up Operator Actions
Authenticate to the target Kuali Rice instance.
Click the Administration tab.
Enter your Kerberos login name and password. (Click “OK” through certificate warning messages if any)
Kuali Rice Administration page appears.
Test Procedure
Test
Step
No.
Test Inputs / Operator Actions
Expected Results
1a.
Search by Principal Name
(Kerberos ID)
 A single record is returned.
1b.
Search by Principal ID
Use the same Kerberos ID as 1a
 The same single record from 1a is returned.
2.
Search by First Name or Last Name
Use a last name that will return large sets of
records
 Several records are returned
 OR an exception get returned saying that the LDAP
administrative limit is hit
3.
Search by several criteria
 Zero or more records are returned.
Search by errant criteria:
Use off-characters such as
 integers
 symbols
 spaces
 apostrophe’s
 hyphens
 accented characters, etc.
Search by errant criteria:
Plug HTML tags into search fields
Search by Listings E-mail
Search by an e-mail that known to the
ou=Listings (WP) subtree in LDAP and not
known to the ou=People subtree.
 Rows returned if these characters actually exist in people’s
names
4a.
4b.
5.
Values to check:
cmbowe@ucdavis.edu
and
 No rows returned
 Two records returned for each search
 Use Clear button between searches or alternate people to
ensure update of results
Please indicate what
Operating System:
operating system and
web browser you are
Browser:
using for this test: (PC or
Mac, IE 7 or Firefox 3, etc.)
TESTING / ACTUAL RESULTS
(Pass or Fail - document all Failures)
constance_bowe@hms.harvard.edu
rmszabo@ucdavis.edu
and
robert.szabo@ucdmc.ucdavis.edu
Tester Recommendations:
Table C-1
Authentication via CAS
Test Procedure
Test
Step
No.
1.
Test Inputs / Operator Actions
Authenticate to the target Kuali Rice
instance
1. Open the target Rice home page
2. Click on the Administration tab
3. Enter your Kerberos User Name and
Password
Expected Results




Kuali Rice page displays in the browser screen.
UC Davis Secure Login screen displays in the browser
screen.
The screen displays “Logged in User: <your Kerberos
User Name>”.
Document Search screen displays in the browser screen.
Note: Depending on the browser you are using, you may
have to accept and click through a few security certificate
warnings.
2.
Authenticate while already authenticated in
another CAS-secured application
1. Authenticate into a CAS-secured application
such as JIRA or Confluence
2. Open the target Rice home page
3. Click on the Administration tab
Tester Recommendations:

The screen displays “Logged in User: <your Kerberos
User Name>” without redirecting to CAS first.
Please indicate what
Operating System:
operating system and
web browser you are Browser:
using for this test: (PC
or Mac, IE 7 or Firefox 3,
etc.)
TESTING / ACTUAL RESULTS
(Pass or Fail - document all Failures)
Table C-2
Enforcement of Kuali Service Bus Security
Test Setup Procedure
Set-up
Step
No.
1.
2.
Set-up Operator Actions
Open a web browser and launch Sample-Service-Provider: http://localhost:8080/sample-service-provider
OOpen a separate web browser and launch Sample-Service-Consumer: http://localhost:8080/sample-service-consumer
Test Procedure
Test
Step
No.
Test Inputs / Operator Actions
1.
Tester Recommendations:
Expected Results
Please indicate what
Operating System:
operating system and
web browser you are Browser:
using for this test: (PC
or Mac, IE 7 or Firefox 3,
etc.)
TESTING / ACTUAL RESULTS
(Pass or Fail - document all Failures)
Table C-3
Rice Secured Web Page Tests
Test Set-up Procedure
Set-up
Step
No.
1.
2.
3.
4.
Set-up Operator Actions
Ensure that you have no roles assigned in Kuali Rice
Authenticate to the target Kuali Rice instance.
Click the Administration tab.
Enter your Kerberos login name and password. (Click “OK” through certificate warning messages if any)
Kuali Rice Administration page appears.
Test Procedure
Test
Step
No.
Test Inputs / Operator Actions
Expected Results
1a.
Authenticate as a User without any Roles
Administrative tab- Workflow section, click
Rule Attribute
 org.kuali.rice.kns.exception.AuthorizationException: user
<user id> is not authorized to take action 'Look Up Records'
on targets of type 'RuleAttribute'
1b.
Workflow section, click Rule Template
1c.
Workflow section, click XML Stylesheet
1d.
Workflow section, click XML Ingestion
1e.
Workflow section, click Document Operation
1f.
Notification section, click Manage Content
Types
Configuration section, click Parameter
Component
 org.kuali.rice.kns.exception.AuthorizationException: user
<user id> is not authorized to take action 'Look Up Records'
on targets of type 'RuleTemplate'
 org.kuali.rice.kns.exception.AuthorizationException: user
<user id> is not authorized to take action 'Look Up Records'
on targets of type ‘EDocLiteStyle’
 org.kuali.rice.kns.exception.AuthorizationException: user
<user id> is not authorized to take action ‘’ on targets of
type ‘IngesterAction’
 org.kuali.rice.kns.exception.AuthorizationException: user
<user id> is not authorized to take action ‘null’ on targets of
type ‘DocumentOperationAction’
 java.lang.SecurityException: User <user id> is not a
Notification System administratior
 org.kuali.rice.kns.exception.AuthorizationException: user
<user id> is not authorized to take action 'Look Up Records'
on targets of type ‘ParameterDetailType’
 org.kuali.rice.kns.exception.AuthorizationException: user
<user id> is not authorized to take action 'Look Up Records'
on targets of type ‘ParameterType’
 org.kuali.rice.kns.exception.AuthorizationException: user
<user id> is not authorized to take action '’ on targets of
type ‘MessageQueueAction’
 org.kuali.rice.kns.exception.AuthorizationException: user
<user id> is not authorized to take action ‘' on targets of
1g.
1h.
Configuration section, click Parameter Type
1i.
Service Bus section, click Message Queue
1j.
Service Bus section, click Thread Pool
Please indicate what
Operating System:
operating system and
web browser you are
Browser:
using for this test: (PC or
Mac, IE 7 or Firefox 3, etc.)
TESTING / ACTUAL RESULTS
(Pass or Fail - document all Failures)
1k.
Service Bus section, click Service Registry
1l.
Service Bus section, click Quartz
1m.
Service Bus section, click Security
Management
1n.
Main Menu tab- KNS Maintenance Documents
section, click Parameter Component Lookup
1o.
KNS Maintenance Documents section, click
Parameter Type Lookup
1p.
KNS Maintenance Documents section, click
Pessimistic Lock Lookup
type ‘ThreadPoolAction’
 org.kuali.rice.kns.exception.AuthorizationException: user
<user id> is not authorized to take action ‘’ on targets of
type ‘ServiceRegistryAction’
 org.kuali.rice.kns.exception.AuthorizationException: user
<user id> is not authorized to take action ‘’ on targets of
type ‘QuartzQueueAction’
 org.kuali.rice.kns.exception.AuthorizationException: user
<user id> is not authorized to take action ‘’ on targets of
type ‘JavaSecurityManagementAction’
 org.kuali.rice.kns.exception.AuthorizationException: user
<user id> is not authorized to take action 'Look Up Records'
on targets of type 'ParameterDetailType'
 org.kuali.rice.kns.exception.AuthorizationException: user
<user id> is not authorized to take action 'Look Up Records'
on targets of type 'ParameterType'
 org.kuali.rice.kns.exception.AuthorizationException: user
<user id> is not authorized to take action 'Look Up Records'
on targets of type 'PessimisticLock'
2b.
Obtain “Rice” and “Technical
Administrator” Privileges
Authenticate as a User with ‘Technical
Administrator’ and ‘Rice’ roles
Administrative tab- Workflow section, click
Rule Attribute
Workflow section, click Rule Template
2c.
Workflow section, click XML Stylesheet
 XML Stylesheet screen appears
2d.
2e.
2f.
Workflow section, click XML Ingestion
Workflow section, click Document Operation
Notification section, click Manage Content
Types
Configuration section, click Parameter
Component
Configuration section, click Parameter Type
Service Bus section, click Message Queue
Service Bus section, click Thread Pool
Service Bus section, click Service Registry
Service Bus section, click Quartz
Service Bus section, click Security
Management
Main Menu tab- KNS Maintenance Documents
section, click Parameter Component Lookup
KNS Maintenance Documents section, click
Parameter Type Lookup
KNS Maintenance Documents section, click
Pessimistic Lock Lookup
 XML Ingestion screen appears
 Document Operation screen appears
 Manage Content Types screen appears
2a.
2g.
2h.
2i.
2j.
2k.
2l.
2m.
2n.
2o.
2p.
 Rule Attribute screen appears
 Rule Template screen appears
 Parameter Component screen appears
 Parameter Type screen appears
 Message Queue screen appears
 Thread Pool screen appears
 Service Registry screen appears
 Quartz screen appears
 Security Management screen appears
 Parameter Component Lookup appears
 Parameter Type Lookup appears
 Pessimistic Lock Lookup appears
Tester Recommendations: