Single Sign On

Single sign on is a process of authentication where user can access multiple applications and portals with one set of credentials. With SSO a user logs in with a single ID and password to gain access to a connected system. Single sign on must internally store the credentials for initial authentication and then translate them to the credential required for the different mechanisms.

SAML 2.0
SSO services uses security assertion mark-up language (SAML 2.0) which is an XML standard that facilitates the exchange of user authentication and authorization of data across secure domains. SAML simplifies the authentication and authorization process for the user, an identity provider and a service provider. When the user attempts to access an application, the service provider will send a request to identity provider for authentication.

Benefits of single sign on
SSO reduces risk for access to third party sites (user passwords not stored externally). It also alleviate password fatigue from different user name and password combinations. Reduces IT cost due to lower number of IT help desk calls about password. Reduces time spent re-entering password for the same identity.

pCloudy SSO integration architecture
Sequence of events for integration of SAML 2.0 Authentication

• The user attempts to reach a web application at a service provider (SP i.e pCloudy Set Up).
• The service provider generates a SAML request and redirects the user to the IdP’s SSO URL with the generated request.
• The IdP authenticates the user and generates a SAML response.
• The user is redirected back to the SP with the SAML response.
• The SP verifies the SAML response.
• The user is successfully logged-in to the SP’s web application.

Note: pCloudy has included this feature in Enterprise set up Private Cloud and On-Premise Cloud.

SAML assertion
SAML assertion is the XML document that the identity provider sends to the service provider, that contains user authorization. There are Three types of SAML assertion:

Authentication assertion – It proves identification of the user and provide the time the user logged in and what method of authentication they used.

Attribute assertion – It passes the SAML attributes to the service provider. SAML attributes are specific pieces of data that provide information about the user.

Authorization decision assertion – It says if the user is authorized to use the services or if the identity provider denied the request due to password failure or lack of rights of the service.

SSO solves the problem of managing the increasing number of users across an ecosystem of application and services. It is a step forward in the optimization of pCloudy integrated architecture.

No comments yet

Trends We Witnessed at STC 2018

The biggest Software testing Conference in India, QAI STC 2018 came to an end on 7th December with the most insightful and pragmatic discussion that can disrupt the software testing eco-space. The focus of the event this year was on the theme – Quality by Design: Convergence of Testing, Lean, Intelligence and Automation.

We were the title sponsors this year and so got a bigger platform to showcase the NEXT we are bringing in mobile app testing world.

There was an array ideas displayed, experiments and experiences to explore challenges and suggestive techniques and best practices to successfully to overcome the common challenges.

With the top minds in software testing coming together to share the latest trends, tips on stage and through conference networking opportunities, STC this year too has succeeded in bringing forth excellent insights about future of testing in rapidly changing times. More than 30 top companies participated in this one-of its kind Expo where we have witnessed some of the monumental key developments that would shape testing landscape in the coming years.

Over 500 software testers gathered and more than 12 empanelled speakers graced the expo for 2 days. Attendees heard from experts like: Avinash Tiwari, co-founder, pCloudy, David Parker, Director, Smart Bear, Rajini Padmanabhan, V.P, QA Infotech, Anand Vaishampayan, Director – Cloud Application Migration Services, IBM, Dr. Shankar Ramamoorthy, Customer Success Officer, Harman Intl., Anupama Jayakumar, Director, Schneider Electric to name a few.

Avinash’s keynote session on “Will AI be another Tesla for software testing?” became a huge hit as he set the tone correct talking about trends like AI and Predictive Analytics that can disrupt the mobile app testing industry.

Gartner Disclaimer

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties,expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

⁽¹⁾ Gartner, Inc. ‘’Market Guide for Mobile App Test Automation Tools’’ by MaritessSobejana, Adrian Leow, 25 April 2016

No comments yet

Choose the Right Testing Platform

 
As a mobile app maker, how sure are you about the success of your app? A small failure to recognize bugs can cost you thousands of dollars! A small mistake can turn you into a big failure among the users. Now, the question is, how to choose the best platform for testing.

Every mobile application is created differently from the other and the right platform to test can be the most important reason for your app’s success.

Choosing the right platform among the various competing ones require a set of clear evaluation.

• The nature of the targeted audience for your app. This will define the device matrix you should be targeting for your App Testing. Does that platform provide right device matrix for your testing needs?
• Cloud based vs in-house setup – Does you testing process allow Apps to be allowed on outside cloud? Does your App have functionalities which work with in a secured network?
• Type of Testing required for your App – Whether your current testing is manual or automated? Does your App require non-functional Testing?
• Reliability and Scalability of the platform- Can it scale with your needs? Can the platform integrate with your existing tools and frameworks?
• Return on Investment

pCloudy provides the necessary tools for convenient, effective and immediate mobile app testing. Our device is based on cloud and it enables continuous development and testing on real devices. Our unique debugging feature recognizes potential errors that will significantly reduce costs and time. Our platform provides single-click access to end numbers of real Android and Ios devices.

To experience the best with your app, we have developed three different types of cloud environments for you.

Public Cloud

With pCloudy’s publicly accessed cloud, you can perform tests directly from your browser. You won’t get confused to choose between manual or automated because both are available in our public cloud environment. We allow our users to test on a comprehensive list of real IOS and Android devices. You can also test your app over various network conditions like 2G, 3G, 4G or Wi-Fi. You can either configure your own browser or choose from our wide range of pre-installed browsers.

Private Cloud

This option is similar to our public cloud environment, except it comes with additional benefits of personalized security and dedicated access. Here, we would provide you a host of devices in our enterprise grade data center and you can choose your own device. If you have a geographically distributed team, then they will have secured devices over a browser. We make sure that your data is safe on our platform, as we allow only authorized team members to access.

On-premise cloud

In this option, we provide you with the necessary hardware and give you the freedom to set up your own secure device lab. You will have complete control of your own on-premise lab.

In addition to have exactly the same features of our public cloud, on-premise model contains supplementary benefits. On-premise cloud gives you the freedom of plug-in with your existing set of devices and provides you access to a geographically distributed team. Manual and automated- both the testing techniques can be used and with a simple plug-in, you can access it from any rack. Also, there is no limit for the number of devices which can be linked!

At the end of the day, the developer has to choose the best platform for his app. But choosing the right one saves so much of hassles.

No comments yet

Test Your Mobile App on Different Devices

The Technology involved in mobile devices is changing rapidly. Mobile phones have literally personalized the choices in our lives, experts forecast that the future devices will be the remote controls of our lives.  The services or functions are run by apps in specified platforms. And each platform has its own set of parameters to run an app. Mobile phone or device manufacturers are going through a breathtaking pace of change over the years and keeps on innovating new ways of doing things!

Why Apps fail?

Above data clearly show that handling Device fragmentation is one of the biggest challenges for App developers. Android has more fragmentation issue compared to iOS. Because the number of mobile vendors, is comparatively higher. However, even iOS faces certain amount of fragmentation issue. As there are different software versions and devices. And different devices run different iOS versions.

Mobile browsers can be challenging too! There are end numbers of browsers like Safari, Opera, Goggle Chrome and Dolphin. And each one of them has different versions for different platforms!

“So, what’s the right choice? Buying every device available in the market?”

Not necessarily, right device matrix is the key to success.

You can choose one of the two approaches to arrive at your device matrix

Device diversity Approach

• Decide the device matrix based on key parameters like OS versions, screen size/resolution, manufacturer/device family (Android), operator, CPU, and input method
• Objective is to maximize the variety of devices

Market segment + Device popularity approach

•  Choose devices with the highest market share
•  Objective is to maximize market coverage

Once you have the right device matrix, Device Cloud is the best option to get quick access to your device matrix.

As a tester, you must consider the ever increasing number of physical devices. The most important implementations should be automation, quality assurance, security and device compatibility. Also, ensure that the software scripts cover the core functionality of the application, so that it can run across all the platforms.

No comments yet