I am trying to get an access token via RestTemplate.postForEntity().
myRestTemplate.postForEntity(authBaseUrl, request, Object.class);
I have a specific class for it, but let's use now a simple Object as type. It contains an access_token field.
It works, because I can get response, but the length if the access tokens (which is a string)
is 1196 character long. And I can get the same length in Postman too.
But if I use the intelliJ built-in REST client, the length is 1199.
Only the token from the intelliJ rest client works (So the longer).
Because I always get a new access token, it is impossible to get the same token twice.
How can I debug it?
What could be the problem?
Is the code that generates the response available to you? if so in your response add a header content-length so you can see what the server sent and what you received. Also, debug the server side and see what is being generated. In addition take another 3d party Http client and test it with this client see if you see a difference. The Http clients that you can try are Apache Http client, OK Http client, or my favorite - a very simplistic client written by me as part of my own Open Source MgntUtils library. Here is the Javadoc for my http client Here is a link to a similar question where you can get the references for any of above mentioned Http clients: How to check the status of POST endpoint/url in java
Related
I have implemented a proxy extending jetty's ProxyServlet.Transparent.
However upon testing I noticed there is a difference on error messages the user sees when the server returns an error.
For example, when connecting directly to one of our application server with an invalid user credential, the server should return something more specific with instructions on the auth as we have set it this way. When connecting to the proxy server the error is in its most generic form like Authentication failed: Unauthorized
I suspect at some stage jetty checks on the server response and set the proxy response with minimal information so I am looking into the Transparent class code and its parent classes to find which method I can override to intercept the original server response and forward the information in the proxy response, assuming my understanding on these two responses are correct.
Thanks for the help.
enter image description here
I used the Regular Expression Extractor for the tokens, but the 403 forbidden error keeps displaying.-check the screenshoot
Seems some missing configuration issue.
Can you please make sure:
You have HTTP Cookie Manager added to your Test Plan
If your application is protected with external authentication system like Basic HTTP Authentication, NTLM or Kerberos you need to handle it properly using HTTP Authorization Manager
Can you try :
Adding HTTP Header Manager and authorization with Basic encoded
one screenshot of the failed response headers doesn't tell the full story, you need to show us:
Successful request URL, body (if any) and headers (you can get it from browser developer tools)
Failing request from JMeter URL, body (if any) and headers from the View Results Tree listener
As per HTTP Status Code 403 description:
The HTTP 403 Forbidden client error status response code indicates that the server understood the request but refuses to authorize it.
This status is similar to 401, but in this case, re-authenticating will make no difference. The access is permanently forbidden and tied to the application logic, such as insufficient rights to a resource.
If you can successfully execute the same scenario using browser and cannot using JMeter - most probably it's due to missing or improperly implemented correlation, try recording the same steps one more time and compare generated scripts, all values which are different needs to be properly worked around
I have read and tried the solutions shared in the previous posts for this error but nothing helped me to fix this. Kindly help.
I am making a HTTPS API call. A very simple call which accepts a 2 KB JSON message via POST method and sends a one word acknowledgement. It works perfectly fine in Postman tool. In JMeter, no. of threads (users) is kept as 25. It works perfectly fine one time with all 25 success response and at times getting few failure response as
Response code: Non HTTP response code: java.net.SocketException
Response message: Non HTTP response message: Unexpected end of file from server
No consistency at all. I have also tried with both enabling and disabling "use keepalive" checkbox. Both giving me all success one time ; few/all failure at another time with the above error. Please help. Thank you.
Below are the JMeter settings:
HTTP Header Manager : Content-Type - application/json
HTTPRequest sampler : protocol - HTTPS
Server Name or IP : project server name
Method : POST
PATH : The required path with https authentication details passed as parameters
IMPLEMENTATION : Set to JAVA (HTTPCLIENT4 was giving me “443 failed to respond” error)
Add header
Connection Keep-Alive
Both errors (Java implementation and Apache HTTPClient4 implementation), are essentially saying the same thing: The server closed the connection, without providing any response. I think there could be the following reasons:
Authentication problem. If server side checks authentication before processing a request (e.g. using Spring), it may be rejecting your request, it may be not bothering with any response if authentication is not considered correct.
Request Issue. Some less noticeable properties of the request you send via Jmeter are different from what you send in Postman. It could be some minor thing with formatting, or some headers server expects. Some of such inconsistencies can also cause Load Balancer (if you use one) to reject request before it's delivered to the server.
Certificate issues. Since you are using HTTPS, you need to make sure your certificate is setup correctly on JMeter side.
So I suggest:
Review server logs and see if your request makes it to the server. If yes, you might be able to see how it was rejected. If not, you need to trace back and see who rejected it (LB, authentication, etc)
Compare headers and body sent by JMeter vs Postman line to line (use TCPDump for example to obtain it).
I have a http request that auto generates '_token' value with the request(this value generated under http request only, not in the response of this request) and this '_token' value needs to be passed to the next http request header as 'authorization'. I know we can use JSON/RegEx post processor if it is in Response of the first http request. However how it be be correlated if the dynamic value is in http request.
Please suggest how can we achieve this in jmeter.
Most likely you are trying to load test an application which uses OAuth and depending on OAuth version and your application setup there could be different options. If the token is permanent - you can just put it into HTTP Header Manager, however if the token expires more or less frequently - you will need to implement OAuth flow using JMeter (in some cases you will need some extras like scripting, kick off browser to open a redirect URL or use OAuth client libraries). Check out How to Run Performance Tests on OAuth Secured Apps with JMeter article for details.
I would suggest contacting your application developers to learn about OAuth version, settings, required client id/secret, etc.
I'm developing an iOS app that makes frequent requests to a web server, and I'm using AFNetworking (which I very much like). However, I'm running into a problem with authorization that I just can't solve.
The server requires me to provide an authorization header in order to get the response that I want. Specifically, the authorization headers should be like so:
Authorization = "ApiKey some-user-name:someNumericalApiKey"
I'm using AFNetworking throughout the project, and everything works fine, except for this authorization issue. I'm using the following code:
[myClient setDefaultHeader:#"Authorization" value:#"ApiKey some-user-name:someNumericalApiKey"];
where myClient points to an AFHTTPClient object. Strange enough, when I log the request in XCode using AFHTTPRequestOperationLogger, the logger claims that I have the correct headers set. However, the authorization header does not seem to reach the server - I can't see it in the server log.
To isolate the problem, I've tried to make the exact same request using good old NSURLRequest, as well as curl, and the requests library in Python - all of these work fine, i.e. the authorization header is sent & received (i.e. I can see it in the server log), and the server response is what it should be.
If anyone has run into the same problem (and has found a solution) I would very much appreciate to hear from you.
Thanks.
Sometimes (especially with Django) this is caused by redirection stripping of header parameters. For instance, /Object redirects to /Object/ in the background and removes the necessary auth parameter during the switch.
If you're using AFNetworkActivityLogger with level AFLoggerLevelDebug then you should be able to check this out in the console. If you see a POST request with /Object and the response with /Object/ then this might indicate redirection stripping is taking place.
If you construct your operation manually then the defaultHeaders are not applied, that might be the cause of your problem.