I have a JMeter (v 5.4.1 ) script that login's to an SSO Service, using the following steps which are a result of using BlazeMeter Recorder.
GET on https://stage-aa.example.com/user/login
GET on https://stage-aa.example.com/saml_login
use this to declare SAMLRequest and SAMLResponse, Regular Expression Extractors
SAMLRequest : Regex: SAMLRequest=(.*)RelayState=(.*)
POST on https://sso.example.com/idp/EFUUU/resumeSAML20/idp/SSO.ping
This sample uses parameters:
username: user_1
password: pass_1
The parameters are named as:
pf.username
pf.pass
POST on https://stage-aa.example.com/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp
with Parameter:
RelayState: https://stage-aa.example.com/saml_login
SAMLResponse: PHN8730Kkascnn...uyituNN (AlphaNumeric String )
with the Parameters:
RelayState: https://stage-aa.example.com/saml_login
SAMLResponse : Long String, which i am trying to Dynamically replace using ${SAMLResponse}
SAMLResponse is not getting value for the Regex Extractor !!!!!!!!, used SAMLResponse=(.*)
GET on https://stage-aa.example.com/admin/content
This gets error: 403 Forbidden
Since the user is not logged in, using SSO
Now, without having all results as rendered HTML, I am not sure, how I can get name/value for web elements
to be able to create a regex, which can be used in correlation
I added Debug Sampler, and I am getting values for SAMLRequest but not for SAMLResponse.
here is how SAMLResponse is exhibited in the browser:
RelayState=https%3A%2F%2Fstage-aa.example.com%2Fsaml_login&SAMLResponse=PHNhbWxwOlJlc3B....
here is the Regex Extractor for SAMLResponse
Adding the complete JMeter Test plan ( jmx file ) had to obfuscate the URLs, but this will give you a pretty good idea. I can add the results of the execution if needed.
jmx file gist
Also, getting error in step 5, in the View Results Tree ( Response Body )
<br />
<b>Warning</b>: DOMDocument::loadXML(): Start tag expected, '<' not found in Entity, line: 1 in <b>/var/www/vendor/simplesamlphp/saml2/src/SAML2/HTTPPost.php</b> on line <b>79</b><br />
<br />
<b>Warning</b>: Cannot modify header information - headers already sent by (output started at /var/www/vendor/simplesamlphp/saml2/src/SAML2/HTTPPost.php:79) in <b>/var/www/vendor/simplesamlphp/simplesamlphp/modules/redirecterrors/lib/RedirectErrors.php</b> on line <b>18</b><br />
here is a screenshot of SAMLResponse as Payload
Unfortunately we cannot help you with your regular expression without seeing the response data (at least partial) and your Regular Expression Extractor configuration. If you cannot come up with a good regular expression you can consider switching to
Particular your SAML implementation might be different, however my expectation is that SAMLResponse comes in a hidden input field so it makes more sense to consider switching to CSS Selector Extractor configured like:
You may also find How to Load Test SAML SSO Secured Websites with JMeter article useful.
Related
I need to load test one Python api in below URL format:
//IP:PORT/Sub_Part/?where={"KEY1":"VALUE1","KEY2":"VALUE2","KEY3":"VALUE3"}
I tried to pass the key value pair through csv as well as directly in http request but getting error message.
java.net.URISyntaxException: Illegal character in query at index 47:
http://IP:PORT/Sub_Part/?where={"KEY1":"VALUE1","KEY2":"VALUE2","KEY3":"VALUE3"}
Here key and value are dummy data I have placed here for easy understanding.
Please help me with correct syntax for this URL.
Thanks in advance for all your help.
In REST APIs, JSON objects are typically sent (POST) or returned in the body of the request. They are not typically encoded as part of the URL.
For a GET request, you can either pass the information as segments in the url or as querystring parameters.
For more details refer here, How to send a GET request with a "/" in the query
As per HTML URL Encoding Reference:
URLs can only be sent over the Internet using the ASCII character-set.
so you need to define the request in JMeter's HTTP Request sampler as follows:
Pay attention to URL Encode? checkbox, it has to be ticked otherwise the parameter will be sent "as is"
Another option is using __urlencode() function like:
http://IP:PORT/Sub_Part/?where=${__urlencode({"KEY1":"VALUE1"\,"KEY2":"VALUE2"\,"KEY3":"VALUE3"})}
which will generate an encoded sequence which you could use in the URL path:
%7B%22KEY1%22%3A%22VALUE1%22%2C%22KEY2%22%3A%22VALUE2%22%2C%22KEY3%22%3A%22VALUE3%22%7D
as you can see, all non-ASCII characters where removed.
Check out Apache JMeter Functions - An Introduction to learn more about JMeter Functions concept.
I have recorded script using BlazeMeter plugin and I want to the use access token which I receive in successful login request, in another request. My Test plan looks like as below
Thread Group : [A]
|- HTTP Sampler - Login Page
|-Regular Expression Extractor [getToken]
|-HTTP Sampler - Other Page
|-Beanshell PreProcessor[Set Header in Authorization]
Regular Expression Extractor parameters and values like below :
Variable Name : token
Regular Expression : {“access_token”:”(.+?)"
Template : $1$
Match No. : 0
Beanshell PreProcessor script like below
import org.apache.jmeter.protocol.http.control.Header;
log.info("Start");
sampler.getHeaderManager().add(new Header("Authorization","Bearer"+vars.get("token")));
log.info(vars.get("token"));
Most probably your Regular Expression Extractor fails as your quotation marks look utterly suspicious. You can double check if the token variable really has the anticipated value using Debug Sampler and View Results Tree listener combination. Also check out jmeter.log file for any suspicious entries, if your Beanshell script fails - the cause will be printed there.
The response data of the Login Page seems to be JSON therefore it makes sense to use the JSON Extractor instead of the Regular Expression Extractor. It allows using JSON Path language in order to extract "interesting" bits of data from the responses. In your case the relevant JSON Path expression would be $.access_token
Since JMeter 3.1 it's recommended to use JSR223 Test Elements and Groovy language for scripting so consider migrating to the JSR223 PreProcessor and Groovy language (you can re-use the same code)
You don't even need the scripting, you can add Authorization header (as well as any other header) using HTTP Header Manager
Could you add debug sampler and try first to confirm your regular expression extractor working as expected? It should provide you the required value of token.
If your token has the required value, I will suggest you to add HTTP Header Manager config element by right clicking on HTTP sampler
HTTP Request => Add => Config Element => HTTP Header Manager
In this config element, you can visually add the Headers as below:
Please Note That:- You have not provided any space/hyphen(-) or between keyword Bear and token.
Refer this link for details :-
https://stackoverflow.com/a/24550552/1115090
I am extracting several variables from a login response, using "Regular Expression Extractor" post processors. Most of them work when I reuse the variable, but one doesn't.
The regex extractor has the following settings:
Apply to: Main sample only
Field to check: Body
Name of variable: id_token
Regular Expression: <input type="hidden" name="id_token" value="([^"]+)"
Template:
Match No.:
Default Value:
Use empty default value: (unchecked)
Then in a later POST HTTP request I use the parameter:
Name, Value, URL Encode?, Content-Type, Include Equals
id_token, ${id_token_g1}, true, text/plain, true
When running the test in the "View Results Tree" listener the same POST request's POST data contains
&id_token=%24%7Bid_token_g1%7D
Instead of the value of id_token_g1.
Other variables in the same POST data are being completed correctly.
The Debug PostProcessor from the previous request contains
id_token_g1=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IjVEbHphYTlvNEdveWFtWXdLNl9MUS16akFZTSIsImtpZCI6IjVEbHphYTlvNEdveWFtWXdLNl9MUS16akFZTSJ9.eyJpc3MiOiJodHRwczovL2xvY2FsaG9zdDo0NDM4Ny9pZHMiLCJhdWQiOiJkOGVjZjYzMi1mNzE0LTQ2MzEtOGViOS1lYmUzMDI5OGNjMGYiLCJleHAiOjE1Mjk1MDE3MTgsIm5iZiI6MTUyOTUwMTQxOCwibm9uY2UiOiI2MzY2NTA5ODIwNTI4Mzc0MTguWW1aa016ZzFNVEV0TXpjeVlTMDBObUppTFdFM016UXRaVFV3WkRrd01ESXdNekEwTWpnM09URTFZVEl0TURJek1DMDBNalF6TFdGbU1HTXRObVExWmpjNU5XWmxNVEUxIiwiaWF0IjoxNTI5NTAxNDE4LCJhdF9oYXNoIjoiN1Y0cGdWWmVpc2pJV3NXM1ZMTTNadyIsImNfaGFzaCI6Ik8wd3ZKanBSS2NIUnJDOExnUkhfeWciLCJzaWQiOiJiZjc4YWJjMDIxMzhkMDBkMmVlYjk4Y2E3ODg2OWQxZiIsInN1YiI6ImU2NWE0M2MwLTllY2EtNDRjYi05YzYzLWU2NjhhMzNhNWQyYiIsImF1dGhfdGltZSI6MTUyOTUwMTQxNiwiaWRwIjoiaWRzcnYiLCJhbXIiOlsicGFzc3dvcmQiXX0.p8Wn1_SPf2wA1YFby4-ftXGfCtLQaHf6_XXaQJQFF_9SdOHDG2ICVKXs3Jx4UwwyQPDDnKl7rTQINRfb1sfNLnhGsuxr5BoDQaddyG24afT4-quwhl3XDb1jPIMEk-3l-6Rnhdr-UIzHXpMZaaYXE9rdCygI7wqT8REbL8nctQv9GTgh3O751NMjY4FYmj4QDBYrsp9sHJEx_sysMCHPscOm6vnIakKfuVGrVE2qBOQu2PfP3i29npDgNmJ2bmBniljnTMFI57w1vSq8mK2LIYMqoJyy6iudcxAlfRTGzEkezetmH3eIChQIipLUHHb-NmyImtOt-tdUUZXh_Rwq6r7YcwW6zfEPmVFunuHfxc5sB9fZEEzsZLoczB7UeWfBekYGMIK1AKp1BTkQA-kwcqbWIn66Hdjrmepnq3A6nD6pEB-I2tHMgbHIogwHqsGM61OBAGC2y7As3BdF-zepm1m9jISmRX7hiU8u6I1TOhwWIz8VKjlkdmqTQf1lY6I7yAq2Rwtu0zrQ--6el_lB7emX1YvD8whSFpQjI4YNpWJWRZ9ALXC7CudIgN5D4tgzSmEpQrcK-NasXWYf6RMfeDhYTYAbAChgwJ3KwWk6u_5OsX2LgQGbAg23BH9O_9rGg84DTgHM6IMlQG_loX2PnL8B5yqxydbJsz6CBdiLqKg
I have the same issue with session_state_g1
session_state_g1=XZkcgcg9i_FqlFIS-scHuHqMdm5jepyCSSFkF_S4Dx8.99d68c0a8e802c8767d22fb019bd34b5
But not with
access_token_g1=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IjVEbHphYTlvNEdveWFtWXdLNl9MUS16akFZTSIsImtpZCI6IjVEbHphYTlvNEdveWFtWXdLNl9MUS16akFZTSJ9.eyJpc3MiOiJodHRwczovL2xvY2FsaG9zdDo0NDM4Ny9pZHMiLCJhdWQiOiJodHRwczovL2xvY2FsaG9zdDo0NDM4Ny9pZHMvcmVzb3VyY2VzIiwiZXhwIjoxNTI5NTA2MzAzLCJuYmYiOjE1Mjk1MDI3MDMsImNsaWVudF9pZCI6ImQ4ZWNmNjMyLWY3MTQtNDYzMS04ZWI5LWViZTMwMjk4Y2MwZiIsInNjb3BlIjpbIm9wZW5pZCIsInByb2ZpbGUiLCJkeW5hbWljY2xhaW1zIiwiZmlsZXN0cmVhbWluZ2FwaSIsInVzZXJtYW5hZ2VtZW50YXBpIl0sInN1YiI6ImU2NWE0M2MwLTllY2EtNDRjYi05YzYzLWU2NjhhMzNhNWQyYiIsImF1dGhfdGltZSI6MTUyOTUwMjcwMSwiaWRwIjoiaWRzcnYiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJhbmdlbGFjIiwibG9jYWxlIjoiZW4tR0IiLCJuYW1lIjoiQW5nZWxhIENhdGFsZG8iLCJhdWRpdF9yZWFkX2JpdG1hc2siOiIwIiwiYXVkaXRfd3JpdGVfYml0bWFzayI6IjAiLCJhbXIiOlsicGFzc3dvcmQiXX0.Z2RTMN6NGwC1e8bJANmzvA9rUyo03vCpA3TTNylbdR8EpOvaktgHXHjWCFzxlaXeiL-24DlmVoq3qPHRx0u03nr8ZRD2fb9R_OeHxZ-gVr-2D1Ash1f_429J_4U7zjQfAQSOKHHamzTocSl0orLuvQdc9-oAydPCzpp82UbEDwsnQl_E52dK_LEB4eSiV3sB8rSpmZkmnhCmuSh9iUuMEOmA_zIs2cH_exFWjv5WXbZ8gKR-ATrPNuzoDpghMNZs-Of-dZwsaHfSJpV8C12DQ6wZq-w7m6v2szUpgJh1kHafKzM8Gm8-nMAAPV83hbdALFVvsF9tfcLjin3OEdytsfsfRLDEHLh4E-vo-LyAeHV-TKGuvX60-6tdQsSQXY-egVx1W7NiObmLbFzdRGAiV--tk8QHJ8Vf-nVAT00YXeQxEdMl1lqJFNuNOFxoNXL1ud_frUv1c2xwcnCH0hBpt2avWqN72Bj-15j6uube7IPIVp20NpT0M7FujohB-wQLfVJ8d7Ac_AVNScqasdijpTP5DzmsFybvXAu8n0MEcYHYF0-C8_d0EWW7GxpSEeeVFqKNk7JFgXEo1ta_5Yu7XDpwG7evzMFMw49cImZgcQlxrq3oDnl-qo6r9UXOfvS5QoDILU6dqYUpRSS1-Mz4_JbOmEs78v5ixcrm94PfNis
I have the same problem if I update the name of the HTTP Request sampler (it shows as ${id_token_g1} in the "View Results Tree" listener)
Any ideas what I'm doing wrong?
Make sure your setup is following JMeter Scoping Rules, i.e. you should have setup like:
Open Login Page
Regular Expression Extractor
Perform Login
Make sure you have this hidden input with name id_token in the response data. JMeter can be configured to store response data in .jtl results file, you need to add next 2 lines in user.properties file:
jmeter.save.saveservice.output_format=xml
jmeter.save.saveservice.response_data=true
Don't forget to restore the default configuration once you figure out the cause of the problem. See Results file configuration for more details.
Regular expressions is not the best choice for parsing HTML responses as they can be very fragile in case of markup change (changed order of HTML attributes or the input definition becomes multi-line). So consider switching to CSS/JQuery Extractor instead, the relevant configuration would be something like:
Reference Name: anything meaningful, you can keep id_token
CSS/JQuery Expression: input[id=name]
Attribute: value
In 2nd POST request you can refer the extracted value as ${id_token}
1.Follow Jmeter Scoping Rules.
2.To your regular expression you can give template as $1$ and use ${id_token} instead of ${id_token_g1}.
For more information on regular expression extractors
follow this link.
You can use this website to test your regular expressions.
Let me know if it helps..
In jmeter: I’m using two http requests in one thread group, so I’m getting two response from those http requests.
I need ‘member id’ from one response and some string(digest) from other response, in order to create third http request.
I have extracted 'member id' by using this regular expression: {"Id":(.+?)}
which return me correct member id.
Response from 2nd request is string(digest) : "G9V6Su9PESaobcInErdD7Y8OKNo="
I added one more regular expression to extract this string : "(.+?)"
I have added two debug sampler as I'm using two regular expression extractor.
then I pass extracted values 'member id' and string(digest) as a parameter to third http request.
When I run it I'm getting error, my 3rd http request failed.
It's failing to pass extracted 'member ID', but its correctly pass string(digest)
In first debug sampler: its showing correct extracted 'Member ID' but some different values for digest field.
In 2nd debug sampler: its showing correct extracted 'digest' field but some different value for 'Member ID'.
I’m doing it all under one thread group
I'm new to jmeter, I don’t know whether it is possible to extract field from two different response and use as parameter to create new http request.
if it possible how to do it please help me.
Thanks in advance.
I believe that it's due to including quotation marks (and who knows what else) into the "Id" regular expression, you need to surround it with quotes like:
{"Id":"(.+?)"}
Also the better way of working with JSON data is JSON Path Extractor which is available via JMeter Plugins project. See Using the XPath Extractor in JMeter guide (scroll down to "Parsing JSON") for more information on installation, usage, syntax, etc.
I am new to jmeter. Can anyone help me to use a response object of one request to be passed as a request header of next HTTP request ?
Let me explain.
I am getting an access token along with the response of login in my app:
{: "responseCode":18, : "message":"Successfully logged in.", : "responseObject":"8zWExE4eSdhcJDwnW9MgIw=="}
No I want to use this access token (8zWExE4eSdhcJDwnW9MgIw) as one of the parameter of next request.
I used JSON Path Extractor for this.But its not working.
I am using JSON Path Extractor as well and it works great if it is properly configured.
Just put it into request and fill fields:
Variable Name: access_token (or any other you want to use later in request like this ${access_token})
JSON Path: responseObject should be enough if the JSON you pasted is full response (thjose additional colons are just some mistakes when copy-pasting or the JSON is corrupted?)
Default Value: I always use some value like 'NotUpdated!' here so I can assert in the next step or at least see it easily in request.
Not seeing the full response it is quote hard to come up with a correct JSON Path expression.
Given what you posted it should be something like $.responseObject
See JSON Path Syntax guide for queries syntax examples and Using the XPath Extractor in JMeter (scroll down to "Parsing JSON") for plugin installation instructions and XPath to JSON syntax mapping.
Just in case anybody would face an issue with multiple variable extractions using JSON Extractor (like me), make sure to:
List the names of variables/path expressions/default values using a semicolon as a separator.
Provide default values for every variable.
The second point is apparently required, and I only found out about it from this
Medium post.