I am currently using JMeter to perform a basic performance test on a web-application.
For the construction of such, I have used the BlazeMeter recorder as an easy and complete way of building my test plan, in which recorded the static token used at that particular moment of the recording.
But, considering that tokens are generated by each login, this requires me to find a way to successfully store the token from each session (done) and then properly call it out to each individual HTTP Request (this is the obstacle).
Below in my screenshot, is how I have my test plan set, and also how am I calling the already stored token towards the 2nd HTTP POST Request that requires the real-time token, otherwise it will deliver a 401 error. Despite such, when attempting to call and apply the stored token, it now returns a 400 error for reasons that are unknown to me...
I believe the solution is by slightly changing the way I am calling the stored token?
You're getting response as JSON so it makes more sense to use JSON Extractor instead of the Regular Expression Extractor, the relevant configuration would be something like:
Also there is no need to do any scripting, if you add a HTTP Header Manager as a child of the request which requires authentication and configure it like:
Related
I am implementing load testing in Jmeter for my web application which uses google oauth.
I have generated access token and refresh token and passed it to my HTTP request, but the request fails with an Invalid state parameter.
I checked various posts on passing a random string of 30 characters but the value is not being recognised.
I am not sure how to use the google API library for python to generate one as there is only snippet available in the official site and am quite unsure if that value will be recognised.
Any suggestions on how to achieve my usecase?
We are not telepathic enough to guess how exactly you "generated" the tokens and how they're "passed to your HTTP request"
My expectation is that you need to pass only one token: the "access" one "to your HTTP Request", refresh token can be exchanged for the new access token when the previous one expires. Passing 2 tokens doesn't make sense and may cause the problem you're facing.
As per the main page of JMeter project
The Apache JMeter™ application is open source software, a 100% pure Java application designed to load test functional behavior and measure performance. It was originally designed for testing Web Applications but has since expanded to other test functions.
hence you cannot use Python libraries directly in JMeter, either look for a Java library, I think this one is a good choice and use it from JSR223 Test Elements
If you still want (or have to) use Python - you can run Python scripts from JMeter using OS Process Sampler
I am new to JMetet and I am having a lot of difficulties in understanding how it works.
I created a TC to add an object to my system using Blaze meter. Then, I imported the TC in Jmeter.
This TC fails when it should not (at least thats what I think) because whenever I use the system it works correctly:
This is the thread group if you need it to help me:
Am I doing something wrong? AM I missing something?
IMPORTANT: Should I be able to see my object added to the system if the TC passes?
As per HTTP Status Code 403 Forbidden description:
The HTTP 403 Forbidden client error status response code indicates that the server understood the request but refuses to authorize it.
This status is similar to 401, but in this case, re-authenticating will make no difference. The access is permanently forbidden and tied to the application logic, such as insufficient rights to a resource.
If your script assumes authentication most probably it fails somewhere somehow due to missing or improperly working correlation, for example this eedd968fe... bit
looks utterly suspicious, most probably you need to replace it with a some form of dynamic parameter extracted from the previous request using a suitable JMeter Post-Processor
Normally the flow looks like:
Open login page
Identify and extract all dynamic parameters and save them into JMeter Variables
Send the parameters along with credentials in the 2nd request
Check out Using Regular Expressions to Extract Tokens and Session IDs to Variables article for example challenge and solution
I am trying to do the load testing of salesforce.com. I am logging via test.salesforce.com which is redirecting me to the console url. Now, subsequent post request accepts following post parameters.
ViewStateCSRF
ViewStateMAC
visualforce.ViewState
But this post request is failing with "invalid session" error message.
I am guessing this is because of CSRF token. I am trying to extract(post processor in Jmeter) CSRF token, but I am unable to find this token anywhere in the response/cookie of previous requests. In one of the HTML response, I can find few CSRF tokens(e.g: runApexCsrfToken, consoleAjaxCsrfToken etc). I have tried all of them but no result.
To summarize my problem: I need to pass csrf token in post login request but I am unable to find this token in previous responses.
Could you please help me with this.
PS: I have tried get request on "https://c.salesforce.com/libs/granite/csrf/token.json" after login but did not find any token in response.
Make sure to add HTTP Cookie Manager to your Test Plan
Make sure to check all response fields as the token can be a part of URL or come as a HTTP Header
You need to correlate not only ViewStateCSRF but all other dynamic parameters as well
If you have problems with identifying the source for the dynamic parameters values you can try recording your scenario using cloud-based proxy service, it is capable of exporting recorded scripts in "SmartJMX" mode with automatic detection and correlation of dynamic parameters. See How to Cut Your JMeter Scripting Time by 80% article for more details
I am getting the following error while searcing for an entity after successful login
Full authentication is required to access this resource unauthorized
I tried to correlate the items in response headers (VCAP_ID, JSESSIONID) but nothing works. I also observed that the
"sessionToken":"Undefined"
Please provide resolution.
First of all try adding HTTP Cookie Manager to your Test Plan
Double check your correlation post processors using Debug Sampler and View Results Tree listener combination to ensure that all variables are properly extracted. The latter one allows inspecting request and response details as well and has i.e. RegExp Tester mode allowing validating your Regular Expressions against server response without having to re-run the request
If after all you won't fell comfortable with handling dynamic parameters in JMeter you can try out an alternative option of JMeter scripts recording which is capable of exporting the recorded test in "SmartJMX" mode automatically detecting and handling any dynamic values. See How to Cut Your JMeter Scripting Time by 80% article for more details.
I need to create scenario for user interaction with single-page WEB application. The application does lots of AJAX calls in order to authenticate user and get user data.
So I created simple scenario with HTTP Test Script Recorder and tried to record my script.
Everything went well, however I noticed that whilst request data is recorder properly, the response data is not recorder at all. I tried to enable Add assertions and Regex matching - but that didn't work as well.
Can you please advice how do I record response texts as well?
View Results Tree under proxy will record request, responses during recording.
This is useful to understand where a dynamic field comes from. This will help your find from which response X you need to extract data to inject in request X+N.
I think you may find this option useful to add in user.properties:
proxy.number.requests=true
This will give a number to each request and corresponding sampler so you will be able to find response for the request.
Once you have done this, you will start adding Post Processors (Regex, CSS/JQuery, XPAth ...) to Sampler X to extract data from its response.
This will create variables you can then use as ${varName} in request X+N.