Getting Insufficient Privilege error in Jmeter for Oracle Application - performance

While doing performance testing for Oracle Application, facing the Insufficient Privilege error on submitting one of the form from Jmeter. There is no issue manually in application not any error in debug logs. This is happening only from Jmeter. Have checked with Fiddler no requests are getting missed and also all the correlations are in place.
JMeter error :
You have insufficient privileges for the current operation. Please contact your System Administrator.

Most probably you're simply not getting logged in. Double check the following:
HTTP Cookie Manager is added to your Test Plan. In some cases you will need to add CookieManager.check.cookies=false line to user.properties file or amend Cookie Policy to something less-restrictive, i.e. netscape. Check out HTTP Cookie Manager Advanced Usage - A Guide
Make sure that you perform correlation of dynamic request parameters. Pay attention to literally everything as parameters may be present as a part of the URL, or it may be a HTTP Header
Run your test with 1 user and monitor the request and response details using View Results Tree listener. Check Response Data tab for each request to ensure that your test is doing what it is supposed to be doing
Make sure to compare the requests originating from JMeter and from the real browser, normally if you're sending the same requests - you should be receiving the same responses. Pay attention to redirects

Related

how to load test nexcloud server with jmeter or smashbox

We are installing a nextcloud server in my organization and i would like to load test it before we deploy more broadly.
I have managed to do some testing with jmeter...(see answer below)
Now i would like to load test other features of nextcloud. I have found this repo but it seems it is not updated anymore : https://github.com/owncloud/smashbox
Anyone know if it is still working? (i dont have yet access to the nexcloud server os).
Apparently smashbox is designed for owncloud and not nextcloud...any hint on tools for nextcloud?
Thank you
If you "dont have yet access to the nexcloud server" then how do you know that "doesnt log in with http authorization manager"?
Whatever. Given Nextcloud doesn't ask your credentials most probably it's configured for Single-Sign-On and most probably it's Kerberos
If this is the case you will need to not only to add the HTTP Authorization Manager but also perform the relevant configuration in krb5.conf and jaas.conf files (live in "bin" folder of your JMeter installation).
You can check out Windows Authentication with Apache JMeter article for example setup and more comprehensive explanations.
So here is the answer :
You have to create two sampler http request.
the first request is a get request on the login page.
the second request is a post request on the login page.
You have to create a regular expression extractor to extract data-requesttoken:
data-requesttoken="(.+)"
You can reuse it in the post request (name : requesttoken) with the variable set in the extractor.
You also need to add a http cookie manager to the thread group and leave it blank so it handles the cookies set in the get request and in the post request.
Then the login works properly and you can tune in the loop, number of threads and ramp up
There is only one problem on my machine: the request randomly succeed or fail because the cookie manager sometimes set the proper cookies in the redirect after post request and sometimes not... (see here : JMeter randomly setting proper cookies so my request succeed )

Jmeter login script

I am using Jmeter for testng load balance of website.I written a script to test the scenario like to make the user to login into the website and able navigate the user to the dashboard where he can see the recent data by consuming the protected calls.Here i am able to pass the user login scenario but the jmeter showing fail errors regarding the protected calls.When i am searching the url thing whcih is given by jmeter i able to understand that teh protected calls need user credentials to consume data but it fails due to absence of user login things.
Here i am able to pass the user login scenario
are you sure? If JMeter reports the HTTP Request sampler as successful it doesn't necessarily mean that the login will be successful, it might be the case your application responds with status code 200 and some error message explaining why the login has failed and JMeter automatically treats HTTP Status Codes below 400 as successful.
Try inspecting request and response details using View Results Tree listener which has HTML and Browser modes and double check that you're able to login.
If yes - you might need to add HTTP Cookie Manager or perform the correlation of the authorization header in the HTTP Header Manager for the "protected calls" or something like this
If no - you will need to amend your script so login will be successful. In order to avoid such situations in future you might want to add Assertions to your test plan to ensure that JMeter is doing what it's supposed to be doing

"/Error?aspxerrorpath=/Home/Index" I am getting this every time I run my jmeter script

I run my script and this **********.com/Error?aspxerrorpath=/Home/Index redirecting to this url in jmeter in request section of my jmeter and showing 500 error. I am not able to get the proper url redirecting to the errorpath page and also showing the error if I uncheck the follow request in repond it is showing the same url
Most probably your login request fails somewhere somehow therefore redirect to /Home/Index page fails as you're not authorized to see it.
Use View Results Tree listener to see request and response details and cross check them with what you see in your browser developer tools - the requests should be exactly the same (apart from dynamic parameters which need to be correlated)
Once you amend your JMeter configuration so JMeter would send the same requests as the real browser does your script should start working as expected.
You may find ASP.NET Login Testing with JMeter guide useful, it gives a real-life example of handling the specifics of ASP.NET applications load testing in JMeter

Same POST works manually, results in 500 error via Jmeter

In my script, I'm using a JSESSIONID instead of a cookie; the JSESSIONID is extracted using a HTTP URL Re-writing Modifier and I can confirm that the correct value (the one which appears in the response data from the login page) is being applied in the Request.
e.g. POST https://qa67.ososinfo.org:446/Staff/staffdetail.xhtml;JSESSIONID=0655ca5420354753ae413984d34cfc27
I'm also using a VIEWSTATE, which I'm extracting prior to running the remainder of the test steps by using a Regular Expression Extractor and setting the resulting variable as a parameter in the HTTP Request,
e.g. javax.faces.ViewState=8d2%2BgOIseczB2FWSo74DqQfkmiYVaK73D8bnLTNWCx%2FB8EtE
The problem is that I'm hitting a Response code: 500 | Response message: Internal Server Error every time I attempt a post with all of the applicable data.
I tried running through the steps manually in a Firefox browser. I copied the contents of the Request tab from the failing page into a REST client, logged in using a separate tab of the same browser and grabbed the appropriate JSESSIONID and VIEWSTATE information, then posted with that info in place - and the manual post was successful.
Am I missing something? Is JMeter requiring something to accomplish this POST that a I'm not seeing in a manual attempt? Please note that I can verify the test is working through the point of login - I can manually see the jmeter user logged in from an admin screen.
Happy to share any/all of what I'm seeing if it might be helpful in helping to troubleshoot.

Session Expired Response in JMeter

I am testing particular application using JMeter 2.9.There My test plan is Thread group--> Transaction Controller.Inside that various recorded requests are there.I am using HTTP request defaults,HTTP Cookie manager and HTTP header manager,and a view result tree for validation.I found one token i.e. CSRF token to be correlated and I did correlation.But for a particular request I am finding "Session expired..Login again" response much before the logout request.My transaction flow is to Login--> Search a content-->Logout.
Please help me finding a solution.
Try put the element: HTTP Cookie Manager in Thread Group, first item.
the problem can be in the following areas:
-you were redirected automatically instead of following redirects
-login hasn't succeeded
-the session id has not been successfully passed on to the request after login
The JMeter documentation states this:
I've set up JMeter to sample the same URLs as my browser, why is JMeter not seeing the same responses?
There are various different reasons for this:
Cookies - make sure you added a Cookie Manager. Browsers process cookies unless you set them up otherwise, but JMeter does not process cookies unless you add a Cookie Manager.
User-Agent - the User-Agent is a header that is sent by browsers; it identifies the browser type. Some servers are sensitive to this setting and generate different results for what they think are different browsers. The Header Manager is used to add headers such as User-Agent.
Hidden fields - if you did not use the JMeter Proxy (or other application) to record the test plan, then it is easy to miss hidden fields from forms.
Dynamic field names/content - some servers use varying names for fields. So although the test plan may be correct at the time of creation, it does not work when replayed.
URL rewriting - TBA
from http://wiki.apache.org/jakarta-jmeter/DifferentBehaviour

Resources