defined api and path am currently testing KONG gateway api load testing using jmeter
Am getting 403 error.
Please suggest me how can I resolve this issue thanks in advance.
HTTP Status Code 403 means Forbidden so either your apikey parameter is not correct or you're passing it in a wrong way.
Also I have a doubt regarding your URL, if your endpoint is protected with Basic HTTP Authentication you either need:
To add your password to the URL like:
ec2user:your_password#ec2-52-70-117-82.....
Or to remove this ec2user# from the hostname field and provide it along with the password via HTTP Authorization Manager
Related
What I want to do
Calling an URL which is proxied by the oauth2 proxy. The oauth2 proxy should perform an authorization code flow in case no authentication is available. In case there is already an authentication available, the access token should be set to the Authorization Header in the request which is forwarded to the upstream.
What I tried
According to the documentation I'd expect that, when setting --pass-authorization-header the token which is requested should be added to the authorization header.
I also experimented with --pass-access-token which should set an X-Forwarded-Access-Token header.
I couldn't see this header at my service either.
Could someone explain to me what I'm doing wrong?
I found the solution.
This post on a github issue lead me to my mistake.
I did misunderstand what the request is and what the response is and how to handle them using nginx ingresses.
If you are using OAuth2-Proxy with a Kubernetes ingress using nginx subrequests (https://kubernetes.github.io/ingress-nginx/examples/auth/oauth-external-auth/) the data that comes back to nginx is actually an HTTP response, so you will need to use HTTP Response headers (the --pass-* options configure request headers to the upstream).
Try --set-authorization-header and then you need to use this annotation to have the Kubernetes take the subrequest response header and add it to the proxied request header: nginx.ingress.kubernetes.io/auth-response-headers
https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#external-authentication
I am trying to get the response back from API using Postman native app in windows 10.
I am in my company system which uses proxy, so i need to pass proxy credentials for every request which i send from my system.
As per postman documentation, i set proxy settings but still getting 401: Unauthorized error.
Postman Proxy Settings
Other suggestion was to use Basic Authentication while sending a request. It doesn't help either:
Baisc Auth settings for Proxy in postman
I tried all the things in native app but it's not working.
The workaround is to use Chrome extension for Postman.
Please refer the steps below:
1.> Search for Postman Interceptor chrome extension
2.> Install the extension
3.> Launch postman extension
4.> Login using your google account Or register an account in postman.
5.> When you try to login, pop appear in which proxy userid and password needs to be entered.
6.> Once proxy settings has been updated, send the request. You should receive expected response back.
Happy coding :)
I am trying to make a script to test REST services using Jmeter.
Till now I was using Chrome’s Advanced REST Client.
My authentication request was GET and it was something like this in Advanced REST:
https://username:password#URL:portnumber
its a GET request
Now when I am using Jmeter. I tried following ways:
I added HTTP Authorization Manager and mentioned Base URL and Username/password inside it.
When I am trying to do a request then its showing me “Unauthorized”
I also tried to login using normal https request but no success.
When accessed manually, a authorization popup window appears and username and password is submitted inside this window.
Please suggest me a way for how to login using Jmeter.
Few suggestions:
Most likely you have mismatch in URL you're trying hit and the one, specified in HTTP Authorization Manager, double check it.
Add View Results Tree listener and make sure that the header like:
Authorization: Basic xxxxxxxxxxxx=
is being sent along with the request and compare it with the one, sent by the real browser.
Try switching "Implementation" of your HTTP Request samplers to HttpClient3.1, the easiest way of doing this is using HTTP Request Defaults
And finally, you can use HTTP Header Manager to send the relevant header, it's name should be Authorization and value Basic and username:password encoded in Base64. There is base64Encode function available via JMeter Plugins.
I am trying to do Basic Authentication for protected endpoints. I tried the following :
In the HTTP Header Manager, add an entry with the name "Authorization" and the value "Basic [encoded credentials from above]" as suggested in JMeter Basic Authentication
Added Http Authorization manager and added the
base url as https://shopping-qa.myproject.mydomain.comalong with the username and password. The url of the endpoint is https://shopping-qa.myproject.mydomain.com/api/v3/profile/summary.
While it works when I use the option 1, it does not work when I use option 2. I also uncommented httpclient.parameters.file=httpclient.parameters in jmeter.Properties and http.authentication.preemptive$Boolean=true in httpclient.parameters. But I still do not get the authentication to work.
Any suggestions on where I am going wrong?
Thank you!
If you use httpclient.parameters - make sure that you have HTTPClient3 implementation of the HTTP Request Sampler(s).
Double check that HTTP Authorization Manager really adds "Authorization" header and credentials are correct.
See How to use HTTP Basic Authentication in JMeter for example of bypassing basic HTTP authentication in phpmyadmin.
I'm trying to use a parse.com cloud function in a mailgun route action (forward).
My action is like this (with my app id and JS key included of course):
forward("https://myAppId:javascript-key:myJSkey#api.parse.com/1/functions/hello")
In the mailgun logs, I see it call, but I get the following error:
HTTP Error 401: Unauthorized Server response: 401 HTTP Error 401: Unauthorized
My function is just a simple response.send("OK");
Obviously I'm missing something.
Greg
The issue I think is that the Cloud Code calling convention requires you use special Parse headers, not just keys: it may be different if its being called from a browser with sets the referer headers. I'm not sure you'll be able to call it this way directly from Mailgun: you may need a proxy of some sort.
EDIT: I think you'll need to use the Express Webhook implementation instead, and then you can use standard basic authentication. Cloud Code is really for cases where you have control over the HTTP client you're using.