I am doing Api testing using jmeter.
I have session_id extracted from HTTP Request1 ${sessionId_g1} response using REGEX and passing to HTTP Request 2 request ${sessionId_g1}.but i am getting below error:
"Failure while checking user access. java.lang.RuntimeException: Unable to verify SSO values with token info; token decryption has failed."
Please let me know which one i missed here?
Related
Jmeter response as "invalid csrf token" for steps after login. cookie manager is successfully passing authorization token to subsequent request but getting CSRF taken issue.
There is _csrf value generated in response of login and I tried to pass in body of subsequent request but its not working
If JMeter response is "invalid csrf token" it means that you failed to properly perform correlation of the CSRF token.
If JMeter response is "invalid csrf token" it means that you failed to properly perform correlation of the CSRF token.
You need to check all your request parameters:
URL
Headers
Body
as the token might come as the Cookie but you need to pass it somewhere else, maybe as a hidden input
If you cannot detect it anywhere the easiest way is just recording your test scenario 2 times and compare resulting JMeter .jmx test plans. All the values which differ are a subject to correlation.
I have a web api which is deployed on IIS.
Api's are going through load test using load runner and almost on all alternative api call, getting 403 error response code, struggling to identify the issue, call is not going to the API, its returned back from IIS
I am doing bearer token authorization, somehow token which were incoming with each request were not valid, that is why the issue was occurring, to overcome this we have increased the lifetime of token to 1 hour and request load test team to generate the token once and send that token only with each request so that we can now see the proper execution time for each end point.
403 error indicates that access to the requested URL by the client is Forbidden for some reason. you need to provide detailed error message snapshot and what is the sub status code. and check that you assign this permission to the site folder:1) IIS_IUSRS,2)NETWORK SERVICE,3)IUSR
I am sending a HTTPS request which needs a Bearer token. I have added a Header Manager to my HTTP request in JMeter and defined NAMEand VALUE in the Header Manager as Authorization and "Bearer xxxxyxyxyxz" respectively.
The request is running for 21 seconds each time and then its failed with below text
org.apache.http.conn.HttpHostConnectException: Connect to abcd.uat.xyz.com:443 [abcd.uat.xyz.com/11.222.250.10] failed: Connection timed out: connect.
Am I sending the bearer token in right way with Header Manager or is there some other way to send this kind of requests?
Note: Its(The same request and Bearer token) working perfectly in Postman and I am getting the correct response as well.
The issue is resolved after adding Proxy Server details to the request. I have added those in Advanced section of HTTP request.
In Postman, the tool using default system proxy settings, hence working without any issues but when it comes to Jmeter we need to add Proxy Server details explicitly.
Based on the exception it seems, you are trying to access HTTP server with HTTPS request.
Make sure to confirm whether "abcd.uat.xyz.com:443" support https or not..If not simply make your request HTTP by updating Protocol field.
I am trying to do the load testing of salesforce.com. I am logging via test.salesforce.com which is redirecting me to the console url. Now, subsequent post request accepts following post parameters.
ViewStateCSRF
ViewStateMAC
visualforce.ViewState
But this post request is failing with "invalid session" error message.
I am guessing this is because of CSRF token. I am trying to extract(post processor in Jmeter) CSRF token, but I am unable to find this token anywhere in the response/cookie of previous requests. In one of the HTML response, I can find few CSRF tokens(e.g: runApexCsrfToken, consoleAjaxCsrfToken etc). I have tried all of them but no result.
To summarize my problem: I need to pass csrf token in post login request but I am unable to find this token in previous responses.
Could you please help me with this.
PS: I have tried get request on "https://c.salesforce.com/libs/granite/csrf/token.json" after login but did not find any token in response.
Make sure to add HTTP Cookie Manager to your Test Plan
Make sure to check all response fields as the token can be a part of URL or come as a HTTP Header
You need to correlate not only ViewStateCSRF but all other dynamic parameters as well
If you have problems with identifying the source for the dynamic parameters values you can try recording your scenario using cloud-based proxy service, it is capable of exporting recorded scripts in "SmartJMX" mode with automatic detection and correlation of dynamic parameters. See How to Cut Your JMeter Scripting Time by 80% article for more details
My Application is having Oath Authentication so recorded particular test scripts getting failed.I have analysed and found the token details in the login response data
{"access_token":"EsDRTzicGpSjaj8xcdEFBQ8aHbTt6btVW35Y4scQ","token_type":"Bearer","expires_in":28800,"refresh_token":"XhpFEDvCrGhwz9J4lPkRd0MMfQqUiW7j0zmbcPGr"}
Scenario1:
So Added Authorization:Bearer${BEARER} in the HTTP Header manager below the sampler and executed the TC its getting failed with the below message
{"error":"access_denied","error_description":"The resource owner or authorization server denied the request."}
Scenario 2:
Getting the below message if i didn't add the Authorization:Bearer${BEARER} in the HTTP Header manager
{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"access token\" parameter."}
Need to know which one is right and how to overcome form this issue
Declare a variable below the test plan with Name:Prefix and value:Bearer
Add regular expression Extractor with reference name & Expression below the sampler
Add a debug sampler to identify the Token and run the test plan
As per The OAuth 2.0 Authorization Framework: Bearer Token Usage specification you must have a space bar between Bearer and the token value
Authorization: Bearer mF_9.B5f-4.1JqM
^ nothing should be here
OAuth token is not something you can record and replay, the value needs to be obtained using specific procedure which might be different depending on OAuth version and implementation. Check out How to Run Performance Tests on OAuth Secured Apps with JMeter guide for more information on how you can obtain the OAuth token in JMeter test.