I have a JMeter test with the following configuration:
Thread Name: Thread Group 1-1
Sample Start: 2017-08-18 12:45:02 IST
Load time: 304
Connect Time: 0
Latency: 304
Size in bytes: 209
Headers size in bytes: 206
Body size in bytes: 3
Sample Count: 1
Error Count: 1
Data type ("text"|"bin"|""): text
Response code: 403
Response message: Forbidden
Unfortunately it fails with the following response headers:
HTTP/1.1 403 Forbidden
Content-Type: application/octet-stream
Date: Fri, 18 Aug 2017 07:15:03 GMT
Server: openresty/1.9.3.1
X-Vcap-Request-Id: c9307775-0897-4fbd-5d45-e2e7c11cb1b1
Content-Length: 3
What am I missing? Thanks in advance.
This issue can have a lot of causes:
missing content-type header
missing authentication token
missing CSRF token
failing authentication before access to url
...
Can you show the request you send ?
I found that OpenResty requires User-Agent header. It will throw 403 Forbidden if User-Agent header doesn't exist.
JMeter do not attach this header automatically like most other apps do hence returning 403 Forbidden.
Related
I am trying to execute a simple POST request from nifi using the InvokeHTTP processor. The target server responds with the response "error: invalid request". I am able to POST successfully with curl from nifi's host.
I have set the processor's HTTP method to "POST", and the URL to "http://myhost:1234", other fields are set to the defaults. The incoming flowfile's mime.type is application/json and the flowfile content is valid json.
Here's what I tried (server names etc. were replaced with fake names):
I confirmed that the target server is ok with curl using seemingly equal parameters to the InvokeHTTP processor (with and without the --http2 flag, equally on the InvokeHTTP processor I tried with the "HTTP/2 Disabled" property on true and false):
curl -v --http2 -POST -H "content-type: application/json" http://myhost:1234/ -d '\[{"key":"value"\]'
For the data I used the actual content of the flowfile used by InvokeHTTP.
* Trying <ip>...
* TCP_NODELAY set
* Connected to myhost (<ip>) port 1234 (#0)
> POST / HTTP/1.1
> Host: myhost:1234
> User-Agent: curl/7.61.1
> Accept: */*
> Connection: Upgrade, HTTP2-Settings
> Upgrade: h2c
> HTTP2-Settings: AAMAAABkAARAAAAAAAIAAAAA
> content-type: application/json
> Content-Length: 17
>
* upload completely sent off: 17 out of 17 bytes
< HTTP/1.1 201 Created
< Server: <servername>
< Content-Length: 0
<
* Connection #0 to host myhost left intact
With InvokeHTTP, the response is routed to the NoRetry output with the following attributes added to the flowfile:
invokehttp.response.body
error: invalid request
invokehttp.response.url
http://myhost:1234/
invokehttp.status.code
400
invokehttp.status.message
Forbidden
I tried logging the request by setting the org.apache.nifi.processors.standard.InvokeHTTP logger to DEBUG. The resulting logs:
2022-11-17 11:22:03,384 DEBUG [Timer-Driven Process Thread-4] o.a.nifi.processors.standard.InvokeHTTP InvokeHTTP[id=<guid>]
Request to remote service:
http://myhost:1234/
date: Thu, 17 Nov 2022 11:22:03 GMT
user-agent:
2022-11-17 11:22:03,384 DEBUG [Timer-Driven Process Thread-4] o.a.nifi.processors.standard.InvokeHTTP InvokeHTTP[id=<guid>]
Request to remote service:
http://myhost:1234/
date: Thu, 17 Nov 2022 11:22:03 GMT
user-agent:
2022-11-17 11:22:03,391 DEBUG [Timer-Driven Process Thread-4] o.a.nifi.processors.standard.InvokeHTTP InvokeHTTP[id=<guid>]
Response from remote service:
http://myhost:1234/
content-length: 23
server: <servername>
2022-11-17 11:22:03,391 DEBUG [Timer-Driven Process Thread-4] o.a.nifi.processors.standard.InvokeHTTP InvokeHTTP[id=<guid>]
Response from remote service:
http://myhost:1234/
content-length: 23
server: <servername>
At this point I don't know what to do. I don't know if the logged requests are purposefully limited to these fields or if there's actually a lot of information missing from the requests themselves such as the payload and the content type. I'm also wondering why the requests are logged twice, or whether they're actually sent twice (I'm on a single node environment).
I expect this processor to be able to perform such a simple request without much trouble, and have confirmed that the target server is not the issue. Did I miss something? How can I debug this further (e.g. see the actual raw request sent by InvokeHTTP)?
Thank you.
Check the mime.type attribute. That is automatically translated to a header for you, and you could be sending form-encoded parameters as the mime type or something like that instead of the expected json.
I use post man and I am able to run a request perfectly fine with status 200
https://abc/api/
when I try Jmeter I keep getting 403 forbidden
GET https://abc/api/
I get
<html>
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
</body>
</html>
Sampler request
Thread Name: 0-test1-1
Sample Start: 2019-07-22 11:07:12 PDT
Load time: 485
Connect Time: 378
Latency: 485
Size in bytes: 287
Sent bytes:236
Headers size in bytes: 153
Body size in bytes: 134
Sample Count: 1
Error Count: 1
Data type ("text"|"bin"|""): text
Response code: 403
Response message: Forbidden
HTTPSampleResult fields:
ContentType: text/html
DataEncoding: null
My response headers are
HTTP/1.1 403 Forbidden
Server: aws../2.0
Date: Mon, 22 Jul 2019 18:13:06 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Note sure if that is
I also set my port to 443 because it is https
I was able to get content-type to application/json but still get 403, I do notice that my content-length is 0
I figured it out it was indeed the User-agent, I forced my Jmeter in header manager
User Agent --> Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 it worked
Maybe you need add into the header of the request
Content-Type: application/json
This is package form Client (browser):
...
Content-type: multipart/form-data; boundary=----WebkitFormBoundaryxxx
...
This is package that is received from server:
...
Content-type: multipart/form-data
...
This is error log from server:
org.apache.commons.fileupload.FileUploadException: the request was rejected because no multipart boundary was found
Can anyone help me how to fix this. Thank you!
i am trying to load test my application. But when i try to run the recorded scripts through jmeter, i get 401 Unauthorized error only on few particular pages. The script runs while Login page but gives errors on other pages. I need to run this whole scenario using multiple users (CSV file)
this is the Request Tab:
POST data:
{"searchObject":{"LastName":"","FirstName":"","RoleId":"","StatusId":"","sortOrder":"Id","isAsc":"False","isInactivated":false,"tempDataFlag":"True"},"isSorting":"false","listName":"CreissStaffList"}
Cookie Data:
ASP.NET_SessionId=0zqlv4t4ayszinlteqgnlrvg; __RequestVerificationToken=mmFzWMMfWojIH9J-32ylhW_8oseKWMP84XRZALQmUh0VfGmflM_kVW3b1MmWYLJ5ySCIezacyBFYplhzTSWMeo7CnMh2j14sD10qX2S_fq41
Request Headers:
Connection: keep-alive
Referer: https://www.creissmed.de/Admin/UserList
Accept-Language: en-US,en;q=0.5
X-Requested-With: XMLHttpRequest
Content-Type: application/json; charset=utf-8
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0
Accept: application/json, text/javascript, */*; q=0.01
Content-Length: 199
Sampler Result:
Thread Name: Thread Group 1-1
Sample Start: 2016-02-17 17:17:05 IST
Load time: 142
Connect Time: 0
Latency: 142
Size in bytes: 1599
Headers size in bytes: 255
Body size in bytes: 1344
Sample Count: 1
Error Count: 1
Response code: 401
Response message: Unauthorized
Response headers:
HTTP/1.1 401 Unauthorized
Cache-Control: private
Content-Type: text/html
Location: /
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 4.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 17 Feb 2016 11:47:03 GMT
Content-Length: 1344
HTTPSampleResult fields:
ContentType: text/html
DataEncoding: iso-8859-1
This is what the HTTP Request Page looks like:
Path: /Admin/GetListData
BODY PARAMETERS :
{"searchObject":{"LastName":"","FirstName":"","RoleId":"","StatusId":"","sortOrder":"Id","isAsc":"False","isInactivated":false,"tempDataFlag":"True"},"isSorting":"false","listName":"CreissStaffList"}
I am getting erros only on GetListData HTTP Request Pages
Thanks in advance!
Add View Results Tree listener and inspect response details. If you don't see error message it doesn't necessarily mean that login succeeded, despite HTTP Response Code 200 the page may contain errors.
You may have to do some handling of the __RequestVerificationToken as at is anti-cross-site-forgery implementation and you'll need to do some correlation in order to bypass it. See How to Load Test CSRF-Protected Web Sites guide for comprehensive explanation and possible options.
I used HTTP Chache Manager to Cache files which are being cached in browser. I am successful of doing it for some of the pages. Number of files being cached in Jmeter is equal to Number of files being cached by browser.
But in some cases :
I found number files being cached is lesser than the files being cached by browser.
Using Jmeter I found only 5 files are being cached but in real browser 12 files are getting cached.
Header for one file which is cached in Chrome but not in Jmeter
Header in Chrome Browser:
Remote Address:
Request URL:
Request Method:GET
Status Code:304 Not Modified
Request Headersview source
Accept:image/webp,/;q=0.8
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-GB,en;q=0.8,it-CH;q=0.6,it;q=0.4,ar;q=0.2
Cache-Control:max-age=0
Connection:keep-alive
Cookie:
Host:
If-Modified-Since:Thu, 16 Jan 2014 16:38:32 GMT
If-None-Match:W/"1242-1389890312000"
Referer:
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.114 Safari/537.36
Response Headersview source
Cache-Control:private
Connection:keep-alive
Date:Wed, 11 Jun 2014 09:57:49 GMT
ETag:W/"1242-1389890312000"
Expires:Thu, 01 Jan 1970 00:00:00 GMT
Server:
Header in JMeter:
Thread Name: Thread Group 1-2
Sample Start: 2014-06-11 15:18:56 IST
Load time: 326
Latency: 326
Size in bytes: 1541
Headers size in bytes: 299
Body size in bytes: 1242
Sample Count: 1
Error Count: 0
Response code: 200
Response message: OK
Response headers:
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private
Content-Type: image/png
Date: Wed, 11 Jun 2014 09:48:53 GMT
ETag: W/"1242-1389890312000"
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 16 Jan 2014 16:38:32 GMT
Server:
Content-Length: 1242
Connection: keep-alive
Thanks in advance
Have you tried to tick Use Cache Control/Expires header when processing GET requests box which simulates real browser behavior and matching content is returned immediately without actual request being made.
Another possible reason is exceeding Max Number of elements in cache threshold which defaults to 5000.
See Using the HTTP Cache Manager guide for further explanations and recommendations.