Automated script logs out using JMeter - jmeter

I am trying to automate testing of a web application.
I have recorded the test using JMeter proxy template (JMeter version is 3.2) and couple of times when I ran the test in the JMeter it ran properly but after sometime only some part runs properly.
Following are the steps I am doing:
Hitting the URL
Logging into the application
changing some feature in the application
and so on.
All the steps ran perfectly first few times but then after that only till login everything runs properly.
Just to be sure I tried passing the jsessionid from the first request to the next requests using the Regular "Expression Extractor". I can see in the View Results Tree that jsessionid is passed properly but next page after the step two still takes me into the login screen.
Any help will be very much appreciated.
I have attached screenshot for better understanding:
The response header of logged in page includes a sessionid which is used by another request while logging in.
All the sessionID are properly maintained still after logging in the next page takes me to the login page instead displaying what was done next in the recording.

When it comes to load testing of JSF-based web applications you need to take care at least of the following dynamic parameters:
JSESSIONID
javax.faces.Viewstate
JSESSIONID is a normal HTTP cookie so it is quite enough to add a HTTP Cookie Manager to deal with it
javax.faces.Viewstate is client state management mechanism which also acts as a security token to verify user's origin. So you will need to properly correlate it, i.e. extract from previous response using one of JMeter PostProcessors, store into a JMeter Variable and add as a parameter to the next request. Remember to do this for each and every request.
There might be more application specific dynamic parameters, the easiest way of detecting them is recording the same request (or scenario) 2 times, compare the recorded scripts, detect and work around the differences.

Related

JMeter cookie handling

I have a JMeter test script that performs logon to a website. I can see the POST request with the appropriate information, but it seems the session is lost after that point, as the next step goes to the homepage expecting to be authenticated but isn't. Any ideas? I can post the code if necessary. I do have a cookie manager configured.
Most probably it's due to missing or improperly implemented correlation, cookies might be not the only one dynamic parameter which you need to take care of, modern web applications widely use others for i.e. client-side state tracking or security purposes.
So inspect your test script and check for parameters which are dynamic, the easiest way is recording the same scenario once again and comparing resulting .jmx scripts. Everything which differs is a subject to correlation.
More information: How to Handle Correlation in JMeter

Response message: Unauthorized in Jmeter

I'm new to using Jmeter tool.
I have recorded my application using blazemeter (v3.1) and then trying to run that .jmx file in Jmeter, however I am running into an authorization issue and the script fails to run.
I have also tried setting my "HTTP Authorization Manager" with username, url, password but it does not help. If anyone can, please guide me on this Issue. Thanks.
As per 4 Things You Should Never Do with Your JMeter Script article:
Don’t run the script exactly as you recorded it
After recording your script, there is still some work to do before you run it. It’s necessary to correlate variables, parameterize and add elements, to faithfully simulate users.
There are too many ways of possible authentication implementation in your application, most probably you need to send some dynamic value along with credentials which can be fetched from the previous request.
Record your test scenario 2 times and compare recorded requests. Be careful as differences might be in response headers and URL, not only in response data. It makes sense to add View Results Tree listener directly to HTTP(S) Test Script Recorder - this way you will be able to see what data is captured by JMeter and amend its configuration so simulated request would look exactly like the request from the real browser.

E commerce load test with complete flow

I'm trying to do a load test of e commerce site with complete flow from product search, login to add to cart and submit. Product search and anonymous order is working fine but when I'm trying to run script for registered user it's not working. How can I fix this?Click here to download script
Your "download" link is broken or expired or whatever.
Most probably your request doesn't work for authorised users due to missing or improperly working correlation. Modern web applications cannot be just recorded and replayed as they widely use dynamic request parameters mostly for security reasons. So if this is the case your test needs to look as follows:
Open Login Page (usually GET request)
Extract dynamic parameters using one of matching JMeter Post-Processors and store them into JMeter Variables
Perform Login (usually POST Request) providing not only credentials, but also dynamic parameters values from the first request
Also make sure you add HTTP Cookie Manager to your Test Plan - it represents browser cookies and automatically deals with cookie-based authentication
You might want to try an alternative way of recording a JMeter test - using cloud-based proxy which is capable of exporting recorded tests in "SmartJMX" mode with automatic correlation of any dynamic parameters detected. Check out How to Cut Your JMeter Scripting Time by 80% article for more information.

Same POST works manually, results in 500 error via Jmeter

In my script, I'm using a JSESSIONID instead of a cookie; the JSESSIONID is extracted using a HTTP URL Re-writing Modifier and I can confirm that the correct value (the one which appears in the response data from the login page) is being applied in the Request.
e.g. POST https://qa67.ososinfo.org:446/Staff/staffdetail.xhtml;JSESSIONID=0655ca5420354753ae413984d34cfc27
I'm also using a VIEWSTATE, which I'm extracting prior to running the remainder of the test steps by using a Regular Expression Extractor and setting the resulting variable as a parameter in the HTTP Request,
e.g. javax.faces.ViewState=8d2%2BgOIseczB2FWSo74DqQfkmiYVaK73D8bnLTNWCx%2FB8EtE
The problem is that I'm hitting a Response code: 500 | Response message: Internal Server Error every time I attempt a post with all of the applicable data.
I tried running through the steps manually in a Firefox browser. I copied the contents of the Request tab from the failing page into a REST client, logged in using a separate tab of the same browser and grabbed the appropriate JSESSIONID and VIEWSTATE information, then posted with that info in place - and the manual post was successful.
Am I missing something? Is JMeter requiring something to accomplish this POST that a I'm not seeing in a manual attempt? Please note that I can verify the test is working through the point of login - I can manually see the jmeter user logged in from an admin screen.
Happy to share any/all of what I'm seeing if it might be helpful in helping to troubleshoot.

Why there is difference in test and data interaction speed when use API vs jmeter recording

I have a login function in website. I have tried 2 things to create load testing plan :
Record login scenario using jmeter and complete load test
Use login API, configure in Jmeter and complete load test
I realize that 2nd option from above is faster than 1st when running load test? Can anyone help me to understand why?
Well-behaved test should simulate end-user behaviour as close as possible, so basically you have at least 2 requests:
Open login page
Perform login
In addition when mimicking real browser you have to deal with a lot more data, i.e. complete HTML response, JavaScript, CSS, images, etc.
In case of API you have only one request consisting of username and password and one small response indicating whether login attempt successful or not.
I believe load test should be as close to reality as possible so I would recommend 1st option. Make sure that you add the next test elements to your Test Plan:
HTTP Cookie Manager
HTTP Cache Manager
HTTP Header Manager
and follow recommendations from How To Make JMeter Behave More Like A Real Browser guide for detailed instructions.

Resources