I am new to Jmeter and have the following problem. It has wasted a couple of days for me so far and I really hope someone can help:
When I go to record the login page of the website (IIS hosted, Windoes Authentication) I ultimately receive a 401 unauthorized. The login popup shows again after details have been entered. These same details function correctly when browsing to the site without the use of Jmeter.
Situation:
Intranet Proxy > JMeter Proxy > Site
I have started JMeter with the Intranet Proxy details:
jmeter -H -P 8080 -u -a -N localhost
I have created a HTTP Proxy Server in the WorkBench within JMeter
HTTP Sampler Settings = HttpClient 3.1 / Redirect / Follow and Keep Alive
I have added a HTTP Authorization Manager to the Thread Group providing my details
I have uncommented httpclient.parameters.file=httpclient.parameters in the jmeter.properties file
I have uncommented http.proxyDomain=NTLM domain, if required by HTTPClient sampler in the same file
I have uncommented http.authentication.preemptive$Boolean=true in the httpclient.parameters file
I believe the NTLM credentials are getting lost somewhere along the way but I do not know where to go at this point.
Let me know if any other information would be of use.
Thanks in advance,
Eoin.
If you are behind a proxy which requires authentication, ensure you set this:
-H PROXY_HOST -P PROXY_PORT -u PROXY_USERNAME -a PROXY_PASSWORD -N localhost
Second check your configuration of JMeter Proxy JMETER PROXY SETUP STEP BY STEP
Finally if you have NTLM, then it's not sure it can work at least not sure during recording, it also depends on your version of NTLM, see this:
http://jmeter.512774.n5.nabble.com/JMeter-NTLM-authentication-td514319.html
See this:
JMeter with Windows Authentication?
Finally try asking this question on jmeter user mailing list, once you don't get answer,
I suggest you put JMeter in DEBUG mode (jmeter.properties) and attach your logs to a BugZilla issue you will open on this (I will look at it as soon as possible).
Works for me in Firefox 40 and IIS with Kerberos authentication if I set HTTP(S) Test Script Recorder -> HTTP Sampler settings -> Type = Java. Need to type the authentication in multiple times, then when I cancel out Firefox is authenticated and I can record the site no problem.
Related
We are installing a nextcloud server in my organization and i would like to load test it before we deploy more broadly.
I have managed to do some testing with jmeter...(see answer below)
Now i would like to load test other features of nextcloud. I have found this repo but it seems it is not updated anymore : https://github.com/owncloud/smashbox
Anyone know if it is still working? (i dont have yet access to the nexcloud server os).
Apparently smashbox is designed for owncloud and not nextcloud...any hint on tools for nextcloud?
Thank you
If you "dont have yet access to the nexcloud server" then how do you know that "doesnt log in with http authorization manager"?
Whatever. Given Nextcloud doesn't ask your credentials most probably it's configured for Single-Sign-On and most probably it's Kerberos
If this is the case you will need to not only to add the HTTP Authorization Manager but also perform the relevant configuration in krb5.conf and jaas.conf files (live in "bin" folder of your JMeter installation).
You can check out Windows Authentication with Apache JMeter article for example setup and more comprehensive explanations.
So here is the answer :
You have to create two sampler http request.
the first request is a get request on the login page.
the second request is a post request on the login page.
You have to create a regular expression extractor to extract data-requesttoken:
data-requesttoken="(.+)"
You can reuse it in the post request (name : requesttoken) with the variable set in the extractor.
You also need to add a http cookie manager to the thread group and leave it blank so it handles the cookies set in the get request and in the post request.
Then the login works properly and you can tune in the loop, number of threads and ramp up
There is only one problem on my machine: the request randomly succeed or fail because the cookie manager sometimes set the proper cookies in the redirect after post request and sometimes not... (see here : JMeter randomly setting proper cookies so my request succeed )
While recording a https application from Jmeter by using Mozilla Firefox am getting a popup in the browser with title as 'This site is asking you to sign in.' with text box for username and password.
Not sure if we need to provide proxy - username/password (or) application - username/password here, tried both, but again and again getting the same popup and upon clicking on cancel in the popupp it shows 401-Unauthorised
Note:
Working fine from mozilla forefox when proxy is "Use system proxy settings". above issue exists only when proxy is "Manual Proxy Configuration" and recording from Jmeter.
Jmeter was lanched from cmd by providing proxy details.
jmeter certificate was installed in mozilla firefox.
Try specifying username, password and your domain in system.properties file (lives in "bin" folder of your JMeter installation)
http.proxyUser=username
http.proxyPass=password
http.proxyDomain=your_domain
as it might be the case your corporate browser is configured to automatically login to the website using the account of the currently logged in user (the approach is known as SSO)
See Using JMeter behind a proxy article for more information.
Also be aware of alternative way of recording a JMeter test: JMeter Chrome Extension, in this case you won't have to bother about proxies and certificates as the extension is less "invasive" than JMeter's MITM proxy
I work in a company where we use a proxy to access any browser website.
We would like to start API testing with JMeter, but have a problem.
Whenever I try to add an API call to petstore.swagger.io/v2/pet/10, for example, and put in the proxy details in the "Advanced" section of the HTTP request + adding an HTTP authorization manager with Username + Password, it still gives me a "407 Authenticationrequired" error back.
Request headers:
Response headers:
In the information I have also it's that the proxy is "Ruleset Name: Authentication with Kerberos and NTLM Fallback".
This is quite a problem if I'd like to test internal APIs with any authorization on it.
HTTP Status code 407 means that proxy authentication required, it seems that you're using a corporate proxy to access the application under test and this proxy requires credentials.
You have 2 options of passing the proxy credentials to JMeter:
Command-line arguments like:
jmeter -H my.proxy.server -P 8000 -u username -a password
JMeter System properties (you can put these lines to system.properties file
http.proxyUser=username
http.proxyPass=password
I am trying to set up proxy in firefox so that I can use recoding controller from Jmeter GUI. Below is my network settings in firefox:
and also the jmeter GUI:
But when I try to load my site in firefox, I am getting the following error:
The owner of app.example.net has configured their website improperly.
To protect your information from being stolen, Firefox has not
connected to this website.
This site uses HTTP Strict Transport Security (HSTS) to specify that
Firefox may only connect to it securely. As a result, it is not
possible to add an exception for this certificate.
Learn moreā¦
Report errors like this to help Mozilla identify and block malicious
sites
Any help will be highly appreciated.
Try running Chrome with --ignore-certificate-errors following Recording stops due to HSTS answer in JMeter group:
Recording stops due to HSTS
Lily Nguyen
5 posts
I had the same issue with JMeter 3.2 , using Chrome. I got it resolved by
invoking Chrome from command line with flag --ignore-certificate-errors
...This would get rid of the "Your connection is not private" error and i
was able to record normally after installing the certificate everywhere
Or record site with Blazemeter Chrome extension
This is not a JMeter problem, this is a technique of protection against MITM attacks called HTTP Strict Transport Security
You can try to bypass it by
Remove entry for your app.example.net from the SiteSecurityServiceState.txt file in the Firefox Profile folder
Add the next Integer value at about:config page:
test.currentTimeOffsetSeconds= 11491200
Clear your browsing history or start with the new Firefox profile
Be aware that there is an alternative way of recording a JMeter test: JMeter Chrome Extension, you will not have to worry about proxies and certificates, just execute your scenario in the browser and once done you will be able to export it as a JMeter test script.
Whenever I try to use Jmeter recording functionality for the website, the requests send to website are captured but the name of website is different and body data is encrypted.
Jmeter always shows request for : ocsp.comodoca.com, ocsp.digicert.com, ocsp.pki.goog. But these are not the URLs provided for HTTPS Domains in Test Script Recorder.
I checked on the Internet that ocsp.comodoca.com, ocsp.digicert.com, ocsp.pki.goog provide SSL certificate. But why those are seen in Jmeter request are not known to me and how to see the URL for my test website? Thanks.
HTTPS Test Script recorder
Junk Request
I was also facing the same issue while recording with JMeter. I later found the issue had to do with the way I had setup the proxy options in Firefox.
I had forgotten to select the check box `Use this proxy server for all protocols. After selecting this check box, I was able to record my actual server URLs.
You're looking into wrong feature, the setting you should be using lives at Requests filtering tab of the HTTP(S) Test Script Recorder.
There is "URL Patterns to Exclude" input where you can filter out "not interesting" domains by providing a Perl-5-style regular expression, i.e. .*ocsp.*
See Excluding Domains from the Load Test article for more details if needed