I try to test a web-service using SOAPUI using a HTTPS endpoint. The problem is that the response message is displayed encrypted. What do I need to configure in SOAPUI in order to see the actual response message?
I tried various settings (e.g. in preferences I tried to set an exported certificate from Firefox), but no luck so far. Note that the security of the web-service is implemented using a username/password mechanism in the SOAP header and the same call works fine on a HTTP endpoint (we have a couple of environments available).
Just had this same problem and found the solution here:
http://www.eviware.com/forum/viewtopic.php?f=5&t=2601&p=10862&hilit=encrypted+response+https#p10862
Basically you need to go into file->preferences->http settings and uncheck the 'Response compression' checkbox.
Related
I am trying to get the response back from API using Postman native app in windows 10.
I am in my company system which uses proxy, so i need to pass proxy credentials for every request which i send from my system.
As per postman documentation, i set proxy settings but still getting 401: Unauthorized error.
Postman Proxy Settings
Other suggestion was to use Basic Authentication while sending a request. It doesn't help either:
Baisc Auth settings for Proxy in postman
I tried all the things in native app but it's not working.
The workaround is to use Chrome extension for Postman.
Please refer the steps below:
1.> Search for Postman Interceptor chrome extension
2.> Install the extension
3.> Launch postman extension
4.> Login using your google account Or register an account in postman.
5.> When you try to login, pop appear in which proxy userid and password needs to be entered.
6.> Once proxy settings has been updated, send the request. You should receive expected response back.
Happy coding :)
I want to call REST-services from my Angular-app. However, these REST-services are hosted on WLP and are part of a WAR-file developed by some company a while ago, ie. we have no source code.
I can call GET-methods without any issues from Postman, I just need to set authentication and accept headers. However, calling these GET-methods from Angular via web browsers will trigger preflight request (OPTIONS) without Authentication header prop. Seems to me that OPTIONS requests are triggered by the browsers and Angular cannot set headers for them. I confirmed OPTIONS requests need authentication by running requests via Postman with and without auth header prop.
Similar problems were discussed in other posts on stackoverflow but in such cases people had control over their server side code and could alter it to avoid authentication headers for OPTIONS request. Clearly in my case, I cannot do it.
My question is if there is a possibility to configure WLP to not ask for authentication header prop in case of OPTIONS-requests (seems to be configurable for Apache web servers and Tomcat)?
Kind regards
A.H.
Even without source, you should be able to edit web.xml and modify the security-constraints to punch a hole for OPTIONS.
I am trying to make a script to test REST services using Jmeter.
Till now I was using Chrome’s Advanced REST Client.
My authentication request was GET and it was something like this in Advanced REST:
https://username:password#URL:portnumber
its a GET request
Now when I am using Jmeter. I tried following ways:
I added HTTP Authorization Manager and mentioned Base URL and Username/password inside it.
When I am trying to do a request then its showing me “Unauthorized”
I also tried to login using normal https request but no success.
When accessed manually, a authorization popup window appears and username and password is submitted inside this window.
Please suggest me a way for how to login using Jmeter.
Few suggestions:
Most likely you have mismatch in URL you're trying hit and the one, specified in HTTP Authorization Manager, double check it.
Add View Results Tree listener and make sure that the header like:
Authorization: Basic xxxxxxxxxxxx=
is being sent along with the request and compare it with the one, sent by the real browser.
Try switching "Implementation" of your HTTP Request samplers to HttpClient3.1, the easiest way of doing this is using HTTP Request Defaults
And finally, you can use HTTP Header Manager to send the relevant header, it's name should be Authorization and value Basic and username:password encoded in Base64. There is base64Encode function available via JMeter Plugins.
I am getting Internal server error in jmeter for particular request but same url its working fine in browser,even i handled the cookie in the script and checked web traffic in fiddler and header manager everything is correct but still its showing internal server error.
Perhaps you need to configure some HTTP header in your request to make it work. Your browser is inserting them as default, but for JMeter you need to do it manually.
Using a recording tool might help on the specifics, but even though you will need some changes on your test script.
I recommend BlazeMeter Chrome Plugin, it will insert any necessary HTTP headers for you based on the browser of choice.
https://chrome.google.com/webstore/detail/blazemeter-the-load-testi/mbopgmdnpcbohhpnfglgohlbhfongabi
Your site might require Cookies, therefore you need to use a Cookie Manager for that. In order to Test the requests, use the Listeners "Response Assert" or "Save Responses to a File" to check if the response was sent properly.
I'm trying to get Fiddler to work with my company's proxy. Every external request is returning 407.
So far I've tried adding oSession.oRequest["Proxy-Authorization"] = "YOURCREDENTIALS"; to the customized rules where I used my USERNAME:PASSWORD in base64. Still no luck.
Any ideas? Thanks.
What worked for me was much more simpler:
Rules > Automatically Authenticate
Note: There is an answer with a higher voting available. Because of SO sorting it is below the accepted answer.
I had the same problem, too, and solved it like this:
Started Fiddler with it's standard configuration.
Started IE and made a HTTP-request to an external web-site.
The proxy authorization dialogue popped up, where I entered my credentials.
In Fiddler searched the request headers for "Proxy-Authorization".
Copied the header value which looked like "Basic sOMeBASE64eNCODEdSTRING=" to the clipboard.
Altered the CustomRules.js with the following line within OnBeforeRequest:
oSession.oRequest["Proxy-Authorization"] = "Basic sOMeBASE64eNCODEdSTRING=";
So my approach was quite similar to yours just that in advance I checked what kind of proxy authorization the server required by using Fiddler to debug the authorization header. That way I found out I had to add "Basic" before the Base64 encoded credentials and I didn't even have to use the tool to encode the credentials to Base64. Just copied the value from the proxy authorization header.
My Answer is simple. If your company proxy is NTLM, download ,setUp and configure cntlm. Route your fiddler to cntlm port by setting proxy settings.
Done! that is how i configured fiddler in my company
What version of Fiddler are you using?
Fiddler will automatically chain to your organization's proxy, and all current versions of Fiddler support passing of authentication information between the client and the authenticating proxy.
How are you generating the HTTP requests in question? What are the exact HTTP response headers?
http://blog.bareweb.eu/2010/10/http-debugging-fiddler-tip-1/
There's an entry in the "Rules" menu for Requiring Proxy Authentication. Use that and you should get a bit further!
Fiddler should pick up native proxy configuration automatically.