You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@jmeter.apache.org by testerinCO <cm...@comcast.net> on 2011/04/19 22:47:23 UTC
Basic authorization in jmeter
Hello
Currently I use the below listed python script to get the session id which
is required for every request. How would I set up jmeter to get the session
id? Thank you for your help
url = 'http://denvercolorado/_rest/dev/'
sessionurl = 'http://denvercolorado/_rest/v2/session.json'
callurl = 'http://denvercolorado/_rest/v2/call.json'
query_args = {'e':'5','s':'abcde12345'}
encoded_args = urllib.urlencode(query_args)
print 'Encoded:', encoded_args
url = url+'?'+encoded_args
request = urllib2.Request(sessionurl)
currentTime = str(int(time.time()))
key = currentTime +'abcde12345'
sessionID = '1:'+currentTime+':'+hashlib.md5(key).hexdigest()
request.add_header('Authorization','Basic '+sessionID)
--
View this message in context: http://jmeter.512774.n5.nabble.com/Basic-authorization-in-jmeter-tp4314353p4314353.html
Sent from the JMeter - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jmeter-user-help@jakarta.apache.org
Re: Basic authorization in jmeter
Posted by Deepak Shetty <sh...@gmail.com>.
Hi
well this is what is confusing in what you are saying
In the snippet you showed you used
>>request.add_header('Authorization','Basic '+sessionID)
which is adding a request header
whereas in the URL you show , the value is just a parameter ,
if it is a parameter that the browser sends it either must be in the HTMl
or its calculated with javascript . The former is relatively easy once you
identify in which request the value is returned, the latter needs you to
recode the javascript in java.
regards
deepak
On Wed, Apr 20, 2011 at 10:45 AM, testerinCO <cm...@comcast.net> wrote:
> Oh yes, it works from the browser (I'm testing a session API with a get
> method)
> http://denver.colorado/_rest/dev/?e=5&s=12345abcde <--- when I execute
> the
> URL, it returns a session id which consists of current time and the hash of
> the secret code (listed in URL) and id (listed in URL). I can see the
> jquery expression which is returned via the DOM, but I can't see it in
> jmeter.
>
> --
> View this message in context:
> http://jmeter.512774.n5.nabble.com/Basic-authorization-in-jmeter-tp4314353p4328802.html
> Sent from the JMeter - User mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: jmeter-user-help@jakarta.apache.org
>
>
Re: Basic authorization in jmeter
Posted by testerinCO <cm...@comcast.net>.
Oh yes, it works from the browser (I'm testing a session API with a get
method)
http://denver.colorado/_rest/dev/?e=5&s=12345abcde <--- when I execute the
URL, it returns a session id which consists of current time and the hash of
the secret code (listed in URL) and id (listed in URL). I can see the
jquery expression which is returned via the DOM, but I can't see it in
jmeter.
--
View this message in context: http://jmeter.512774.n5.nabble.com/Basic-authorization-in-jmeter-tp4314353p4328802.html
Sent from the JMeter - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jmeter-user-help@jakarta.apache.org
Re: Basic authorization in jmeter
Posted by Deepak Shetty <sh...@gmail.com>.
Hi
You can always use Runtime.exec (not recommended! for load tests). in any
case that part is easy to do in Java. What you need to verify is whether you
can send the token (assuming you can calculate it) since JMeter uses a
separation of username:password and Base64 encodes the whole thing (just
like a browser would do).
Im curious Whatever you are testing does it work from a browser ? or is it
only meant to be called programmatically?
regards
deepak
On Wed, Apr 20, 2011 at 7:02 AM, testerinCO <cm...@comcast.net> wrote:
> Thanks for the information. I've tried the beanshell pre processor, but
> don't seem to be able to get it recognized by the Authorization manager.
> Is
> it possible to call a python script from jmeter? I have the authorization
> working in a script, but have a hard time getting it to work in jmeter.
>
> --
> View this message in context:
> http://jmeter.512774.n5.nabble.com/Basic-authorization-in-jmeter-tp4314353p4326988.html
> Sent from the JMeter - User mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: jmeter-user-help@jakarta.apache.org
>
>
Re: Basic authorization in jmeter
Posted by testerinCO <cm...@comcast.net>.
Thanks for the information. I've tried the beanshell pre processor, but
don't seem to be able to get it recognized by the Authorization manager. Is
it possible to call a python script from jmeter? I have the authorization
working in a script, but have a hard time getting it to work in jmeter.
--
View this message in context: http://jmeter.512774.n5.nabble.com/Basic-authorization-in-jmeter-tp4314353p4326988.html
Sent from the JMeter - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jmeter-user-help@jakarta.apache.org
Re: Basic authorization in jmeter
Posted by Deepak Shetty <sh...@gmail.com>.
This does not seem to be a "sessionid" - it seems to be something you are
using as an authorization header?
in which case you need an HTTP Authorization Manager to add the
authorization header.
>sessionID = '1:'+currentTime+':'+hashlib.md5(key).hexdigest()
You will need to code the above in a BeanShell pre processor or equivalent
and set it into a variable that the Authorization Manager uses.
The only other issue difference is that a Basic Authentication token is off
the form Username : Password which is then Base64 encoded . Jmeter does the
base64 encoding for you. However in your case you seem to be doing something
different and Im not sure whether you can override the authorization manager
behavior
regards
deepak
On Tue, Apr 19, 2011 at 1:47 PM, testerinCO <cm...@comcast.net> wrote:
> Hello
>
> Currently I use the below listed python script to get the session id which
> is required for every request. How would I set up jmeter to get the
> session
> id? Thank you for your help
>
> url = 'http://denvercolorado/_rest/dev/'
> sessionurl = 'http://denvercolorado/_rest/v2/session.json'
> callurl = 'http://denvercolorado/_rest/v2/call.json'
> query_args = {'e':'5','s':'abcde12345'}
> encoded_args = urllib.urlencode(query_args)
> print 'Encoded:', encoded_args
>
> url = url+'?'+encoded_args
>
> request = urllib2.Request(sessionurl)
> currentTime = str(int(time.time()))
> key = currentTime +'abcde12345'
> sessionID = '1:'+currentTime+':'+hashlib.md5(key).hexdigest()
> request.add_header('Authorization','Basic '+sessionID)
>
>
> --
> View this message in context:
> http://jmeter.512774.n5.nabble.com/Basic-authorization-in-jmeter-tp4314353p4314353.html
> Sent from the JMeter - User mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: jmeter-user-help@jakarta.apache.org
>
>
Re: Basic authorization in jmeter
Posted by Bruce Ide <fl...@gmail.com>.
There are a couple of things you can do there. If you put a cookie manager
in your test plan, Jmeter will manage it for you.
If you need to look at the session ID for any reason, you can modify your
jmeter.properties and set "CookieManager.save.cookies" to true, which will
cause the session ID to show up as the jmeter variable COOKIE_JSESSIONID.
Alternately, you could put a regex postprocessor on your HTTP Client
request, and extract the session ID from client headers (Make sure you
select the sampler headers in the postprocessor.) IIRC the regex looks
something like "JSESSIONID=([A-Z1-9]+)"
--
Bruce Ide
FlyingRhenquest@gmail.com