Jmeter redirection challenges - testing

JMeter URL redirection challenges from 302 to 200 status code
I'm trying to perform URL HTTP connection authentication with JMETER and facing challenges on redirection URL with JMeter from 302 to 200 status code within the organization environment. The office environment using windows authentication NTLM2 methods.
However I’m facing URL redirection blockage when I tried to navigate through an internal website as it stops when it reaches 302 status code and failed to navigate further to status code 200 through JMeter but when I display the same URL with chrome browser, it able to successfully display the web with status code 200 using chrome browser.
How does the URL Authentication work?
at 1st the given URL which includes end-user parameters were entered to display the web messages.[shows HTTP status code 302]
The URL then redirects to another portal login URL to acknowledge the authentication.[shows HTTP status code 302]
Problem/Issue:-
The URL only successfully performing the 1st 2 options but it failed to perform the final redirection to have status code 200
At the moment the HTTP result in Jmeter through "View Result Tree" and "View Result Table" is both showing status code 302
Limitation
I couldnt install any external chrome pluggin due to the security restriction within the given operating system environment
proxy has been included. in both "HTTP default Advance" option and "HTTP Advance" option with the relavent user proxy details, id and password
Additional Details
The website were build part of the liferay framework using java spring.
We notice through jmeter logs viewer that the "Pooling HTTP Connection Manager" being shut down as well.
I've included the log viewer from the JMETER in here
Challenges
I'm not sure what further configuration i should do to allow the 3rd redirection to be happened.

You need to add HTTP Authorization Manager, change "Mechanism" to BASIC_DIGEST and provide your domain and Windows credentials there
This way JMeter will be able to build a proper Authorization header and you will be able to proceed to your application
More information: Windows Authentication with Apache JMeter

Related

Requestly chrome extension mock api response to 503

I want to change HTTP Status Code to 503 with a custom response body on URL ending with .mpd. I am using Requestly chrome extension to intercept the request and have it failed with 503.
Here is the Modify API Response rule screenshot
Here's Requestly logs in devtools which shows that request was correctly intercepted.
The rule looks like it kicks in but is not showing the correct response code. Looking at the network tab it looks like the interception did not work
Need help with mocking the status code to 503 and custom response body.
HTTP Status Code can not be changed by Chrome Extension. Chrome doesn't provide any APIs which allow Chrome Extensions to change the status code.
You should be able to solve this problem using the Requestly desktop app where you can also specify the status code while defining your mocked API response.
A desktop app-based solution is more reliable however if you really want to work with Chrome extension only. Here's a workaround that you can try
Setup a new API Mock with 503 Status Code and the Response Body
Setup a new Redirect Rule to redirect your actual URL to the Mock URL
More details are covered in this SO answer
References
https://requestly.medium.com/simulate-different-api-status-code-using-requestly-76f917c445eb

How to redirect a request in a Safari Content Blocker extension

I am building a safari app extension that will redirect certain requests through a local proxy.
For example https://tracking-script.com/track/user/123 needs to be redirected http://localhost:9000
The only problem that I do not know what domains are bad during application bootstrap. My bundle includes:
1. MacOS app to host safari extension and content blocker
2. Safari extension where I can performance certain actions
3. Content Blocker which basically gives rules to Safari during application bootstrap
https://www.infoq.com/articles/safari-content-blockers/
Is it possible to dynamically inspect a request and redirect it through a given port?
I have a device on my local network that gives me these rules. So if a page requests https://tracking-script.com/track/user/123 I first want to consult with my device running on localhost. If the response from the device says this domain is bad I want my content blocker to redirect this request to http://localhost:9000 instead of going to the original URL.
Is this even possible in Safari/MacOS? I can do this in chrome and firefox extensions by hooking up on the onBeforeRequest hook. I make a request to my device and if the device says the domain is bad then I returned {redirect_url: 'http://localhost:9000'} and the browser redirects this request.
You can try intercepting the HTTP request in the content script and then redirect the request to localhost if request. More details are given in this post.

Capture the URL in the javascript initiated HTTP GET/POST requests using selenium

I'm using selenium for automating a procedure I frequently use on a site.
When I press on specific element on the site it runs some complex javascript code that eventually downloads a csv file using HTTP GET request.
I can see that the URL of this request looks like: www.somesite.com/somepage.php?token=RAPO09834HROLQ340HGIE309W&....
My question is: how can I get the token in this URL with selenium? (I need it for executing other HTTP GET requests for extracting more data from the site)
I am using Firefox driver on windows.
I tried to search all the html, js, cookies I get from this site, the token is not there. (its probably generated by the javascript code before it does the HTTP request)
I understand this is some kind of session id token as all the javascript generated HTTP requests are using the same token during my session.

Jmeter error 404

I am trying to load test a webapp, which has following functonality
1. Login in app (setting some cookie variables )
2. Serach customer with some parameter
3. Get detail of particular customer
4. Logout from webapp
When i am running Jmeter i am getting status code 404
Any reference or help will be appriciated.
After googling i found 4** says you have sent bad request.
To check what request has been sent i am using fiddler and capturing original request (which is working from browser ) and request sent by Jmeter , I am comparing data under Inspector tab in Headers in fiddler, Is this right way to resolve the issue of 4**. What else i can do to fix this issue ?
Screen shots attached
I think, the HTTP header manager and HTTP cookie manager must be pushed up just before Recording Controller. Otherwise the requests are made without these header or cookie informations.
If you doing localhost testing should in the cookie manager config domain
localhost:8080.
You can see the request/response in View Results Tree. Just click on the tab Request or Response data respectively. If you're getting a 404, chances are the Response data tab will contain the 404 with (hopefully) information about the values that are invalid or missing.

SWT Browser Plugin does not promt for proxy authentication

I have successfully configured my SWT Browser application to use the proxy by setting VM arguments -Dnetwork.proxy_host and -Dnetwork.proxy_port to the according values.
However the proxy needs authentication, but the username / password prompt does not open. Futhermore when registering an authentication listener, the listener is never triggered.
The problems occured with a Linux Debian 64 Bit distribution. When compiling the same application for windows, all works fine, i.e. the password promt opens. The SWT Browser is configured to use MOZILLA, not WEBKIT. Unfortunatelly I cannot test with WEBKIT as I am limited to a given environment.
Temp solution: When starting the Linux Mozilla Browser, the prompt comes up. If entering there correct values and afterwards starting the SWT Browser application, then no authentication is needed at all and internet access is possible. But this is not a good solution.
When I register a location listener with "addLocationListener" to look whats going on with url calls, then I can see that the initial url (for example www.google.de) results to call a certain http site of the proxy server. And this http site is a redirect to a https site of the proxy. Then the https site results in calling the http redirect page again. This is then an endless loop.
I would guess that somewhere in the JAVA code of the SWT Browser class there is a routine that calls setUrl with those pages (what results in an
endless loop) and skip to call any authentication listener for some reason.
Maybe someone has an idea whats going wrong in this authentication process?
I have no solution but a hint: I'm not sure what you mean by "Linux Mozilla Browser" - I know Firefox and Xulrunner. But your workaround suggests that profile information is shared somehow and that shouldn't happen.
I tried to find some information how to define the profile (where the web browser keeps its cache, config, SSL certificates, plugins, ...) but to no avail.
This entry in the FAQ shows how to set the proxy host: How do I set a proxy for the Browser to use?
Try to find a way to add the user/password information into the request sent to the proxy server. If that fails, create a local proxy which connects to the real proxy as upstream and which can authenticate itself.
Looking at the bug database, there is no support for Browser profiles: Flexible Mozilla profile support - new API request