I'm trying to hit the server with multiple requests for load testing. I have setup JMeter thread with 100 concurrent users per seconds. Each request read data from CSV (different tokens to identify users). But after few request I'm getting error:
429 Too Many Requests
How we can solve this? Any settings in Jmeter?
Or Do I need to change Apache settings?
As per HTTP Status 429 documentation
The HTTP 429 Too Many Requests response status code indicates the user has sent too many requests in a given amount of time ("rate limiting").
A Retry-After header might be included to this response indicating how long to wait before making a new request.
Most probably your JMeter test configuration is not correct, the reasons could be in:
You don't use HTTP Cookie Manager so all the requests fall under the same session and application reacts correspondingly
Your application limits rate of requests from a single IP. Consider going for IP Spoofing or Distributed Testing or both
You're using the same credentials for all virtual users, make sure that each JMeter virtual user has its own credentials and operates its own data. You can use i.e. CSV Data Set Config for parameterization.
This is most probably a DDOS protection in the application you’re testing so your options are to ask the infrastructure team or developers to disable it.
As per reference documentation:
The HTTP 429 Too Many Requests response status code indicates the user has sent too many requests in a given amount of time ("rate limiting").
A Retry-After header might be included to this response indicating how long to wait before making a new request.
There is nothing you can do ok jmeter side.
Related
I'm trying to hit the server with multiple requests for load testing. I have setup JMeter thread with 100 concurrent users per seconds. Each request read data from CSV (different tokens to identify users). But after few request I'm getting error:
429 Too Many Requests
How we can solve this? Any settings in Jmeter?
Or Do I need to change Apache settings?
As per HTTP Status 429 documentation
The HTTP 429 Too Many Requests response status code indicates the user has sent too many requests in a given amount of time ("rate limiting").
A Retry-After header might be included to this response indicating how long to wait before making a new request.
Most probably your JMeter test configuration is not correct, the reasons could be in:
You don't use HTTP Cookie Manager so all the requests fall under the same session and application reacts correspondingly
Your application limits rate of requests from a single IP. Consider going for IP Spoofing or Distributed Testing or both
You're using the same credentials for all virtual users, make sure that each JMeter virtual user has its own credentials and operates its own data. You can use i.e. CSV Data Set Config for parameterization.
This is most probably a DDOS protection in the application you’re testing so your options are to ask the infrastructure team or developers to disable it.
As per reference documentation:
The HTTP 429 Too Many Requests response status code indicates the user has sent too many requests in a given amount of time ("rate limiting").
A Retry-After header might be included to this response indicating how long to wait before making a new request.
There is nothing you can do ok jmeter side.
Single page application with specific organizational service accounts uses microsoft authorization (2.0).
To pretend in JMeter as user working with this application, it is enough to have Bearer access_token and then pass this Bearer in header of JMeter script requests.
I can manually login with user credentials in browser, get Bearer and set up it as variable in JMeter in API requests headers and successfully continue to work with application functionality.
Also I can login in WebDriverSampler (and I suppose, can emulate with WebDriverSampler another user's actions with application like in "browser").
What is the simplest and shortest way, having all above, to get Bearer somehow for API calls in a script without time-consuming or programming-oriented complex solutions? Is it possible somehow to use WebDriverSampler requests for parsing Bearer?
On this stage, the goal is to collect (and generate) Bearers, which have long time of life, with intention to use this set of Bearers for multi-session JMeter "users" later. (Because users amount is under cost constrtaints with users service accounts, i.e. I have 1 provided user only).
Will be very appreciated for grace tips and advices with such kind of problem.
It should be possible to use i.e. BrowserMob Proxy for capturing the traffic between the browser orchestrated by the WebDriver Sampler and the backend, this way you will be able to extract Authorization header value and i.e. store it into a CSV file for later re-use.
In general it should also be possible to replicate the browser's authentication flow with JMeter's HTTP Request samplers as browsers don't do any magic, they just send HTTP Requests and display the responses so well-behaved JMeter test should generate the same network footprint as the real browser does
When writing an HTTP server using akka-http’s high-level Route API, is there a way to be notified that the request timeout has expired, or to check whether it is expired, or to check how much time remains? In implementing an expensive route, I would like to stop performing work on a request if the request times out.
Akka-http’s request timeout responds to HTTP requests with status code 503 Service Unavailable: “The server was not able to produce a timely response to your request.
Please try again in a short while!” It is configured using akka.http.server.request-timeout, which is 20 s by default.
So i'm designing a Restful Api that makes calls to other web services aggregates the result and return back to the client. If connection of any of the other web services fails for any reason, what is the best thing to return?
Right now am returning an 500 - Internal Server error to the client but I would like to return more details to the client on what made the request to fail. Would it be redundant to return a 500 http response code with a response body containing a message detailing where the error actually occurred or to just return a 503 - Service Unavailable http response code?
Your response code should depend on what you can do with the request. If clients can expect in this case to receive partial information and a message indicating what remote data feeds are unavailable, then send back a 200. I would not include HTTP codes or failing URIs in that response, just the names of the providers that are unavailable, and possibly a reason why. If you do, you may find yourself broken when you need to add non-URI-based providers. If you must, then make sure to include a "type" and require clients to use it. This will partially future-proof you, but expect that many clients will ignore the type and break if you add new types later.
If clients can't do anything with partial data, then you should return a 503 because your service is unavailable. It happens to be unavailable because a remote server it relies on is down. That's no different than returning a 503 because your own database is down. Your API can't return something because something it needs isn't available right now, but will be again later. You should include in the body of the response the reason for the outage, and may include a Retry-After header if you have any idea as to when the remote server might be available again.
A 404 is not appropriate because it means that the resource being requested does not exist - an error by the client. The resource does exist, it just can't be returned right now, because your server can't build it.
A 409 is not appropriate because there is no conflict that the user can resolve.
A 206 is not appropriate because it is to be used when the request includes a Range header, and there's no indication these requests do.
Since your aggregation is basically not finding what it seeks, perhaps HTTP 404 Not Found is appropriate.
If not all remote calls fail, so there at least are some relevant results, you could return HTTP 200 OK with an additional status informing that some remote sources currently are unavailable.
I would not return HTTP 503, as this code implies that your service is temporarily unavailable - and you therefore suggest the client retries later. HTTP 503 is typically returned when a server is restarting and is not quite ready to serve requests.
I am trying to use JMeter to test our Web Application. We originally used LoadComplete to test our Web Application, but because LoadComplete is not able to run on a non-GUI mode, we were not able to use the max stat’s from our test server (strain our 8 CPU’s and 8GB’s of RAM). That is why I moving towards JMeter (https://blazemeter.com/blog/5-ways-launch-jmeter-test-without-using-jmeter-gui).
The test includes logging in, choosing a specific app, do a simple task through this app and then end the recording. The HTTP Requests, which are failing are printing Failed Access on their Response Data on the View Results Tree.
I used the HTTP(S) Test Script Recorder to record each HTTP request. My JMeter project is failing on a few different HTTP Requests, which includes oauthtoken Get Request that includes jessionid="item", a GET resourceLastAccessedTime Request, and a couple GET resourceLastAccessedTime Requests. I tried to follow blazementer's guidance for how to use JMeter for Login Authentication, because these requests seem to be involved with the authentication of each user after logging in and the problem I am getting on Response data for each of these requests on the View Results Tree it says Access denied. (https://docs.blazemeter.com/customer/portal/articles/1743663-how-to-use-jmeter-for-login-authentication-).
One of the steps is to "copy and paste" the Parameters from the Post request after you login to these requests. I can add these parameters to these requests right below where it says Send Parameters with the request, but our POST request only has two parameters (the login name and the password). Is there somewhere else to look for these parameters?
I tried a combination of a lot of different attempts, but I am still unsuccessful (meaning: I moved the Regular Expression Extractor to a few different HTTP requests and I moved which HTTP requests to put those parameters and I have not been successful yet).
Do you know of a URL that could be helpful for this?
Don't trust Test Script Recorder! It doesn't follow any logic while recording your requests. It just records requests processed through proxy as they are. In case you use parameters that can't be defined as constants, the best way would be to rewrite the script manually.
Be patient and spend some hours (only once!) to learn how to construct any test scenarios (even complex) manually using Jmeter GUI. It will save you a lot of time for debugging.
It seems like (just a guess) that your test scenario doesn't contain Cookie Manager item. Based on what you wrote above, it seems like after logging to serer (by sending POST with login and password) it sets some cookies by Set-Cookie HTTP header. These cookies should be included in every next request as a prove that you successfully logged in before (the most common logic for simple web applications). So, if you get Access Denied, means you didn't include appropriate cookies in test request. Use Cookie Manager for that.
Feel free to ping me in case you need any assistance.
Jmeter help manual is all you need to know about how each element works.
P.S.: Jmeter also can generate distributed load from multiple slave servers, in GUI and CLI modes both. So, in case you need to stress your server yout, Jmeter is the best choise.
And welcome to Jmeter users family! Good luck.