Geek Answers Handbook

JMeter; session cookie

I saw several JMeter threads that relate to my problem, but no one seems to touch on my specific problem.

The problem is that the website I'm testing works as follows:

  • Home page with login fields and submit button. When you first go to this page in your browser, the PHPSESSID cookie is set (comes down in the response header) using a unique value to identify the session.
  • When the user presses the login button (the username and password on this page is not related to the current state of the system), on the Internet the server redirects to another server with LDAP, via shibboleth. To use Shibboleth, a cookie value PHPSESSID is required. (to verify that the user is coming from the correct federated server).
  • Then the user enters the username and password of his account and clicks the login button.
  • The (valid) account is registered on the LDAP server; if the account did not exist on the source (1) server, then shibboleth displays the LDAP fields go to the account database on the source server. The user then logs on to the source server (1) to the newly created account and is redirected to the original page.

There are some other SAML data that change - which I think will not be a problem. So far the problem is that this cookie.

Where JMeter crashes is in step 2.

  • If I have not configured the cookie manager, the LDAP server says that I do not have cookies. (this error is contained in the response data).
  • If I set the HTTP cookie manager without the PHPSESSID cookie specified, the LDAP server says that I do not have cookies. (no matter what cookie policy I set it to)
  • If I specify the PHPSESSID cookie value - of course, each user needs to have a unique value, so it will be wrong. Therefore, I set the RegExp mail processor for the start page, to extract the PHPSESSID value from the request header and put it in the variable $ {PHPSession} Then I specify the value in the HTTP Cookie Manager for the PHIPESSID cookie, $ {PHPSession}., and LITERALLY, in the header, ** the thing sends "Cookie: PHPSESSID = $ {PHPSession}"

So I read THIS., Https://issues.apache.org/bugzilla/show_bug.cgi?id=28715

Which says, in essence, (rephrased) "... the cookie manager does not extend user variables ...", then "... well, we fixed it ... it extends user variables ..." that "... well, no, not in this field, it is not intended for this. "

So ... basically, they say, HTTP Cookie Manager cannot manage session cookies, which are unique to each user. (although I thought that was the whole goal).

How else can I set and send a unique cookie for each user whose value is extracted from the first response header?

0
source share
1 answer

This is perhaps the most difficult task of programming a load test these days. I would say that your problem may be related to the inability to do LDAP authentication with the server, i.e. Do not switch to a new view identifier each time. See how to use the LDAP request sampler to pass in the token this way, both in step 2 and for use later in the script. You can do your best to create LDAP queries to really use your application. Hope this sheds light on your problem!

0
source

More articles:


All Articles