Re: HTTPS log-in problem gets rough

2011-09-11 Thread Oliver Lloyd 
Also, are your manual requests getting 302'd and being redirected or are they
getting 200 responses but still redirecting?

You can see this looking at Firebug/Chrome Dev Tools/Live HTTP Headers etc. 

I say this because that json string looks like it might be processed by some
javascript which causes a subsequent request to be made (without a 302 being
used) and this javascript will not be executed by JMeter so you will need to
make the redirect call manually. This would have been recorded by the HTTP
Proxy so should be present in your script, you just need to make sure the
correct sequence is in place.

Finally, make sure - if not already present - that you have a Response
Assertion in place to check that you are indeed logged in or not; crucially,
with redirects this needs to be in the right place.

-
http://www.http503.com/
--
View this message in context: 
http://jmeter.512774.n5.nabble.com/HTTPS-log-in-problem-gets-rough-tp4768159p4792399.html
Sent from the JMeter - User mailing list archive at Nabble.com.

-
To unsubscribe, e-mail: jmeter-user-unsubscr...@jakarta.apache.org
For additional commands, e-mail: jmeter-user-h...@jakarta.apache.org

Re: HTTPS log-in problem gets rough

2011-09-11 Thread Shay Ginsbourg 
Thank you Oliver for your reply.

The json string is the same response that I get in a browser when log-in is
correct.

Assuming that the state is not maintained, what can be done ?









*Shay Ginsbourg*
Regulatory & Testing Affairs Consultant

  Formerly QA Manager of LoadRunner at Mercury Interactive

  M.Sc. cum laude in Bio-Medical Engineering
  M.Sc. in Mechanical Engineering





*Work:* 035185873
*Mobile:* 0546690915

*Email:* sginsbo...@gmail.com

*http://il.linkedin.com/in/shayginsbourg*

*GINSBOURG.COM* 
--



*P** **Please consider your environmental responsibility before printing
this e-mail*.
















On Sun, Sep 11, 2011 at 11:35 PM, Oliver Lloyd wrote:

> You could try coming at the problem from some different angles:
>
> 1. How does the application you are testing maintain state?
>
> 2. What is written to the server logs when the JMeter script is running?
>
> 3. Re. the json string. Is this the response that you get in a browser when
> you login? If yes, state is not maintained, if no, the login POST is wrong.
>
> -
> http://www.http503.com/
> --
> View this message in context:
> http://jmeter.512774.n5.nabble.com/HTTPS-log-in-problem-gets-rough-tp4768159p4792359.html
> Sent from the JMeter - User mailing list archive at Nabble.com.
>
> -
> To unsubscribe, e-mail: jmeter-user-unsubscr...@jakarta.apache.org
> For additional commands, e-mail: jmeter-user-h...@jakarta.apache.org
>
>

Re: HTTPS log-in problem gets rough

2011-09-11 Thread Oliver Lloyd 
You could try coming at the problem from some different angles:

1. How does the application you are testing maintain state?

2. What is written to the server logs when the JMeter script is running?

3. Re. the json string. Is this the response that you get in a browser when
you login? If yes, state is not maintained, if no, the login POST is wrong.

-
http://www.http503.com/
--
View this message in context: 
http://jmeter.512774.n5.nabble.com/HTTPS-log-in-problem-gets-rough-tp4768159p4792359.html
Sent from the JMeter - User mailing list archive at Nabble.com.

-
To unsubscribe, e-mail: jmeter-user-unsubscr...@jakarta.apache.org
For additional commands, e-mail: jmeter-user-h...@jakarta.apache.org

Re: HTTPS log-in problem gets rough

2011-09-11 Thread Shay Ginsbourg 
1. Yes, I'm sure that the sent requests are really identical to the
manual flow in the browser.

2. I checked the headers, cookies, regexed the encrypted token strings, etc.

3. It rather looks like the json string with the redirect is an indication
of success and that
the server thinks I'm logged in.

4. Indeed during the subsequent requests the script is failing to maintain
the session.

What else could there be in a web session ? Any comment welcomed.


*Shay Ginsbourg*
Regulatory & Testing Affairs Consultant

  Formerly QA Manager of LoadRunner at Mercury Interactive

  M.Sc. cum laude in Bio-Medical Engineering
  M.Sc. in Mechanical Engineering





*Work:* 035185873
*Mobile:* 0546690915

*Email:* sginsbo...@gmail.com

*http://il.linkedin.com/in/shayginsbourg*

*GINSBOURG.COM* 
--



*P** **Please consider your environmental responsibility before printing
this e-mail*.
















On Sat, Sep 10, 2011 at 12:42 PM, Oliver Lloyd wrote:

> Are you sure that the requests you are sending are identical to the manual
> flow in the browser? I mean really the same, with the same responses?
> Because if they are then you have no problem and JMeter is working fine but
> if not then there really has to be a difference. Could be a header, cookie,
> an encrypted string, all sorts of things.
>
> If that json string with the redirect is an indication of success then that
> means the server thinks you are logged in but in subsequent requests the
> script is failing to maintain the session. In this case it would be
> something related to correlation.
>
> -
> http://www.http503.com/
> --
> View this message in context:
> http://jmeter.512774.n5.nabble.com/HTTPS-log-in-problem-gets-rough-tp4768159p4789171.html
> Sent from the JMeter - User mailing list archive at Nabble.com.
>
> -
> To unsubscribe, e-mail: jmeter-user-unsubscr...@jakarta.apache.org
> For additional commands, e-mail: jmeter-user-h...@jakarta.apache.org
>
>

Re: HTTPS log-in problem gets rough

2011-09-10 Thread Oliver Lloyd 
Are you sure that the requests you are sending are identical to the manual
flow in the browser? I mean really the same, with the same responses?
Because if they are then you have no problem and JMeter is working fine but
if not then there really has to be a difference. Could be a header, cookie,
an encrypted string, all sorts of things.

If that json string with the redirect is an indication of success then that
means the server thinks you are logged in but in subsequent requests the
script is failing to maintain the session. In this case it would be
something related to correlation.

-
http://www.http503.com/
--
View this message in context: 
http://jmeter.512774.n5.nabble.com/HTTPS-log-in-problem-gets-rough-tp4768159p4789171.html
Sent from the JMeter - User mailing list archive at Nabble.com.

-
To unsubscribe, e-mail: jmeter-user-unsubscr...@jakarta.apache.org
For additional commands, e-mail: jmeter-user-h...@jakarta.apache.org

Re: HTTPS log-in problem gets rough

2011-09-09 Thread Shay Ginsbourg 
a. Verify that keep alive is enabled.
--- Already done.

b. HTTP 200 does not mean you are logged in; in general, just because
the request result is green that does not equal success.
--- In this case, is actually do mean successת because the full response
from the server is in the form of:
throw /*LI:DBE*/ 1;{"status":"ok","redirectUrl":"
http://www.TESTED_DOMAIN.com/home"}

c. Chances are you need a HTTP Cookie Manager.
--- Already there.

d. If that doesn't work then compare the requests you are sending with those
sent by a browser.
--- Already done. All looks OK but stated problem still remains.


Any additional ideas are more than welcomed.





*Shay Ginsbourg*
Regulatory & Testing Affairs Consultant

  Formerly QA Manager of LoadRunner at Mercury Interactive

  M.Sc. cum laude in Bio-Medical Engineering
  M.Sc. in Mechanical Engineering





*Work:* 035185873
*Mobile:* 0546690915

*Email:* sginsbo...@gmail.com

*http://il.linkedin.com/in/shayginsbourg*

*GINSBOURG.COM* 
--



*P** **Please consider your environmental responsibility before printing
this e-mail*.
















On Mon, Sep 5, 2011 at 2:39 AM, sebb  wrote:

> On 4 September 2011 21:59, Oliver Lloyd  wrote:
> > HTTP 200 does not mean you are logged in; in general, just because the
> > request result is green that does not equal success.
> >
> > Chances are you need a HTTP Cookie Manager. If that doesn't work then
> > compare the requests you are sending with those sent by a browser. Tools
> for
> > this are:
> >
> > 1. View Results Tree in JMeter.
> > 2. Firebug / Chrome Dev Tools.
>
> You can also use the JMeter proxy to record the login process.
>
> >
> > -
> > http://www.http503.com/
> > --
> > View this message in context:
> http://jmeter.512774.n5.nabble.com/HTTPS-log-in-problem-gets-rough-tp4768159p4768360.html
> > Sent from the JMeter - User mailing list archive at Nabble.com.
> >
> > -
> > To unsubscribe, e-mail: jmeter-user-unsubscr...@jakarta.apache.org
> > For additional commands, e-mail: jmeter-user-h...@jakarta.apache.org
> >
> >
>
> -
> To unsubscribe, e-mail: jmeter-user-unsubscr...@jakarta.apache.org
> For additional commands, e-mail: jmeter-user-h...@jakarta.apache.org
>
>

Re: HTTPS log-in problem gets rough

2011-09-04 Thread sebb 
On 4 September 2011 21:59, Oliver Lloyd  wrote:
> HTTP 200 does not mean you are logged in; in general, just because the
> request result is green that does not equal success.
>
> Chances are you need a HTTP Cookie Manager. If that doesn't work then
> compare the requests you are sending with those sent by a browser. Tools for
> this are:
>
> 1. View Results Tree in JMeter.
> 2. Firebug / Chrome Dev Tools.

You can also use the JMeter proxy to record the login process.

>
> -
> http://www.http503.com/
> --
> View this message in context: 
> http://jmeter.512774.n5.nabble.com/HTTPS-log-in-problem-gets-rough-tp4768159p4768360.html
> Sent from the JMeter - User mailing list archive at Nabble.com.
>
> -
> To unsubscribe, e-mail: jmeter-user-unsubscr...@jakarta.apache.org
> For additional commands, e-mail: jmeter-user-h...@jakarta.apache.org
>
>

-
To unsubscribe, e-mail: jmeter-user-unsubscr...@jakarta.apache.org
For additional commands, e-mail: jmeter-user-h...@jakarta.apache.org

Re: HTTPS log-in problem gets rough

2011-09-04 Thread Oliver Lloyd 
HTTP 200 does not mean you are logged in; in general, just because the
request result is green that does not equal success. 

Chances are you need a HTTP Cookie Manager. If that doesn't work then
compare the requests you are sending with those sent by a browser. Tools for
this are:

1. View Results Tree in JMeter.
2. Firebug / Chrome Dev Tools.


-
http://www.http503.com/
--
View this message in context: 
http://jmeter.512774.n5.nabble.com/HTTPS-log-in-problem-gets-rough-tp4768159p4768360.html
Sent from the JMeter - User mailing list archive at Nabble.com.

-
To unsubscribe, e-mail: jmeter-user-unsubscr...@jakarta.apache.org
For additional commands, e-mail: jmeter-user-h...@jakarta.apache.org

Re: HTTPS log-in problem gets rough

2011-09-04 Thread Shay Ginsbourg 
Keep alive is indeed enabled.









*Shay Ginsbourg*
Regulatory & Testing Affairs Consultant

  Formerly QA Manager of LoadRunner at Mercury Interactive

  M.Sc. cum laude in Bio-Medical Engineering
  M.Sc. in Mechanical Engineering





*Work:* 035185873
*Mobile:* 0546690915

*Email:* sginsbo...@gmail.com

*http://il.linkedin.com/in/shayginsbourg*

*GINSBOURG.COM* 
--



*P** **Please consider your environmental responsibility before printing
this e-mail*.
















On Sun, Sep 4, 2011 at 10:59 PM, Shmuel Krakower  wrote:

> Verify that keep alive is enabled.
> בתאריך 2011 9 4 22:18, מאת "Shay Ginsbourg"  :
> > Hi all,
> >
> >
> >
> > There's an HTTPS log-in problem that's been bogging my head. Any new idea
> > would be greatly appreciated:
> >
> > Using Jmeter 2.5 (or earlier), I'm getting all the cookies, tokens,
> cache,
> > regular expression stuff, etc. and then HTTPS POST them with a true user
> > name and a password as required.
> >
> > The server response at this point is clear: HTTP 200
> > status:"ok",redirect_Url: 
> > http://www.headache.com/home
> >
> > Alas, on any next request (e.g. the redirection to: /home), the server
> > response would be saying that I'm actually NOT logged-in and may not GET
> the
> > requested HTML.
> >
> > What should I look into just to solve that situation?
> >
> > All comments welcomed.
> >
> >
> >
> >
> >
> > Shay Ginsbourg
> > Regulatory & Testing Affairs Consultant
> >
> > Formerly QA Manager of LoadRunner at Mercury Interactive
> >
> > M.Sc. cum laude in Bio-Medical Engineering
> > M.Sc. in Mechanical Engineering
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > Work: 035185873
> > Mobile: 0546690915
> >
> > Email:  sginsbo...@gmail.com
> >
> > 
> > http://il.linkedin.com/in/shayginsbourg
> >
> >  GINSBOURG.COM
> >
> > _
> >
> >
> >
> > P Please consider your environmental responsibility before printing this
> > e-mail.
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
>

Re: HTTPS log-in problem gets rough

2011-09-04 Thread Shmuel Krakower 
Verify that keep alive is enabled.
בתאריך 2011 9 4 22:18, מאת "Shay Ginsbourg"  :
> Hi all,
>
>
>
> There's an HTTPS log-in problem that's been bogging my head. Any new idea
> would be greatly appreciated:
>
> Using Jmeter 2.5 (or earlier), I'm getting all the cookies, tokens, cache,
> regular expression stuff, etc. and then HTTPS POST them with a true user
> name and a password as required.
>
> The server response at this point is clear: HTTP 200
> status:"ok",redirect_Url: 
> http://www.headache.com/home
>
> Alas, on any next request (e.g. the redirection to: /home), the server
> response would be saying that I'm actually NOT logged-in and may not GET
the
> requested HTML.
>
> What should I look into just to solve that situation?
>
> All comments welcomed.
>
>
>
>
>
> Shay Ginsbourg
> Regulatory & Testing Affairs Consultant
>
> Formerly QA Manager of LoadRunner at Mercury Interactive
>
> M.Sc. cum laude in Bio-Medical Engineering
> M.Sc. in Mechanical Engineering
>
>
>
>
>
>
>
>
>
> Work: 035185873
> Mobile: 0546690915
>
> Email:  sginsbo...@gmail.com
>
> 
> http://il.linkedin.com/in/shayginsbourg
>
>  GINSBOURG.COM
>
> _
>
>
>
> P Please consider your environmental responsibility before printing this
> e-mail.
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>