This week's book giveaways are in the Refactoring and Agile forums.
We're giving away four copies each of Re-engineering Legacy Software and Docker in Action and have the authors on-line!
See this thread and this one for details.
Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Agile forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Jmeter Login problems - update

 
Lee Lowder
Greenhorn
Posts: 6
Slackware Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm currently trying to load test an app that requires a login.

I've setup a cookie manager, and then I had to change the properties file to allow jmeter to send empty cookies - which this app requires for some reason.

I am still unable to login. While I had wanted to keep this test as "blackbox" as possible, I've had to peek inside a little and work with the developers to try to figure this out.

Currently, I am seeing a "authentication.exception.DigitalSignatureFailedException" in the application's log file when I try to login.

This exception means that when the server re-hashed the cookies, the signature did not match. It's used to prevent people from changing cookies to ge more access than they should.

The thing that confuses me is that the cookies that are set by the authentication manager are the same as the cookies being sent - including the signature. I copied them into a diff utility and made sure. The only difference was the session ID, which isn't used to creating the signature because the authentication manager runs in its own context.

The problem is that one of the cookies has a space in it's value. The legality of this is per RFCs is somewhat unclear, but most browsers allow it and it tends to work.

However, jmeter is truncating this cookie at the space.

How am I able to either force it to urlencode cookies or to leave the space in place?


I have had no problems with firefox and this app, and I know of others who successfully use it with Chrome. Use of IE is discouraged here, but it does work there as well.

I am at a loss as to what might be causing a change in the cookie, or why the server is expecting something different from what jmeter is sending.

I have tested this with every available cookie policy, and also with every HTTP implementation and I get the same results.

I have even go so far as to change the cookie encoding in the jmeter property file, before explicitly setting it to use the default value of US-ASCII.

If anyone has any ideas on what to try, I would really appreciate it.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic