I have added HTTP authorization manager, but jmeter does not seem to send the basic auth to the server. I can send the test plan. Also the docs just have a brief mention of basic auth, not in details.
Rather than *sending* the testplan, please add it to this bug as an attachment using the "Create a new attachment link". Note that Bugzilla is effectively public, so do not include any private web servers or passwords etc. [The same applies to sending e-mails to the mailing lists.] Have you tried switching on DEBUG logging?
Created attachment 10872 [details] The test plan that I used
Created attachment 10873 [details] Log file
The base Url in the test plan is set to /console, yet the URL you are testing against starts with http://nywlxfstg01:11072/console. So the Authorization Manager does not find a match. See the example in the Help file.
Created attachment 10877 [details] Screen shots and output of http ersponse
The base url in auth was set to http://nywlxfstg01:11072/console and yet it does not work Actually its a weblogic server7.0 console and this forwards it to another page http://nywlxfstg01:11072/loginform/login.jsp which accepts form based authentication. I have added this url also and yet it does not work. I also tried with URL rewriting and cookie manager, but no positive results. Appreciate your help.
Try just http://nywlxfstg01:11072/ and try disabling redirects. Can you switch on logging on the Weblogic server to check if any credentials are being sent? I.e. perhaps it is matching the URL, but not sending the correct data. If this does not work, it would be helpful if you could post a test case that uses a publicly available server. BTW, not everyone can read Word documents, and they tend to be much bigger than the contents (the Word doc was 112kb; the extracted screenshots plus text totalled about 67kb). Best to attach screenshots as separate files, or if you want to keep the files together, use Zip.
I have tried with just "http://nywlxfstg01:11072/" in the Auth manager base url. Also I have disabled the url-rewriting. Still the same problem. I have captured the following access logs when I hit the site, through a browser and the second one is through JMeter. Access Logs when accesses teh site http://nywlxfstg01:11072/console through web browser: 10.11.78.38 - - [22/Mar/2004:12:16:27 -0500] "GET /console/ HTTP/1.1" 302 0 10.11.78.38 - - [22/Mar/2004:12:16:27 -0500] "GET /console/login/LoginForm.jsp H TTP/1.1" 200 8538 10.11.78.38 - - [22/Mar/2004:12:16:27 -0500] "GET /console/login/bea_logo.gif HT TP/1.1" 304 0 10.11.78.38 - - [22/Mar/2004:12:16:31 -0500] "POST /console/j_security_check HTT P/1.1" 302 0 10.11.78.38 - system [22/Mar/2004:12:16:31 -0500] "GET /console/ HTTP/1.1" 302 7 49 10.11.78.38 - system [22/Mar/2004:12:16:31 - 0500] "GET /console/actions/mbean/MB eanFramesetAction? sidebarFrameId=wl_console_frame_1079732109188&isNew=false&fram eId=wl_console_frame_1079732109189&MBean=etg%3AName%3Detg%2CType% 3DDomain&bodyFr ameId=wl_console_frame_1079732109190 HTTP/1.1" 200 1191 10.11.78.38 - system [22/Mar/2004:12:16:32 - 0500] "GET /console/actions/common/S idebarAction?navAction=%2Factions%2Fmbean%2FMBeanNavAction%3FMBean%3Detg% 253ANam e%253Detg%252CType%253DDomain&bodyFrameId=wl_console_frame_1079732109190 HTTP/1. 1" 200 1341 10.11.78.38 - system [22/Mar/2004:12:16:32 - 0500] "GET /console/actions/common/H omeAction?MBean=etg%3AName%3Detg%2CType%3DDomain HTTP/1.1" 200 0 10.11.78.38 - system [22/Mar/2004:12:16:32 -0500] "GET /console/images/home.gif HTTP/1.1" 304 0 10.11.78.38 - system [22/Mar/2004:12:16:32 - 0500] "GET /console/images/popup.gif HTTP/1.1" 304 0 10.11.78.38 - system [22/Mar/2004:12:16:32 -0500] "GET /console/images/help.gif HTTP/1.1" 304 0 10.11.78.38 - system [22/Mar/2004:12:16:32 - 0500] "GET /console/images/bea_logo_ right.gif HTTP/1.1" 304 0 10.11.78.38 - system [22/Mar/2004:12:16:32 - 0500] "GET /console/images/transpare nt.gif HTTP/1.1" 304 0 10.11.78.38 - system [22/Mar/2004:12:16:32 - 0500] "GET /console/actions/mbean/MB eanNavAction?MBean=etg%3AName%3Detg%2CType%3DDomain HTTP/1.1" 200 0 =========================== Access logs through JMeter 10.11.78.38 - - [22/Mar/2004:12:19:39 -0500] "GET /console HTTP/1.1" 302 0 10.11.78.38 - - [22/Mar/2004:12:19:39 - 0500] "GET /console/login/LoginForm.jsp;A DMINCONSOLESESSION=AfgrkN14Hu9lcplPp0NKHT3MxDCQ5BlVu404I1vcLCYbvolDGvr2!- 2988167 83 HTTP/1.1" 200 8532
The second URL used by JMeter looks wrong. Instead of: /console/login/LoginForm.jsp it is asking for /console/login/LoginForm.jsp;ADMINCONSOLESESSION=AfgrkN14Hu9lcplPp0NKHT3MxDCQ5B lVu404I1vcLCYbvolDGvr2!-298816783 This is presumably caused by the HTTP URL Rewriting test element. Are you sure that you need it? I suggest removing it to see what happens.
Yes , this error log was posted when the url rewriting is disabled as mentioned in my previous comment.
Well, it looks to me like the Rewriting is still occurring, so try deleting the test element. Can you attach the JMX file?
Created attachment 10953 [details] jmx for http auth
It's very difficult debugging this without access to working server. The HTML page which you included in the Word Document contains a login form with fields for username: and password: Do you see a login form when you connect using a browser? If so, then HTTP Authorization is not going to work: it does not fill in forms - it only knows about HTTP authorisation requests. What you need to do is to create an HTTP Request that mimics the behaviour when you press the "Sign In" button. Examination of the source code shows that the button does the following: POST to /console/j_security_check with the fields: j_username j_password It also seems to set the cookie BEAWLSConsoleLastUsername="+username+";expires=" + expireTime.toGMTString() + ";" where expireTime = current time + 1 week. But you could probably set any expire time. If you don't get a login form when using the browser, try a different browser - perhaps the webserver checks to see which browser is being used; maybe it needs a particular User-agent setting.
Well I tried another url which does not use form based authentication. I am getting these errors: In the Results Root: Request : http://nywlxfstg01:11073/WLS/javaservice Cookie Data: null Response: HTTP/1.1 401 Unauthorized xxx Date: Fri, 26 Mar 2004 19:35:24 GMT Server: WebLogic Server 7.0 SP3 Mon Jun 30 10:52:50 PDT 2003 273102 with WWW-Authenticate: Basic realm="default" Content-Length: 1590 Content-Type: text/html Connection: Close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Draft//EN"> <HTML> <HEAD> <TITLE>Error 401--Unauthorized xxx</TITLE> <META NAME="GENERATOR" CONTENT="WebLogic htmlKona WebLogic Server 7.0 SP3 Mon Jun 30 10:52:50 PDT 2003 273102 "> </HEAD> <BODY bgcolor="white"> <FONT FACE=Helvetica><BR CLEAR=all> <TABLE border=0 cellspacing=5><TR><TD><BR CLEAR=all> <FONT FACE="Helvetica" COLOR="black" SIZE="3"><H2>Error 401--Unauthorized xxx</H2> </FONT></TD></TR> </TABLE> <TABLE border=0 width=100% cellpadding=10><TR><TD VALIGN=top WIDTH=100% BGCOLOR=white><FONT FACE="Courier New"><FONT FACE="Helvetica" SIZE="3"><H3>From RFC 2068 <i>Hypertext Transfer Protocol -- HTTP/1.1</i>:</H3> </FONT><FONT FACE="Helvetica" SIZE="3"><H4>10.4.2 401 Unauthorized</H4> </FONT><P><FONT FACE="Courier New">The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity MAY include relevant diagnostic information. HTTP access authentication is explained in section 11.</FONT></P> </FONT></TD></TR> </TABLE> </BODY> </HTML> ================= Next leaf: Request: http://nywlxfstg01:11073/WLS/javaservice Cookie Data: null Response: HTTP/1.1 401 Unauthorized xxx Date: Fri, 26 Mar 2004 19:35:24 GMT Server: WebLogic Server 7.0 SP3 Mon Jun 30 10:52:50 PDT 2003 273102 with WWW-Authenticate: Basic realm="default" Content-Length: 1590 Content-Type: text/html Connection: Close <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Draft//EN"> <HTML> <HEAD> <TITLE>Error 401--Unauthorized xxx</TITLE> <META NAME="GENERATOR" CONTENT="WebLogic htmlKona WebLogic Server 7.0 SP3 Mon Jun 30 10:52:50 PDT 2003 273102 "> </HEAD> <BODY bgcolor="white"> <FONT FACE=Helvetica><BR CLEAR=all> <TABLE border=0 cellspacing=5><TR><TD><BR CLEAR=all> <FONT FACE="Helvetica" COLOR="black" SIZE="3"><H2>Error 401--Unauthorized xxx</H2> </FONT></TD></TR> </TABLE> <TABLE border=0 width=100% cellpadding=10><TR><TD VALIGN=top WIDTH=100% BGCOLOR=white><FONT FACE="Courier New"><FONT FACE="Helvetica" SIZE="3"><H3>From RFC 2068 <i>Hypertext Transfer Protocol -- HTTP/1.1</i>:</H3> </FONT><FONT FACE="Helvetica" SIZE="3"><H4>10.4.2 401 Unauthorized</H4> </FONT><P><FONT FACE="Courier New">The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity MAY include relevant diagnostic information. HTTP access authentication is explained in section 11.</FONT></P> </FONT></TD></TR> </TABLE> </BODY> </HTML> Test plan is attached.
Created attachment 11013 [details] testplan with basic auth
The base URL is set to http://nywlxfstg01:11073//WLS/javaservice and the requested page is http://nywlxfstg01:11073/WLS/javaservice Try removing the extra / in the base URL
Sebb, It worked!!! Thanks a lot, man. Its a great tool and keep up the good work. BTW do you guys have a example of how to use SOAP/XML RPC request.
This issue has been migrated to GitHub: https://github.com/apache/jmeter/issues/1333