4

I have a fairly simple jmeter script for our site. As part of the flow through the site, I use our API in order to update the user's application.

The API uses OAuth authentication, which I'm familiar with using our own proprietary testing tool.

First I get a auth token via a call to our authorization endpoint. This returns a bit of JSON like this:

{"access_token":"a really long auth token string"}

In my script I use a regex to capture this token string. As part of investigating this problem, I've used a Debug PostProcessor to check that I get the correct string out, which I do. It's saved as variable 'authToken'.

In the very next step in the script, I add a header via a HTTP Header Manager, like so:

Imgur

I know this header is correct as we have many instances of it in our API tests.

The relevant part of the script looks like this:

Imgur

Each time I run the script however, the step that uses the token/header returns a 401 unauthorized.

I've tested the actual URL and header in a Chrome plugin and the call works as expected.

In the 'View Results Tree' listener, there is no evidence at all that the Authorization header is set at all. I've tried hard-coding an auth token but no joy - it still doesn't seem to be part of the request.

From the results tree, the request looks like this:

POST <correct URL>

POST data:{"id":"<item id>"}

Cookie Data: SessionProxyFilter_SessionId=<stuff>; sessionToken=<stuff>

Request Headers:
Content-Length: 52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36       (KHTML, like Gecko) Chrome/43.0.2357.124 Safari/537.36
Connection: keep-alive
Content-Type: application/json

Imgur

The results tree also shows no redirects.

I've tried the solutions here and here but neither of these worked.

Oddly, I'm almost certain that this worked about a month ago and as far as I can tell nothing has changed on the machine, in the script or with the jmeter installation. Obviously one of these is not true but I'm at my wit's end.

Community
  • 1
  • 1
James Bartlett
  • 125
  • 2
  • 10
  • Can you show your test plan structure and zoom on this part ? – UBIK LOAD PACK Jan 21 '16 at 15:36
  • I've screenshotted the test but guessing you want more than that... – James Bartlett Jan 21 '16 at 15:56
  • I suppose the Header Manager you show is the second one ? Can you show Get auth token details ? Can you show View Results Tree request tab ? thx – UBIK LOAD PACK Jan 21 '16 at 15:59
  • The Get auth token details step works - I get the expected result and extract the token successfully (hence the PostProcessors in the above screenshot). – James Bartlett Jan 21 '16 at 16:11
  • Can you show the View Results Tree for the 2 requests and unfold any node revealing a Redirect ? thx – UBIK LOAD PACK Jan 21 '16 at 16:13
  • One thing to remember is that jmeter may not show authentication header in 'View Results Tree' (see jmeter docs [this section](http://jmeter.apache.org/usermanual/component_reference.html#HTTP_Authorization_Manager)). So it's better to get something like fiddler or wireshark and check what it's actually sending. – timbre timbre Jan 21 '16 at 22:21
  • Thanks for spending time trying to help, all who commented. Another member of my team found a solution that was embarrassingly simple. – James Bartlett Jan 22 '16 at 09:36

1 Answers1

4

Another member of my team answered this for me and it's fairly simple. I just needed to set the 'Implementation' for the problem step to 'HttpClient4'.

James Bartlett
  • 125
  • 2
  • 10
  • Hi, I have a similar problem wherein the Authorization header mentioned in the Header Manager is not picked up in the HTTPRequest. I have set the implementation to "Java" - this is because the request needs NTLM proxy credentials. I get stuck here - If I update the implementation to "HTTPClient4", then the request doesn't go through proxy and it fails. If I mention the implementation to "Java", the Authorization header is not passed. Anything that I have missed or doing it incorrectly? – Sunil Padhi Sep 28 '21 at 08:06