0

A load test is generating random "Authentication required, please use web_set_user" errors. The AUT is an ASP.NET application and the test script uses HTTP protocol. This is in LoadRunner Enterprise 2022 R2 but also happened in Performance Center v12.63.

The workflow up to the point of failure involves logging in, loading the application UI and running a search. The app UI and search are all in the same domain and served by the same web server. There are no proxy servers in between the load generator and the AUT. The script's runtime proxy settings are "no proxy".

Below is a sample of a (curated) log. Iteration 1 ran as expected. The same user logged in again for iteration 2 and got the "authentication required" error. Iteration 3 then ran fine.

Start auto log messages stack - Iteration 1.    [MsgId: MMSG-10545]
DEBUG >>> Successful login: jxxxxxx@xxxxx [MsgId: MMSG-17999]
works as expected....

Start auto log messages stack - Iteration 2.    [MsgId: MMSG-10545]
DEBUG >>> Sucessful login: jxxxxxx@xxxxx    [MsgId: MMSG-17999]
Search.c(77): Continuing after Error -26546: Authentication required, please use "web_set_user", e.g. web_set_user("domain\\user", "password", "host:port");    [MsgId: MERR-26546]
Search.c(77): Continuing after Error -26629: HTTP Status-Code=401 (Unauthorized) for "https://example.com/Default.aspx/GetSearchSubItems"   [MsgId: MERR-26629]

Start auto log messages stack - Iteration 3.    [MsgId: MMSG-10545]
DEBUG >>> Sucessful login: kxxxxxx@zzzzz    [MsgId: MMSG-17999]
works as expected....

Start auto log messages stack - Iteration 4.    [MsgId: MMSG-10545]
DEBUG >>> Sucessful login: syyyyy@yyyyy [MsgId: MMSG-17999]
Searc.c(77): Continuing after Error -26546: Authentication required, please use "web_set_user", e.g. web_set_user("domain\\user", "password", "host:port");     [MsgId: MERR-26546]
Search.c(77): Continuing after Error -26629: HTTP Status-Code=401 (Unauthorized) for "https://example.com/Default.aspx/GetSearchSubItems"   [MsgId: MERR-26629]

Start auto log messages stack - Iteration 5.    [MsgId: MMSG-10545]
DEBUG >>> Sucessful login: mqqqqq@wwwwwww   [MsgId: MMSG-17999]
Search.c(77): Continuing after Error -26546: Authentication required, please use "web_set_user", e.g. web_set_user("domain\\user", "password", "host:port");    [MsgId: MERR-26546]
Search.c(77): Continuing after Error -26629: HTTP Status-Code=401 (Unauthorized) for "https://example.com/Default.aspx/GetSearchSubItems"   [MsgId: MERR-26629]

Start auto log messages stack - Iteration 6.    [MsgId: MMSG-10545]
DEBUG >>> Successful login: mdddddg@pppp    [MsgId: MMSG-17999]
works as expected....

I have not been able to reproduce running in Vugen locally. Happens at low and high loads so I don't suspect a load issue. The webs are running at 5% CPU.

JaxCoq
  • 3
  • 2

1 Answers1

0

My guess is that you have not set the right HTTP headers after logging in.

An ASP.NET application does not only require the right cookies (which Loadrunner handles for you), but you might need to add some additional headers as well. In my case, I have a .NET application where I need to set X-XSRF-TOKEN and X-DomainVersion headers for any subsequent HTTP request after the login request (in my case even after accessing the homepage).

You can check this in your recording snapshot and see what headers you might miss. Mine looks like this:

GET [URL] HTTP/1.1
sec-ch-ua: "Not_A Brand";v="99", "Microsoft Edge";v="109", "Chromium";v="109"
>>>X-XSRF-TOKEN: ...HJz6X2Zxp66cap2ox...
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 Edg/109.0.1518.55
Accept: application/json, text/plain, */*
X-Requested-With: XMLHttpRequest
>>>X-DomainVersion: c24be704-2959-4efa-819c-2c719a52a6ee
sec-ch-ua-platform: "Windows"
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: [URL]
Accept-Encoding: gzip, deflate
Accept-Language: nl
Cookie: [COOKIES HANDLED BY LOADRUNNER]

I use functions below to retrieve these from the responses:

        web_reg_save_param_ex(
            "ParamName=domainVersion",
            "LB=domainVersion\":\"",
            "RB=\",",
            SEARCH_FILTERS,
            "Scope=BODY",
            LAST);

        web_reg_save_param_ex(
            "ParamName=XSRF1",
            "LB/IC=Token\":\"",
            "RB=\",",
            SEARCH_FILTERS,
            "Scope=BODY",
            LAST);
kenneth
  • 478
  • 4
  • 11