Unable to test login using jmeter

1
votes

]I am newbie to jmeter. I am trying to test to login to my site say (example.com/session/new). I have added the http cookie manager and 2 http request defaults. In the first, am visiting example.com/session/new and extracting the authenticity token in the response data using regex meta content="(.+?)"name="csrf-token" . Now, in the second http request, I have a post request with the parameters as name:utf value:(tickmark) name :authenticity_token value: ${token} name:email value:[email protected] name:password value:test. name:commit value:Sign In And then am asserting for a text post login. When I run the test, the assertion fails. as it results in 404. In the request, I can see utf8=%E2%9C%93+&authenticity_token=%24%7Btoken%7D&email=test%40test.com&password=test&commit=Sign+In. Please help me fix this.

2
testingjmeter
please share a screen shotZubair M Hamdani
Am not sure how the screenshot can help. but added ituser1719747
Your regular expression is not working since your authenticity_token variable value is not passed %24%7Btoken%7D means ${token}. It will work fine after this has been fixed.Zubair M Hamdani
Thanks for the quick comment. Yeah I figured that out. But am not able to understand why my regex is not working.user1719747
managed to fix the token extraction. but still login doesn't work. How to proceed with debugging?. can some one provide a script/video for login to one of prominent sites?user1719747

2 Answers

0
votes

I know this is an old post, but I've been struggling with this exact same query, so I've decided to post my answer in case it helps anyone - it worked first time for me. So after requesting the login page for my site, the following csrf token is embedded in the html response;

<input type="hidden" name="csrfToken" value="fe5a48ebda7b98cbbf885b4a220ebe0c23b11125-1459096615520-1ac64aa945986cb1bd318d9c"/>

So when making the initial request for the login page, instead of using a Regular Expression Extractor, if the token is in the body of the HTML response, use an XPath Extractor instead.

If your response is not XML/XHTML compliant then tick the 'use tidy' checkbox.

For reference name add the reference you wish to refer to the token as e.g. token. When you add your parameters to the login request, you can then refer to your csrfToken as ${token}

Then for X-Path query use;

//input[@name="csrfToken"]/@value

The following tutorial shows you how to use a Regular Expression Extractor, but it should also help you to understand how to set up the query a bit more;

https://www.youtube.com/watch?v=SVxB3Tk4O4A&feature=iv&src_vid=hGkrSFKcj10&annotation_id=annotation_85358

0
votes

Looks like you did every thing good , except correlation . After decoding your error url , I found that you correlation is not working . Below is the decoding URL "utf8=✓ &authenticity_token=${token}&[email protected]&password=test&commit=Sign In."

In your "Regular expression extractor" add below details

 1. Reference Name:token
  2. Regular Expression : name="csrfToken" value="(.+?)"
  3. Template : $1$
  4. Match No: 1
  Note: Check the occurrences of "csrfToken", if you required first occurrence then enter 1 , if you required 2nd occurrence enter 2 ....etc.