Change Proxy while testing via jmeter - rest

I need to simulate real user behavior. Each of real user must have new IP. Can I set Proxy programmatically via jmeter ? Example - I launch tests without Proxy, then, after 1-2 sec I activate the proxy and after 3-4 sec - I disable. Is that possible without stopping the test ?

If you need to spoof the ids then you can use csv to get the different IPs (proxy IPs) and pass them as a variable in the HTTP Request Server Name field under advanced tab as shown below:-
Please check this article for more information.
I hope this help.

There is a possibility to define a proxy per HTTP Request, the relevant configuration lives on "Advanced" tab of the HTTP Request sampler.
A better option would be going for IP Spoofing, this way you will be able to bind each virtual user to a real (or virtual) IP address so source address will be different.

Related

SSL DSN hidden redirect from sub1.domain1.com to sub2.domain2.com

I need to do a setup, where users would be able to access URL sub1.domain1.com that would be mapped by DSN to sub2.domain2.com, so all further communication would appear to be with sub1.domain1.com, however in reality it would just be "redirected" to sub2.domain2.com. HTTPS is required too, so simple CNAME wouldn't do it.
So far I have found out about SAN certificate. With that certificate it seems like it would be possible to accomplish this. However it has one drawback for me - with every new domain that is added to this certificate, all other domain owners must confirm this. And this is not very suitable for my case, because I expect new domains to be added on regular basis.
All domains would point to one certain subdomain (for example: sub1.domain1.com -> sub2.domain2.com,sub3.domain3.com ->sub2.domain2.com, sub4.domain4.com->sub2.domain2.com ..), so the certificate doesn't have to allow redirection between all domains mutually, but it would be enough to allow redirection from all domains to one certain domain (sub2.domain2.com)
Are there more suitable alternatives to accomplish this?
If, when user types https://sub4.domain4.com in their browser's address bar, you don't want (when the page is displayed) address in the bar to change to https://sub2.domain2.com then technically there is no HTTP redirection involved. You just have one website/webapp which is reachable via multiple hostnames (which is nothing unusual).
You need
CNAMEs to be in place
If you can't get (or it is complicated to maintain - which is expected, especially if you do not own the domains) one SSL/TLS cert with all hostnames, then you can always configure your webserver with multiple virtual hosts, each with their own certificate, and keep adding virtual hosts as needed. All virtual hosts can be configured to serve the same content (or just reverse proxy requests to the same one webapp running behind the proxy). Technical implementation depends on the platform used, but is typically not complicated.

Using Sustainsys.saml2 behind an SSL offloading

I am attempting to get sustainsys.saml2 to operate behind an SSL load balancer with the SSL truncated at the load balancer. If I pass SSL requests into the app, it all works as expected. What I want to do is pass HTTP requests into the app, and have sustainsys create logon requests with SSL based consumer assertion urls. Is this possible ?
Solved this one fast, for those interested all you have to do is handle the GetPublicOrigin notification
As you've found out you can use the GetPublicOrigin notification. But that is really meant for an advanced scenario when you want to alter this per request. For normal cases just setting the SpOptions.PublicOrigin property is easier.

forbidden message while executing a rest message through Jmeter

We have come across similar problem, need your help to resolve this.
Can you please either let us know your contact number so that we can reach out to you or if you can provide your script if possible so that we can refer to
Here is the problem we are stuck with:
I am trying to test a Rest service through HTTP sampler using Jmeter. Not sure how to capture token from the sampler generates a token and to use this token for authorization in the header manager of another HTTP.
Loadrunner is not displaying the web address when trying to enter in the truclient browser. Below is the problem as this web address automatically redirect to another web address which is the authentication server.
Can you please suggest another solution for the below issue?
Here is the exact scenario we are trying to achieve
we want to loadtest the portal however due to redirect and different authentication method being used we are unable to do it using truclient protocol in loadrunner. Also tried Multiple protocol selecting LDAP, SMTP, HTTP/HTML etc but no luck.**
Thank You,
Sonny
JMETER is going to architecturally be the HTTP protocol layer equivalent with LoadRunner, with the exception of the number of threads per browser emulation.
In contrast to the code request, I want to architecturally visualize the problem. You mention redirect, is this an HTTP 301/302 redirect or one which is handled with information passed back to the client, processed on the client and then redirected to another host? You mention dynamic authentication via header token, have you examined the web_add_header() and web_add_auto_header() in Laodrunner web virtual users for passing of extra header messages, including ones which have been correlated from previous requests, such as the token being passed back as you note?
This authentication mechanism is based upon? LDAP? Kerberos? Windows Integrated Authentication? Simple Authentication based upon username/password in header? Can you be architecturally more specific and when this comes into play, such as from the first request to gain access to the test environment through the firewall or from a nth request to gain access within a business process?
You mention RESTFul services. These can be transport independent, such as being passed over SMTP using a mailbox to broker the passing of data between client and server, or over HTTP similar to SOAP messages. Do you have architectural clarity on this? Could it be that you need to provide mailbox authentication across SMTP and POP3 to send and receive?

Tracking requests paths to servers behind a load balancer

Suppose we have two servers A and B behind some load balancer that distributes requests between these servers somehow. What is the best practice of tracking which server processed a request? Suppose we have REST API with one endpoint GET /ping. Is it a good idea to include the host information into headers for example?
What we do usually, is that we configure the LB to include a header only if the client requested it.
When you forge your /ping query, also add a header only known by you , like "X-Debug-Me: true". When this header is present, then either your LB or your server can insert its real hostname into whatever header you want.
Baptiste
are you attempting to track this at the LB or at the origin/API servers?
shouldn't the host information already be in the header? is the LB acting as a reverse-proxy and replacing the requesting hostname with it's own hostname?
i would agree with #baptiste that if you need to track this type of information a custom header is the best way to do it.

POST form data redirection to another server depending upon post variable

I have a feedback form on server A. Due to heavy traffic I want to redirect some of these POST requests to another server B based on the category of feedback (a field in the post form).
The problem is the feedback form is distributed across multiple mobile applications and is hard-coded now. We cannot change anything in the Form post now.
What is the best approach? Is it possible to do using DNS redirection? I would ideally like that before the request reaches the Apache server to increase the load, the redirection happens. Please suggest.
You could return a 307 HTTP response, which tells the client to redirect to the other location, while re-posting all data. That could be a disadvantage for large chunks of data (files), but it will be too if you choose to send the data to the other server yourself. Besides that, the first server will receive the data anyhow, so you only gain by this solution if the processing itself is relatively costful.
An even better solution would be to use a load balancer which can determine for you which server to send the data too.
Ideally you need to change the form (not the actual form itself, but supporting code). The idea is to add some JavaScript, that upon submitting a form checks that "category" field and changes the value of form's "action" attribute making it submitted to a desired server.
If that is cannot be done at all (for whatever reason), then this may be implemented on server side. Instead of hitting Server A directly, it should hit Server Zero -- a load balancer, which then can route the request further based on the logic you provide: e.g. 1) choose less busy server; 2) randomly choose server; 3) analyse POST form data and choose right server; 4) other options. #2 can be implemented via DNS (an example is available in the link below).
Any load balancer should be able to implement options 1 & 2. For other options you have to check if specific load balancer (software or hardware) supports it (check feature list).
Links:
http://en.wikipedia.org/wiki/Load_balancer