JMeter Authentication Toner with Rails Application

Question

JMeter Authentication Toner with Rails Application

I am trying to perform a JMeter post operation in a simle rails application, but I am returning this:

Started POST "/ flights /" for 127.0.0.1 at 2015-05-04 12:40:15 -0700 Processing by FlightController # create as HTML Parameters: {"authenticity_token" => "$ (LOGIN_AUTH_TOKEN)"} Unable to validate CSRF -token Completed 422 Non-process entity in 3ms (ActiveRecord: 0.0ms)

I have implemented a suggestion to create a regex extractor for login authentication as shown below:

Regular Expression Extractor

and here is the http request:

Any help is appreciated and thanks in advance, Slavko

+3

ruby-on-rails jmeter

user3570192 May 04 '15 at 19:54

source to share

3 answers

vins · Answer 1 · 2015-05-04T20:00:08+0000

Move Regular Expression Extractor

as a child of the first HTTP request.
The regex can be name=authenticity_token type=hidden value=(.*?)"
In the next request, login authenticity_token with ${LOGIN_AUTH_TOKEN}

(not via $ (LOGIN_AUTH_TOKEN))

Jeff D · Answer 2 · 2016-02-26T15:23:43+0000

I think Vinot was right, but it looks like only the request headers were checked. The form field is in the body, so the Regex processor should look there.

Tass · Answer 3 · 2016-04-05T14:06:56+0000

I was able to solve this problem by checking the source of my pages and changing my regex accordingly.

I was looking for a source for "authenticity" and this is what it gave:

<meta name="csrf-param" content="authenticity_token" />
<meta name="csrf-token" content="O4YJPTDTmHqxAtgVYLTyDnuo1gwNoDQFznnqwsUyvdMkJscVXx+YMteKkuMVG44E/H6NYCdi/RzbQ8oIly2euA==" />

I changed my regex inside jMeter Regular Expression Extractor to: meta name="csrf-token" content="(.*?)" />

Then I ran my jMeter test and logged into my development app successfully.

I am on Rails 4.2.1 and Ruby 2.2.1p85.

JMeter Authentication Toner with Rails Application

More articles: