Slightly off topic but It doesn't seem to be secure to send an authentication session cookie in a url...any thoughts on this?(its okay for tests though)
Himanshu On Fri, Aug 22, 2008 at 11:09 AM, Fitzpatrick, Adrian <[EMAIL PROTECTED]> wrote: > > Hi, > > It looks to me that you may have recorded the JSESSIONID "92714......." into > the script when you originally created the script, so thats why its being > sent with every request. If you can remove this jsession portion of the URL > from you HTTP sampler, the correct JSESSION which is being included in the > cookie data should be picked up instead. > > Alternatively, if your application and/or app server needs the JSESSION id to > be in the URL, you may be able to change the URL in the HTTP sampler so that > it > looks something like this - > > http://localhost:8080/gate.do;jsessionid=${JSESSIONID}?action=index > > i.e. its using a variable to fill in the correct value. However im not sure > if this is the correct syntax to get the value of a cookie as a variable, you > can look up how to this (am sure its possible) if that doesnt work. > > Regards, > > - Adrian > > > -----Original Message----- > From: Chris Hall [mailto:[EMAIL PROTECTED] > Sent: 22 August 2008 14:51 > To: jmeter-user@jakarta.apache.org > Subject: Session ID changes for a POST request > > > ************************************* > > This e-mail has been received by the Revenue Internet e-mail service. (IP) > > ************************************* > > > Hi all, > I've been getting problems with Session ID's. > > I've added a HTTP cookie manager, which seems to have resolved most of my > problems, but [EMAIL PROTECTED] come across an instance where the session ID > is not being > passed correctly to the URL. > > ie > GET request #1: > GET http://localhost:8080/welcome.do?action=form > > Cookie Data: > JSESSIONID=195374BBEEE86BB9633B1CF93B48A03C > > Request Headers: > Connection: keep-alive > > but on the next page > POST request #1: > > POST > http://localhost:8080/gate.do;jsessionid=927141B2B85E34E8F586B1FEC7CED71C?act > ion=index > > POST data: > Name=MyName&Password=pass > > Cookie Data: > JSESSIONID=195374BBEEE86BB9633B1CF93B48A03C > > Request Headers: > Connection: keep-alive > Content-Length: 294 > Content-Type: application/x-www-form-urlencoded > > From here, you can see the cookie has the same session ID for both requests, > except for the post, the url passed is incorrect. > > am i missing something simple here? I'm very new to JMeter it has to be > said. > > Rgds, > Chris > -- > View this message in context: > http://www.nabble.com/Session-ID-changes-for-a-POST-request-tp19107615p191076 > 15.html > Sent from the JMeter - User mailing list archive at Nabble.com. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > ************************ > > This message has been delivered to the Internet by the Revenue Internet > e-mail service (OP) > > ************************* > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
