Managing HTTP user sessions
Most websites have a means of authenticating users, thereby enabling them to gain access to protected data or content that only pertains to them. Also, it is very common for websites to give users different roles based on what the user will be doing. For instance, a user called Joe
could be given admin privileges while Susan
is only given user privileges. Whatever the case, JMeter has a way to maintain HTTP user sessions for your test scripts.
How to do it…
In this recipe, we will detail how to accomplish this with JMeter. Perform the following steps:
- Launch JMeter.
- Open the
add_cookie_manager.jmx
test script. - Run the test plan.
- Notice the failed requests, even though the log in request succeeded:
- The Request immediately option following the log in request is indicative of this. The Request tab shows no cookies were sent with the request. Refer to the following code:
GET http://evening-citadel-2263.herokuapp.com/ [no cookies] Request Headers: Connection: keep-alive Host: evening-citadel-2263.herokuapp.com User-Agent: Apache-HttpClient/4.2.6 (java 1.5)
- Furthermore, our response assertions fail, as subsequent requests were not associated with the existing user, but were treated as new requests.
- The Request immediately option following the log in request is indicative of this. The Request tab shows no cookies were sent with the request. Refer to the following code:
- Clear the results (Mac OS: Command + Shift + E and Windows: Ctrl + Shift + E).
- Add HTTP Cookie Manager to the test plan by navigating to Test plan | Add | Config Element | HTTP Cookie Manager.
- Save and run the test plan.
- Observe the results in the View Results in Tree listener and notice how all the requests now succeed:
- If you observe the request immediately following the log in request, you will notice that the cookie information is correctly sent with the request, thanks to the added HTTP Cookie Manager. You should see something similar to this:
GET http://evening-citadel-2263.herokuapp.com/ Cookie Data: connect.sid=s%3AWN5ITZxWEKyzmmAB5sct7PjA.6UAJ36%2F9%2BWFQPjdzA%2B7%2B1NL4%2Bf0HzC %2BOQI%2Bol0V0eJ0 Request Headers: Connection: keep-alive Host: evening-citadel-2263.herokuapp.com User-Agent: Apache-HttpClient/4.2.6 (java 1.5)
- If you observe the request immediately following the log in request, you will notice that the cookie information is correctly sent with the request, thanks to the added HTTP Cookie Manager. You should see something similar to this:
How it works…
The HTTP Cookie Manager stores and sends cookies like a web browser does. The cookie of any request that contains one is automatically extracted and stored by the component to be used for all future requests from that particular thread. Each JMeter thread gets its own session just like in a regular web browser to prevent users' sessions from overlapping with each other.
There's more…
Apart from the automatically extracted cookies by the HTTP Cookie Manager component, JMeter provides a way to add user-defined cookie values to a test plan. Unlike their automatically extracted counter parts, once defined, all threads executing in the test plan will share these values.