I'm trying to use Jmeter to simulate adding values, into a database from an ASP.NET website.
I have used the guide found here: https://www.youtube.com/watch?v=zYAiBwJK1v8
To setup the test, and to record the scenario. All of that seems to be working fine. The recorder, records the login to the site, and everything that comes after, including when I push the submit button to add the value to my database. When i afterwards run the recorded scenario it runs with no errors. But nothing is submittet to the database.
The scenario is this: I login to my site, (i'm using browser session id to differ between users)
Now I search for an item, the search text is parsed along with the url (this i can also confirm in the recording, in Jmeter)
Then i add this item to a tabel row in my databse using a submit button. (this also seems to be working in the recording details in Jmeter)
But nothing is added to the database when i use Jmeter to re-run the scenario. Can any one help me to find out, why or what I am missing?
I'm not sure what more information to give, but if you need more information let me know and thank you in advance
First of all I'd recommend checking that your Log In is successful using View Results Tree listener. At top left corner of the listener there will be a drop-down which defaults to Text. Select HTML (download resources) to see full response from server and verify if you're really logged in.
If not, refer to ASP.NET Login Testing with JMeter guide which highlights the peculiarities of simulating ASP.NET application log in including VIEWSTATE and EVENTVALIDATION dynamic form parameters extraction.
Related
I have created a web forms application using ASP.NET with C# (.NET 4.7.2) as the code behind. I am using ADO.NET Entity as the connection to a SQL Server 2019 database.
I have created a page with 2 text boxes. Reference number and code. When a user enters Reference number and code into the boxes and click submit the data is stored in the database the page redirects to a detailed page using URL parameters of details.aspx?ref=xxxxxx&c=xxxxxx.
The details.aspx page then loads. Using the code behind page load section, I retrieve the URL parameters from Request.QueryString. Using the results of the query I filter a record set and display some text & image data.
The issue I'm seeing is if 2 users press the submit button at the same time using different data they get a mixture of each others data returned on the next page. If they press it at different times it works fine (we confirmed this using 2 laptops being pressed at the same time by the same person).
Does anyone have any pointers as we have done a lot of searching and at this time and cannot find a solution.
So far we have tried:
IIS Caching - prevent all caching on user-mode and Kernel mode
Adding the following to the page load section of each page
Response.CacheControl = "private";
Response.ExpiresAbsolute = DateTime.Now.AddDays(-1d);
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Cookies are not being used
We have full access to the Web Server/Database
Any help would be appreciated
Hi After reading Aristos comment I modified the code and removed static class where I had put global variables. Once I had recoded the page to use local variables all worked as expected.
Thanks for the tip.
I did come across a few post which indicated the same but had not got round to trying that yet.
Many Thanks
Currently I'm trying to implement an auto login link for the emails sent from the site.
One of the requirements is that the user is able to see the link but not the rest of the site unless he manually logs in.
My current problem is that I cannot get the logout part right. The current flow goes something like this:
Check if the user is logged in
If not, check the url query string and do some calculation to check
the code
If everything is alright I log the user in, update the CurrentUser
and all the Session object
Then I need to use HttpContext.Response.Redirect() because the way
the system is made (as far as I have read using Redirect is a quite
abrupt way to cut the Request, but my current issue is that the
system will keep checking other things and redirect me to the LogIn
page if I don't cut it here)
At this point the user is Logged In
If they click on a new link inside the page, on this new Request it will check some Session properties
created on step 4 and if they exist it will log the
user out.
My problem is that it works some times and some other times it doesn't. A pretty consistent thing I notice is that is not working when I open the link in a new browser instance, but generally works when opening on an already open browser.
I guess something could be happening with the Session object between the Redirect and the new Request specially on a new browser instance, but not sure why.
Edit: The problem is happening on step 6
I'm not sure if i totally understand your question, but here are some ideas related to session problems.
Probably when opening the new instance a new Session is created. Therefore your data is gone.
A work around might be storing the needed values in the cache. This is dangerous because cache items can be deleted if iis thinks there is not enough memory.
https://support.microsoft.com/en-us/kb/323290
Another workaround might be saving the needed values in a database.
Or send the needed data through the headers.
Hello All I need all your help badly. We have made a role,ID based application in asp.net(C#) where the menu appear as per his roles. This is fine now the users are trying to directly type the link in address bars and using them. Cant restrict them in page loads and sessions as this is a production site which is already slow. So my intension is to show the url in encrypted format which expires in certain time where the user cant copy and paste it. Is there any possible way...
Cant restrict them in page loads and sessions as this is a production site which
is already slow.
Fix that crappy code and / or add more servers. Because this is the ONLY way it makes sense to do it. Anything else is the type of security that gets broken into and then you run around blaming the world for being unfair.
So my intension is to show the url in encrypted format which expires in certain
time where the user cant copy and paste it.
? So the menu has an encrypted URL that is only valid like for half a second? What if the user browses the source code of the page? He can see all the source there.
This is not security, it is hogwash. Sorry to be blunt, but this is not going to work and you are making a bad job here.
Checking this in page load will take less than a millisecond (assuming you cache roles in the session). WAY less.
Check for user role in page_load event and if the user does not have permission then redirect him to a page showing permission denied.
Please provide code if you need further help.
Yeah.... you've painted yourself into a corner here.
Short answer:
No, there's no clean way to do this and whatever type of 'special' url implementation you create will be open to abuse/spoofing and still require you to add code anyway.
Long answer:
I can't see any viable solution other than injecting some code into Page_Load.
I take it you're not using WIF/Claims-based security, just some bespoke written user login, database store based code? So your best approach (at this point) is to make a simple class in App_Code: When the user logs in, load their permissions into something like a DataTable and store that in a session variable. That way you can avoid doing database requests every time the page loads/posts back, this'll probably speed your site up a bit too.
Build a non-static method in a class that is to be used on Page_Load, where this will get the URL (or page id) being accessed, then check that against the session stored DataTable. If that check fails redirect them to an access denied page.
Building the class foundation is key, don't attempt to shortcut and copy-paste chunks of code into each page. With the 'security' class you can standardise your code and reduce testing down to a few simple checks.
I use asp.net 4 c sharp.
I would like populate a input text form with a string sent by an User.
The destination page is:
http://www.maxmind.com/app/locate_demo_ip
NOTE: im not the developer for the target page.
Here ho should work:
When a visitor from my site click a link (Ip address)
it will be sent to: http://www.maxmind.com/app/locate_demo_ip
and the TextBox automatically populates with the value (Ip address the user has clicked).
The user Will manually click the button "Look Up IP addresses" in maxmind.com to have the result.
Any idea how to do it? Maybe a sample of code?
Thanks guys as usual for your great support! :-)
if you can, generate a link with this form :
http://www.maxmind.com/app/locate_demo_ip?ip=XX.XX.XX.XX
then, the page can access this value using txt1.Text = Page.Request.QueryString["ip"]
[Edit] it assumes that you are the developer of the target page... is it ?
You tells me you are not the developper.
Either maxmind provide an url syntax similar to the one below (check if there is an api section, or you will have to inject with javascript the value. In this case, you have to know :
for security reason, to avoid a cross site scripting attack, you can't pilot an external site from one page to the other. You can maybe add your application in the trusted zone of the client computer, but it's not possible in an internet application
nothing guaranties that the html structure of maxmind won't change in the future. you can't rely on this.
An another approach would be to "proxy" the features of maxmin by calling yourself from your server application the target page, with a Http Post request. Then you can parse the results to use it on your application. Again, some limitations are to consider :
maxmind may disallow such calls. They may want the user to use their application
again, the target page may change its structure and the textbox names
parsing the result can give headache... and the output structure may change (again)
you have to handle yourself the UI related to this feature.
A final though : what is your goal ? maybe there are other ways to achieve it.
I am trying to make a web part that will display what links got clicked/viewed the most across the whole site collection. These links come from a SharePoint list.
Is there a mechanism in the object model that can be used to accomplish this?
Any thought would be helpful.
If the links all go to SharePoint pages within your portal, then you might be able to gather the information in your Site Usage Report, then query that in a custom web part. If the links point to places outside your portal, I am not aware of any out-of-the-box record of which links are getting clicked on in a SharePoint list. You could possibly make some javascript to add special code to the list interface so that, whenever a link is clicked, it first records to a database, then takes the user to the destination.