Request redirection throwing 403 error.

  • 17 April 2024
  • 5 replies
  • 15 views
P
Badge

While recoding a web application, Request 1 sends auth token in its response. This auth token is captured and sent in the request header for Request 2. This Req 2 redirects to Req 2A and Req 2B. Req 2A refers to Req 2 and Req 2B refers to Req 2A.

During replay, auth token is been sent in the Req 2, but it is throwing 403, Access denied error. Req 2A and 2B are not even executed as Req 2 failed. Tried with various options like, redirect manually, automatically etc and nothing worked.

The same flow with same parameters is working fine in load runner. 

Is there something to handle differently for redirect requests in Neoload?

5 replies

N
Userlevel 1
Badge +1

Hello, i’m not sure to understand that part “This Req 2 redirects to Req 2A and Req 2B”. Could you provide more details on how it can redirect to Req2A and Req2B maybe with some screen shots?

Anyhow the issue seems already happening in req2 related to that token. Is it the only token that could lead to such HTTP 403 error? If yes have you confirmed that you have properly extracted the value?

P
Badge

Hii, While recording, Req 2 request type is  “Use a manual definition” and its a get request with Request parameters as target with value as some URL. Below is Req 2. Bearer token is sent in the header for this request.

Req 2A request type is “follow the redirect of the previous request” and referrer of this request is the Req 2. Below is Req 2A. This request will generate a code in response as Location.

Req 2B request type is “follow the redirect of the previous request” and referrer of this request is the Req 2A. Below is Req 2B. The code from response from Req 2A is send in this request.

 But while execution,  Req 2 is sending 403, Access Denied error. Subsequent Req 2A and Req 2B are not executed as Req 2 is failed.

N
Userlevel 1
Badge +1

Ok i understand better. So the real issue is on Req 2 since the subsequent requests rely on it. You said that the Bearer Token is sent in HTTP header but do you have a token/id for that target parameter? Is it properly correlated if it’s dynamic?

P
Badge

The token is sent in the request header for Req 2 and its correlated properly. When looked at the Req 2 in replay log, the request sent looks like https://{Req2URL}{targetparameterURL}. When when you say  “do you have a token/id for that target parameter”, target URL parameter is been appended to the Req2 request so how can we pass the token/id for it separately.   Token is already passed in the request header for Req 2 which contains target URL parameter.

Also when I said, the same flow with same script enhancements works fine in Vugen, and not with neoload. Could it be something with the application firewall that it is not accepting traffic from Neoload tool? 

 

N
Userlevel 1
Badge +1

I can’t be 100% sure but i do not think firewall is involved since it looks like more an application concern rather than network. The request format seems fine since the target=value parameter has to be appended to the URL separated by a question mark “?”.

I’m sorry It’s difficult for me to provide relevant feedback without seeing the project. But an HTTP 403 does not indicate a bearer value issue otherwise i would expect more an HTTP 401 error hence my question about that target value parameter. Unless you got an issue before these Req2.

 

Reply


ShiftSync Terms and Conditions

Copyright ©2024 Tricentis. All Rights Reserved.