How to capture dynamic values created using javascript in jmeter

Question

I am trying to run a JMeter script but it is failing at login. The reason is, password is getting encrypted using RSA algorithm and that is using javascript. so the password that is saved at the time of recording wont work and I am not able to get the dynamic value of encrypted password as it is being encrypted using javascript which is not supported by JMeter. because of javascript usage at runtime, I can not use regular expression to look in response data as this is not part of response.

I am trying to login to Tableau reporting server.

Answer 1

I downloaded the rsa.js script the login page was using and used the function there to encrypt the password. here's the snippet for Neoload js script:

var KeyN = context.variableManager.getValue("cp_Keyn");   
var KeyE = context.variableManager.getValue("cp_Keye");

var res = rsa.encrypt('PASSWORD',{n:KeyN,e:KeyE});  
                                            
if (res) {
 context.variableManager.setValue("crypted_Password",res);  
}

enter code here

Answer 2

You can encrypt password on the fly using similar approach in JMeter, for instance JSR223 Sampler provides JavaScript language support via Mozilla Rhino or Oracle Nashorn so you can use the same JavaScript code to encrypt the password as application does.

However JavaScript language is not very efficient from performance perspective, if you will need to simulate hundreds of concurrent users hence you'll have to perform hundreds of encryptions per second JavaScript may become a bottleneck and it is better to consider using groovy language with JSR223 Sampler. See Beanshell vs JSR223 vs Java JMeter Scripting: The Performance-Off You've Been Waiting For! guide for detailed explanation, instructions on groovy engine installation and scripting best practices.

Answer 3

I had the same problem using NEOLOAD, so I included the following script before the Auth POST.

// Get variable value from VariableManager
var doLoginIDString = context.variableManager.getValue("doLoginID");
if (doLoginIDString==null) {
    context.fail("Variable 'doLoginID' not found");
}

logger.debug("doLoginIDString="+doLoginIDString);

var rsa = new RSAKey();
rsa.setPublic(doLoginIDString,'10001');
var res = rsa.encrypt('<USER_PASSWORD>');
logger.debug("encrypted_var= "+res);
if (res) {
     context.variableManager.setValue("crypted_Password",res);
}

VariableManager is a NEOLOAD variable Manager :)

"doLoginID" is a variable I created based on a string which is passed by the server for you to encript with your password. This string can be found in LoginPage's source code.

"crypted_Password" is a variable I created for POST crypted parameter.

RSAKey(), setPublic() and encrypt() are included in .js files you download from the server when you access login page. I just include those files in to my project's library and it worked.

I don't know if with JMeter is the same, but hope this helps you to understand what you need to do.

Answer 4

I didnt find and answer for this too, but what I've done is to put the tableau_online_id and workgroup_session_id cookies in User Variables, each time I run the tests.

So I first login using the browser, and set these cookies as JMeter cookies using variables.