Jmeter - Unauthorized error in a direction

Question

I have recorded a flow of a web app, which (I think) do login throught the Windws user. The first request is

:authority: XXX.XXXXX.es
:method: GET
:path: /
:scheme: https
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
accept-encoding: gzip, deflate, br
accept-language: es-ES,es;q=0.9
cache-control: max-age=0
sec-ch-ua: "Google Chrome";v="105", "Not)A;Brand";v="8", "Chromium";v="105"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: none
sec-fetch-user: ?1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36

This return a 302 redirect, and in the jmeter run ok (that is, return a 302 redirect)

The second request (the redirection) is

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate, br
Accept-Language: es-ES,es;q=0.9
Cache-Control: max-age=0
Connection: keep-alive
Host: XXXXX.XXXXX.es
sec-ch-ua: "Google Chrome";v="105", "Not)A;Brand";v="8", "Chromium";v="105"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36

And in the jmeter script returns a 401 Unauthorized. I have the Auth manager in JMeter

In the script, in the first request, we send a "NTML" auth,

Connection: keep-alive
Upgrade-Insecure-Requests: 1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate, br
Accept-Language: es-ES,es;q=0.9
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
DNT: 1
sec-ch-ua: "Google Chrome";v="105", "Not)A;Brand";v="8", "Chromium";v="105"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36
sec-fetch-User: ?1
sec-fetch-Site: none
Host: XXXXX.XXXXXX.XXX
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAADQANAAYAAAAAAAAAAwAQAACgAKADABAAAQABAAOgEAAAAAAABKAQAABYKJogUBKAoAAAAPpG+BcRbb9Mv8EX9lGMYYvY9TRE0ddvXwHNW4kGw9skxCk1+crDQRAwEBAAAAAAAA4LrJUKfN2AFw2B3BDux8LgAAAAACAAwARABNAEIATQAwADAAAQAQAFMAVgBEAEUAOQAyADMAMQAEABoAYgBhAG4AYwBhAG0AYQByAGMAaAAuAGUAcwADACwAUwBWAEQARQA5ADIAMwAxAC4AYgBhAG4AYwBhAG0AYQByAGMAaAAuAGUAcwAFABoAYgBhAG4AYwBhAG0AYQByAGMAaAAuAGUAcwAHAAgAeyODUKfN2AEAAAAAAAAAADEAMAA3ADcAMwBQAFYAMQAwADcAMAAxADAA

Response:

Document Moved
Object Moved
This document may be found here

and returns a 302 - redirect, but the second above request, returns a 401:

Connection: keep-alive
Upgrade-Insecure-Requests: 1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate, br
Accept-Language: es-ES,es;q=0.9
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
DNT: 1
sec-ch-ua: "Google Chrome";v="105", "Not)A;Brand";v="8", "Chromium";v="105"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36
sec-fetch-User: ?1
sec-fetch-Site: none
Host: XXXXX.XXXXXXX.XX

Response Headers:

HTTP/1.1 401 Unauthorized
Content-Type: text/html
Server: Microsoft-IIS/10.0
WWW-Authenticate: Negotiate
X-Powered-By: ASP.NET
Date: Wed, 21 Sep 2022 10:45:50 GMT
Content-Length: 1293

Some suggestion? Many thanks in advance for your comments.

Jmeter - Unauthorized error in a direction

Answers (1)

Related Questions