How to handle an encrypted value that is being passed in request but can't b found in prior response

[Sai]

Hi,

I am creating a script in Vugen with following steps:

1) Launch application and enter username and password, then click on Submit.

At this point, In web_submit_data request, I could see that a 'session string' and 'associated password' along with userid and password I give are being passed.

'Session string' is unique value for each login. It is generated from application using Java script. It is originated only from request. 

'Password' is encrypted value for (unique session string + password that I enter)...

I am not sure how this encryption is happening.

Please let me know how to handle it.

2) Similar case as above:

In UI, I am 'passing amount', 'to bank account', 'bank name', 'from account'. All these values are being passed as a encrypted value in the script along with uniquely generated session string value. Session string value is unique for each transaction and is generated randomly thru Java script. I am not aware of encryption logic and I don't have chance to get it as well.

How to handle it???

I guess I can use Ajax truclient but it is too slow when executed in load as well as interactive mode and thus not sure if we will be able to reach our required transaction count. The transaction count coule be way below if we use Ajax truclient. Furthermore, We have only one LG(2 GB Ram) and 500GB HDD. Not sure how many users I can use with Ajax truclient as it occupies considerable memory.

Please let me know how this can be handled.

I am not seeing any session values as well in the response. Is above case one way of handling sessions in web applications????

Thank in advance.

[James Pulley]

1.   Reproduce the Javascript algorithm for your own use in your virtual user.   Speak to the developers to get a copy of the algorithm or pull it from the source yourself and convert the code.  

2.   Virtually the same as one.  You will need the insight from development for the algorithm to handle the encryption and decryption (or salting | de-salting) on the fly.   

You may be surprised.   I see a lot of developers simply using a base64 encode|decode to provide an additional level of masking for someone who just might be taking a look at the datastream.    In such a case you can leverag readily available solutions to get your data back to something very usable.

'Pulley

[aravind sai kuchibhatla]

Your question is not clear... very confusing. Ask it clearly then someoone can help u...

On Thu, Nov 28, 2013 at 11:02 PM, kamal <kamal...@gmail.com> wrote:

Hi All,

Kidnly help me out,

My script passes 5 iterations and fails at 6th. 

in the script the first request URL e1s1 is sent from client, and the 
second request it is sent with e2s1, third e2s2, fourth. e2s3 --and 
the last request is e2s10. After completion of the  first iterations 
the same repeats. 

The e2s1 and e2s2......e2s10 is captured from server and substituted 
in the script. 

The script works fine upto five request i.e e6s1.e6s2,e6s3....e6s10 
but at the sixth iterations it fails for e7s1. 

But when manually performed the same for six iterations the 
e7s1..e7s2,es10 works and it continue like e8s1...e8s10. 
e9s1,e9s2...e9s10 etc. 

For work around inserted a 3 actions in a block and performed login 
once and actions part 5 iterations and logout and executed the script 
agains it fails while loggin second time. 

The script works fine for n number of iterations only if every time 
the users login and logout. 

Could any one explain how to handle the request. 

Note: clear cache, clear cookies, ru8ntime settings  and all the 
correlations options tired.  This fails in controller and also in the Vugen(find the snap shot).

Regards,

Kamal

--
You received this message because you are subscribed to the Google Groups "LoadRunner" group.
To unsubscribe from this group and stop receiving emails from it, send an email to LR-LoadRunne...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.