Forum Discussion

mgroen2's avatar
mgroen2
Super Contributor
7 years ago
Solved

How to solve 401 (unauthorized) in playback?

When I play back the recorded script, I receive multiple 401 (unauthorized) codes,

what is the best approach to solve this?

 

Thanks a lot.

 

Regards,

Mathijs

  • Hi Mathijs,

     

    To my understanding, the general approach is to identify what authorization info is expected in the failed request, where this info is obtained and why it was not applied to the given request.

    From the screenshot you provided, it can be seen that the recorded header of the highlighted request (#46) contains sessionid and authorization fields that with a high chance contain the required authorization info.

    Both these fields contain the same values in recorded and replayed requests and I think that the initial session had expired by the time recorded traffic was replayed and this caused authorization failure.

    The value of the authorization field after the 'bearer' token, with a high chance is Base64-encoded user name and password used to authorize in your application. (You may quickly check this via the Tools|TextWizard... window from Fiddler.)

    I think that you should trace up recorded requests until you find the one that provided new value of the session id in response to the supplied login credentials. After you will find this request (actually - response to the request with login credentials) you may try to figure-out if this situation had to be processed by LoadComplete automatically via its data correlation and data correlation rules mechanisms (https://support.smartbear.com/viewarticle/78604/, https://support.smartbear.com/viewarticle/90781/). You may contact Support if you think that the situation had to be processed automatically by LoadComplete. Otherwise, you will have to parameterize the requests by extracting the new session id (and, maybe, bearer's info for the authorization field) and providing it for all subsequent requests where it is needed (https://support.smartbear.com/viewarticle/78740/).

     

    Hope, the above will help...

     

    P.S. I am sure that you already went through the https://support.smartbear.com/viewarticle/78954/#AuthenticationErrors help article.

8 Replies

  • AlexKaras's avatar
    AlexKaras
    Champion Level 3

    Hi Mathijs,

     

    To my understanding, the general approach is to identify what authorization info is expected in the failed request, where this info is obtained and why it was not applied to the given request.

    From the screenshot you provided, it can be seen that the recorded header of the highlighted request (#46) contains sessionid and authorization fields that with a high chance contain the required authorization info.

    Both these fields contain the same values in recorded and replayed requests and I think that the initial session had expired by the time recorded traffic was replayed and this caused authorization failure.

    The value of the authorization field after the 'bearer' token, with a high chance is Base64-encoded user name and password used to authorize in your application. (You may quickly check this via the Tools|TextWizard... window from Fiddler.)

    I think that you should trace up recorded requests until you find the one that provided new value of the session id in response to the supplied login credentials. After you will find this request (actually - response to the request with login credentials) you may try to figure-out if this situation had to be processed by LoadComplete automatically via its data correlation and data correlation rules mechanisms (https://support.smartbear.com/viewarticle/78604/, https://support.smartbear.com/viewarticle/90781/). You may contact Support if you think that the situation had to be processed automatically by LoadComplete. Otherwise, you will have to parameterize the requests by extracting the new session id (and, maybe, bearer's info for the authorization field) and providing it for all subsequent requests where it is needed (https://support.smartbear.com/viewarticle/78740/).

     

    Hope, the above will help...

     

    P.S. I am sure that you already went through the https://support.smartbear.com/viewarticle/78954/#AuthenticationErrors help article.

    • mgroen2's avatar
      mgroen2
      Super Contributor

      Hi AlexKaras,

       

      I think I have found the source of the problem: the situation is as follows:

      each new login of the application get a new unique accesstoken and a sessionID. So, when I replay the script it fails because the response of the value of Accesstoken and SessionID differs from recorded version. So I need to make these (sessionID and Accesstoken) variable so that they are being "catched at runtime" and pasted in the corresponding fields (different for each new user). I understood this is possible with DataCorrelation feature, but I have no clue how to do this. I am new to LoadComplete and I need support how to implement this.


      Is there anybody who can help me with that?

       

      Below are 2 screenshots showing one request with the accesstoken, and the other showing the SessionID.

       

       

      • AlexKaras's avatar
        AlexKaras
        Champion Level 3

        Hi Mathijs,

         

        While I am not sure why LoadComplete did not correlate SessionID automatically (and this may be a question to Support, HKosova, excuse me, Helen :) ), AccessToken, most probably must be correlated manually.

        I would recommend the https://support.smartbear.com/viewarticle/78601/ help article (and whole https://support.smartbear.com/viewarticle/78518/ section).

        Feel free to let me know if you still have problem with this and I would be happy to try to help you. (Maybe via Skype or something like that. Confidentiality is obviously guaranteed.)

  • AlexKaras's avatar
    AlexKaras
    Champion Level 3

    mgroen2:

    Thank you, Mathijs, good to know that the problem was solved and the guess about its root was correct.

    If there were some specific details or information from Support that can be shared here, I would appreciate it...

    • mgroen2's avatar
      mgroen2
      Super Contributor

      AlexKaras actually it isn't solved yet (I pressed accep as solution accidentally). See my previous reply.

       

      To solve it I need assistance.