JMeter encryption of HTTP request parameters via the BeanShell script

Source: Internet
Author: User

JMeter has always been a good interface and performance testing tool, it is open source, do not need to pay any fees, and can download the source code, you can modify the sources and on this basis to expand their functions or plug-in, it can be combined with Ant and Jenkins to build their own automated interface testing framework. Its good also is that it is pure Java development, so it can better interface with Java, through the introduction of their own packaged jar file, can easily realize the jmeter of various personalized requirements of the expansion of the function, The following is a practical example of how JMeter introduced its own Java tool class to implement cryptographic processing of HTTP request parameters.

Before that, let's assume that there is a scenario where we intend to do an interface test on an HTTP request, but some parameters of the request or HTTP header file information contain some cryptographic parameters, which are implemented by the front end or the app client in the actual application. Other interfaces will not return these encrypted data to us. That's the problem, the front end of the parameter encryption to the backend, back-end interface with encrypted data to do calibration or other processing, then use JMeter to do the script, these cryptographic parameters to do? JMeter does not provide us with out-of-the-box encryption capabilities, and each data may be encrypted in different ways, how can we implement these parameters to the JMeter request encryption? This will require us to use the Beashell script.

Speaking of JMeter's BeanShell use, here we may use these components of the JMeter: BeanShell Sampler in the sampler, configuration components: BeanShell preprocessor in the front processor, The BeanShell postprocessor in the post processor, assert the BeanShell assertion in the assertion.

Next go back to the scene, some parameters in the HTTP request is encrypted, in order to use jmeter Normal to send the HTTP request with encryption parameters to test the HTTP interface, we can add a BeanShell preprocessor to the HTTP request, By implementing the encryption of the parameters in the BeanShell preprocessor. Here's a concrete example:

Suppose there is an HTTP interface for an app, the interface documentation is as follows:

Interface Name: XXX Login

Interface protocol: HTTP

Request Method: POST

Parameter type: JSON

Path parameter: PhoneNumber, user mobile number

Request Body Parameters:

Device devices information, JSON format

Password user password, password SHA-256 encode encryption string data capitalization

First, we need to use Java code to implement the SHA-256 encryption function:

The project structure is COM. Base64

SHA256 Encrypting code Body:

OK, after the encryption algorithm is written, package it into a jar file, here I package the file is: Base64urlsafe.jar, put Base64urlsafe.jar into the JMeter lib/ext directory, the next can be introduced in JMeter the jar package.

The JMeter script practices are as follows:

1. The external jar package is introduced in the test plan:

2. Add an HTTP Sampler:

3. Add a predecessor processor to this HTTP sampler: BeanShell preprocessor, which reads as follows

You can then refer to the place where you need to use the variable, and apply the method: ${password_sha256}

The results of the operation are as follows:

As you can see, password 123456 has been SHA256 encrypted and converted to uppercase. OK, I believe you can think of this simple example of its many uses, understand this feature, then enough you use JMeter and Java to do a lot of things, and finally to say, in this case is through the introduction of external jar package form, it is to illustrate, we can put a lot of complex, The Code for common tool classes is encapsulated in jars so that we can streamline and reuse the code.

JMeter encryption of HTTP request parameters via the BeanShell script

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.