jMeter MVC和Anti Forgery的登录问题

时间:2016-02-08 13:33:30

标签: jmeter automated-tests performance-testing load-testing antiforgerytoken

我正在尝试使用jMeter加载测试我的网站。 我的登录页面出现问题。我通过RegEx捕获它,在登录页面中传递了__RequestVerificationToken值,如下所示:

Field to check: Body.
Reference Name: token.
Regular Expression: <input name="__RequestVerificationToken" type="hidden" value="(.*)" />.
Template: $1$

我仍然得到同样的错误回复:

<title>The anti-forgery token could not be decrypted. If this application is hosted by a Web Farm or cluster, ensure that all machines are running the same version of ASP.NET Web Pages and that the &lt;machineKey&gt; configuration specifies explicit encryption and validation keys. AutoGenerate cannot be used in a cluster.</title>
<b> Exception Details: </b>System.Web.Mvc.HttpAntiForgeryException: The anti-forgery token could not be decrypted. If this application is hosted by a Web Farm or cluster, ensure that all machines are running the same version of ASP.NET Web Pages and that the &lt;machineKey&gt; configuration specifies explicit encryption and validation keys. AutoGenerate cannot be used in a cluster.<br><br>

查看树结果中的“请求”选项卡提供了更多详细信息:

POST data:
__RequestVerificationToken=%24%7Btoken%7D&UserModel.UserName=pm&UserModel.Password=Abc1234D

Cookie Data:
ASP.NET_SessionId=l0cvy41ons0xv1t3e5glx2j5; __RequestVerificationToken_L0NyZWlzc1dlYg2=elGNi5_GoW2DYFM-obeXg9DHsihM26jv8HgT4IEpjngwc1gfJ4lRTboi3t-UV4L9485dM_9bdAVfRZKauTIXAZoKvNt2Q9R0yW19ZQIO17A1

Request Headers:
Connection: keep-alive
Referer: http://172.52.50.137/CreissWeb/
Accept-Language: en-US,en;q=0.5
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Content-Length: 91
Host: 172.52.50.137

HTTP请求:

__RequestVerificationToken  ${token}    false   true
UserModel.UserName  pm  false   true
UserModel.Password  Abc1234D    false   true

任何帮助都将受到高度赞赏。 !!

2 个答案:

答案 0 :(得分:1)

您的正则表达式提取器无法正常工作。 POST数据清楚地显示__RequestVerificationToken=${token}

尝试将正则表达式更改为name="__RequestVerificationToken" type="hidden" value="(.*)"&amp;看看它是否有帮助。

如果它不起作用,请发布您获得的HTTP响应。

答案 1 :(得分:-1)

 Exception:The anti-forgery token could not be decrypted. If this application is hosted by a Web Farm or cluster, ensure that all machines are running the same version of ASP.NET Web Pages and that the &lt;machineKey&gt; configuration specifies explicit encryption and validation keys. AutoGenerate cannot be used in a cluster., Login,SetLogin
   at System.Web.Helpers.AntiXsrf.AntiForgeryTokenSerializer.Deserialize(String serializedToken)
   at System.Web.Helpers.AntiXsrf.AntiForgeryTokenStore.GetFormToken(HttpContextBase httpContext)
   at System.Web.Helpers.AntiXsrf.AntiForgeryWorker.Validate(HttpContextBase httpContext)
   at System.Web.Helpers.AntiForgery.Validate()
   at System.Web.Mvc.ValidateAntiForgeryTokenAttribute.OnAuthorization(AuthorizationContext filterContext)
   at Cogitate.PPE.Web.Controllers.ValidateAntiForgeryTokenOnAllPosts.OnAuthorization(AuthorizationContext filterContext)
   at System.Web.Mvc.ControllerActionInvoker.InvokeAuthorizationFilters(ControllerContext controllerContext, IList`1 filters, ActionDescriptor actionDescriptor)
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.&lt;&gt;c__DisplayClass25.&lt;BeginInvokeAction&gt;b__1e(AsyncCallback asyncCallback, Object asyncState)
相关问题
最新问题