HomeSUPPORT QUESTIONS

Need help with StresStimulus? Start here.

Force StresStimulus to make an Auth header Messages in this topic - RSS

ignjatov
ignjatov
Posts: 3


5/26/2020
ignjatov
ignjatov
Posts: 3
Hi,

I get 401 Unauthorized error when replaying.
As per requests comparison, looks like StresStimulus does not form an authorization header.
How can I force it to reply it correctly, to include the authorization header properly, like it is in recorded request?

Thanks,
Milorad

0 link
George @StresStimulus
George @StresStimulus
Administrator
Posts: 287


5/26/2020
George @StresStimulus
George @StresStimulus
Administrator
Posts: 287
It looks like you application is using server authentication that is described here

StresStimulus adds the proper Authorization header using the provided credentials. To provide the credentials, specify the username and passwords in the Authentication node in the workflow tree.





- Cheers
0 link
ignjatov
ignjatov
Posts: 3


5/26/2020
ignjatov
ignjatov
Posts: 3
Thank you for a quick reply!

However, my Authentication section has been already set correctly, with the same domain\username and password that I have used while recording.

Any other idea which I should try?

Thanks,
Milorad
0 link
George @StresStimulus
George @StresStimulus
Administrator
Posts: 287


5/26/2020
George @StresStimulus
George @StresStimulus
Administrator
Posts: 287
Hi Milorad,


Unlike other HTTP requests, the NTLM handshake sequence is special and includes several more back-and-forth roundtrips that are not displayed.

In your screenshot, the Authorization header is missing in the authentication request and the x-ws-not-sent header is seen instead. This is an indication that the credentials you provided were used for authentication but the server rejected it due to inaccuracies.


It is difficult to determine what the issue is without looking at your test but here are some thoughts:
  • Check your credentials. Many times the domain field should be left blank.
  • To check your credentials open a different browser, like Firefox, and type your credentials in the browser dialog box to verify they are correct. If Firefox does not take the domain, then you should not use the domain

- Cheers
+1 link
ignjatov
ignjatov
Posts: 3


5/27/2020
ignjatov
ignjatov
Posts: 3
Excellent.
I have tried without specifying the "domain" in Authentication section (although I login with domain in browser), and it works - no more Unauthorized 401 issues! Many thanks, George!

Just 2 additional questions:

1. No 401 Unauthorized issues and no x-ws-not-sent header anymore. But, I still see x-ws-not-sent-vu:0 header. Why it is still there?
2. I am recording scenarios on Microsoft Dynamics CRM based application. Should I use Unified Service Desk as recording source instead of Web browser (and would that impact Authentication flows or no impact)?


Thanks once again.


Best regards,
Milorad
0 link
George @StresStimulus
George @StresStimulus
Administrator
Posts: 287


5/27/2020
George @StresStimulus
George @StresStimulus
Administrator
Posts: 287
I’m glad I can help.

  1. The x-ws-not-sent-vu is an internal placeholder header for NTLM handshaking inside StresStimulus. This header does not get sent to the server and can be disregarded.
  2. The Unified Service Desk option is only used for recording from a Unified Service Desk client. If you are recording from the browser, do not use this option.

- Cheers
0 link






Copyright © 2020 Stimulus Technology