Need help with StresStimulus? Start here.
Force StresStimulus to make an Auth header
|
ignjatov Posts: 3
5/26/2020
|
Hi,
I get 401 Unauthorized error when replaying.
As per requests comparison, looks like StresStimulus does not form an authorization header.
How can I force it to reply it correctly, to include the authorization header properly, like it is in recorded request?
Thanks,
Milorad
|
|
|
0
link
|
|
George @StresStimulus Administrator Posts: 568
5/26/2020
|
It looks like you application is using server authentication that is described here
StresStimulus adds the proper Authorization header using the provided credentials. To provide the credentials, specify the username and passwords in the Authentication node in the workflow tree.
- Cheers
|
|
|
0
link
|
|
ignjatov Posts: 3
5/26/2020
|
Thank you for a quick reply!
However, my Authentication section has been already set correctly, with the same domain\username and password that I have used while recording.
Any other idea which I should try?
Thanks,
Milorad
|
|
|
0
link
|
|
George @StresStimulus Administrator Posts: 568
5/26/2020
|
Hi Milorad,
Unlike other HTTP requests, the NTLM handshake sequence is special and includes several more back-and-forth roundtrips that are not displayed.
In your screenshot, the Authorization header is missing in the authentication request and the x-ws-not-sent header is seen instead. This is an indication that the credentials you provided were used for authentication but the server rejected it due to inaccuracies.
It is difficult to determine what the issue is without looking at your test but here are some thoughts:
- Check your credentials. Many times the domain field should be left blank.
- To check your credentials open a different browser, like Firefox, and type your credentials in the browser dialog box to verify they are correct. If Firefox does not take the domain, then you should not use the domain
- Cheers
|
|
|
+1
link
|
|
ignjatov Posts: 3
5/27/2020
|
Excellent.
I have tried without specifying the "domain" in Authentication section (although I login with domain in browser), and it works - no more Unauthorized 401 issues! Many thanks, George!
Just 2 additional questions:
1. No 401 Unauthorized issues and no x-ws-not-sent header anymore. But, I still see x-ws-not-sent-vu:0 header. Why it is still there?
2. I am recording scenarios on Microsoft Dynamics CRM based application. Should I use Unified Service Desk as recording source instead of Web browser (and would that impact Authentication flows or no impact)?
Thanks once again.
Best regards,
Milorad
|
|
|
0
link
|
|
George @StresStimulus Administrator Posts: 568
5/27/2020
|
I’m glad I can help.
- The x-ws-not-sent-vu is an internal placeholder header for NTLM handshaking inside StresStimulus. This header does not get sent to the server and can be disregarded.
- The Unified Service Desk option is only used for recording from a Unified Service Desk client. If you are recording from the browser, do not use this option.
- Cheers
|
|
|
0
link
|
Copyright © 2025 Stimulus Technology