Cas Ticket Issue in Jmeter - regex

I have a web application which uses CAS Ticket for user authentication purpose which is different for every login. I recorded the script in JMeter. Also I correlated the pages by filling up the Regular Expression Extractor as follows:
Recorded script has url: https://foo.com/j_spring_cas_security_check?ticket=ST-3101-QDTyjbbHoOHvgPMdRBIg-cas.
After applying all above I ran the script but got status fail displaying https://foo.com/j_spring_cas_security_check?ticket=Ticket_Not_Found.
It would be very helpful if someone could tell me what did I miss in my script?

There is two ways for this,
if you have multiple username and password and you can use those with Jmeter,
you can use those to generate CAS ST(Service ticket).
Another:
default when CAS create ticket, it can be just used for one time.
you have to change values in ticketExpirationPolicies.xml of your cas server
to use same ticket multiple times.
default location is:
WEB_INF/spring-configuration/ticketExpirationPolicies.xml
change this to if you want 50 users to use same ticket
<!-- This argument is the time a ticket can exist before its considered expired. -->
<constructor-arg
index="1"
value="100000" />
</bean>
<bean id="grantingTicketExpirationPolicy" class="org.jasig.cas.ticket.support.TimeoutExpirationPolicy">
<!-- This argument is the time a ticket can exist before its considered expired. -->
<constructor-arg
index="0"
value="7200000" />
</bean>
Answer given by: VIVEK ADHIKARI

It seems that an error happened when fetching ticket value from url's parameter list. Maybe you can add a hidden field on your page and set its value from this parameter.
<input type="hidden" id="ticket_key" value="ST-3101-QDTyjbbHoOHvgPMdRBIg-cas" />
Then you can get it by Regular Extractor ticket_key=(.+)
Hope it helps.

Related

Hybris remove specific cookie when logout

I've created a custom cookie via Javascript and every time I logout, I want to remove this cookie from the browser. How/Where is the best place to perform this operation in the Hybris/Sap Commerce ecosystem?
You can use Spring MVC Interceptors like this.
<alias name="defaultBeforeControllerHandlersList" alias="beforeControllerHandlersList"/>
<util:list id="defaultBeforeControllerHandlersList">
<!-- List of handlers to run -->
<bean class="xyz.CheckUrlsBeforeControllerHandler">
<property name="checkedUrls" ref="checkUrlsList"/>
</bean>
</util:list>
Then Inside CustomHandler use guidCookieStrategy.deleteCookie(request, response);
to delete cookies.

Twilio - Play music during long process

Twilio newbie here.
I have a Twilio voice application that collects a bunch of data (international topup sales) - and there is a point where the actual process of purchasing the topup takes place.
This process can last anywhere from 10 to 30 seconds, where most of them are about 15 seconds. Sounds to me like I need to use the Twilio <ENQUEUE> tag (https://www.twilio.com/docs/voice/twiml/enqueue), but it does not work.
I am simply calling it like this (happens to be ColdFusion):
<Enqueue
waitUrl="processtopup.cfm"
method="POST"
action="topupdone.cfm">processTopup</Enqueue>
Within the processtopup.cfm file is the <PLAY> tag (which won't work because that is the page that takes more than 15 seconds.
Sorry - but I'm just confused on ho this should work. Thanks in advance!
Here is a possible solution. I've tested this and it works.
The main idea is to play some message/music in a loop until ColdFusion does the job, then, when ColdFusion is done, instruct the call to execute a different Twilio XML by making a POST request to Twilio's API call resource.
When a call comes in, and Twilio hits your endpoint, capture the call id, it will be used to switch the call to a different XML. The call id it's passed as FORM.CALLSID or URL.CALLSID depending on your webhook configuration at Twilio.
The call id looks something like CAdecbfa7e8e2a9d09336abcd57044cf74.
Pass the call id trough your flow (as url parameter should be fine) so it reaches processtopup.cfm.
Move the long running code from processtopup.cfm to let's say
processtopup-action.cfm
Code in processtopup.cfm should now return immediately XML for playing loop (or you can play some .mp3), I'm showing with a message:
<cfoutput><?xml version="1.0" encoding="UTF-8"?>
<Response>
<Say loop="0">Please wait while we process your request...</Say>
</Response>
</cfoutput>
<cfhttp
url="http://www.yourwebsite.com/processtopup-action.cfm?callsid=#FORM.CALLSID#"
method="get"
timeout="1" />
The code for processtopup-action.cfm
<!--- // place your long running code here --->
<cfset accountSid = '{your account sid}' />
<cfset authToken = '{your auth token}' />
<cfhttp
url="https://api.twilio.com/2010-04-01/Accounts/#variables.accountSid#/Calls/#URL.CALLSID#.json"
method="POST"
username="#variables.accountSid#"
password="#variables.authToken#"
result="http_result">
<cfhttpparam
name="Url"
value="http://www.yourwebsite.com/finish.cfm"
type="formfield" />
</cfhttp>
Code for finish.cfm
<cfoutput><?xml version="1.0" encoding="UTF-8"?>
<Response>
<Say>This is the data you're looking for.</Say>
<Say>Thank you. Goodbye!</Say>
<Hangup />
</Response>
</cfoutput>
Of course, you can pass other parameters as you need.
Again, the main idea is that processtopup-action.cfm, after executing your long running code, makes a POST request to Twilio's API and instructs the call to switch to execute new TwiML located at http://www.yourwebsite.com/finish.cfm
Docs:
Call Redirection via the Twilio REST API
(https://www.twilio.com/blog/2009/09/call-queueing-putting-callers-on-hold-calll-redirect-new-url-new-feature.html)
Modifying Live Calls
(https://www.twilio.com/docs/voice/modify-live-calls)

Sitecore.Context.User.IsAuthenticated returns true for extranet\Anonymous user

I have Sitecore 6.6 installed. I wanted to add a new domain to Sitecore; Since my Sitecore instance is deployed in two servers with two Sitecore sites in each pointing to different web databases but same core, master and analytics databases, I couldn't do it using Sitecore Domain manager.So I thought of doing it manually by editting the App_Config\Security\domains.config in the server. The following was the domains.config that I had.
<?xml version="1.0" encoding="utf-8"?>
<domains xmlns:sc="Sitecore">
<domain name="sitecore" ensureAnonymousUser="false" />
<domain name="extranet" defaultProfileItemId="{AE4C4969-5B7E-4B4E-9042-B2D8701CE214}" />
<domain name="default" isDefault="true" />
<sc:templates>
<domain type="Sitecore.Security.Domains.Domain, Sitecore.Kernel">
<ensureAnonymousUser>true</ensureAnonymousUser>
<locallyManaged>false</locallyManaged>
</domain>
</sc:templates>
<domain name="Station" defaultProfileItemId="{F181ED3D-F342-46E6-B6F6-2A6A6173B513}" />
<domain name="Emailcampaign" />
</domains>
I added one more domain(MyDomain) at the end like below.
<?xml version="1.0" encoding="utf-8"?>
<domains xmlns:sc="Sitecore">
<domain name="sitecore" ensureAnonymousUser="false" />
<domain name="extranet" defaultProfileItemId="{AE4C4969-5B7E-4B4E-9042-B2D8701CE214}" />
<domain name="default" isDefault="true" />
<sc:templates>
<domain type="Sitecore.Security.Domains.Domain, Sitecore.Kernel">
<ensureAnonymousUser>true</ensureAnonymousUser>
<locallyManaged>false</locallyManaged>
</domain>
</sc:templates>
<domain name="Station" defaultProfileItemId="{F181ED3D-F342-46E6-B6F6-2A6A6173B513}" />
<domain name="Emailcampaign" />
<domain name="MyDomain" />
</domains>
As soon as I did that, Sitecore.Context.User.IsAuthenticated started returning true for extranet\Anonymous user(Non-logged in user) in the code.
Has anyone faced this issue before?
Please let me know where am I going wrong.
I also encounted this issue back when I was working with Sitecore 6.6, I'm not certain if its an issue in later versions. Essentially when you modified your domains.config with the param ensureAnonymousUser set to true the Anonymous User for that domain, in this case Extranet, was created in the database - it may not have been until you changed that setting.
In Sitecore all non-logged in users view the site as the user *domain*/anonymous. As Sitecore's membership is based on .NET Membership it determines that the User is logged in as its using that account.
Therefore I recommend completing an additional check with your Sitecore.Context.User.IsAuthenticated to check if the username of User's account is *domain of site*/anonymous, Sitecore.Context.User.Name, if it is return false.
EDIT
I have confirmed Sitecore.Context.User.IsAuthenticated returning true for *domain*\Anonymous user has been fixed in Sitecore 8. Therefore you can use it to determine if the User is logged in and not using the *domain*\anonymous account.
We finally resolved this issue! This was caused by a fix we added to solve an issue we had with Sitecore ECM. The issue was that Sitecore used to log out as soon as we clicked on the message preview. So we followed the steps given in the below thread to fix the issue.
https://stackoverflow.com/a/30836600/4165670
But we were not testing for Anonymous user like it is done in the thread. We never pushed this code into Content Delivery site and when
we created the new domain, This code got pushed into the Content Delivery site with some other code.
Since we are setting the current user as the Active user in the code, it started showing that extranet\Anonymous user as the current user.

Getting rid of plaintext hyperlinks before indexing a record in Solr

I have a field, whose content is used to generate facets from. One particular problem I'd like to solve is the fact that some of my content contains hyperlinks in plaintext i.e http://google.com. As a result, I started seeing http as one of my top facets. How can I make sure that I filter out the hyperlink content, before I index it? Using a regex filter of some sort?
I know that I can do this pre-processing part on the client side, when I add the records to Solr. Yet, I'd like to keep everything consistent, and part of the Solr pipeline, so I'd like the Solr pre-processor to do this for me if possible.
I would solve it with these components:
The solr.UAX29URLEmailTokenizer preserves the URL as a token
The solr.PatternReplaceFilterFactory replaces the URL token with an empty string (search Stack Overflow for a suitable regex pattern)
A solr.LengthFilterFactory filters the zero-length token
In schema.xml:
<analyzer type="index">
<tokenizer class="solr.UAX29URLEmailTokenizerFactory" />
<filter class="solr.PatternReplaceFilterFactory" pattern="..." replacement="" />
<filter class="solr.LengthFilterFactory" min="1" max="1000" />
</analyzer>
Note that changing the tokenizer from the solr.StandardTokenizerFactory may have implications beyond what is described in this answer, so be sure to test.

Does UAA require the login-server to have scope uaa.user?

I've got a deployment where I'm running the UAA sample apps, along with the Java login-server. I've configured my UAA and login-server with a custom uaa.yml and login.yml, respectively. I've populated the uaa.yml based upon the details for the "login" client by looking at the contents of /uaa/uaa/src/main/webapp/WEB-INF/spring/oauth-clients.xml, as shown below:
<entry key="login">
<map>
<entry key="id" value="login" />
<entry key="secret" value="loginsecret" />
<entry key="scope" value="openid,uaa.user" />
<entry key="authorized-grant-types" value="client_credentials,authorization_code" />
<entry key="authorities" value="oauth.login" />
<entry key="autoapprove" value="true" />
</map>
</entry>
Configured this accordingly in my uaa.yml. This seemed to work fine, and I can log in and surf the sample app.
However, when I subsequently visited the /approvals page in the sample app, I got a javascript error in approvals.jsp which was apparently caused by the absence of any corresponding entry for scope.uaa.user in the messages.properties file.
[2013-03-20 18:05:52.787] login/login-server - ???? [http-8080-1] .... DEBUG --- DispatcherServlet: Could not complete request
org.apache.jasper.JasperException: javax.servlet.ServletException: javax.servlet.jsp.JspTagException: No message found under code 'scope.uaa.user' for locale 'en_US'.
at org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:491)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:401)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:313)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:260)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:646)
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:436)
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:374)
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:302)
at org.springframework.web.servlet.view.InternalResourceView.renderMergedOutputModel(InternalResourceView.java:238)
at org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:262)
at org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1180)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:950)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:852)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:882)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:778)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
...
So, the question is -- is scope "uaa.user" really required by the login-server? And, if so, what should the entry in the messages.properties file say? I couldn't find any place that provided the agreed upon text description for uaa.user scope.
As a workaround, I've simply made up my own text for that scope in messages.properties, and the approvals page now renders OK.
Thanks,
John
Yes, the "uaa.user" is required by the login server. You can have any text string in the messages.properties file, which you will use in your application accordingly.
Let me know if that helps.
Thanks,
Hitesh
The login server can't predict what scopes are going to be available, as some may be custom to the application. The bug has been fixed here
https://github.com/cloudfoundry/login-server/commit/c39aa19db33c12a0d9740e2c0a53698b87889ebc
If no message is available to represent the scope, simply print out the name of the scope.