Hi,
Excuse my vague descriptions, I’m fairly new to testing and have been asked to find a tool that can simulate logging into our web application so we can stress and load test our site.
I’ve downloaded and set up gatling, and I love the way it works, very efficient. And from someone entering the development world, it’s perfectly laid out - no GUI irritations etc.
What I need to know, before I spend too much more time learning it is can gatling handle cookies from redirected websites?
Scenario;
We have an STS server and Web Server. When navigating to the website it directs you to the STS server, where you login and get sent back to the web server with a cookie. This cookie is the key to authenticating the users access, sessionID etc.
What I noticed in my recording is that this cookie is not being captured. We validate against both servers to tell whether key elements are being called or not - it calls the STS on login which is good, but it’s not sending the cookie and therefore not validating against the actual web server, ending up in a loop from the initial web call. This means we are effectively testing our login page multiple times and not the actual application.
Can gatling handle this kind of complexity? Is it simple to work around?
I’ve tried JMeter and it cannot handle this kind of task even with extravagant workarounds, so I wasn’t sure if gatling can. So far, from what I’ve found the only product to be this complex is Visual Studio ultimate 2012, but I haven’t purchased a licence and therefore have not efficiently tested it’s load application.
I can provide a sample code if need be - explaining how it actually is working.
Appreciate any help.
Josh
Hi Josh,
We don’t currently support STS, so your insecure urls won’t automatically get turned into secured ones. Except for this point, cookies should work fine.
Which Gatling version did you try?
Could you provide the expected sequence of requests and responses, with Set-Cookies and Cookies headers, please?
Cheers,
Stéphane
If you must use a propietary tool, HP loadrunner is a much better choice than some visual studio plugin. It is far ahead of everything else - including gatling, at this stage.
That being said, it has become fairly dated and stagnant, and the costs prohibitive. It is high time someone builts something more modern…
Hi Floris,
You’re saying that Load Runner is far ahead of Gatling. Can I ask you which features Gatling is actually lacking to catch up with Load Runner?
thanks
Nicolas
Joshua,
I’m sorry, I mistook STS for Strict Transport Security http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security while you meant the MS component http://msdn.microsoft.com/en-us/library/ee748490.aspx.
Generally speaking, I think most open source projects have a hard time with Microsoft stuff:
- most open source core developers don’t use Windows
- the cost and difficulty of setting up such environments at home is usually prohibitive
- most companies that goes with Microsoft tend to use the full stack and go with Visual Studio
- sadly, most companies only consume open source and tend to never contribute back
Regarding your specific use case, there’s probably a solution and we can help you with that, but you’ll have to go with a full cycle of trials and errors, providing expected and observed request and response chains.
Cheers,
Stéphane
Quite a lot, actually.
I posted a comparison and a list of things I’d like to see in gatling a few weeks ago. It should be in the list archives.
The big thing really is the whole performance center setup.
Imagine gatling split into five or six parts:
-
IDE
-
load generator (deployable on as many machines as you like)
-
controller (oversees the execution of a specific test by controlling the load generators and gathering monitoring information like CPU usage in real-time),
-
analysis tool (used to do post-test analysis with fancy graphs)
-
test scheduler, with a fancy web frontend - allows a group of test engineers to schedule and execute tests concurrently, allocating controllers and generators as needed, and tracks which tests ran when by whom.
-
versioning control - though the implementation is poor, the idea is good: Centralized storage of all test scenario, scripts, and test results in one spot, allowing you to check out the exact version of everything that was used to run a specific test in the past.
Our loadrunner setup is used by a group of almost 30 people and costs somewhere in the range of a brand new sports car. Each year. And that’s just the licensing costs.
… and I forgot to mention - the web frontend allows the test engineer to monitor the test as it runs. No waiting for post-test analysis, if you spot a problem you can fix it there and then. Not without restarting the test, mind, but this can save hours, possibly days in turnaround time.
Thanks a lot for taking the time to anwser me. Much appreciated.
I’m impressed by the size of your team !
Cheers,
Nicolas
Its not really mine. I’m no manager. And we do more than just loadtesting. Troubleshoots in prod. Network and memory analysis. Code reviews. Profiling. Traffic analysis.
That being said, its still easily three times larger than for any other latge company I’ve worked for in the past. .