Using the HTTP URL Re-writing Modifier
Although URL rewriting has security risks, many websites still use that approach to store a user’s sessions. To load test these sites properly with Apache JMeter™, we will need to use the HTTP URL re-writing modifier. The modifier gets the session data from the link and uses it for navigating through the website.
What is URL Rewriting?
The HTTP protocol and Web Servers are stateless. This means that every request and response are independent, and can’t be identified by a previous request. But in almost every application, we need to know if a request is coming from the same user as their previous requests, and we need to be able to properly process all requests that come from the same user.
A good example for this need is e-commerce websites. Users can add items to their cart without being signed in, and at the end they can see their cart and then proceed to checkout. All actions by the same user from the same client (whether by browser or mobile app) are the same Session. So the session data needs to be passed between the server and client in every request and response.
One of the approaches to storing this session is URL Rewriting. In URL Rewriting, the session ID is added to each URL, and it will be received on the server side and processed accordingly. This enables the server to process complete sessions. However, if we navigate through the website with JMeter, the test will fail, since no session information was provided to the requests.
Building a URL Rewriting Scenario with JMeter
Let’s see how we can receive the session data from the first response in JMeter, and provide it to every further request.
1. Add a new Thread Group and attach several HTTP requests samplers, according to your test scenario.
2. Add the HTTP URL Re-writing Modifier right after first request where we get the session id, and before the next requests, where we want to use this session id. Right Click on Thread Group -> PreProcessors -> HTTP URL Re-writing Modifier.
In the image below, we can see that the first request is a GET index page ( / or home page ). After we GET this request we can get the session value from the URL.
For example - my.tryserver.com/home.jsp.session_id=54adf48f64fds15e6af4er8sfd456f4sa8we
As we can see we already have the session information for this user. We will add the HTTP URL Re-writing Modifier now, that will store this info for us.
As we can see, the name of the session is session_id. We will put the session key (session_id) in our HTTP URL Re-writing Modifier.
Now let’s go over the HTTP URL Re-writing Modifier configuration and gain a deeper understanding of how we can use it.
- We can write whatever we want in the Name and Comments. These are intended for us to remember what exactly happens in this step. It’s best practice to write an indicative name and to add comments that will help us understand what we are doing.
- Session Argument Name – The name of the session parameter from the previous Response. This modifier will find the parameter anywhere it exists on the page, and grab the value assigned to it, whether it's in a HREF or a form. In our case, we will use SESSION_ID. The HTTP URL Re-writing Modifier will get the value of the parameter session_id from the URL. We just need to put here the key name (SESSION_ID.) from the URL.
- Path Extension - Some web apps rewrite URLs by appending a semi-colon plus the session ID parameter. In our example we don’t need to check this, as we don’t have a semi-colon in the URL. We should use this checkbox if our URL has the semi-colons in a path.
- Do not use equals in path extension - Some web apps rewrite URLs without using an "=" sign between the parameter name and value. We don’t need to use this in our example as we use the "=" sign in the URL. If we won’t use the “=” in our path, we should use this checkbox
- Do not use questionmark in path extension - Prevents the query string to end up in the path extension. It is made for compatibility with Intershop Enfinity. We won’t need to use this one.
- Cache Session Id? – This should be checked when we want to use same Session for every request. If the checkbox is not checked, we will need to add the session data to every request
- URL Encode - The URL Encode value when writing a parameter. This should be used if encoding is needed for requests.
Now that everything is done, we can send the different requests and JMeter will use the session_id from the HTTP URL Re-writing Modifier. By using the HTTP URL Re-writing Modifier, we can build complete user flows and build large test cases without dealing with session data on each request.
That’s it! You now know how to load test websites that use URL Rewriting. Learn more JMeter from our free JMeter academy.