I am new to Jmeter and learning as I go on a small project in work, but I think I'm getting confused when it comes to the logging in and out of websites, as well as navigating around areas of a logged in page and was wondering if someone could shed some light on a couple of things, if possible.
To give as brief an overview of the situation as possible, the scenario I am trying perform is to navigate to a webpage, login to that website (this is a simple username/ID and password combo) and then prove that I am logged in and while logged into to the area of the site, which contains features that only permitted users are able to access, navigate around it and then log off, which, manually in the UI, is done via a "Log off" button click, returning to the login page.
Hopefully this is a simple enough scenario and one that JMeter can handle, but I think I am getting confused about the process and Jmeter's capabilities and perhaps viewing the tool as more of a UI automation tool rather than a performance one. Is there a way I can be sure that once I am logged into the site, I am a valid user and can send a request to an area that is only available to those logged in users? Can I prove that my previous HTTP request logged me in successfully and from that point on, in subsequent requests, I am a valid user to that site? Once I have logged in, I visit various areas of the site before logging out, so a similar question - can I prove I have been logged out successfully?
Perhaps to make matters more complicated, the URL, whether logged in or out, remains the same - the content changes and clicking on various elements on the site shows and hides different things, but does not navigate to a different URL, so if I send a HTTP request, it will hit the "non-logged in" page, which is correct, but if I want to try hitting the logged in pages, because the URL is the same, it will just hit the same login page as before. Not sure if there is any way around this or I am getting confused. To summarise the scenario below:
1. Visit https://www.mywebsite/user-login
2. Enter valid username and password and login
3. User is successfully logged in but URL is still https://www.mywebsite/user-login
4. Perform some clicks to open new content as a valid, logged in user, but URL remains https://www.mywebsite/user-login
5. Click logout button and return to login page but URL remains https://www.mywebsite/user-login
I am assuming that because this isn't an automation tool, if I click the logoff button, for example, during my test recording, JMeter will just simply create a HTTP request to go to the URL that the button sends the user to in the UI? I should add I have used 3 methods to capture this - the built in Test Recorder, the BlazeMeter Chrome plugin (and exporting the generated JMX file), and manually building 3 HTTP requests within JMeter. Not sure if folks recommend one approach over the others for these types of scenarios, but also happy to hear input you may have on the actual approach too.
As I say, I may be getting confused with how JMeter works. Perhaps all that is needed is one URL and a HTTP POST request to login but using as many users are we can and seeing if there is any degradation to timing and the actions a user would take within the logged in site are not needed, but any help would be greatly appreciated.
Thanks in advance.
JMeter works on HTTP protocol level, when you click buttons, links, etc. your browser sends HTTP requests to the server and renders the response.
You can see request and response details using "Network" tab of your browser developer tools
In order to mimic real user using the real browser you need to configure JMeter to send the same requests as the real browser of the real user does (apart from dynamic values which need to be correlated). So ensure that network footprint of your JMeter test is the same as for the real browser and that would be it. It would be also good to ensure that JMeter is configured to behave like a real browser
With regards to checking whether you're logged in or not and whether you can (or cannot) access specific content you can use Response Assertions which can check presence or absence of specific text in response body, headers, URL, etc.
Be aware that JMeter is not a browser so it doesn't really render the page. Nor it executes JavaScript so if you "click" something and it doesn't generate a HTTP Request and just does some client-side action like sorting something in the table you won't be able to automate this action using JMeter.