fbpx
Go back to all articles

Virtual Users Authorization with PFLB: Session ID Correlation​

Jun 1, 2023
8 min read

With the PFLB platform, you can run comprehensive stress testing of your system to uncover potential performance bottlenecks. To ensure accurate results, it is crucial to simulate a substantial number of concurrent users and replicate all site operations as closely to reality as possible. Similar to real visitors, virtual users are also authorized on the server using unique identifiers like a Session ID.

In load testing, recording and replaying scenarios with the same Session ID is essential. This ensures proper authorization of virtual users and accurate reproduction of the test scenario. Without maintaining a consistent identifier, virtual users may not be authorized, resulting in an inability to replicate the desired test scenario. This process of maintaining a single identifier throughout the recording and playback of a script is known as correlation. In this step-by-step guide, we will demonstrate how to correlate the Session ID with PFLB using an e-commerce website as an example.

Disclaimer:
The steps provided in this blog post serve as a general guide for correlating a Session ID with the PFLB platform. However, it’s important to note that the process may vary depending on the specific requirements and configurations of your e-commerce website.

Understanding the Role of Session ID in Load Testing

A session ID is a unique identifier assigned by a website’s server to track a user’s actions during their visit. It plays a crucial role in scenarios like online shopping, where users add items to their cart and proceed to checkout across multiple webpages. To accurately simulate real user behavior during the test, it is essential to generate virtual users with unique identifiers, such as Session IDs.

In load testing, especially for systems like e-commerce platforms, creating a load profile that closely resembles reality is paramount. This requires performing all actions within the system on behalf of virtual users. To achieve it, these virtual users must also have unique identifiers, with Session IDs being one of the essential values. By incorporating Session IDs in load testing, we can create realistic test scenarios that accurately represent user interactions and effectively evaluate the performance of the system.

Want to Learn More about PFLB?


Schedule a demo with our experts

Book a demo

The Importance of Correlating Session ID in Load Testing

To ensure the proper execution of the recorded script, it is essential to authorize virtual users by capturing the correct “sessionid” from the CreateSession server response and attaching it to subsequent requests. This process of finding and linking the correct values is called correlating.

When performing load testing or conducting performance testing on web applications, especially e-commerce platforms, as exemplified here, correlating and parameterizing unique values like Session IDs becomes crucial. Correlating Session ID plays a significant role in preserving session data across various requests, as each user session is distinct, and failure to correlate can result in request failures.

How to Correlate Session ID With PFLB?

With the PFLB platform, you can effectively simulate concurrent users and identify performance bottlenecks in your application. One of its key features is the support for session correlation through its in-built extractors and variables.

This guide provides a step-by-step walkthrough on how to correlate Session ID using PFLB. By following the instructions outlined in this guide, you will gain the knowledge and expertise to effectively correlate Session ID and enhance the accuracy of your load testing efforts.

Step 1: Recording Your Script

To begin correlating Session ID with PFLB, you need to record your script.

  • 01. Prepare a script scenario
    Document the specific user actions and steps that need to be recorded.
  • 02. Record user actions
    Utilize the built-in HAR-file recording mechanism. For example, in the Chrome browser, open Developer Tools, click the record log button, and execute the actions you want to capture. Right-click on the requests and select Save all as HAR with content.
  • 03. Upload the HAR file
    Access the PFLB platform and click the + button located in the bottom right corner to upload the HAR file. Alternatively, you can create requests manually or import them from various other sources.
Correlating Session ID screen 1 scaled 1

Step 2: Identify the Session ID

  • 01. Review the recorded requests
    Open the requests recorded in the previous step and examine them to locate where the Session ID is being passed.
  • 02. Look for common Session ID names
    In most e-commerce websites, Session IDs are passed as cookies, URL parameters, or in the form of data. Common Session ID names include “JSESSIONID”, “PHPSESSID”, “ASP.NET_SessionId”, or a custom name specific to the application.
  • 03. Locate the authentication form submission
    Pay close attention to the request that corresponds to the authentication form submission. This is where the Session ID is often generated or retrieved. Note the name of the parameter used for the Session ID.
Correlating Session ID screen 2 scaled 1

Step 3: Extract the Session ID

Once you’ve identified the Session ID, the next step is to extract it. PFLB platform provides various Post-Processors that can be used for data extraction, such as Regular Expression Extractor, xPath, jSONPath, or Boundary Extractor. Choose an appropriate tool based on how and where the Session ID is passed.

For example, to extract a Session ID passed as a parameter in the body of response:

  • 01
    Add an Extractor to the Request that receives the Session ID.
  • 02
    Configure the extractor to use Regular Expression as the extraction method.
  • 03
    Set the Extractor scope to Response Body.
  • 04
    Define the Regular Expression field to match the Session ID. For instance, if the Session ID is stored in a parameter named “JSESSIONID”, the pattern could be “JSESSIONID=(.+?);”.
  • 05
    Specify a Variable name to store the extracted Session ID, e.g., “SESSIONID”.
Correlating Session ID screen 3 scaled 1

Step 4: Use the Correlated Session ID

After extracting the Session ID and storing it in a variable, you can utilize it in subsequent requests to maintain session continuity. One common approach is to pass the Session ID as a cookie or request parameter.

  • 01
    Configure the request parameter in the body or parameters tab to use the variable containing the Session ID as the value for the “JSESSIONID”.
  • 02
    Make sure the cookie or request parameter is applied to all relevant requests in your script.
Correlating Session ID screen 4 scaled 1

Step 5: Validate Your Script

Once you’ve correlated your Session ID and incorporated it into your script, it’s important to validate the changes you made. This action ensures that the Session ID extraction and correlation are functioning correctly.

  • 01
    Enable the Debug Mode.
  • 02
    Run your script.
  • 03
    Monitor the request bodies in the Debug Mode output to verify if the Session ID is being extracted and correlated accurately.
Correlating Session ID screen 5 scaled 1

Conclusion

Correlating the Session ID as a part of load testing is crucial to accurately simulate real user behavior. By following the step-by-step guide using PFLB’s user-friendly web-based UI, you can effectively correlate the Session ID and gain valuable insights into your application’s performance.

Understanding how your application utilizes the Session ID and conducting thorough testing will enable you to optimize and scale your system effectively. Happy testing, and may your load tests provide actionable performance data for enhanced user experiences!

Table of contents

Related insights in blog articles

Explore what we’ve learned from these experiences
More Blog Articles
14 min read

10 Steps to Great Mobile App Performance Testing Using JMeter

ten steps to great mobile app performance testing using jmeter preview
Jan 9, 2025

Nowadays, almost every company has its own mobile app which provides millions of customers with products and services for all kinds of requests. Just think of it: every day, developers upload thousands of new applications to Google Play and App Store. In this blog post, we will take a step-by-step look at how to write a load script for a mobile application and run a test by generating HTTP/HTTPS traffic on the app server using JMeter.

5 min read

TestCon Europe 2025: Your Gateway to the Future of Software Testing

testcon europe 2024 preview
Jan 6, 2025

TestCon Europe 2024, the premier software testing conference, comes to Vilnius, Lithuania, from Oct 22-25. Join experts and enthusiasts onsite or online to explore the evolving landscape of software testing. Topics include Shift-Left Testing, TestOps, AI-Powered Testing, and more. Don't miss your chance to be part of this enriching experience. Secure your spot today at TestCon's official page and be at the forefront of software testing excellence.

6 min read

Roles and Responsibilities of the Performance Testing Team

roles and responsibilities of the performance testing team preview
Dec 25, 2024

Performance testing is a specialized discipline focused on assessing system performance metrics like speed and scalability. While it shares the goal of ensuring product quality, it should not be equated with the broader scope of quality assurance. In some organizations, the performance test team operates as part of the QA team, while in others, it […]

6 min read

7 Top gRPC Load Testing Tools

top gRPC testing tools for load testing preview
Dec 23, 2024

If you’re working with gRPC, you already know how important it is to test your system’s performance under real-world conditions. Whether you’re managing microservices or building real-time applications, the tools you use for testing can either save you time or create headaches. So, let’s not waste any time and go directly to the best gRPC […]

  • Be the first one to know

    We’ll send you a monthly e-mail with all the useful insights that we will have found and analyzed

    • People love to read

    Explore the most popular articles we’ve written so far