I'm attempting to test REST APIs authenticated by tokens. The process is:
- Provide username and password to get a token
- Extract the token and save it into a variable in Jmeter (AUTH_TOKEN)
- Set the header 'Authorization' with the extracted token value.
- Send a request using the token.
This is my test plan:
I could extract tokens successfully. However, sending requests in step 4 is failing because of missing authorization. The View Result Tree shows that the requests contains authorization headers, but the server couldn't find authorization headers. As showed in the figure below, I added 2 headers Authorization and Content-Type and they appeared in the request. The server returned the headers it had actually received, but there wasn't Authorization:
Can anyone help me to fix this issue? Thanks so much.
P/S: the server implements RESTful APIs by Python and Flask framework. I deployed the server with Apache HTTP Server.
==========[UPDATED]========================
The server code is implemented with Flask in Pycharm. Everything is perfect when sending requests from JMeter to the server run with the embedded Flask server. The problem only appears when the server code is deployed with Apache HTTP Server. The configurations of JMeter in the above cases are exactly the same except the port. But if the cause is from Apache server, it doesn't seem reasonable.
==========[UPDATED & SOLVED]========================
I found the reason of my problem here Missing authorization header. Because of deploying the web application with Apache and mod_wsgi, Authorization headers are not passed to the application by default. I have to add this line WSGIPassAuthorization On
into my virtual host configuration.