Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents

Recording can also be done of on web surfing sessions of client programs.

Support for Technical Client Programs and Web Services (SOAP/XML, JSON and Google Protobuf over HTTP/S)

A Web browser is only required in order to use the Web Admin GUIAdmin GUI. This means that you can also record web surfing sessions of (non-Web browser-based) technical client programs which exchange ASCIIthat exchange ASCII, SOAP/XML, JSON or Google Protobuf data with the Web server by using the HTTP/S protocol. Please note that you have to configure the the proxy settings of  of the technical client program to record web surfing sessions. In case if the technical Web client uses encrypted HTTPS connections, you have also to to import your CA Root Certificate into  into the technical Web client (see Installation Guide).

Furthermore, it's also supported to create manually a text file by using any text editor which contains definitions of SOAP and/or XML requests. Such a file can then be converted to a Web-surfing session by using the the import functionality  functionality of the the Session Cutter .

Proxy Recorder Settings and GUI Settings (Personal Settings Menu)

...

The “Personal Settings” menu allows you to configure non-form-based authentication methods (NTLM, PKCS# 11, PKCS# 12 and DER/PEM based client certificates) and some SSL options for the proxy recorder which may be necessary in order to successfully record a Web-surfing session. Furthermore, cascading the proxy recorder with another (outbound) proxy server of your company is also supported.

...

Note 1: The credentials

...

for Basic and Digest authentication

...

 are directly requested by the Web browser during recoding of a Web-surfing session. This means that no special configuration is required for these two authentication methods inside this menu.

Note 2: The authentication credentials entered in this menu can also be transferred into the generated load test programs. The allocation of individual credentials per simulated user can be selected when generating the HTTP(S) Load Test Programs

The “Web GUI” part of the menu allows you to set the the default time zone, and the the default number format, which will be used by the GUI and the GUI and by the load test programs.

Additionally, also also Alert Notifications can  can be configured which are send sent during the execution of a job as as Emails or as SMS messages

Connect to Next Proxy (Proxy Recorder)

Checkbox in Title: if checked, ZebraTester cascades the proxy recorder with another, "next", outbound proxy server of your company.

Note: To  To execute a load test through a proxy server, you must also enable the option option Load Test over HTTP(S) Proxy in the  in the Generate HTTP(S) Load Test Program menu  menu.

Input Fields

Next Proxy HTTP Host

(DNS) hostname or TCP/IP address of the next proxy server (for unencrypted connections).

Next Proxy HTTP Port

HTTP TCP/IP port number of the next proxy server (for unencrypted connections).

Next Proxy HTTP Cache disabled

if checked, request the next proxy server to disable its internal cache.

Next Proxy HTTPS Host

(DNS) hostname or TCP/IP address of the next proxy server (for encrypted connections).

Next Proxy HTTPS Port

HTTPS (secure) TCP/IP port number of the next proxy server (for encrypted connections).

Next Proxy Auth Username

basic-authentication username, used for proxy authentication on the next proxy server.

Next Proxy Auth Password

basic-authentication password, used for proxy authentication on the next proxy server.

No Next Proxy for Host/Domain

allows you to set a list of hosts, or domain names, for which the proxy settings must not be applied. The entries must be separated by commas or semicolons.

Proxy Auto-Config (PAC) Settings PAC Settings   (Proxy Recorder):

...

If the Title Checkbox is checked, this enables PAC support against web servers during the recording of web surfing sessions. ZebraTester cascades the proxy recorder with another, "next", outbound proxy server of your company. If the PAC file is at a specific URL, please enter the URL of the PAC file.

HTTPS Settings (Proxy Recorder)

Allows It allows you to adjust the HTTPS settings of the proxy recorder (used when recording encrypted network connections).

Input Fields

SSL Version

Allows

It allows you to select the SSL protocol version.

HTTPS Response Timeout

Response timeout per

HTTPS URL call

HTTPS URL call. If this timeout expires, the corresponding

HTTPS URL call

HTTPS URL call will be aborted.

SSL Session Cache enabled

If checked, enables the SSL session cache (keeping the same SSL session ID over multiple Web pages).

SSL Session Cache Timeout

The lifetime of the SSL sessions within the session cache.

Allow Legacy Renegotiation

If checked, SSL legacy renegotiation without using the Renegotiation Indication Extension (

RFC 5746

RFC 5746) is supported.

Support Elliptic Curves

If checked, also rarely used encryption algorithms like ECC are enabled. This means that all available encryption algorithms are enabled (inclusive very weak and very strong algorithms).

SNI enabled

If checked, Server Name Indication (SNI) information about the target

host name

hostname is sent to the Web server(s) during the SSL handshake (

RFC 3546

RFC 3546).

SNI critical

If checked and SNI is enabled, SSL handshakes are aborted if the target Web server(s) doesn't support Server Name Indication (SNI). The corresponding HTTP requests will fail in such a case and no data are recorded.

Enhanced Compatibility Mode

If checked, enables workarounds to support poorly-implemented SSL server libraries.

Debug Handshakes

If checked, debug information about SSL/TLS Handshakes are written to stdout or to the ZebraTester Console.

HTTPS Client Certificate Authentication - PKCS# 12 Files (Proxy Recorder)

Allows you to load X509 SSL/TLS TLS client certificates certificates, in PKCS# 12 file-format, into the proxy recorder. Because the proxy recorder operates as a like a man in the middle between  between the Web browser and the Web server, the client certificate must be loaded and activated before a Web-surfing session requiring such a certificate can be recorded.

Info

Note:

...

 Normal HTTPS sessions do not require client certificates.

The PKCS# 12 file must first be loaded by using the Personal Settings menu. Also, ensure that the certificate is active by clicking inside the red bar on the certificate. The red bar will change to a green check mark checkmark when the certificate is properly active.imageImage Removed

...

Note: To  To execute a load test which that uses client certificates, you must also enable the option option PKCS# 12 Client Certificates in the  in the Generate Load Test Program menu  menu. The allocation of individual client certificates certificates per simulated user is  is supported when generating load test programs.

From the Load Test Program Dialog:

...

HTTPS Client Certificate Authentication - DER or PEM encoded Files (Proxy Recorder)

Allows to load X509 SSL/TLS DER or PEM encoded client certificates into the proxy recorder. Based on the fact that the proxy recorder operates as "man in the middle" between the Web browser and the Web server, the client certificate must be loaded and activated before a Web-surfing session which requires such a certificate can be recorded.

Therefore, the file containing the DER or PEM encoded client certificate first be loaded by using the personal settings menu. Also, ensure that the certificate is activated by clicking inside the red bar on the certificate which turns this bar to a green check markcheckmark.

Note: To execute a load test which that uses client certificates you have additionally also to enable the option option DER/PEM Client Certificates when  when generating the Load Test Program (see above screenshot). The allocation of individual client certificates certificates per simulated user is  is supported and can be selected when generating the load test programs.

HTTPS Client Certificate Authentication - PKCS# 11 Device (Proxy Recorder)

...

Allows to you to use in Proxy Recorder X509 SSL/TLS client certificates which are embedded in PKCS# 11 Security Devices (support for HSMs and smart cards).

Info

Note:

 Normal

 Normal HTTPS sessions do not require client certificates.

Because the proxy recorder operates as a like a man in the middle between  between the Web browser and the Web server, the client certificate must be loaded and activated before a Web-surfing session requiring such a certificate can be recorded.

NTLM Authentication (Proxy Recorder)

Checkbox in Title: If checked, enables NTLM authentication against Web servers during recording.

Note: To  To execute a load test which that uses NTLM authentication, you must also enable the option  (see above screenshot) NTLM Authentication in the  in the Generate Load Test Program menu  menu. The allocation of individual NTLM accounts accounts per simulated user is  is supported when generating load test programs.

Input Fields

Domain

Windows domain name.

Username

Username of a domain account.

Password

Password

The password of a domain account.

GUI Settings

Input Fields

Time Zone

¹ Allows you to set the default time zone to be used by the load test programs, and by

the GUI

the GUI.

Number Format

¹ Allows you to set the default decimal grouping separator character for numbers; for example 123’456.00 or 123,456.00.

Background Color

Allows you to choose your desired background color for all windows.

Info

¹ only temporarily applied until program termination - for Windows, Mac OS X, and Linux systems: Modify the startup settings file prxsniff.dat to change these values permanently. For other Unix-like systems: Set the program arguments -tz and -dgs to the corresponding values.

Replay Settings

...

Input Fields

  • Number of loops: Allows you to set the number of loops that load test program run during the replay.

  • Character Encoding: Defines which character set is used to search strings within the received content and for data which are read from input files. Usually, you can use the default option UTF-8. However, if you execute some tests which contain ISO characters, it is recommended that you use the character set ISO-8859-1 to avoid problems with special characters

  • Strip Referrer Header Field: The HTTP referrer header field is not commonly used by web applications, and also often dropped by (local) internet security tools. Enabling this option reduces the data transfer and makes the load test program smaller.

  • Strip Accept Header Field to */*: The HTTP Accept header field is not commonly used by web applications but contains a long text string. Setting the accept header field to */* reduces the data transfer and makes the load test program smaller.

  • Additional Options: Several additional options for executing the replay can be combined by adding a blank char between each of the options

  • Browser Emulation: User Agents and Caching
     1. User-Agent Selection: This option is used either to create a custom user agent string or select a user agent from the available list.
     2. Browser Cache: This option emulates the cache setting of a real browser.

    • Check for newer versions of stored pages every time: when enabled, ZebraTester will check for later versions of the specified URL than those stored in the cache

Info

¹ only temporarily applied until program termination - for Windows, Mac

...

OS

...

X and Linux systems: Modify the startup settings file

...

prxsniff.dat

...

to change these values permanently. For other Unix-like systems: Set the program arguments

...

-tz

...

and

...

-dgs

...

to the corresponding values (see Application Reference Manual).