Return-Path: 
 <user-return-40265-apmail-jmeter-user-archive=jmeter.apache.org@jmeter.apache.org>
X-Original-To: apmail-jmeter-user-archive@www.apache.org
Delivered-To: apmail-jmeter-user-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 9DA2B10C40
	for <apmail-jmeter-user-archive@www.apache.org>;
 Wed, 19 Jun 2013 18:36:21 +0000 (UTC)
Received: (qmail 56049 invoked by uid 500); 19 Jun 2013 18:36:21 -0000
Delivered-To: apmail-jmeter-user-archive@jmeter.apache.org
Received: (qmail 56026 invoked by uid 500); 19 Jun 2013 18:36:21 -0000
Mailing-List: contact user-help@jmeter.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:user-help@jmeter.apache.org>
List-Unsubscribe: <mailto:user-unsubscribe@jmeter.apache.org>
List-Post: <mailto:user@jmeter.apache.org>
List-Id: <user.jmeter.apache.org>
Reply-To: "JMeter Users List" <user@jmeter.apache.org>
Delivered-To: mailing list user@jmeter.apache.org
Received: (qmail 56016 invoked by uid 99); 19 Jun 2013 18:36:20 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 19 Jun 2013 18:36:20 +0000
X-ASF-Spam-Status: No, hits=1.5 required=5.0
	tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of madhuvchandana@gmail.com
 designates 209.85.219.54 as permitted sender)
Received: from [209.85.219.54] (HELO mail-oa0-f54.google.com) (209.85.219.54)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 19 Jun 2013 18:36:15 +0000
Received: by mail-oa0-f54.google.com with SMTP id o6so6926363oag.27
        for <user@jmeter.apache.org>; Wed, 19 Jun 2013 11:35:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type;
        bh=mngpt+JNRjZVZZiodBMk/T7YXwXGWxEhzSGeczwc6W8=;
        b=jakX9wQB79FkCIqZ7syRqO0BOq1fcggHrEsMWkM3hllqEOaxl54GkUE0ubmToyuYhz
         asYGuWlpsj/BG66KYMfgzh0ODjU79aoOybztMHc1+wCcxUJTrr8c6CgHI+KKXAxibFC0
         lQywg++AecsMzvEwDMufnojel1+Gip3nN4FGjKEaThVs60MG3hntZbhdWc/f2oo7WarE
         F3mVQMk7wOt9eOQoIf60TEeVqNKxg/mIJ3xhqb8CiyqDeaNZFoj49rgCtLrq/HG9dg9/
         MXq1M4zvGh3vMGz5Dv/5QimhyziNF94VuUw6eCu2a2pyysVn0BwJt5O2YGacbwL1Bq8l
         du8Q==
MIME-Version: 1.0
X-Received: by 10.60.174.83 with SMTP id bq19mr2783393oec.80.1371666955270;
 Wed, 19 Jun 2013 11:35:55 -0700 (PDT)
Received: by 10.182.23.19 with HTTP; Wed, 19 Jun 2013 11:35:55 -0700 (PDT)
In-Reply-To: 
 <CAAuw+CnTfnyCEgsv4-GAS=s1dUTAOpfS9vfizAL7SRYguVAkbQ@mail.gmail.com>
References: 
 <CAAuw+CmqXJ2RsihiGTwKh=pp7MCYBZ7=bAEwhMovpirPbO+etg@mail.gmail.com>
	<CAKUhUpptyQLALK4_Y7BgX9-iAmEOh0qi-2oq6PDnDdMYhoaSMg@mail.gmail.com>
	<CAAuw+Ck8tVUZygH+VW0YDcmRuj8Pr=pw7z79q3BhSL03pjkT=w@mail.gmail.com>
	<CAKUhUpphfUh3Zydqug=PEM4J0BySE-MRBNz8qy0QV-uLYi5U+g@mail.gmail.com>
	<CAAuw+CnTfnyCEgsv4-GAS=s1dUTAOpfS9vfizAL7SRYguVAkbQ@mail.gmail.com>
Date: Thu, 20 Jun 2013 00:05:55 +0530
Message-ID: 
 <CAKUhUpo=sy+_Mu2CbWtzMnZxZ9_d-y0ktchax=zufB=CKQ64vg@mail.gmail.com>
Subject: Re: CSRF
From: Madhu Sekhar <madhuvchandana@gmail.com>
To: JMeter Users List <user@jmeter.apache.org>
Content-Type: multipart/alternative; boundary=089e0115f6c69e82ce04df8619f3
X-Virus-Checked: Checked by ClamAV on apache.org

--089e0115f6c69e82ce04df8619f3
Content-Type: text/plain; charset=ISO-8859-1

Is it from regex or any other matters?

On Thursday, June 20, 2013, nmq <nmq0607@gmail.com> wrote:
> I figured it out. Took a lot of googling and reading blogs, but I got it
to
> work.
> Thanks for your help
>
>
> On Wed, Jun 19, 2013 at 11:22 AM, Madhu Sekhar <madhuvchandana@gmail.com
>wrote:
>
>> Then Did you Write a RegEx to Correlate in the script? if not Please do
it.
>>
>> Thanks,
>> Madhu
>>
>>
>>
>> On Wed, Jun 19, 2013 at 8:49 PM, nmq <nmq0607@gmail.com> wrote:
>>
>> > Yes, it changes.
>> >
>> >
>> > On Wed, Jun 19, 2013 at 11:02 AM, Madhu Sekhar <
madhuvchandana@gmail.com
>> > >wrote:
>> >
>> > > Does the below value in the script change for every session/login?
>> > >
>> > > 'f3e8822f-3b26-
>> > > 48fd-b1ff-6c80742fe28f
>> > >
>> > > Thanks,
>> > > Madhu
>> > >
>> > >
>> > > On Wed, Jun 19, 2013 at 8:22 PM, nmq <nmq0607@gmail.com> wrote:
>> > >
>> > > > Hi All
>> > > >
>> > > > I've run into an issue. Our development team made some changes
>> > yesterday
>> > > > and today I'm getting an error "Error 401--Unauthorized" response
for
>> > an
>> > > > HTTP request.
>> > > >
>> > > > I examined the responses in Fiddler and I noticed this in the head
>> tag.
>> > > >
>> > > > <script type="text/javascript">
>> > > > $.setCSRFNonce('f3e8822f-3b26-48fd-b1ff-6c80742fe28f');
>> > > > </script>
>> > > >
>> > > >  I did some research on what CSRF is and found all kind of info on
>> > > Django.
>> > > > Also found a blog saying cookie manager should be able to handle
this
>> > > > authentication, by combining two elements.... by setting the
>> > save.cookie
>> > > > property in jmeter to true and to reference the CSRF token in an
HTTP
>> > > > request.
>> > > >
>> > > > I've tried this solution and it doesn't seem to work. I'm still
>> getting
>> > > the
>> > > > error.
>> > > >
>> > > > I've also been reading django documentation and trying to make
sense
>> of
>> > > it
>> > > > all. I would appreciate it if someone can help out and explain in
>> > simple
>> > > > terms (I'm not a programmer) exactly how do I go about solving this
>> > > issue.
>> > > >
>> > > > Any guidance would be highly appreciated.
>> > > >
>> > > > Thank you
>> > > > Sam
>> > > >
>> > >
>> > >
>> > >
>> > > --
>> > > madhu kk
>> > >
>> >
>>
>>
>>
>> --
>> madhu kk
>>
>

-- 
madhu kk

--089e0115f6c69e82ce04df8619f3--