JSF JMeter SiteMinder

Quick notes on how to configure a JMeter test scenario for a JSF application protected by SiteMinder.


For this example, we consider that the URL of our application is http://serverName.corp/AppContext


General setup


Under thread group use HTTP request default :


  • server name: servername.corp

  • path: /AppContext/

  • and very important tick follow redirect !!


Authenticate against SiteMinder


We need the thread group to record SiteMinder related authentication and submit it with each request.


Add an HTTP Header manager

  • all set to default


Add an HTTP cookie manager

  • policy: default

  • implementation: HC4CookieHandler. This is important, the default does not work.


Add an HTTP Authorization manager



Add a basic HTTP request to application root

This request allows to authenticate to SiteMinder prior to running the scenario. Nothing to configure in this request because root is the default target of our thread group.


Tick the option follow redirect in this first request.



Extract and re-inject JSF session-related content


By default, when recording the scenario, the values of JSF session are hardcoded in the script.

This will lead to errors in subsequent run because the Session ID and related session may have expired.


We need to add an extractor to get the JSF session data out of server response and re-inject it in the following requests as a browser would do.


If you forget this step, you are likely to encounter an error like “cannot restore view”


Extract view state using an expression extractor


Under first recorded request, add a JSF Regular Expression Extractor

  • Reference name (i.e. the name of the variable where state will be stored): jsfViewState

  • Regular expression: <input type="hidden" name="javax.faces.ViewState" id="javax.faces.ViewState" value="(.+?)" autocomplete="off" />

  • template: $1$

  • default value (will be used if value cannot be extracted): wrong_value_easily_identifiable


Substitute value in subsequent requests


Modify subsequent request to replace recorded (hardcoded) value of javax.faces.ViewState by ${jsfViewState}


Save full workbench

When using workbench, tick save workbench to embed it to the saved file.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.