Highlighted
Absent Member.
Absent Member.
5169 views

HTTP 403 error when testing SAP CRM7.0 using loadrunner 9.5

Hi there,

 

I've seen more posts related to this problem so I've decided to come up with more detailed information regarding this issue.

 

 

There are two things I would like to point out:

 

  1. I'm unable to correlate the crm-icsessionid "s_300_Z_EIC_ALG_1341474596523" which might affects the rest of the script leading to the 403 error. (The crm-icsessionid is first shown in a request in the generation log, not in a response).
  2. If I don't correlate the crm-icsessionid above, the script steps passes and continue untill the 403 error is being shown.

  

This is the request generated in the script for which the 403 is generated..

 

 /*find employees*/

 

 web_custom_request("BSPWDApplication.do",
  "URL=http://xxxxxxxxx/sap({location3})/bc/bsp/sap/crm_ui_frame/BSPWDApplication.do?sap-client=300&sap-domainrelax=min&sap-language=NL",
  "Method=POST",
  "TargetFrame=",
  "Resource=0",
  "RecContentType=text/html",
  "Referer=http://xxxxxxxxxxxxx/sap({location3})/bc/bsp/sap/crm_ui_frame/BSPWDApplication.do?sap-client=300&sap-domainrelax=min&sap-language=NL",
  "Snapshot=t32.inf",
  "Mode=HTML",
  "Body=htmlbevt_ty=thtmlb%3Alink%3Aclick%3A0&htmlbevt_frm=myFormId&htmlbevt_oid=C6_W31_V32_ZIC_BPEMP&htmlbevt_id=IC_BPIDENT&htmlbevt_cnt=0&onInputProcessing=htmlb&SVH_INPUTFIELD_ID=&SVH_INPUTFIELD_VALUE=&thtmlbModifiedInputfieldIds=&sap-htmlb-design=&sap-ajaxtarget=C1_W1_V2_C6_W31_V32_MainNavigationLinks.do&sap-ajax_dh_mode=AUTO&wcf-secure-id={wcf-secure-id}&thtmlbKeyboardFocusId=C6_W31_V32_ZIC_BPEMP&thtmlbKeyboardSelectId=&C13_W49_V50_SearchMenuAnchor1=UP&C15_W13_V24_selected_key=&"
  "thtmlbSliderState=&PREFIX_ID=C9_W38_V39_&C9_W38_V39_SCRATCHPAD_TEXT=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_PREVIOUS_ALERTS=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_PREVIOUS_HASMORE=&C9_W38_V39_CONTEXTAREA_DNISDISPLAY_PREVIOUS_INFO=&C9_W38_V39_CONTEXTAREA_TOPIC_ID=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_MESSAGE=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_HASLINK=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_CODE=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_VALUE1=&"
  "C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_VALUE2=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_VALUE3=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_VALUE4=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_VALUE5=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_VALUE6=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_VALUE7=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_VALUE8=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_VALUE9=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_VALUE10=&"
  "C9_W38_V39_SCRATCHPAD_DUMMY_FIELD=&C9_W38_V39_ACTION_GUID=&C9_W38_V39_AC_OBJECT_KEY=&C9_W38_V39_AC_VALUE=&C9_W38_V39_AC_CONTAINER=&C9_W38_V39_MYITSLOCATION=&C9_W38_V39_POLLFREE_ALERTS=%7B%22Alerts%22%3A%5B%5D%7D&C9_W38_V39_REMOVED_NP_ALERTS=&crmFrwScrollXPos=0&crmFrwScrollYPos=0&crmFrwOldScrollXPos=0&crmFrwOldScrollYPos=0&flashIslandsAsString=&callbackFlashIslands=%2Fsap({location3})"
  "%2Fwebcuif%2Fuif_callback%3Fcrm_handler%3DCL_THTMLBX_FLASH_ISLAND&th-mes-isex=&C1_W1_V2_V3_V55_bchistory_selection=&C1_W1_V2_C1_W1_V2_V3_$subHeader1_force_update_toolbar=&C1_W1_V2_C1_W1_V2_V3_$subHeader2_force_update_toolbar=&C2_W12_V14_V19_quicksearch_quicksearch=&C2_W12_V14_V21_search_PARAMETERS[1].FIELD=MAINCATEGORY&C2_W12_V14_V21_search_PARAMETERS[1].OPERATOR=EQ&C2_W12_V14_V21_search_PARAMETERS[1].VALUE1=ZSRV&C2_W12_V14_V21_search_PARAMETERS[1].VALUE2=ZSRV&C2_W12_V14_V21_search_PARAMETERS[2]"
  ".FIELD=ASSIGNEDTO&C2_W12_V14_V21_search_PARAMETERS[2].OPERATOR=EQ&C2_W12_V14_V21_search_PARAMETERS[2].VALUE1=&C2_W12_V14_V21_search_PARAMETERS[2].VALUE2=&C2_W12_V14_V21_search_PARAMETERS[3].FIELD=STATUS&C2_W12_V14_V21_search_PARAMETERS[3].OPERATOR=EQ&C2_W12_V14_V21_search_PARAMETERS[3].VALUE1=0000&C2_W12_V14_V21_search_PARAMETERS[3].VALUE2=0000&C2_W12_V14_V21_search_PARAMETERS[4].FIELD=OBJECTID&C2_W12_V14_V21_search_PARAMETERS[4].OPERATOR=EQ&C2_W12_V14_V21_search_PARAMETERS[4].VALUE1=&"
  "C2_W12_V14_V21_search_PARAMETERS[4].VALUE2=&C2_W12_V14_V21_search_PARAMETERS[5].FIELD=TIMEPERIOD&C2_W12_V14_V21_search_PARAMETERS[5].OPERATOR=EQ&C2_W12_V14_V21_search_PARAMETERS[5].VALUE1=0000&C2_W12_V14_V21_search_PARAMETERS[5].VALUE2=0000&C2_W12_V14_V21_search_PARAMETERS[6].FIELD=CAT_DESC&C2_W12_V14_V21_search_PARAMETERS[6].OPERATOR=EQ&C2_W12_V14_V21_search_PARAMETERS[6].VALUE1=&C2_W12_V14_V21_search_PARAMETERS[6].VALUE2=&C2_W12_V14_V16_ItemTree_force_update_toolbar=&"
  "C2_W12_V14_V16_ItemTree_force_update_toolbar=&C2_W12_V14_V16_ItemTree_editMode=NONE&C2_W12_V14_V16_ItemTree_isCellerator=TRUE&C2_W12_V14_V16_ItemTree_selectedRows=&C2_W12_V14_V16_ItemTree_rowCount=0&C2_W12_V14_V16_ItemTree_lastSelectedRow=&C2_W12_V14_V16_ItemTree_allRowSelected=FALSE&C2_W12_V14_V16_ItemTree_visibleFirstRow=1&C2_W12_V14_V16_ItemTree_scrollPosition=&C2_W12_V14_V16_ItemTree_hscrollPosition=&C2_W12_V14_V16_ItemTree_bindingString=%2F%2FItems%2FTable&C2_W12_V14_V16_ItemTree_fixedColumns"
  "=&C2_W12_V14_V16_ItemTree_filterApplied=FALSE&C2_W12_V14_V16_ItemTree_firstSelectedRow=&C2_W12_V14_V16_ItemTree_ctrlShiftKeyMode=&C2_W12_V14_V16_ItemTree_previousSelectedRange=&C2_W12_V14_V16_ItemTree_isNavModeActivated=TRUE&C2_W12_V14_V16_ItemTree_multiParameter=0%2F%2F%2F%2F0%2F%2F%2F%2F0%2F%2F%2F%2F0&C2_W12_V14_V16_ItemTreetreearea_iscollapsed=&C2_W12_V14_V16_ItemTreetreearea_displaymode=X&C2_W12_V14_thtmlbShowSearchFields=true&thtmlbScrollAreaWidth=0&thtmlbScrollAreaHeight=0&LTX_PREFIX_ID="
  "C1_W1_V2_&C1_W1_V2_LTX_VETO_FLAG=&C1_W1_V2_ACTION_GUID=&C1_W1_V2_AC_OBJECT_KEY=&C1_W1_V2_AC_VALUE=&C1_W1_V2_AC_CONTAINER=&C1_W1_V2_MYITSLOCATION=&sap-ajax_request=X",
  LAST);

 

The error itself:

 

Error -26628: HTTP Status-Code=403 (Unauthorized Request) for "http://xxxxxxxxxxx/sap(bD1OTCZjPTMwMCZpPTEmZT1URkpWVTFJME5qQXlYMTlmTVRNNU5GOWZBQ0prQTRJdUh0R3lfek9zMzY4VENBJTNkJTNk)/bc/bsp/sap/crm_ui_frame/BSPWDApplication.do?sap-client=300&sap-domainrelax=min&sap-language=NL"   [MsgId: MERR-26628]

 

 

When I compare the replay log and the generation log results of the last step they look the same.

 

I'm not giving up therefore I'm looking for help. I appreciate any, comments hints etc.

 

Thank you,

Patrick

Tags (1)
0 Likes
5 Replies
Highlighted
Absent Member.. Absent Member..
Absent Member..

Re: HTTP 403 error when testing SAP CRM7.0 using loadrunner 9.5

Hi Patrick,

 

You might decide to give me a treat for this as the solution below is a 5 days effort going throuh every single piece of response and understanding the analogy. 🙂 Just kidding. I actually did failed many a times before I can actually capture this solution.

 

In ""http://xxxxxxxxx/sap({location3})/bc/bsp/sap/crm_ui_frame/BSPWDApplication.do?sap-client=300&sap-domainrelax=min&sap-language=NL"" whatever {location3} parameter you have used is wrong. Actually there are two dynamic values generated with similar Start & End values. Here you get into a perception that all the values captured in first case are the same ones used in all requests.

 

For your reference, I am giving the below code where to identify your first dynamic parameter of a dynamic display value & second dynamic parameter of a dynamci display value.

FIRST PARAM:

web_reg_save_param_ex("ParamName=E_Session_ID", "LB/IC=(ZT1Xa0ZRVFY5ZlgxOWZYMTlmTVRGZk5sOW", "RB/IC=PT0=)", SEARCH_FILTERS, "Scope=body", LAST);

 

web_submit_data("uif_callback",
"Action=http://xxxxxxxxxx:8006/sap/webcuif/uif_callback?sap-client=810&sap-language=EN&sap-domainRelax=min&crm_handler=CL_CRM_UI_SESSION_MANAGER",
"Method=POST",
"RecContentType=text/plain",
"Referer=http://xxxxxx:8006/sap({SAP_ID})/bc/bsp/sap/crm_ui_start/default.htm",
"Mode=HTML",
ITEMDATA,
"Name=cmd", "Value=get_esid", ENDITEM,
LAST);

 

SECOND PARAM:

 

web_reg_save_param_ex("ParamName=E_Session_ID_2",
"LB/IC=(ZT1Xa0ZRVFY5ZlgxOWZYMTlmTVRGZk5sOW", "RB/IC=PT0=)", SEARCH_FILTERS, "Scope=body", LAST);

 

web_submit_data("uif_callback_3",
"Action=http://xxxxxxxxx:8006/sap/webcuif/uif_callback?sap-client=810&sap-language=EN&sap-domainRelax=min&crm_handler=CL_CRM_UI_SESSION_MANAGER",
"Method=POST",
"RecContentType=text/plain",
"Referer=http://xxxxxxxxxx:8006/sap(bD1lbiZjPTgxMCZkPW1pbiZ2PTclMmUwMA==)/bc/bsp/sap/crm_ui_start/default.htm?crm-icsessionsyncid={CRM_Session_ID}%20&crm-iccc=&crm-icwscl=810&crm-ext-integration=true&sap-tray-padding=X&sap-tray-type=PLAIN&sapouid=00000000&saprole=ZKTIC_EME&crm-icsessionid=s_810_ZKTIC_EME_1338018444782",
"Mode=HTML",
ITEMDATA,
"Name=cmd", "Value=get_esid", ENDITEM,
LAST);

 

Like this, you need to correlate in different places where the dynamic session ID is created in call back functions. Another challenge is to identify in which place you need to use first session ID & in which place to use second session ID. I leave this to you to do trail & error as the usage is very dynamic across various SAP pages. Also do not confise the above correlated paramters with the generic SAP ID parameter which everyone can simply correlate (shown below).

 

web_reg_save_param_ex("ParamName=SAP_ID", "LB/IC=action=\"/sap(", "RB/IC=)/bc/bsp/sap/", SEARCH_FILTERS, "Scope=body", LAST);

 

web_submit_form("default.htm",
"Action=http://xxxxxxxxx:8006/sap/bc/bsp/sap/crm_ui_start/default.htm",
"Snapshot=t10.inf",
ITEMDATA,
LAST);

 

Hope this helps you. Let me know if you are still getting error with complete script details.

 

 


Regards,
Raj

Like this Post? Click Kudos! to show appreciation.
Is your issue addressed? Click "ACCEPT AS SOLUTION" against the post which helped you the most.
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: HTTP 403 error when testing SAP CRM7.0 using loadrunner 9.5

Thank you very much. Let's get to it then 🙂 Before you read further down, I'm using LoadRunner 9.5, therefore the web_reg_save_param_ex is not supported I think. But I think the Web_reg_save_param can do the job too.


I have two recordings with the following ID's / correlations

 

newest recorded script

 

contextid:  SID:ANON:pdirmcr1_MCR_00:zBVosRnNuSc25JIDYnCyde3wLMGYxfpAuW5lBF7I-ATT
redirection_location:  bD1ubCZjPTMwMCZkPW1pbg== 
esid:   ZT1URkpWVTFJME5qQXlYMTlmTUY5Zk1WOWZBQ0prQWs5S0h0R3poWmxETDRLT0JnPT0=
redirection_location2: bD1OTCZjPTMwMCZpPTEmZT1URkpWVTFJME5qQXlYMTlmTUY5Zk1WOWZBQ0prQWs5S0h0R3poWmxETDRLT0JnJTNkJTNk
icsessionsyncid: 20120712142054.0982110
session_access_token: c3N0PUVGNENDN0MyQTVENjM1MTlCRjY4N0UyMzc4RkE1OEY3MDAyMjY0MDI0RjRBMUVEMUIzODU5OTQ2RTg4NzBFMEE
esid2:   ZT1URkpWVTFJME5qQXlYMTlmTVRNNU5GOWZBQ0prQTRJdUh0R3poWmxXUC1MTkNBPT0=
redirection_location3: bD1OTCZjPTMwMCZpPTEmZT1URkpWVTFJME5qQXlYMTlmTVRNNU5GOWZBQ0prQTRJdUh0R3poWmxXUC1MTkNBJTNkJTNk
wcf-secure-id:  7749CF993FF9F48215DD226325E3D817 

 

previous recorded script

 

contextid:  SID:ANON:pdirmcr1_MCR_00:S-C9JupARd6U8TOt9yD5hOqJG8KFMQ44odd5Pejf-ATT
redirection_location:  bD1ubCZjPTMwMCZkPW1pbg==
esid:   ZT1URkpWVTFJME5qQXlYMTlmTUY5Zk1WOWZBQ0prQWs5S0h0R3h6c0JqSnA4RERnPT0=
redirected_location2: bD1OTCZjPTMwMCZpPTEmZT1URkpWVTFJME5qQXlYMTlmTUY5Zk1WOWZBQ0prQWs5S0h0R3h6c0JqSnA4RERnJTNkJTNk
icsessionsyncid: 20120705074956.1567720
session_access_token: c3N0PTFGNDczM0NERjVBOEU5MTA1NTQxMUEyQjU3RjVEMDU1MDAyMjY0MDI0RjRBMUVEMUIxQ0VDMDY5QTkyOEMzMDI
esid2:   ZT1URkpWVTFJME5qQXlYMTlmTVRNNU5GOWZBQ0prQTRJdUh1R3h6c0I1UnNnWEJnPT0=
redirection_location3: bD1OTCZjPTMwMCZpPTEmZT1URkpWVTFJME5qQXlYMTlmTVRNNU5GOWZBQ0prQTRJdUh1R3h6c0I1UnNnWEJnJTNkJTNk
wcf-secure-id:  3330ED6B7F7BE68139DC861AD027ADD6

 

According your message, I have to look for a pattern in the ID's and correlate them seperately (if understand that correctly)

 

* You said the location 3 is wrong, let's compare

 

newest recorded script:  redirection_location3:

bD1OTCZjPTMwMCZpPTEmZT1URkpWVTFJME5qQXlYMTlmTVRNNU5GOWZBQ0prQTRJdUh0R3poWmxXUC1MTkNBJTNkJTNk

previous recorded script:

redirection_location3: bD1OTCZjPTMwMCZpPTEmZT1URkpWVTFJME5qQXlYMTlmTVRNNU5GOWZBQ0prQTRJdUh1R3h6c0I1UnNnWEJnJTNkJTNk

 

first part is the same: bD1OTCZjPTMwMCZpPTEmZT1URkpWVTFJME5qQXlYMTlmTVRNNU5GOWZBQ0prQTRJdUh

second part is different:

0R3poWmxXUC1MTkNB and 1R3h6c0I1UnNnWEJn

third part is the same:

JTNkJTNk

 

Based on this, I think the correlation for the location is correct as all three part will change correctly as an dynamic parameter. Now I'm starting to think
that you meant the esid parameter as that is the one you mentioned in your code sample. Let's continue comparing the esid.

 

newest recorded script:  esid:

ZT1URkpWVTFJME5qQXlYMTlmTUY5Zk1WOWZBQ0prQWs5S0h0R3poWmxETDRLT0JnPT0=

previous recorded script:

esid: ZT1URkpWVTFJME5qQXlYMTlmTUY5Zk1WOWZBQ0prQWs5S0h0R3h6c0JqSnA4RERnPT0=

 

first part is the same:

ZT1URkpWVTFJME5qQXlYMTlmTUY5Zk1WOWZBQ0prQWs5S0h0R3

second part is different:

poWmxETDRLT0J and h6c0JqSnA4RER

third part is the same:

nPT0=

 

* I noticed that you are using PTO= as a boundary. But my conclusion right now is that my correlations are well placed. You might not have enough information of what my script looks like. Therefore, I will copy it for you. I think I have your solution already in my script.

 

Any other suggestions? And thank you for your help.

 

Cheers,
Patrick

 

SCRIPT

 

web_url("crm_logon",
  "URL=http://xxxxx.xxxxx.xxxxx.xx/sap/crm_logon?sap-client=300",
  "Resource=0",
  "RecContentType=text/html",
  "Referer=",
  "Snapshot=t1.inf",
  "Mode=HTML",
  LAST);

 

 //properties can used static
 web_url("messagebundle_en.properties",
  "URL=http://xxxxx.xxxxx.xxxxx.xx/sap/public/bc/ur/nw7/js/texts/messagebundle_en.properties?A46DDE875E75",
  "Resource=0",
  "RecContentType=text/html",
  "Referer=http://xxxxx.xxxxx.xxxxx.xx/sap/crm_logon?sap-client=300",
  "Snapshot=t2.inf",
  "Mode=HTML",
  LAST);

 

 /*Log On*/

 

//Generation log says:  SID:ANON:pdirmcr1_MCR_00:zBVosRnNuSc25JIDYnCyde3wLMGYxfpAuW5lBF7I-ATT
//Replay log says:  SID%3aANON%3apdirmcr1_MCR_00%3azBVoqiM-v-wOogde3xJVFbmqtMGYxftA3W5TPTxr-NEW
 
 //For -ATT do
 web_reg_save_param("sap-contextid-ATT",
  "LB=sap-contextid=",
  "RB=-ATT",
  "Search=Headers",
  "Ord=1",
  "Notfound=Warning",
  LAST);

 

//For -NEW do
 web_reg_save_param("sap-contextid-NEW",
  "LB=sap-contextid=",
  "RB=-NEW",
  "Search=Headers",
  "Ord=1",
  "Notfound=Warning",
  LAST);

 

//Generation log says:  bD1ubCZjPTMwMCZkPW1pbg==
 //replay log:   bD1ubCZjPTMwMCZkPW1pbg==
 web_reg_save_param("redirection_location",
  "LB=location: /sap(",
  "RB=)/crm_logon",
  "Search=Headers",
  "Ord=1",
  "Notfound=Warning",
  LAST);

 

web_submit_data("crm_logon_2",
  "Action=http://xxxxx.xxxxx.xxxxx.xx/sap/crm_logon",
  "Method=POST",
  "RecContentType=text/html",
  "Referer=http://xxxxx.xxxxx.xxxxx.xx/sap/crm_logon?sap-client=300",
  "Snapshot=t3.inf",
  "Mode=HTML",
  ITEMDATA,
  "Name=FOCUS_ID", "Value=sap-user", ENDITEM,
  "Name=sap-system-login-oninputprocessing", "Value=onLogin", ENDITEM,
  "Name=sap-urlscheme", "Value=", ENDITEM,
  "Name=sap-system-login", "Value=onLogin", ENDITEM,
  "Name=sap-system-login-basic_auth", "Value=", ENDITEM,
  "Name=sap-accessibility", "Value=", ENDITEM,
  "Name=sap-system-login-cookie_disabled", "Value=", ENDITEM,
  "Name=sysid", "Value=MCR", ENDITEM,
  "Name=sap-client", "Value=300", ENDITEM,
  "Name=sap-user", "Value=LRUSR4602", ENDITEM,
  "Name=sap-password", "Value=Vandaag02", ENDITEM,
  "Name=sap-language", "Value=NL", ENDITEM,
  "Name=sap-language-dropdown", "Value=Dutch", ENDITEM,
  "Name=SAPEVENTQUEUE", "Value=ComboBox_Select~E002Id~E004sap-language-dropdown~E005Key~E004NL~E003~E002ResponseData~E004delta~E003~E002~E003~E001Form_Submit~E002Id~E004SL__FORM~E003~E002ClientAction~E004submit~E005ActionUrl~E004~E005ResponseData~E004full~E005PrepareScript~E004~E003~E002~E003", ENDITEM,
  LAST);

 

//The script fails whenever the contextid not taken properly, so I have to manipulate it to be correct. Creating two parameters, the id and the -ATT or -NEW type. Which are concatenated later in the script.
 if (atoi(lr_eval_string("{sap-contextid-ATT}")) == 0) {
  lr_save_string(lr_eval_string("{sap-contextid-NEW}"), "sap-contextid");
  lr_save_string("-NEW", "sap-contexttype");
 }
 else
 {
  lr_save_string(lr_eval_string("{sap-contextid-NEW}"), "sap-contextid");
  lr_save_string("-ATT", "sap-contexttype");
 }

 

 //If sessions are still open, you have to click next first that closes all previous sessions. How do I know this is the current state? that is because the redirection_location is not found, see condition below.
 if (atoi(lr_eval_string("{redirection_location}")) == 0) {

 

  web_url("messagebundle_nl.properties",
   "URL=http://xxxxx.xxxxx.xxxxx.xx/sap/public/bc/ur/nw7/js/texts/messagebundle_nl.properties?A46DDE875E75",
   "Resource=0",
   "RecContentType=text/html",
   "Referer=http://xxxxx.xxxxx.xxxxx.xx/sap/crm_logon?sap-system-login=X&sap-system-login-cookie=X&sap-contextid={sap-contextid}{sap-contexttype}",
   "Snapshot=t4.inf",
  "Mode=HTML",
   LAST);

 

 /*Next*/

 

//Generation log says: bD1ubCZjPTMwMCZkPW1pbg==
 //replay log:   bD1ubCZjPTMwMCZkPW1pbg==
 web_reg_save_param("redirection_location",
  "LB=location: /sap(",
  "RB=)/crm_logon",
  "Search=Headers",
  "Ord=1",
  LAST);

 

web_submit_data("crm_logon_3",
  "Action=http://xxxxx.xxxxx.xxxxx.xx/sap/crm_logon",
  "Method=POST",
  "RecContentType=text/html",
  "Referer=http://xxxxx.xxxxx.xxxxx.xx/sap/crm_logon?sap-system-login=X&sap-system-login-cookie=X&sap-contextid={sap-contextid}{sap-contexttype}",
  "Snapshot=t5.inf",
  "Mode=HTML",
  ITEMDATA,
  "Name=FOCUS_ID", "Value=SESSION_QUERY_CONTINUE_BUTTON", ENDITEM,
  "Name=sap-system-login-oninputprocessing", "Value=onSessionQuery", ENDITEM,
  "Name=sap-urlscheme", "Value=", ENDITEM,
  "Name=sap-system-login", "Value=onSessionQuery", ENDITEM,
  "Name=sap-system-login-basic_auth", "Value=", ENDITEM,
  "Name=sap-client", "Value=300", ENDITEM,
  "Name=sap-language", "Value=NL", ENDITEM,
  "Name=sap-accessibility", "Value=", ENDITEM,
  "Name=delete-session-cb", "Value=X", ENDITEM,
  "Name=delete_session", "Value=X", ENDITEM,
  "Name=SAPEVENTQUEUE", "Value=Form_Submit~E002Id~E004SL__FORM~E003~E002ClientAction~E004submit~E005ActionUrl~E004~E005ResponseData~E004full~E005PrepareScript~E004~E003~E002~E003", ENDITEM,
  LAST);

 

}

 

//Generation log says: ZT1URkpWVTFJME5qQXlYMTlmTUY5Zk1WOWZBQ0prQWs5S0h0R3poWmxETDRLT0JnPT0=
 web_reg_save_param( "esid", "LB=(", "RB=)", "Ord=1","Search=Body","Notfound=warning", LAST );

 web_submit_data("uif_callback",
  "Action=http://xxxxx.xxxxx.xxxxx.xx/sap/webcuif/uif_callback?sap-client=300&sap-language=NL&sap-domainRelax=min&crm_handler=CL_CRM_UI_SESSION_MANAGER",
  "Method=POST",
  "RecContentType=text/plain",
  "Referer=http://xxxxx.xxxxx.xxxxx.xx/sap({redirection_location})/crm_logon/default.htm",
  "Snapshot=t6.inf",
  "Mode=HTML",
  ITEMDATA,
  "Name=cmd", "Value=get_esid", ENDITEM,
  LAST);

 

 web_custom_request("uif_callback_2",
  "URL=http://xxxxx.xxxxx.xxxxx.xx/sap({esid})/webcuif/uif_callback?sap-client=300&sap-language=NL&sap-domainRelax=min&crm_handler=CL_CRM_UI_SESSION_MANAGER",
  "Method=POST",
  "Resource=0",
  "RecContentType=text/plain",
  "Referer=http://xxxxx.xxxxx.xxxxx.xx/sap({redirection_location})/crm_logon/default.htm",
  "Mode=HTML",
  "Body=cmd=store_request&esid=({esid})&",
  LAST);

 

 //Generation log says: bD1OTCZjPTMwMCZpPTEmZT1URkpWVTFJME5qQXlYMTlmTUY5Zk1WOWZBQ0prQWs5S0h0R3poWmxETDRLT0JnJTNkJTNk
 web_reg_save_param( "redirection_location2", "LB=location: /sap(", "RB=)/bc", "Ord=1","Search=Headers", LAST );

 

//Generation log says: 20120712142054.0982110
 web_reg_save_param( "icsessionsyncid", "LB=&crm-icsessionsyncid=", "RB= &crm-iccc=", "Ord=1","Search=Body",LAST );

 

//Generation log says: c3N0PUVGNENDN0MyQTVENjM1MTlCRjY4N0UyMzc4RkE1OEY3MDAyMjY0MDI0RjRBMUVEMUIzODU5OTQ2RTg4NzBFMEE
 web_reg_save_param( "sap-session_access_token", "LB=sap-session_access_token=", "RB==\"", "Ord=1","Search=Body","Notfound=warning", LAST );

 

 web_url("main.htm",
  "URL=http://xxxxx.xxxxx.xxxxx.xx/sap({esid})/bc/bsp/sap/crm_ui_frame/main.htm?sap-client=300&sap-language=NL&sap-domainRelax=min&saprole=Z_EIC_ALG",
  "Resource=0",
  "RecContentType=text/html",
  "Referer=http://xxxxx.xxxxx.xxxxx.xx/sap({redirection_location})/crm_logon/default.htm",
  "Snapshot=t7.inf",
  "Mode=HTML",
  LAST);

 

web_url("ic_base_broadcast_sort_and_filter.xsl",
  "URL=http://xxxxx.xxxxx.xxxxx.xx/sap/bc/bsp/sap/crmcmp_ic_frame/scripts/broadcast/ic_base_broadcast_sort_and_filter.xsl",
  "Resource=0",
  "RecContentType=text/xml",
  "Referer=http://xxxxx.xxxxx.xxxxx.xx/sap({redirection_location2})/bc/bsp/sap/crmcmp_ic_frame/",
  "Snapshot=t8.inf",
  "Mode=HTML",
  LAST);

 

web_url("ic_base_broadcast_xml_to_html.xsl",
  "URL=http://xxxxx.xxxxx.xxxxx.xx/sap({redirection_location2})/bc/bsp/sap/crmcmp_ic_frame/ic_base_broadcast_xml_to_html.xsl",
  "Resource=0",
  "RecContentType=text/xml",
  "Referer=http://xxxxx.xxxxx.xxxxx.xx/sap({redirection_location2})/bc/bsp/sap/crmcmp_ic_frame/",
  "Snapshot=t9.inf",
  "Mode=HTML",
  LAST);

 

web_url("default.htm",
  "URL=http://xxxxx.xxxxx.xxxxx.xx/sap/bc/bsp/sap/crm_ui_start/default.htm?sap-accessibility=&sap-rtl=&crm-icsessionsyncid={icsessionsyncid}%20&crm-iccc=&crm-icwscl=300&sap-domainrelax=min&sap-language=NL&sapouid=00000000&sap-client=300&saprole=Z_EIC_ALG&crm-icsessionid=s_300_Z_EIC_ALG_1342102854470",
  "Resource=0",
  "RecContentType=text/html",
  "Referer=http://xxxxx.xxxxx.xxxxx.xx/sap({redirection_location2})/bc/bsp/sap/crmcmp_ic_frame/mcmain.htm?sap-client=300&sap-domainrelax=min&sap-language=NL",
  "Snapshot=t10.inf",
  "Mode=HTML",
  LAST);

 

//Generation log says: ZT1URkpWVTFJME5qQXlYMTlmTVRNNU5GOWZBQ0prQTRJdUh0R3poWmxXUC1MTkNBPT0=
 web_reg_save_param( "esid2", "LB=(", "RB=)", "Ord=1","Search=Body","Notfound=warning", LAST );

 

web_submit_data("uif_callback_3",
  "Action=http://xxxxx.xxxxx.xxxxx.xx/sap/webcuif/uif_callback?sap-client=300&sap-language=NL&sap-domainRelax=min&crm_handler=CL_CRM_UI_SESSION_MANAGER",
  "Method=POST",
  "RecContentType=text/plain",
  "Referer=http://xxxxx.xxxxx.xxxxx.xx/sap({redirection_location})/bc/bsp/sap/crm_ui_start/default.htm?crm-icsessionsyncid={icsessionsyncid}%20&crm-iccc=&crm-icwscl=300&sapouid=00000000&saprole=Z_EIC_ALG&crm-icsessionid=s_300_Z_EIC_ALG_1342102854470",
  "Snapshot=t11.inf",
  "Mode=HTML",
  ITEMDATA,
  "Name=cmd", "Value=get_esid", ENDITEM,
  LAST);

 

web_custom_request("uif_callback_4",
  "URL=http://xxxxx.xxxxx.xxxxx.xx/sap({esid2})/webcuif/uif_callback?sap-client=300&sap-language=NL&sap-domainRelax=min&crm_handler=CL_CRM_UI_SESSION_MANAGER",
  "Method=POST",
  "Resource=0",
  "RecContentType=text/plain",
  "Referer=http://xxxxx.xxxxx.xxxxx.xx/sap({redirection_location})/bc/bsp/sap/crm_ui_start/default.htm?crm-icsessionsyncid={icsessionsyncid}%20&crm-iccc=&crm-icwscl=300&sapouid=00000000&saprole=Z_EIC_ALG&crm-icsessionid=s_300_Z_EIC_ALG_1342102854470",
  "Mode=HTML",
  "Body=cmd=store_request&esid=({esid2})&crm-icsessionsyncid={icsessionsyncid}%20&crm-iccc=&crm-icwscl=300&sapouid=00000000&saprole=Z_EIC_ALG&crm-icsessionid=s_300_Z_EIC_ALG_1342102854470",
  LAST);

 

 //Generation log says: bD1OTCZjPTMwMCZpPTEmZT1URkpWVTFJME5qQXlYMTlmTVRNNU5GOWZBQ0prQTRJdUh0R3poWmxXUC1MTkNBJTNkJTNk
 web_reg_save_param( "redirection_location3", "LB=location: /sap(", "RB=)/bc", "Ord=1","Search=Headers","Notfound=warning", LAST );

 

//Generation log says: 7749CF993FF9F48215DD226325E3D817
 web_reg_save_param( "wcf-secure-id", "LB=wcf-secure-id\" value=\"", "RB=\" />", "Ord=1","Search=Body","Notfound=warning", LAST );

 web_url("main.htm_2",
  "URL=http://xxxxx.xxxxx.xxxxx.xx/sap({esid2})/bc/bsp/sap/crm_ui_frame/main.htm?sap-client=300&sap-language=NL&sap-domainRelax=min&saprole=Z_EIC_ALG",
  "Resource=0",
  "RecContentType=text/html",
  "Referer=http://xxxxx.xxxxx.xxxxx.xx/sap({redirection_location})/bc/bsp/sap/crm_ui_start/default.htm?crm-icsessionsyncid={icsessionsyncid}%20&crm-iccc=&crm-icwscl=300&sapouid=00000000&saprole=Z_EIC_ALG&crm-icsessionid=s_300_Z_EIC_ALG_1342102854470",
  "Snapshot=t12.inf",
  "Mode=HTML",
  LAST);

 

web_custom_request("sam_js2bsp_sender.htm",
  "URL=http://xxxxx.xxxxx.xxxxx.xx/sap({redirection_location2})/bc/bsp/sap/sam_sess_queue/sam_js2bsp_sender.htm?sap-session_access_token={sap-session_access_token}=",
  "Method=POST",
  "Resource=0",
  "RecContentType=text/html",
  "Referer=http://xxxxx.xxxxx.xxxxx.xx/sap({redirection_location2})/bc/bsp/sap/crmcmp_ic_frame/mcmain_header.htm",
  "Snapshot=t15.inf",
  "Mode=HTML",
  "Body=queue=http%3A%2F%2Fpdirmcr1.match.local%3A8000%2Fsap({redirection_location2})%2Fbc%2Fbsp%2Fsap%2Fsam_sess_queue%2Fsam_session_queue_cntrler.do%3Fsap-session_access_token%3D{sap-session_access_token}%3D&type=text&data=null&n0=_sam_js_poll&v0=true&n1=_sam_js_client_queue_receiver_name&v1=CL_SAM_CLIENT_QUEUE_RECEIVER&n2=_sam_bsp_session_queue&v2="
  "http%3A%2F%2Fpdirmcr1.match.local%3A8000%2Fsap({redirection_location2})%2Fbc%2Fbsp%2Fsap%2Fsam_sess_queue%2Fsam_session_queue_cntrler.do%3Fsap-session_access_token%3D{sap-session_access_token}%3D&n3=_sam_message_sent_time&v3=Thu%2C%2012%20Jul%202012%2014%3A20%3A56%20UTC",
  LAST);

 

web_url("blank.htm",
  "URL=http://xxxxx.xxxxx.xxxxx.xx/sap({redirection_location3})/bc/bsp/sap/crm_ui_frame/blank.htm",
  "Resource=0",
  "RecContentType=text/html",
  "Referer=http://xxxxx.xxxxx.xxxxx.xx/sap({redirection_location3})/bc/bsp/sap/crm_ui_frame/main.htm?sap-client=300&sap-domainrelax=min&sap-language=NL",
  "Snapshot=t16.inf",
  "Mode=HTML",
  LAST);

 

 /*Search Employees*/ Here it fails with the error Unauthorized Request (mentioned in my first post)

 

 web_custom_request("BSPWDApplication.do",
  "URL=http://xxxxx.xxxxx.xxxxx.xx/sap({redirection_location3})/bc/bsp/sap/crm_ui_frame/BSPWDApplication.do?sap-client=300&sap-domainrelax=min&sap-language=NL",
  "Method=POST",
  "Resource=0",
  "RecContentType=text/html",
  "Referer=http://xxxxx.xxxxx.xxxxx.xx/sap({redirection_location3})/bc/bsp/sap/crm_ui_frame/BSPWDApplication.do?sap-client=300&sap-domainrelax=min&sap-language=NL",
  "Snapshot=t26.inf",
  "Mode=HTML",
  "Body=htmlbevt_ty=thtmlb%3Alink%3Aclick%3A0&htmlbevt_frm=myFormId&htmlbevt_oid=C6_W31_V32_ZIC_BPEMP&htmlbevt_id=IC_BPIDENT&htmlbevt_cnt=0&onInputProcessing=htmlb&SVH_INPUTFIELD_ID=&SVH_INPUTFIELD_VALUE=&thtmlbModifiedInputfieldIds=&sap-htmlb-design=&sap-ajaxtarget=C1_W1_V2_C6_W31_V32_MainNavigationLinks.do&sap-ajax_dh_mode=AUTO&wcf-secure-id={wcf-secure-id}&thtmlbKeyboardFocusId=C6_W31_V32_ZIC_BPEMP&thtmlbKeyboardSelectId=&C13_W49_V50_SearchMenuAnchor1=UP&C15_W13_V24_selected_key=&"
  "thtmlbSliderState=&PREFIX_ID=C9_W38_V39_&C9_W38_V39_SCRATCHPAD_TEXT=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_PREVIOUS_ALERTS=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_PREVIOUS_HASMORE=&C9_W38_V39_CONTEXTAREA_DNISDISPLAY_PREVIOUS_INFO=&C9_W38_V39_CONTEXTAREA_TOPIC_ID=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_MESSAGE=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_HASLINK=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_CODE=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_VALUE1=&"
  "C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_VALUE2=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_VALUE3=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_VALUE4=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_VALUE5=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_VALUE6=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_VALUE7=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_VALUE8=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_VALUE9=&C9_W38_V39_CONTEXTAREA_ALERTDISPLAY_SELECTED_VALUE10=&"
  "C9_W38_V39_SCRATCHPAD_DUMMY_FIELD=&C9_W38_V39_ACTION_GUID=&C9_W38_V39_AC_OBJECT_KEY=&C9_W38_V39_AC_VALUE=&C9_W38_V39_AC_CONTAINER=&C9_W38_V39_MYITSLOCATION=&C9_W38_V39_POLLFREE_ALERTS=%7B%22Alerts%22%3A%5B%5D%7D&C9_W38_V39_REMOVED_NP_ALERTS=&crmFrwScrollXPos=0&crmFrwScrollYPos=0&crmFrwOldScrollXPos=0&crmFrwOldScrollYPos=0&flashIslandsAsString=&callbackFlashIslands=%2Fsap(bD1OTCZjPTMwMCZpPTEmZT1URkpWVTFJME5qQXlYMTlmTVRNNU5GOWZBQ0prQTRJdUh0R3poWmxXUC1MTkNBJTNkJTNk)"
  "%2Fwebcuif%2Fuif_callback%3Fcrm_handler%3DCL_THTMLBX_FLASH_ISLAND&th-mes-isex=&C1_W1_V2_V3_V55_bchistory_selection=&C1_W1_V2_C1_W1_V2_V3_$subHeader1_force_update_toolbar=&C1_W1_V2_C1_W1_V2_V3_$subHeader2_force_update_toolbar=&C2_W12_V14_V19_quicksearch_quicksearch=&C2_W12_V14_V21_search_PARAMETERS[1].FIELD=MAINCATEGORY&C2_W12_V14_V21_search_PARAMETERS[1].OPERATOR=EQ&C2_W12_V14_V21_search_PARAMETERS[1].VALUE1=ZSRV&C2_W12_V14_V21_search_PARAMETERS[1].VALUE2=ZSRV&C2_W12_V14_V21_search_PARAMETERS[2]"
  ".FIELD=ASSIGNEDTO&C2_W12_V14_V21_search_PARAMETERS[2].OPERATOR=EQ&C2_W12_V14_V21_search_PARAMETERS[2].VALUE1=&C2_W12_V14_V21_search_PARAMETERS[2].VALUE2=&C2_W12_V14_V21_search_PARAMETERS[3].FIELD=STATUS&C2_W12_V14_V21_search_PARAMETERS[3].OPERATOR=EQ&C2_W12_V14_V21_search_PARAMETERS[3].VALUE1=0000&C2_W12_V14_V21_search_PARAMETERS[3].VALUE2=0000&C2_W12_V14_V21_search_PARAMETERS[4].FIELD=OBJECTID&C2_W12_V14_V21_search_PARAMETERS[4].OPERATOR=EQ&C2_W12_V14_V21_search_PARAMETERS[4].VALUE1=&"
  "C2_W12_V14_V21_search_PARAMETERS[4].VALUE2=&C2_W12_V14_V21_search_PARAMETERS[5].FIELD=TIMEPERIOD&C2_W12_V14_V21_search_PARAMETERS[5].OPERATOR=EQ&C2_W12_V14_V21_search_PARAMETERS[5].VALUE1=0000&C2_W12_V14_V21_search_PARAMETERS[5].VALUE2=0000&C2_W12_V14_V21_search_PARAMETERS[6].FIELD=CAT_DESC&C2_W12_V14_V21_search_PARAMETERS[6].OPERATOR=EQ&C2_W12_V14_V21_search_PARAMETERS[6].VALUE1=&C2_W12_V14_V21_search_PARAMETERS[6].VALUE2=&C2_W12_V14_V16_ItemTree_force_update_toolbar=&"
  "C2_W12_V14_V16_ItemTree_force_update_toolbar=&C2_W12_V14_V16_ItemTree_editMode=NONE&C2_W12_V14_V16_ItemTree_isCellerator=TRUE&C2_W12_V14_V16_ItemTree_selectedRows=&C2_W12_V14_V16_ItemTree_rowCount=0&C2_W12_V14_V16_ItemTree_lastSelectedRow=&C2_W12_V14_V16_ItemTree_allRowSelected=FALSE&C2_W12_V14_V16_ItemTree_visibleFirstRow=1&C2_W12_V14_V16_ItemTree_scrollPosition=&C2_W12_V14_V16_ItemTree_hscrollPosition=&C2_W12_V14_V16_ItemTree_bindingString=%2F%2FItems%2FTable&C2_W12_V14_V16_ItemTree_fixedColumns"
  "=&C2_W12_V14_V16_ItemTree_filterApplied=FALSE&C2_W12_V14_V16_ItemTree_firstSelectedRow=&C2_W12_V14_V16_ItemTree_ctrlShiftKeyMode=&C2_W12_V14_V16_ItemTree_previousSelectedRange=&C2_W12_V14_V16_ItemTree_isNavModeActivated=TRUE&C2_W12_V14_V16_ItemTree_multiParameter=0%2F%2F%2F%2F0%2F%2F%2F%2F0%2F%2F%2F%2F0&C2_W12_V14_V16_ItemTreetreearea_iscollapsed=&C2_W12_V14_V16_ItemTreetreearea_displaymode=X&C2_W12_V14_thtmlbShowSearchFields=true&thtmlbScrollAreaWidth=0&thtmlbScrollAreaHeight=0&LTX_PREFIX_ID="
  "C1_W1_V2_&C1_W1_V2_LTX_VETO_FLAG=&C1_W1_V2_ACTION_GUID=&C1_W1_V2_AC_OBJECT_KEY=&C1_W1_V2_AC_VALUE=&C1_W1_V2_AC_CONTAINER=&C1_W1_V2_MYITSLOCATION=&sap-ajax_request=X",
  LAST);

0 Likes
Highlighted
Absent Member.. Absent Member..
Absent Member..

Re: HTTP 403 error when testing SAP CRM7.0 using loadrunner 9.5

This is the same way I did before deriving the solution.

 

Yes. As you are using 9.5, you need to downgrade the funtion I used. But it is of no issue here. As you know about it, I need not explain that. True that I might be of least help remotely, but I have seen same unauthorized issue by correlating whole Session ID (in your case redirect location or EsID?). I see that you are using ordinance to capture the variable from out put, but I see you have loose boundaries for capturing the dynamic value. Try to redefine the situation where you are not required to use Ordinance. You know what I mean, make your boundaries unique & strong with which you will come to the right solution, similar to what I did.

 

As I see you already have good knowledge, I am not going to say how to do it, but this is what the solution you are looking for. Also do not get into an illusion that, previous steps (requests) & correlation in them is right as they are returning HTTP 200 message. Compare the output in Tree view HTTP mode for all previous steps (bottom to top approach), and you will see the analogy.

 

The reason this takes time is that we get into an illusion that our correlations are correct in previous steps & focus only on the failing steps. Go into Tree view mode & compare each piece of request and response. Then you will get the clear idea where you did wrongly. May be issue might also be something else than what you and me are focussing.

 

Happy scripting & troubleshooting... 🙂

 


Regards,
Raj

Like this Post? Click Kudos! to show appreciation.
Is your issue addressed? Click "ACCEPT AS SOLUTION" against the post which helped you the most.
0 Likes
Highlighted
New Member.

Re: HTTP 403 error when testing SAP CRM7.0 using loadrunner 9.5

did you find a solution to this? Im having the same issue...

0 Likes
Highlighted
Visitor..
Visitor..

Re: HTTP 403 error when testing SAP CRM7.0 using loadrunner 9.5

Hi Raj,

I am facing same issue but using LR 12.53 version. Can you please let me know what protocol did you use for recording?

SAP Web ? or HTTP/HTML? bcoz i dont see most of the request that you have listed in which dynamic values are captured.

Awaiting for your response 🙂

Regards,

Ranjitha

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.