Highlighted
New Member.
308 views

Token is getting expired in 15mins

Hello All,

 

My Application login is redirecting to Microsoft azure ADFS where its sending a RequestSecurityTokenResponse back to client . When iam submitting to back in my sub sequent requests its passing and valid for 15mins . After mins when  I re run my script login is getting failed. 

 

Post data :"Body=wa=wsignin1.0&wresult=%3Ct%3ARequestSecurityTokenResponse+xmlns%3At%3D%22http%3A%2F%2Fschemas.xmlsoap.org%2Fws%2F2005%2F02%2Ftrust%22%3E%3Ct%3ALifetime%3E%3Cwsu%3ACreated+xmlns%3Awsu%3D%22http%3A%2F%2Fdocs.oasis-open.org%2Fwss%2F2004%2F01%2Foasis-200401-wss-wssecurity-utility-1.0.xsd%22%3E2018-08-23T06%3A05%3A25.268Z%3C%2Fwsu%3ACreated%3E%3Cwsu%3AExpires+xmlns%3Awsu%3D%22http%3A%2F%2Fdocs.oasis-open.org%2Fwss%2F2004%2F01%2Foasis-200401-wss-wssecurity-utility-1.0.xsd%22%3E2018-08-23T07%3A05%3A25.268Z%3C%2Fwsu%3AExpires%3E%3C%2Ft%3ALifetime%3E%3Cwsp%3AAppliesTo+xmlns%3Awsp%3D%22http%3A%2F%2Fschemas.xmlsoap.org%2Fws%2F2004%2F09%2Fpolicy%22%3E%3Cwsa%3AEndpointReference+xmlns%3Awsa%3D%22http%3A%2F%2Fwww.w3.org%2F2005%2F08%2Faddressing%22%3E%3Cwsa%3AAddress%3Eurn%3Aciam-ids%3C%2Fwsa%3AAddress%3E%3C%2Fwsa%3AEndpointReference%3E%3C%2Fwsp%3AAppliesTo%3E%3Ct%3ARequestedSecurityToken%3E%3Csaml%3AAssertion+MajorVersion%3D%221%22+MinorVersion%3D%221%22+AssertionID%3D%22_4df38dfd-c002-448e-aa29-3b00d89af236%22+Issuer"
        "%3D%22http%3A%2F%2Fd-accounts.bosch.com%2Fadfs%2Fservices%2Ftrust%22+IssueInstant%3D%222018-08-23T06%3A05%3A25.273Z%22+xmlns%3Asaml%3D%22urn%3Aoasis%3Anames%3Atc%3ASAML%3A1.0%3Aassertion%22%3E%3Csaml%3AConditions+NotBefore%3D%222018-08-23T06%3A05%3A25.268Z%22+NotOnOrAfter%3D%222018-08-23T07%3A05%3A25.268Z%22%3E%3Csaml%3AAudienceRestrictionCondition%3E%3Csaml%3AAudience%3Eurn%3Aciam-ids%3C%2Fsaml%3AAudience%3E%3C%2Fsaml%3AAudienceRestrictionCondition%3E%3C%2Fsaml%3AConditions%3E%3Csaml%3AAttributeStatement%3E%3Csaml%3ASubject%3E%3Csaml%3ANameIdentifier+Format%3D%22urn%3Aoasis%3Anames%3Atc%3ASAML%3A2.0%3Anameid-format%3Apersistent%22%3ES-1-5-21-3923742794-3248341794-1582090486-10329%3C%2Fsaml%3ANameIdentifier%3E%3Csaml%3ASubjectConfirmation%3E%3Csaml%3AConfirmationMethod%3Eurn%3Aoasis%3Anames%3Atc%3ASAML%3A1.0%3Acm%3Abearer%3C%2Fsaml%3AConfirmationMethod%3E%3C%2Fsaml%3ASubjectConfirmation%3E%3C%2Fsaml%3ASubject%3E%3Csaml%3AAttribute+AttributeName%3D%22BoschGlobalUserID%22+AttributeNamespace%3D%22http%3A%2F%2F"
        "schemas.bosch.com%2Ffederation%2Fclaims%22%3E%3Csaml%3AAttributeValue%3ES-1-5-21-3923742794-3248341794-1582090486-10329%3C%2Fsaml%3AAttributeValue%3E%3C%2Fsaml%3AAttribute%3E%3Csaml%3AAttribute+AttributeName%3D%22emailaddress%22+AttributeNamespace%3D%22http%3A%2F%2Fschemas.xmlsoap.org%2Fws%2F2005%2F05%2Fidentity%2Fclaims%22%3E%3Csaml%3AAttributeValue%3Etest.user2%40bosch.com%3C%2Fsaml%3AAttributeValue%3E%3C%2Fsaml%3AAttribute%3E%3Csaml%3AAttribute+AttributeName%3D%22username%22+AttributeNamespace%3D%22http%3A%2F%2Fschemas.bosch.com%2Ffederation%2Fclaims%22%3E%3Csaml%3AAttributeValue%3E876e8b79ca5b0acd3f01%3C%2Fsaml%3AAttributeValue%3E%3C%2Fsaml%3AAttribute%3E%3C%2Fsaml%3AAttributeStatement%3E%3Csaml%3AAuthenticationStatement+AuthenticationMethod%3D%22urn%3Aoasis%3Anames%3Atc%3ASAML%3A2.0%3Aac%3Aclasses%3APasswordProtectedTransport%22+AuthenticationInstant%3D%222018-08-23T06%3A05%3A24.948Z%22%3E%3Csaml%3ASubject%3E%3Csaml%3ANameIdentifier+Format%3D%22urn%3Aoasis%3Anames%3Atc%3ASAML%3A2.0%3Anameid-format%3Ape"
        "rsistent%22%3ES-1-5-21-3923742794-3248341794-1582090486-10329%3C%2Fsaml%3ANameIdentifier%3E%3Csaml%3ASubjectConfirmation%3E%3Csaml%3AConfirmationMethod%3Eurn%3Aoasis%3Anames%3Atc%3ASAML%3A1.0%3Acm%3Abearer%3C%2Fsaml%3AConfirmationMethod%3E%3C%2Fsaml%3ASubjectConfirmation%3E%3C%2Fsaml%3ASubject%3E%3C%2Fsaml%3AAuthenticationStatement%3E%3Cds%3ASignature+xmlns%3Ads%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23%22%3E%3Cds%3ASignedInfo%3E%3Cds%3ACanonicalizationMethod+Algorithm%3D%22http%3A%2F%2Fwww.w3.org%2F2001%2F10%2Fxml-exc-c14n%23%22+%2F%3E%3Cds%3ASignatureMethod+Algorithm%3D%22http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256%22+%2F%3E%3Cds%3AReference+URI%3D%22%23_4df38dfd-c002-448e-aa29-3b00d89af236%22%3E%3Cds%3ATransforms%3E%3Cds%3ATransform+Algorithm%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23enveloped-signature%22+%2F%3E%3Cds%3ATransform+Algorithm%3D%22http%3A%2F%2Fwww.w3.org%2F2001%2F10%2Fxml-exc-c14n%23%22+%2F%3E%3C%2Fds%3ATransforms%3E%3Cds%3ADigestMethod+Algorithm%3"
        "D%22http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmlenc%23sha256%22+%2F%3E%3Cds%3ADigestValue%3E4gXk%2BlKvmTBY9QqE%2F78GbVpdvr%2F5TjBlEh3Ainu%2B9E8%3D%3C%2Fds%3ADigestValue%3E%3C%2Fds%3AReference%3E%3C%2Fds%3ASignedInfo%3E%3Cds%3ASignatureValue%3Eji2yp%2Fcx7Bs3gMIDL1a8z5p6KRI%2Fg6LreJ63Rb77pO19f5ScpOKJxskKygw8y%2BJtS5rrSwq9P45dJSZnbGKo9dtPU1eoSKvWnx6ZQfCiEN6tcrPLLAhs5%2BBSfa%2FZcJmBnV%2B04K5%2FyfOvB%2BhamSUwZOzA7RjSBPHir1GPVwnN8SzoD3e%2F0XK1iOtpcgU7oGBBqEWZPIaoasUol7VcmcEFVbVtMstChPTNbNRIUAkR0TjTd99dZVqzuizcKh6kxc%2B2GWx8hHOjcnsC6dO6ur7cBZdinkq4nJfnQcHFUdBVeGdniStLL5SiLRQ%2Bw2OAYhPUXUWUsPI%2B2w5ktW0hqYXivQ%3D%3D%3C%2Fds%3ASignatureValue%3E%3CKeyInfo+xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23%22%3E%3CX509Data%3E%3CX509Certificate%3EMIIC5DCCAcygAwIBAgIQFgCkuwDYqL5Flo%2BF6vgc%2BjANBgkqhkiG9w0BAQsFADAuMSwwKgYDVQQDEyNBREZTIFNpZ25pbmcgLSBkLWFjY291bnRzLmJvc2NoLmNvbTAeFw0xODA3MTIwNzQyNTZaFw0xOTA3MTIwNzQyNTZaMC4xLDAqBgNVBAMTI0FERlMgU2lnbmluZyAtIGQtYWNjb3VudHMuYm9zY2guY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMII"
        "BCgKCAQEA1%2BaCl4Zys2KoUWrc6Gw13kcmRtrGu6tUTkPh85Eogv4lKFk1clKAP%2BvnIBmlAGCVcaAwfd%2FAL2y8qfF1MLubMaBv8xO%2B3VvjHHAgkT%2FCcKBrCfNKUoINUZkaB8QBZYSElOgr%2Bqp9esJZlZpQB5BxVsTcgw7%2FknkWEznL5vSolBXtaFbOm3CQXnPGvjnOdSWFWvY1mQmsOLxdT8q58HfkKFsRf7UQkezVzT3Xm9h9smF1OHLs6xkP9iXffAPimJ%2FisvmkQKBbzWjw5p%2FxMWgVq%2BnHcBda8sjO%2BvVfT10IkLoC7ItMIV4fjU7EpdVeWYOJ8XlCBeCIGc0ogHGmafLZkwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQA%2BKV6nUHoZEFABYqi%2BiSObY%2FkVAWvSPavRZCb8r8xdllzknkn0RlPY3iVTbjhTm1GGao3D2C9ne5t3IuJk6m9pwp95BQLujWn5utY%2FrYh7xLFkdvkwo69IcNxAJxB3JT11eWFFmPd%2F7PjwfX8EDQXLFSVxAiBqmQN78iyBZdws7tUNn9hyZTHDUvXnPHUY8EKP7j9Kf%2BvExflUA%2FA7wvqrsefIqBRquMV3HlhIJHrt0IMnFloUh7kxIw2%2FN3jYHucebZldRdsPXeM7G8USNNDQHRVpBSunvxQHGlvpBTUx29%2FTH8CabkUaXD1SXQM4WSYWy9q5m6a%2F1u8UENL7Md4U%3C%2FX509Certificate%3E%3C%2FX509Data%3E%3C%2FKeyInfo%3E%3C%2Fds%3ASignature%3E%3C%2Fsaml%3AAssertion%3E%3C%2Ft%3ARequestedSecurityToken%3E%3Ct%3ATokenType%3Eurn%3Aoasis%3Anames%3Atc%3ASAML%3A1.0%3Aassertion%3C%2Ft%3ATokenType%3E%3Ct%3ARequestType%3Ehttp"
        "%3A%2F%2Fschemas.xmlsoap.org%2Fws%2F2005%2F02%2Ftrust%2FIssue%3C%2Ft%3ARequestType%3E%3Ct%3AKeyType%3Ehttp%3A%2F%2Fschemas.xmlsoap.org%2Fws%2F2005%2F05%2Fidentity%2FNoProofKey%3C%2Ft%3AKeyType%3E%3C%2Ft%3ARequestSecurityTokenResponse%3E&wctx=WsFedOwinState%3D{CorrelationParameter}",
        LAST);

Can any one help me to resolve this issue ,

 

Thank you in advance.

 

0 Likes
2 Replies
Highlighted
Acclaimed Contributor.. Acclaimed Contributor..
Acclaimed Contributor..

Re: Token is getting expired in 15mins

In reponse to your login you get a token. You have to capture that token and supply that is each next call were it is used. This is called correlation (of variable data between recieved data and data to be send).

After you complete your recording, Virtual User Generator has to option to correlate your script, use it and see what happens. It is only an aid and in some cases you have to do manual correlations as well.

Welcome to the world of test enginering!

Signature:
Reward community members who take time to respond and help.
Highlighted
New Member.

Re: Token is getting expired in 15mins

I am facing a similiar issue. Request gets redirected to Azure AD FS. But there are no headers with a token is being sent along with this request. 

Hence i won't be able to corelate any parameters from the previous request to be able to use in subsequent request. My issue is getting the t:RequestSecurityTokenResponse xml request generated from the client at the time of each request. Would any one be able to help me out with this?

web_submit_data("login.srf",
"Action=https://login.microsoftonline.com/login.srf?client-request-id={requestid",
"Method=POST",
"EncodeAtSign=YES",
"TargetFrame=",
"RecContentType=text/html",
"Referer={fsurl}",
"Snapshot=t12.inf",
"Mode=HTML",
ITEMDATA,
"Name=wa", "Value=wsignin1.0", ENDITEM,
"Name=wresult", "Value=<t:RequestSecurityTokenResponse...............

--------------------------------------------------------------------------

</RequestSecurityTokenResponse> ", ENDITEM,
"Name=wctx", "Value=LoginOptions=3&estsredirect=2&estsrequest={rqIIvalue}", ENDITEM,
LAST);

This request generates an access_token. Now, the below request uses the access_token (in bold). 


web_submit_data("default.aspx",
"Action={URL}",
"Method=POST",
"TargetFrame=",
"RecContentType=text/html",
"Referer=https://login.microsoftonline.com/login.srf?client-request-id={requestid}",
"Snapshot=t13.inf",
"Mode=HTML",
ITEMDATA,
"Name=code", "Value="{valueextractedfromPreviousstep}", ENDITEM,
"Name=id_token", "Value="{valueextractedfromPreviousstep}", ENDITEM,
"Name=session_state", "Value={value}", ENDITEM,
"Name=correlation_id", "Value={value}", ENDITEM,

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.