InternetVista Web scenario documentation



Similar documents
Using Form Tools (admin)

Online signature API. Terms used in this document. The API in brief. Version 0.20,

In order for the form to process and send correctly the follow objects must be in the form tag.

INTEGRATE SALESFORCE.COM SINGLE SIGN-ON WITH THIRD-PARTY SINGLE SIGN-ON USING SENTRY A GUIDE TO SUCCESSFUL USE CASE

Recommended readings. Lecture 11 - Securing Web. Applications. Security. Declarative Security

Client-side Web Engineering From HTML to AJAX

PDG Software. Site Design Guide

API Integration Payment21 Button

Login with Amazon. Getting Started Guide for Websites. Version 1.0

HP Business Process Monitor

Introduction to XHTML. 2010, Robert K. Moniot 1

InPost UK Limited GeoWidget Integration Guide Version 1.1

Webmail Using the Hush Encryption Engine

XHTML Forms. Form syntax. Selection widgets. Submission method. Submission action. Radio buttons

Internet Technologies

Table of Contents. Welcome Login Password Assistance Self Registration Secure Mail Compose Drafts...

Instant Chime for IBM Sametime Installation Guide for Apache Tomcat and Microsoft SQL

Reading an sent with Voltage Secur . Using the Voltage Secur Zero Download Messenger (ZDM)

MyanPay Express Checkout Integration Guide

HP Business Service Management

Zabbix Manual.

Secure XML API Integration Guide. (with FraudGuard add in)

Manual. Netumo NETUMO HELP MANUAL Copyright Netumo 2014 All Rights Reserved

SYSPRO App Store: Registration Guide

COMMERCIAL-IN-CONFIDENCE

ADFS Integration Guidelines

Handling of "Dynamically-Exchanged Session Parameters"

Visual COBOL ASP.NET Shopping Cart Demonstration

<option> eggs </option> <option> cheese </option> </select> </p> </form>

Using Voltage Secur

Further web design: HTML forms

Contents. 2 Alfresco API Version 1.0

Introducing the BIG-IP and SharePoint Portal Server 2003 configuration

Sample HP OO Web Application

Web Application Security Considerations

McAfee One Time Password

Application Interface Services Server for Mobile Enterprise Applications Configuration Guide Tools Release 9.2

c. Write a JavaScript statement to print out as an alert box the value of the third Radio button (whether or not selected) in the second form.

Configuring Single Sign-on for WebVPN

Alfresco Share SAML. 2. Assert user is an IDP user (solution for the Security concern mentioned in v1.0)

McAfee Cloud Identity Manager

Gravity Forms: Creating a Form

Specify the location of an HTML control stored in the application repository. See Using the XPath search method, page 2.

Application Security

Website Login Integration

HTML Forms and CONTROLS

USER GUIDE - May 2010

How To Test Your Web Site On Wapt On A Pc Or Mac Or Mac (Or Mac) On A Mac Or Ipad Or Ipa (Or Ipa) On Pc Or Ipam (Or Pc Or Pc) On An Ip

07 Forms. 1 About Forms. 2 The FORM Tag. 1.1 Form Handlers

Introduction to Ingeniux Forms Builder. 90 minute Course CMSFB-V6 P

HireDesk API V1.0 Developer s Guide

Integrating LivePerson with Salesforce

Developer Guide: REST API Applications. SAP Mobile Platform 2.3 SP03

MasterPass Service Provider Onboarding & Integration Guide Fileand API-Based Merchant Onboarding Version 6.10

EBOX Digital Content Management System (CMS) User Guide For Site Owners & Administrators

VIRTUAL LABORATORY: MULTI-STYLE CODE EDITOR

e-filing Secure Web Service User Manual

versasrs HelpDesk quality of service

This document is for informational purposes only. PowerMapper Software makes no warranties, express or implied in this document.

UPG plc Atlas Technical Integration Guide

End User Guide The guide for /ftp account owner

CA Performance Center

By Glenn Fleishman. WebSpy. Form and function

Safeguard Ecommerce Integration / API

Secure XML API Integration Guide - Periodic and Triggered add in

MAIL1CLICK API - rel 1.35

Deploying RSA ClearTrust with the FirePass controller

Lab 5 Introduction to Java Scripts

Site Store Pro. INSTALLATION GUIDE WPCartPro Wordpress Plugin Version

Direct Post. Integration Guide

Using SAP Logon Tickets for Single Sign on to Microsoft based web applications

The Vetuma Service of the Finnish Public Administration SAML interface specification Version: 3.5

Interzoic Single Sign-On for DotNetNuke Portals Version 2.1.0

Riverbed Cascade Shark Common REST API v1.0

Getting Started With Parallels Business Automation 4.4

Bitcoin Payment Gateway API

Configuring iplanet 6.0 Web Server For SSL and non-ssl Redirect

This chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections:

PHP Form Handling. Prof. Jim Whitehead CMPS 183 Spring 2006 May 3, 2006

Computer Networking LAB 2 HTTP

INTEGRATION PROCEDURES AND SPECIFICATIONS

SUMMARY. e-soft s.r.l.

ACCREDITATION COUNCIL FOR PHARMACY EDUCATION. CPE Monitor. Technical Specifications

Project 2: Web Security Pitfalls

TCP/IP Networking, Part 2: Web-Based Control

Novell Identity Manager

DEPLOYMENT GUIDE Version 1.1. Deploying the BIG-IP LTM v10 with Citrix Presentation Server 4.5

Ameritas Single Sign-On (SSO) and Enterprise SAML Standard. Architectural Implementation, Patterns and Usage Guidelines

Advanced Web Development SCOPE OF WEB DEVELOPMENT INDUSTRY

SmarterMeasure Inbound Single Sign On (SSO) Version 1.3 Copyright 2010 SmarterServices, LLC / SmarterServices.com PO Box , Deatsville, AL 36022

LATITUDE Patient Management System

Step-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x

Lesson Review Answers

Criteria for web application security check. Version

CONTRACT MODEL IPONZ DESIGN SERVICE VERSION 2. Author: Foster Moore Date: 20 September 2011 Document Version: 1.7

MONETA.Assistant API Reference

Phishing by data URI

Transcription:

InternetVista Web scenario documentation Version 1.2 1

Contents 1. Change History... 3 2. Introduction to Web Scenario... 4 3. XML scenario description... 5 3.1. General scenario structure... 5 3.2. Steps structure... 5 4. Use of variables and functions... 10 4.1. Variable... 10 4.2. Function... 10 5. Annex A: Sample XML scenario... 13 5.1. Login sample... 13 5.2. Checkout process sample... 13 2

1. Change History Version Date Changes 0.9 01/08/2010 First draft release 1.0 01/11/2010 First validated release 1.1 18/01/2010 Add base step 1.2 06/05/2011 Add new functions 1.2.1 20/06/2011 Add certificate validation tag 1.2.2 31/10/2011 Verify all hyperlinks 3

2. Introduction to Web Scenario This is the documentation for the internetvista web scenario description. A scenario is formatted using XML syntax. This document describes how to build XML scenario that will be used by internetvista monitoring centers to monitor several steps in a web site. Transaction monitoring, also known as web scenario monitoring, makes it possible to check a process that takes place over many pages on a web site. For example, this monitoring makes it possible to check the performance of a search process, a purchase process or even a registration process on an e- commerce site. A web scenario is composed of a succession of web pages which one accesses one after the other and where each stage of the process depends on the proper functioning of the preceding stages and the data which were provided. Transaction monitoring correctly manages the sessions and cookies, and allows you to simulate the submission of data forms or even the navigation via hyperlinks. Scenario monitoring will be regarded as a success if all the stages are a success. In case of an error, this monitoring will enable you to directly identify the problematic stage and to be informed about the cause of the problem. Moreover, you will be able to know the response times of each stage by consulting the detailed data of the checks via the manager. 4

3. XML scenario description 3.1. General scenario structure A scenario is a set of steps that will describe how to monitor a full web process. See Annex A for a sample test scenario monitoring a real case. <?xml version="1.0" encoding="utf-8"?> <scenario> <!-- here will come step description --> <!-- here will come step description --> <!--... --> <!-- x more steps will come here --> <!--... --> </scenario> There are 3 kinds of steps allowing monitoring 3 typical website interactions: URL direct access Anchor access (hyperlink) Form submission 3.2. Steps structure A step is always marked by the start tag and a final tag. Each step can be identified by an optional attribute name; this name is used in the interface and in the alert to identify the step in error. <step name=" "> By default, a step is based on the result of the previous step. This behavior can be changed using the attribute basestepindex or the attribute basestepname at the step level. Those attributes can be defined to indicate that the current step will be based on the content of a specified step. basestepindex refers to a previous step identified by its index and its value is a numeric value (e.g. 1, 2 ). basestepname refers to a step identified by its name. <step basestepindex=" "> Following sections will describe the 3 typical steps used by the internetvista scenario. 3.2.1. URL step structure The URL step is used to define the call of an URL with the context: <url>http://...</url> 5

The URL inside the url tags can be http or https. In general, this step is used as the starting t URL of the scenario; but it can be used at any moment in the scenario to verify for example an external link. When the scenario must call an URL defined in the HTML page, the inpage attribute is used: <url inpage= true >http://...</url> In this case, our monitoring service will call the first URL found in the page and beginning by the URL you specified. The default value for this attribute is false. 3.2.2. Anchor step structure The anchor step is used to check a link is present in a downloaded page and to follow the url corresponding to the hyperlink. The possible attributes to identify the link in the page are: name: when the anchor is identified by a name, the system follows the hyperlink defined in this anchor. <a name= /> id: when the anchor is identified by an id attribute, the system follows the hyperlink defined in this anchor. <a id= /> href: when the anchor is not identified by a name or an id, you can use the attribute href to identify the anchor in the page. When using the href attribute, the system takes the first link found in the html code beginning with the string you specified in the href attribute. <a href= /> 6

3.2.3. Form step structure A form step allows submitting a form to the server. A form can be identified by its name, by its id, or by its order in the page. A form tag can have the following attributes: name: the system will submit the form identified by its name. id: the system will submit the form defined by its id. order: if the form does not have a name or an id the order attribute will indicate which form the system must submit. The order starts at 1. submit- hidden (true false): if true, the system will submit all hidden fields of the form. Default value is true. submit- submit (true false): if true, the system will submit the value of the submit button, in case submit button has a name. Default value is true. submit- fields (true false): if true, the system will submit the value of all fields (e.g. radio button, checkbox, ) defined in the form with the values already present in the downloaded page. Default value is false. action: by default, the system uses the action defined in the html form presents in the downloaded page but this action can be overridden, typically when the action is empty in the page and set by a javascript program. validate- parameters (true false): the system will validate that each parameters is provided before submitting the form. If parameter validation is required be sure that the parameter that the scenario wants to add are existing in the html form in the downloaded page (can be input field, select field or textarea). Default value is false. Inside a form tag, parameters can be defined. A parameter is a couple name- value described by the syntax: <parameter name=" " value=" "/> <form name="xxxx" submit-hidden="true" submit-fields="true"> <parameter name=" " value=" "/> <parameter name=" " value=" "/> </form> 7

3.2.4. Common to all steps tags At the step level, some commons entries can also be used, i.e. they apply to all kind of steps: maxdownloadsize: by default, the system download the first 16Ko of the html pages, this value can be overridden and the value is expressed in byte. <maxdownloadsize>64000</maxdownloadsize> connectiontimeout: by default, the connection timeout is set to 30 seconds, this value can be overridden and the value must be expressed in milliseconds. <connectiontimeout>60000</connectiontimeout> responsetimeout: by default, the response timeout is set to 30 seconds, this value can be overridden and the value must be expressed in milliseconds. <responsetimeout>60000</responsetimeout> matchingsentence: allows to define a matching sentence that must be present in the page content. If the page does not contain the matching sentence, the verification fails. This verification is done only on the first 16 kilobytes of content (unless the value was overridden). This matching sentence can be also a regular expression. <matchingsentence>xxxxxxxxxx</matchingsentence> mathcingsentenceoperator (contains notcontains): this operator is used in conjunction of the matching sentence entry. It allows to verify if the html content contains or not the matching sentence. followhtmlredirections (true false): allows to specify the system must follows a redirection defined in the HTML code. Default is false. <followhtmlredirections>true</followhtmlredirections> username: it is used when the web server need credentials for a basic authentication <username>monitoringuser</username> password: it is used when the web server need credentials for a basic authentication <password>monitoringpassword</password> request- headers: allows to specify some specific value for HTTP request headers <request-headers> <request-header name="accept-language" value="en-us,en,fr"/> <request-header name="accept-charset" value="utf-8"/> <request-header name="user-agent" value="mozilla/5.0, "/> </request-headers> 8

validatecertificate (true false): allows to define if the monitoring engine must or must not verify the installed certificate of security. This parameter is used in the case of HTTPS protocol. <validatecertificate>false</validatecertificate> 9

4. Use of variables and functions In a scenario, a user can use variables and functions. 4.1. Variable A variable is defined anywhere in the scenario and can be used after its definition. Its value can be a constant or compute via the call to a function. The syntax is: <variables> <variable name="variable_name" type="string" value="xxx"/> </variables> A variable has 3 attributes: name: name of the variable type: type of the variable. Only string at this time. value: initial value of the variable, it can be a constant or compute by a function. After its definition, this variable can be used in any steps of the scenario. The syntax is: <parameter name="xxxxxxxx" value="variable::variable_name::"/> 4.2. Function A function can be used in a scenario to get computed data at runtime. The syntax of a function must respect the following pattern: FUNCTION::<function_name>([arguments]):: Functions are case- sensitive. Here is a sample usage of a function, allowing to computer a form parameter value: <parameter name="depart_dd" value="function::format_date((today()),'dd/mm/yyyy')::"/> Available functions are: Date TODAY() returns the current date. Long GET_TIMESTAMP() returns a unique timestamp based on the current date and time. Useful to generate a unique Id, unique email address, Long GET_TIMESTAMP(Date date) returns a unique timestamp based on the provided date. Date GET_DATE(String date, String pattern) 10

returns a date object from a string date and a pattern. Patterns are Java patterns. String FORMAT_DATE(Date date, String pattern) returns a date formatted using specified pattern. Date ADD_DAYS(Date date, Integer days) adds a number of days to a date. Date ADD_MONTHS(Date date, Integer months) adds a number of months to a date. Date ADD_YEARS(Date date, Integer years) adds a number of years to a date. Date REMOVE_DAYS(Date date, Integer days) removes a number of days to a date. Date REMOVE_MONTHS(Date date, Integer months) removes a number of months to a date. Date REMOVE_YEARS(Date date, Integer years) removes a number of years to a date. String DECRYPT(String encryptedscript) decrypts an encrypted string (used to hide a password for instance). A string can be encrypted by calling the URL http://www.internetvista.com/webscenario-toolbox.htm (authentication is required before accessing URL). Integer ADD(Integer numbera, Integer numberb) returns the sum of numbera and numberb. Boolean CONTAINS(String sourcetext, String texttofind) returns true if sourcetext contains texttofind, false otherwise. This function is useful when sourcetext is provided by GET_CONTENT() function. String GET_CONTENT() 11

returns the content of the downloaded page of the previous step of the scenario. This function returns nothing when used in the first step. String IF(Boolean expression, String truevalue, String falsevalue) returns truevalue if expression is true, returns falsevalue otherwise. String URL_ENCODE(String texttoencode) Encodes the texttoencode so it can be used inside an URL (GET request for instance). 12

5. Annex A: Sample XML scenario 5.1. Login sample This sample scenario allows verifying a login process on an extranet. The first step gives the URL and the second step will submit the form with authentication information. <?xml version="1.0" encoding="utf-8"?> <scenario> <url>http://extranet.mywebsite.com</url> <matchingsentence>home</matchingsentence> <form name="securityform" submit-hidden="true"> <parameter name="userid" value="technicaluser"/> <parameter name="password" value="function::decrypt('f2a56d4a6'):: "/> </form> <matchingsentence>welcome on the extranet</matchingsentence> </scenario> 5.2. Checkout process sample <?xml version="1.0" encoding="utf-8"?> <scenario> <step name="home page"> <url>http://www.my-ecommerce.com</url> <matchingsentence>my big deal product</matchingsentence> <step name="select product"> <a id="product1"/> <matchingsentence>description of my product 1</matchingSentence> <maxdownloadsize>32000</maxdownloadsize> <step name= add to shopping cart > <form name="addtoshoppingform" submit-hidden="true"> <parameter name="quantity" value="2"/> </form> <maxdownloadsize>32000</maxdownloadsize> <matchingsentence>total price</matchingsentence> 13

<step name="login"> <form name="loginform" submit-hidden="true"> <parameter name="username" value="mycustomername"/> <parameter name="password" value="function::decrypt('f2a56d4a6')::"/> </form> <matchingsentence>choose the delivery method</matchingsentence> <step name="checkout process"> <form name="checkoutform" action="/checkout.php" submit-hidden="true"> <parameter name="deliverymethod" value="ups"/> <parameter name="tracking" value="true"/> <parameter name="paymentmethod" value="ondelivery"/> </form> <matchingsentence>your order is pocessed</matchingsentence> </scenario> 14

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information