Salesforce Experience Cloud Load Testing Using JMeter

Introduction:

In this blog, we are going to see how to record and validate Login to Logout transactions in Salesforce Lightning Component using JMeter and perform correlations on csrfToken and sid components for successful login to Experience Cloud. When it comes to the performance testing of Salesforce applications, one question that comes to mind is: Does a Salesforce-based application really require performance testing? Salesforce gives assurance that it will provide computing power and resources, but the way in which Visualforce pages and Apex classes are implemented and customize it may cause performance problems similar to any other platform. Performance testing is a test execution that ensures great user experiences and helps companies gain and retain customers.

Brief about JMeter:

The Apache JMeter is pure Java open-source software, we can use JMeter to analyze and measure the performance of web application or a variety of services.

Performance Testing:

Performance testing is to determine the system responsiveness and stability under the various workloads. Performance Testing calculates the quality attributes of the system, such as scalability, reliability & resource usage.

Need of Performance Testing:

Prior to going live, the software should be tested against like responsiveness, speed, scalability, stability under a variety of load conditions. If the application’s performance is not checked live, it can cause problems in the performance of the application like running system slow while simultaneously accessing the system by adding several users, poor usability which likely to realize a nasty reputation. Performance testing talks about what has got to be fixed before going live (mainly the issues faced under the range of load conditions).

Salesforce Performance Testing Approach:

Salesforce Performance Testing Best Practices:

• Never perform load testing of any Salesforce.com service or feature without formal consent from Salesforce support. They may revoke your access and/or charge you service fees for the increased usage.
• Submit a case if you want to perform load testing to test the speed of your application using an automated tool. Read Salesforce performance testing FAQs before you start.
• If you have performance issues try to run a bandwidth simulation test on your firewalls, routers, and other corporate infrastructure to make sure it can handle the load.

Prerequisite For Load Test Using JMeter:

To run JMeter tool we need to check that the system is updated with the latest — java version 8+ and JDK is installed properly. Once installed add a new entry in Environment variables for the JDK bin folder.

• Download and install Apache JMeter Latest Version from the official website.
• URL: Apache JMeter — Download Apache JMeter

• Need a Salesforce account and Experience cloud user credentials to login to portal. Refer this Youtube video for more details : Setup Salesforce Community (Part 1) — YouTube
• Setting up Browser Certificates, settings >> option ->> Certificates >> import Certificate from

C:\apache-jmeter-5.2.1\bin folder 'ApacheJMeterTemporaryRootCA'

• Setting up Browser proxy from No Proxy to Manual Proxy configuration and provide Host and Port details.

Launch JMeter Tool:

• Go to bin Folder of JMeter and double click on jmeter.bat file or launch ApacheJmeter executable Jar file from same folder.

• Create new test plan: Select ‘New’ from file menu.

• Add Non-Test Element: Right click on the Test Plan >> Add >> Non-Test Elements >> HTTP(S) Test Script Recorder.

• Add Config Elements: From Add >> Config Elements include HTTP Header, Cookie, Cache Manager.

• HTTP(S) Test Script Recorder Setting: In under Test Plan Creation, set the Target Controller as Test Plan Transaction controller and set the field value of “Grouping” as per your choice or requirement.

• Set the Global Settings Port number: as given in the browser manual proxy settings. Eg : 8888

• Now, under Requests Filtering tab, click the Add suggested Excludes button. This will add the default URL Patterns to exclude those while recording the main scripts.

Recording Script for Login to Logout Transactions :

• Now, click the Start button on the HTTP(S) Test Script Recorder for recording.
  Note: Recheck your browser certificates and proxy settings before starting with recording.

1. Now, go to Firefox browser as you set manual proxy for it and launch your portal login URL as your first transaction.
2. In the second transaction perform the login operation with valid credentials.
3. And in the third transaction perform Logout operation.

• Once your required transactions have been completed then, come back to the JMeter tool and click the Stop button to stop recording.

Post Recording Activities:

• Now, right click the Test Plan >> Add >> Threads (Users) >> Thread Group

• Now, copy & paste the recorded scripts into the newly created ‘Thread Group’.
  Note: Thread group is used to Execute the recorded script with multiple thread groups/Vusers.

• To filter and to monitor the script activity status, we need to add View Tree Listener by right clicking on Thread Group >> Add >> Listener >> View Results Tree

• Now, click Start Icon on the menu bar or go to Run Menu and Click on Start.

• You will get an initial output on the View Result Tree Listener. Now you need to find out Dynamic values in a recorded script which is sent by server in every iteration uniquely.

Correlation for sid parameter:

• Now, based on the results select RegExp Tester and search for parameter “sid” in search box of the View Results Tree Listener and click on Search button.
• Under Regexp Tester > Regular expression provide RegEx for parameter “sid” and click on Test button to find Regex value of sid and number of occurrences of it.

Regex for SID is: ding&sid=(.*?)&untet
(This might be different for your application)

• Once you have identified the SID Rename the Http Request scripts to start with sid, it will help us to sort the script effectively.

• Now, add a Post processor regular Expression extractor to the identified Http Request, by giving a unique variable name, regex, template number and Match number details as per regex tester.

• Now, replace the sid value to variable name ${variblename} for all Http requests where sid value is required.

Note: Here sid parameter value has ‘!’ special character which is encoded as %21 in response URL so to avoid this please uncheck URL Encode option so that correct value is passed as a parameter.

Example value of sid:

sid=00D0p0000000MeA%21ARcAQLHjTwyRDUSS8cKu6YQ7TW3cqkj8YYI1rkHkrFkx9XQ9APrPz_P5PfilP4xcrmMVgpNhPyhq5mTfihTRTEb8mr5.dGQK

Correlation for CSRF Token:

After done with sid correlation Search for another Dynamic value in the recorded script as CSRF token.

• Now, based on the results select RegExp Tester and search for parameter “csrfToken” in search box of the View Results Tree Listener and click on Search button.
• Under Regexp Tester > Regular expression provide RegEx for parameter “csrfToken” and click on Test button to find Regex value of csrfToken and number of occurrences of it.
• Regex for csrfToken is: return.*”(.+?)\\u003d(.+?)\\u003d”;
  (This might be different for your application)

Note: here in csrfToken there are two templates and two \\u003d values which are encoded for = character. csrfToken catches in HTTP header manager and we can’t provide URL Encode option in header manager hence we need to break this csrfToken value into two templates and keep value \\u003d as it is.

• Once you have identified the csrfToken Rename the Http Request scripts or header managers to start with csrfToken, it will help us to sort the script effectively.
• Now, add a Post processor regular Expression extractor to the identified Http Request, by giving a unique variable name, regex, template number and Match number details as per regex tester.

Post Processor Regular expression extractor for template 1:

Post Processor Regular expression extractor for template 2:

• Now, replace the csrfToken value to variable name ${variblename} for all Http requests or Header Managers where csrfToken value is required.

Note: Here csrfToken parameter value has contain ‘=’ special character which is encoded as \\u003d in Response Data > response Body however in Http request header we don’t have URL Encode option hence we need to provide hard coded value of = and break the csrfToken into two parts/templates like token1 and token2 so that correct value is passed as a parameter of http header manager.

Replace csrfToken value to: ${token1}=${token2}=

Example: csrfToken value received in response body from server: “eyJub25jZSI6IlM5NDU0MkFPcVY0VHpzWWhoYU43NkRkaldtaU85TGFxRnUxM2FuX0JjYVFcdTAwM2QiLCJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImtpZCI6IntcInRcIjpcIjAwRDBwMDAwMDAwME1lQVwiLFwidlwiOlwiMDJHNWcwMDAwMDBwVGtDXCIsXCJhXCI6XCJjc3JmXCIsXCJ1XCI6XCIwMDUwcDAwMDAwM0JMajhcIn0iLCJjcml0IjpbImlhdCJdLCJpYXQiOjE2NDU1MzE5NTQ3NDEsImV4cCI6MH0\u003d..Cv33fZLOe41voxoSzbdsDm9sQ2tR0yjoiAaYcn4I5XE\u003d”;

Note: Salesforce Lighting Web component application scripts are something different from Salesforce Classic scripts.

Execution And Results Using JMeter Listeners:

After Running the JMeter by clicking the green button from the toolbar, we will get the below results. By seeing these reports, if we get the Response code:200 and Response message: OK, then we ensure that the test is passed otherwise the test is failed.

View Results in Table:

Aggregate Graph:

• To make the script refined and most effective for testing purpose, disable the current Thread — Create a New Thread as Main and move the sorted main scripts from the Trial Thread Group to Main Thread Group.
• Now, you can run the Main Thread Group and check the final output on the Salesforce Lighting Web component application scripts (User can successfully login using correlated values of sid and csrfToken)
• By using Apache JMeter, we are able to perform Performance Testing including load testing, stress testing, and store results for Salesforce.com. Also, we will see the results in different formats like View in Tree, Table, Graph, Summary etc which will help us to analyse the results efficiently and easily.

Tips:

• If your requirement is to create more than one record in a single run, you have to just change the Number of Threads Users value in the Thread Group, or you can use Loop Controller to handle a specific area.
• Handling csrfToken is more important in Salesforce Lighting Web component application scripts to generate an output. If you fail to identify your token values, you do not need to worry — just take a break and restart your recording from the scratch and take help from developer tool to check network traffic and compare with your JMeter script response body and response header.
• Add Http Header, Cookie and Cache Manager before starting the script.

Hope this helps !