Case Study: JMeter Performance/Load Testing User Login with CSRF Token Protection

How to create a simple performance/load test in JMeter

5 min readOct 11, 2022

My daughter read my book draft: “Practical Performance and Load Testing”, and completed this exercise. This article (repost with permission) was her notes. I added a few comments.

This article will walk through a simple login load test scenario with JMeter, a free and open-source Java-based load testing tool.

Target Site: WhenWise, URL: https://whenwise.agileway.net

Zhimin: This is a free test automation practice server instance that I made it publicly available, hosted on a Vultr’s $6 plan.

WhenWise is powered by Ruby on Rails, which has built-in CSRF (Cross-site request forgery) protection.

Table of Contents:
  ∘ Create a Simple Test in JMeter
  ∘ Performance Testing
  ∘ Load Testing
  ∘ Zhimin’s Notes

Create a Simple Test in JMeter

I used the latest Apache JMeter 5.5. Run ./bin/jmeter.sh (from a terminal) to launch.

1. Include ‘HTTP Cookie Manager’ and ‘HTTP Header Manager’ in the new Test Plan

Case Study: JMeter Performance/Load Testing User Login with CSRF Token Protection

How to create a simple performance/load test in JMeter

Create a Simple Test in JMeter

Written by Zhimin Zhan