You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@jmeter.apache.org by bu...@apache.org on 2016/03/13 14:43:01 UTC
[Bug 59174] New: Host header gets ignored when doing basic
authentication in HC4
https://bz.apache.org/bugzilla/show_bug.cgi?id=59174
Bug ID: 59174
Summary: Host header gets ignored when doing basic
authentication in HC4
Product: JMeter
Version: 2.13
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P2
Component: HTTP
Assignee: issues@jmeter.apache.org
Reporter: felix.schumacher@internetallee.de
When using a host header together with basic authentication in HC4, the
authorization context gets set based on the url in jmeter, while HC4 seems to
expect the authorization context to be set based on the host header.
As a result we can't use basic authentication with a custom host header in HC4
at the moment.
Java implementation works.
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 59174] Host header gets ignored when doing basic authentication
in HC4
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59174
--- Comment #8 from Felix Schumacher <fe...@internetallee.de> ---
Created attachment 34693
--> https://bz.apache.org/bugzilla/attachment.cgi?id=34693&action=edit
Add a table with static hosts to DNSCacheManager
With this patch it is possible to specify host to ip (address) translations,
that will get resolved by a custom DNS Cache Manager.
This patch needs documentation, test cases and review.
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 59174] Host header gets ignored when doing basic authentication
in HC4
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59174
--- Comment #9 from Philippe Mouawad <p....@ubik-ingenierie.com> ---
Hello,
Maybe there should be in GUI a mode to enable one of the 2 modes no ?
This would avoid having to test if host is in static hosts list every time a
host is resolved no ?
I committed some changes to avoid NPE if init of resolver fails and added a new
test methods to check as much cases as possible for current implementation.
Regards
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 59174] Host header gets ignored when doing basic authentication
in HC4
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59174
--- Comment #3 from Philippe Mouawad <p....@ubik-ingenierie.com> ---
(In reply to Felix Schumacher from comment #2)
> Created attachment 34691 [details]
> Test case demonstrating the behaviour with 3.1
Thanks
>
> Test against the tomcat manager app which runs on localhost. But as this is
> a test case to demonstrate the usage of a host header, it is thought of
> running on example.com.
>
> What I think is the expected behaviour:
> Authorization manager should be asked for credentials of "example.com"
> It is asking for "localhost"
>
> Java client is working with 3.1 (it is asking for localhost, though)
> HttpClient 4.x is not working (neither asking for localhost nor example.com)
>
> (This whole business of specifying a host header by hand to simulate virtual
> hosts seems wrong. We should be looking at giving a dns resolver, that
> resolves "example.com" to localhost (don't know how to change the port))
So is this a real problem or is it due to the host hack ?
Did you try with current build on jenkins ?
Thanks
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 59174] Host header gets ignored when doing basic authentication
in HC4
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59174
--- Comment #14 from Philippe Mouawad <p....@ubik-ingenierie.com> ---
Author: pmouawad
Date: Fri Feb 17 21:41:16 2017
New Revision: 1783471
URL: http://svn.apache.org/viewvc?rev=1783471&view=rev
Log:
Bug 59174 - Host header gets ignored when doing basic authentication in HC4
Translate host
Bugzilla Id: 59174
Modified:
jmeter/trunk/src/core/org/apache/jmeter/resources/messages.properties
jmeter/trunk/src/core/org/apache/jmeter/resources/messages_fr.properties
jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/gui/DNSCachePanel.java
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 59174] Host header gets ignored when doing basic authentication
in HC4
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59174
--- Comment #4 from Philippe Mouawad <p....@ubik-ingenierie.com> ---
I downloaded Tomcat 8 and ran your test.
For me Java and Http4 fail.
But the difference is that Java headers are:
Connection: keep-alive
Host: example.com:80
While HC4:
Connection: keep-alive
Host: example.com:8080
User-Agent: Apache-HttpClient/4.5.3 (Java/1.8.0_112)
If I comment element Simulate virtual host, it works for HC4.
What exactly is the bug for you in this case ? Is it that HC4 has port 8080 ?
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 59174] Host header gets ignored when doing basic authentication
in HC4
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59174
Felix Schumacher <fe...@internetallee.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEEDINFO |NEW
--- Comment #5 from Felix Schumacher <fe...@internetallee.de> ---
Current tree didn't work anymore (I had tested it, of course :). Problem for
java client was a missing "Basic " on the authorization header, that got
dropped while conversion to Base64 implementation.
Now to the problem originally discussed here.
This problem was discussed on the mailing list, so it seems that at least for
someone it was a real problem. The usual workaround is to set a host header
manually. That works for java client, only.
But this setup has a few drawbacks.
* It doesn't work for hc4.x (you seem to have found a way to partially support
it)
* One has to use a strange setup for authorization
* It probably will not work with kereberos (because of the strange setup)
* The header setup is complicated
Therefore I think the way to go is to add a way to setup a fake dns resolver,
so that one can use the desired hostname while speaking to the real server
name.
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 59174] Host header gets ignored when doing basic authentication
in HC4
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59174
--- Comment #13 from Philippe Mouawad <p....@ubik-ingenierie.com> ---
Hi Felix,
Maybe in documentation you could add an example of configuration of Static Host
table.
It is not that clear for me reading text:
Mapping of hostnames to a static host entry which will be resolved using the
custom DNS resolver
I understand ,that in first column you could have many hostnames and in second
column 1 static host entry.
While from test case, I suppose it's the countrary.
Maybe an example could make it more clear and some explanation on what happens
:
- First look in static hosts
- Then use DNS Servers
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 59174] Host header gets ignored when doing basic authentication
in HC4
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59174
--- Comment #6 from Philippe Mouawad <p....@ubik-ingenierie.com> ---
(In reply to Felix Schumacher from comment #5)
> Current tree didn't work anymore (I had tested it, of course :). Problem for
> java client was a missing "Basic " on the authorization header, that got
> dropped while conversion to Base64 implementation.
>
Thanks for fixing it.
My bad
> Now to the problem originally discussed here.
>
> This problem was discussed on the mailing list, so it seems that at least
> for someone it was a real problem. The usual workaround is to set a host
> header manually. That works for java client, only.
>
> But this setup has a few drawbacks.
> * It doesn't work for hc4.x (you seem to have found a way to partially
> support it)
> * One has to use a strange setup for authorization
> * It probably will not work with kereberos (because of the strange setup)
> * The header setup is complicated
>
> Therefore I think the way to go is to add a way to setup a fake dns
> resolver, so that one can use the desired hostname while speaking to the
> real server name.
I still don't get the use case.
Is it when you're not on the target infrastructure and you need to simulate it
?
Localhost or another host mimicing example.org ?
Anyway ok for your idea which will be useful in other areas.
thanks
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 59174] Host header gets ignored when doing basic authentication
in HC4
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59174
--- Comment #7 from Felix Schumacher <fe...@internetallee.de> ---
(In reply to Philippe Mouawad from comment #6)
> (In reply to Felix Schumacher from comment #5)
> > Now to the problem originally discussed here.
> >
> > This problem was discussed on the mailing list, so it seems that at least
> > for someone it was a real problem. The usual workaround is to set a host
> > header manually. That works for java client, only.
> >
> > But this setup has a few drawbacks.
> > * It doesn't work for hc4.x (you seem to have found a way to partially
> > support it)
> > * One has to use a strange setup for authorization
> > * It probably will not work with kereberos (because of the strange setup)
> > * The header setup is complicated
> >
> > Therefore I think the way to go is to add a way to setup a fake dns
> > resolver, so that one can use the desired hostname while speaking to the
> > real server name.
>
> I still don't get the use case.
> Is it when you're not on the target infrastructure and you need to simulate
> it ?
> Localhost or another host mimicing example.org ?
Right, that was the use case. Say, for example, you wanted to test, if your
newly setup server works as expected, without exposing it to the public.
>
> Anyway ok for your idea which will be useful in other areas.
>
> thanks
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 59174] Host header gets ignored when doing basic authentication
in HC4
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59174
Felix Schumacher <fe...@internetallee.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|NEW |RESOLVED
--- Comment #12 from Felix Schumacher <fe...@internetallee.de> ---
Date: Sat Feb 11 17:04:06 2017
New Revision: 1782622
URL: http://svn.apache.org/viewvc?rev=1782622&view=rev
Log:
Add a table of static hosts to the DNS Cache Manger. This resolves the problem,
that host header gets ignored when doing basic authentication in HC4.
Bugzilla Id: 59174
Added:
jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/control/StaticHost.java
Modified:
jmeter/trunk/bin/saveservice.properties
jmeter/trunk/src/core/org/apache/jmeter/resources/messages.properties
jmeter/trunk/src/core/org/apache/jmeter/resources/messages_fr.properties
jmeter/trunk/src/core/org/apache/jmeter/save/SaveService.java
jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/control/DNSCacheManager.java
jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/gui/DNSCachePanel.java
jmeter/trunk/test/src/org/apache/jmeter/protocol/http/control/TestDNSCacheManager.java
jmeter/trunk/xdocs/changes.xml
jmeter/trunk/xdocs/images/screenshots/dns-cache-manager.png
jmeter/trunk/xdocs/usermanual/component_reference.xml
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 59174] Host header gets ignored when doing basic authentication
in HC4
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59174
--- Comment #11 from Philippe Mouawad <p....@ubik-ingenierie.com> ---
(In reply to Felix Schumacher from comment #10)
> (In reply to Philippe Mouawad from comment #9)
> > Hello,
> >
> > Maybe there should be in GUI a mode to enable one of the 2 modes no ?
> > This would avoid having to test if host is in static hosts list every time a
> > host is resolved no ?
>
> I think that both modes are balls at the same time. You might have a custom
> resolver, but still want to change one or two hosts to other addresses.
>
> At the moment the lookup for static hosts is awkward, but we could include
> results in the global cache, if we clear it on every edit.
>
> That way it should have no performance impact on the usual use case.
>
Sounds good to me.
> >
> > I committed some changes to avoid NPE if init of resolver fails and added a
> > new test methods to check as much cases as possible for current
> > implementation.
> >
> > Regards
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 59174] Host header gets ignored when doing basic authentication
in HC4
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59174
--- Comment #10 from Felix Schumacher <fe...@internetallee.de> ---
(In reply to Philippe Mouawad from comment #9)
> Hello,
>
> Maybe there should be in GUI a mode to enable one of the 2 modes no ?
> This would avoid having to test if host is in static hosts list every time a
> host is resolved no ?
I think that both modes are balls at the same time. You might have a custom
resolver, but still want to change one or two hosts to other addresses.
At the moment the lookup for static hosts is awkward, but we could include
results in the global cache, if we clear it on every edit.
That way it should have no performance impact on the usual use case.
>
> I committed some changes to avoid NPE if init of resolver fails and added a
> new test methods to check as much cases as possible for current
> implementation.
>
> Regards
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 59174] Host header gets ignored when doing basic authentication
in HC4
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59174
--- Comment #15 from Felix Schumacher <fe...@internetallee.de> ---
Date: Sat Feb 18 15:23:48 2017
New Revision: 1783565
URL: http://svn.apache.org/viewvc?rev=1783565&view=rev
Log:
Add more documentation on the usage of Static Host Table.
Bugzilla Id: 59174
Modified:
jmeter/trunk/xdocs/usermanual/component_reference.xml
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 59174] Host header gets ignored when doing basic authentication
in HC4
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59174
Philippe Mouawad <p....@ubik-ingenierie.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |NEEDINFO
CC| |p.mouawad@ubik-ingenierie.c
| |om
--- Comment #1 from Philippe Mouawad <p....@ubik-ingenierie.com> ---
Hello Felix,
After fixing Bug 57242, I looked at this one and I am not sure to understand.
Could you provide a test case showing the problem and how it should work ?
Thanks
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 59174] Host header gets ignored when doing basic authentication
in HC4
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59174
--- Comment #2 from Felix Schumacher <fe...@internetallee.de> ---
Created attachment 34691
--> https://bz.apache.org/bugzilla/attachment.cgi?id=34691&action=edit
Test case demonstrating the behaviour with 3.1
Test against the tomcat manager app which runs on localhost. But as this is a
test case to demonstrate the usage of a host header, it is thought of running
on example.com.
What I think is the expected behaviour:
Authorization manager should be asked for credentials of "example.com"
It is asking for "localhost"
Java client is working with 3.1 (it is asking for localhost, though)
HttpClient 4.x is not working (neither asking for localhost nor example.com)
(This whole business of specifying a host header by hand to simulate virtual
hosts seems wrong. We should be looking at giving a dns resolver, that resolves
"example.com" to localhost (don't know how to change the port))
--
You are receiving this mail because:
You are the assignee for the bug.