You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@jmeter.apache.org by Fergal Hanley <fe...@gmail.com> on 2012/11/29 23:28:44 UTC
Strange behavior when performing basic authentication
I'm getting some strange behavior when attempting to use JMeter to perform
basic authentication against a web application.
I'm using the Authorization Manager for NTLM authentication. When I attempt
to play back my script I get a 401 Unauthorized error response. I'f I fire
up the JMeter proxy server and record a snippet of script from the very
server I'm attempting to hit in my test, and then I play back the script
after this, it can authenticate. Does the fact that record change something
in JMeter to make authorization work? This effect is retained as long as I
keep the JMeter application open but lost when I close and reopen the tool.
Other details about the test plan:
1. I'm using Java implementation calls, HttpClient 3.1 and 4 never worked
2. Calls are being made through an internet proxy that I've configured
in jmeter.properties
3. The application I'm targeting is a SharePoint site
4. I'm using the HTTP Authorization Manager for server authentication
5. I left the JMeter application open over night in a state where it was
able to play back the requests. When I came in the next day it was still
able to play back the requests but when I restarted the application it was
once again unable to make the requests.
Any help would be greatly appreciated,
Thank you,
Fergal
Re: Strange behavior when performing basic authentication
Posted by Fergal Hanley <fe...@gmail.com>.
Thanks Chaitanya, unfortunately disabling NTLM in this environment is not
an easy option :-/
I'm considering the possibility of using a separate authentication proxy.
Right now I'm looking at cntlm (http://cntlm.sourceforge.net/). Do you
know if this is a viable workaround or heard of a similar approach?
Thanks,
Fergal
On Fri, Nov 30, 2012 at 11:40 AM, chaitanya bhatt <bhatt.chaitanya@gmail.com
> wrote:
> The reason why the replay worked for you the first time is because of the
> SSO capability of the domain driver. Your md4 hash key was valid until the
> activity timeout occurred on the server side. Once your hash expires you
> won't be able to authenticate until you/jmeter negotiates with the server
> and create a new digest key. Part of the auth key is generate on the client
> side. So, you won't be able to replay just by grabbing the server returned
> AuthKey and plugging it in subsequent requests.
>
> In my opinion your best bet is to disable NTML and test your application.
>
> Thanks
> Chaitanya M Bhatt
>
> On Thu, Nov 29, 2012 at 4:03 PM, Fergal Hanley <fergalhanley@gmail.com
> >wrote:
>
> > *Scott:*
> >
> > Thanks for getting back to me. I've tried turning all my sampler
> > implementations to HttpClient 4 but now I'm getting for each request:
> >
> > Response code: 407
> > Response message: Proxy Authentication Required
> >
> > However I've got my proxy settings configured correctly:
> >
> > https.proxyHost=internetproxy
> > https.proxyPort=3128
> > http.proxyHost=internetproxy
> > http.proxyPort=3128
> >
> >
> > *Chaitanya:*
> >
> > I'm attempting to capture the headers your talking about and pass them
> into
> > each request. Using Fiddler I've captured the traffic between the web
> > server and JMeter when playing back the samplers. I did this first when
> > JMeter was in the state where is was unable to authenticate and then
> > secondly when it *was* able authenticate (i.e. after recording
> something).
> > I saved the data from both sessions and compared them in a diff tool but
> > strangely there's no difference in the headers of the initial calls but
> > "post-recording", JMeter was able to authenticate and redirect to the
> > appropriate address. See the paste bins below with the data from the
> > requests:
> >
> > Before recording:
> > http://pastebin.com/Gwb4tgRV
> >
> > After recording:
> > http://pastebin.com/Aqv9Ljti
> >
> >
> > Much appreciated,
> >
> > Fergal
> >
> >
> > On Fri, Nov 30, 2012 at 9:43 AM, chaitanya bhatt
> > <bh...@gmail.com>wrote:
> >
> > > Authenticating the base URL isn't sufficient. NTLM V2 requires a header
> > > value with auth key in each and every request without which you won't
> be
> > > able to successfully replay. Jmeter has limitations when it comes to
> NTLM
> > > V2.
> > >
> > > Wish you luck!
> > >
> > > Thanks
> > > Chaitanya
> > >
> > > On Thu, Nov 29, 2012 at 2:31 PM, HUSSEY, SCOTT T <sh...@att.com>
> wrote:
> > >
> > > > I've found HTTPClient 4 to be the best for NTLM authentication. I
> have
> > > > seen issues where I recorded using the Java implementation w/ the
> proxy
> > > > server and then switched to HTTPClient4 for playback w/ the best
> > results.
> > > >
> > > > > -----Original Message-----
> > > > > From: Fergal Hanley [mailto:fergalhanley@gmail.com]
> > > > > Sent: Thursday, November 29, 2012 4:29 PM
> > > > > To: user@jmeter.apache.org
> > > > > Subject: Strange behavior when performing basic authentication
> > > > >
> > > > > I'm getting some strange behavior when attempting to use JMeter to
> > > > > perform
> > > > > basic authentication against a web application.
> > > > >
> > > > > I'm using the Authorization Manager for NTLM authentication. When I
> > > > > attempt
> > > > > to play back my script I get a 401 Unauthorized error response.
> I'f I
> > > > fire
> > > > > up the JMeter proxy server and record a snippet of script from the
> > very
> > > > > server I'm attempting to hit in my test, and then I play back the
> > > script
> > > > > after this, it can authenticate. Does the fact that record change
> > > > something
> > > > > in JMeter to make authorization work? This effect is retained as
> long
> > > as
> > > > I
> > > > > keep the JMeter application open but lost when I close and reopen
> the
> > > > tool.
> > > > >
> > > > > Other details about the test plan:
> > > > >
> > > > >
> > > > > 1. I'm using Java implementation calls, HttpClient 3.1 and 4
> never
> > > > worked
> > > > > 2. Calls are being made through an internet proxy that I've
> > > configured
> > > > > in jmeter.properties
> > > > > 3. The application I'm targeting is a SharePoint site
> > > > > 4. I'm using the HTTP Authorization Manager for server
> > > authentication
> > > > > 5. I left the JMeter application open over night in a state
> where
> > it
> > > > was
> > > > > able to play back the requests. When I came in the next day it
> was
> > > > still
> > > > > able to play back the requests but when I restarted the
> > application
> > > > it was
> > > > > once again unable to make the requests.
> > > > >
> > > > >
> > > > > Any help would be greatly appreciated,
> > > > >
> > > > > Thank you,
> > > > > Fergal
> > > >
> > > > ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
> > > > For additional commands, e-mail: user-help@jmeter.apache.org
> > > >
> > > >
> > >
> >
>
Re: Strange behavior when performing basic authentication
Posted by chaitanya bhatt <bh...@gmail.com>.
The reason why the replay worked for you the first time is because of the
SSO capability of the domain driver. Your md4 hash key was valid until the
activity timeout occurred on the server side. Once your hash expires you
won't be able to authenticate until you/jmeter negotiates with the server
and create a new digest key. Part of the auth key is generate on the client
side. So, you won't be able to replay just by grabbing the server returned
AuthKey and plugging it in subsequent requests.
In my opinion your best bet is to disable NTML and test your application.
Thanks
Chaitanya M Bhatt
On Thu, Nov 29, 2012 at 4:03 PM, Fergal Hanley <fe...@gmail.com>wrote:
> *Scott:*
>
> Thanks for getting back to me. I've tried turning all my sampler
> implementations to HttpClient 4 but now I'm getting for each request:
>
> Response code: 407
> Response message: Proxy Authentication Required
>
> However I've got my proxy settings configured correctly:
>
> https.proxyHost=internetproxy
> https.proxyPort=3128
> http.proxyHost=internetproxy
> http.proxyPort=3128
>
>
> *Chaitanya:*
>
> I'm attempting to capture the headers your talking about and pass them into
> each request. Using Fiddler I've captured the traffic between the web
> server and JMeter when playing back the samplers. I did this first when
> JMeter was in the state where is was unable to authenticate and then
> secondly when it *was* able authenticate (i.e. after recording something).
> I saved the data from both sessions and compared them in a diff tool but
> strangely there's no difference in the headers of the initial calls but
> "post-recording", JMeter was able to authenticate and redirect to the
> appropriate address. See the paste bins below with the data from the
> requests:
>
> Before recording:
> http://pastebin.com/Gwb4tgRV
>
> After recording:
> http://pastebin.com/Aqv9Ljti
>
>
> Much appreciated,
>
> Fergal
>
>
> On Fri, Nov 30, 2012 at 9:43 AM, chaitanya bhatt
> <bh...@gmail.com>wrote:
>
> > Authenticating the base URL isn't sufficient. NTLM V2 requires a header
> > value with auth key in each and every request without which you won't be
> > able to successfully replay. Jmeter has limitations when it comes to NTLM
> > V2.
> >
> > Wish you luck!
> >
> > Thanks
> > Chaitanya
> >
> > On Thu, Nov 29, 2012 at 2:31 PM, HUSSEY, SCOTT T <sh...@att.com> wrote:
> >
> > > I've found HTTPClient 4 to be the best for NTLM authentication. I have
> > > seen issues where I recorded using the Java implementation w/ the proxy
> > > server and then switched to HTTPClient4 for playback w/ the best
> results.
> > >
> > > > -----Original Message-----
> > > > From: Fergal Hanley [mailto:fergalhanley@gmail.com]
> > > > Sent: Thursday, November 29, 2012 4:29 PM
> > > > To: user@jmeter.apache.org
> > > > Subject: Strange behavior when performing basic authentication
> > > >
> > > > I'm getting some strange behavior when attempting to use JMeter to
> > > > perform
> > > > basic authentication against a web application.
> > > >
> > > > I'm using the Authorization Manager for NTLM authentication. When I
> > > > attempt
> > > > to play back my script I get a 401 Unauthorized error response. I'f I
> > > fire
> > > > up the JMeter proxy server and record a snippet of script from the
> very
> > > > server I'm attempting to hit in my test, and then I play back the
> > script
> > > > after this, it can authenticate. Does the fact that record change
> > > something
> > > > in JMeter to make authorization work? This effect is retained as long
> > as
> > > I
> > > > keep the JMeter application open but lost when I close and reopen the
> > > tool.
> > > >
> > > > Other details about the test plan:
> > > >
> > > >
> > > > 1. I'm using Java implementation calls, HttpClient 3.1 and 4 never
> > > worked
> > > > 2. Calls are being made through an internet proxy that I've
> > configured
> > > > in jmeter.properties
> > > > 3. The application I'm targeting is a SharePoint site
> > > > 4. I'm using the HTTP Authorization Manager for server
> > authentication
> > > > 5. I left the JMeter application open over night in a state where
> it
> > > was
> > > > able to play back the requests. When I came in the next day it was
> > > still
> > > > able to play back the requests but when I restarted the
> application
> > > it was
> > > > once again unable to make the requests.
> > > >
> > > >
> > > > Any help would be greatly appreciated,
> > > >
> > > > Thank you,
> > > > Fergal
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
> > > For additional commands, e-mail: user-help@jmeter.apache.org
> > >
> > >
> >
>
Re: Strange behavior when performing basic authentication
Posted by Fergal Hanley <fe...@gmail.com>.
*Scott:*
Thanks for getting back to me. I've tried turning all my sampler
implementations to HttpClient 4 but now I'm getting for each request:
Response code: 407
Response message: Proxy Authentication Required
However I've got my proxy settings configured correctly:
https.proxyHost=internetproxy
https.proxyPort=3128
http.proxyHost=internetproxy
http.proxyPort=3128
*Chaitanya:*
I'm attempting to capture the headers your talking about and pass them into
each request. Using Fiddler I've captured the traffic between the web
server and JMeter when playing back the samplers. I did this first when
JMeter was in the state where is was unable to authenticate and then
secondly when it *was* able authenticate (i.e. after recording something).
I saved the data from both sessions and compared them in a diff tool but
strangely there's no difference in the headers of the initial calls but
"post-recording", JMeter was able to authenticate and redirect to the
appropriate address. See the paste bins below with the data from the
requests:
Before recording:
http://pastebin.com/Gwb4tgRV
After recording:
http://pastebin.com/Aqv9Ljti
Much appreciated,
Fergal
On Fri, Nov 30, 2012 at 9:43 AM, chaitanya bhatt
<bh...@gmail.com>wrote:
> Authenticating the base URL isn't sufficient. NTLM V2 requires a header
> value with auth key in each and every request without which you won't be
> able to successfully replay. Jmeter has limitations when it comes to NTLM
> V2.
>
> Wish you luck!
>
> Thanks
> Chaitanya
>
> On Thu, Nov 29, 2012 at 2:31 PM, HUSSEY, SCOTT T <sh...@att.com> wrote:
>
> > I've found HTTPClient 4 to be the best for NTLM authentication. I have
> > seen issues where I recorded using the Java implementation w/ the proxy
> > server and then switched to HTTPClient4 for playback w/ the best results.
> >
> > > -----Original Message-----
> > > From: Fergal Hanley [mailto:fergalhanley@gmail.com]
> > > Sent: Thursday, November 29, 2012 4:29 PM
> > > To: user@jmeter.apache.org
> > > Subject: Strange behavior when performing basic authentication
> > >
> > > I'm getting some strange behavior when attempting to use JMeter to
> > > perform
> > > basic authentication against a web application.
> > >
> > > I'm using the Authorization Manager for NTLM authentication. When I
> > > attempt
> > > to play back my script I get a 401 Unauthorized error response. I'f I
> > fire
> > > up the JMeter proxy server and record a snippet of script from the very
> > > server I'm attempting to hit in my test, and then I play back the
> script
> > > after this, it can authenticate. Does the fact that record change
> > something
> > > in JMeter to make authorization work? This effect is retained as long
> as
> > I
> > > keep the JMeter application open but lost when I close and reopen the
> > tool.
> > >
> > > Other details about the test plan:
> > >
> > >
> > > 1. I'm using Java implementation calls, HttpClient 3.1 and 4 never
> > worked
> > > 2. Calls are being made through an internet proxy that I've
> configured
> > > in jmeter.properties
> > > 3. The application I'm targeting is a SharePoint site
> > > 4. I'm using the HTTP Authorization Manager for server
> authentication
> > > 5. I left the JMeter application open over night in a state where it
> > was
> > > able to play back the requests. When I came in the next day it was
> > still
> > > able to play back the requests but when I restarted the application
> > it was
> > > once again unable to make the requests.
> > >
> > >
> > > Any help would be greatly appreciated,
> > >
> > > Thank you,
> > > Fergal
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
> > For additional commands, e-mail: user-help@jmeter.apache.org
> >
> >
>
Re: Strange behavior when performing basic authentication
Posted by chaitanya bhatt <bh...@gmail.com>.
Authenticating the base URL isn't sufficient. NTLM V2 requires a header
value with auth key in each and every request without which you won't be
able to successfully replay. Jmeter has limitations when it comes to NTLM
V2.
Wish you luck!
Thanks
Chaitanya
On Thu, Nov 29, 2012 at 2:31 PM, HUSSEY, SCOTT T <sh...@att.com> wrote:
> I've found HTTPClient 4 to be the best for NTLM authentication. I have
> seen issues where I recorded using the Java implementation w/ the proxy
> server and then switched to HTTPClient4 for playback w/ the best results.
>
> > -----Original Message-----
> > From: Fergal Hanley [mailto:fergalhanley@gmail.com]
> > Sent: Thursday, November 29, 2012 4:29 PM
> > To: user@jmeter.apache.org
> > Subject: Strange behavior when performing basic authentication
> >
> > I'm getting some strange behavior when attempting to use JMeter to
> > perform
> > basic authentication against a web application.
> >
> > I'm using the Authorization Manager for NTLM authentication. When I
> > attempt
> > to play back my script I get a 401 Unauthorized error response. I'f I
> fire
> > up the JMeter proxy server and record a snippet of script from the very
> > server I'm attempting to hit in my test, and then I play back the script
> > after this, it can authenticate. Does the fact that record change
> something
> > in JMeter to make authorization work? This effect is retained as long as
> I
> > keep the JMeter application open but lost when I close and reopen the
> tool.
> >
> > Other details about the test plan:
> >
> >
> > 1. I'm using Java implementation calls, HttpClient 3.1 and 4 never
> worked
> > 2. Calls are being made through an internet proxy that I've configured
> > in jmeter.properties
> > 3. The application I'm targeting is a SharePoint site
> > 4. I'm using the HTTP Authorization Manager for server authentication
> > 5. I left the JMeter application open over night in a state where it
> was
> > able to play back the requests. When I came in the next day it was
> still
> > able to play back the requests but when I restarted the application
> it was
> > once again unable to make the requests.
> >
> >
> > Any help would be greatly appreciated,
> >
> > Thank you,
> > Fergal
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
> For additional commands, e-mail: user-help@jmeter.apache.org
>
>
RE: Strange behavior when performing basic authentication
Posted by "HUSSEY, SCOTT T" <sh...@att.com>.
I've found HTTPClient 4 to be the best for NTLM authentication. I have seen issues where I recorded using the Java implementation w/ the proxy server and then switched to HTTPClient4 for playback w/ the best results.
> -----Original Message-----
> From: Fergal Hanley [mailto:fergalhanley@gmail.com]
> Sent: Thursday, November 29, 2012 4:29 PM
> To: user@jmeter.apache.org
> Subject: Strange behavior when performing basic authentication
>
> I'm getting some strange behavior when attempting to use JMeter to
> perform
> basic authentication against a web application.
>
> I'm using the Authorization Manager for NTLM authentication. When I
> attempt
> to play back my script I get a 401 Unauthorized error response. I'f I fire
> up the JMeter proxy server and record a snippet of script from the very
> server I'm attempting to hit in my test, and then I play back the script
> after this, it can authenticate. Does the fact that record change something
> in JMeter to make authorization work? This effect is retained as long as I
> keep the JMeter application open but lost when I close and reopen the tool.
>
> Other details about the test plan:
>
>
> 1. I'm using Java implementation calls, HttpClient 3.1 and 4 never worked
> 2. Calls are being made through an internet proxy that I've configured
> in jmeter.properties
> 3. The application I'm targeting is a SharePoint site
> 4. I'm using the HTTP Authorization Manager for server authentication
> 5. I left the JMeter application open over night in a state where it was
> able to play back the requests. When I came in the next day it was still
> able to play back the requests but when I restarted the application it was
> once again unable to make the requests.
>
>
> Any help would be greatly appreciated,
>
> Thank you,
> Fergal
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
For additional commands, e-mail: user-help@jmeter.apache.org