You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@jmeter.apache.org by Jatin Davey <ja...@cisco.com> on 2009/12/25 05:39:43 UTC
HTTP Sampler -- HTTP Authorization manager usage
Hi
I was reading through the documentation about the HTTP request sampler
and found the following statement:
If the request requires server or proxy login authorization (i.e. where
a browser would create a pop-up dialog box), you will also have to add
an HTTP Authorization Manager
<http://jakarta.apache.org/jmeter/usermanual/component_reference.html#HTTP_Authorization_Manager>
Configuration Element.
I have a question in this regard , If i send the authorization
parameters in seperate HTTP Post requests do i need to use the HTTP
Authorization managers ?
Thanks
Jatin
---------------------------------------------------------------------
To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jmeter-user-help@jakarta.apache.org
Re: HTTP Sampler -- HTTP Authorization manager usage
Posted by Jatin Davey <ja...@cisco.com>.
Thanks Deepak.
Thanks
Jatin
Deepak Shetty wrote:
>> If the web server is implemented in a way that all the requests to it
>>
> require authorization credentials to be passed in the HTTP >header then we
> ought to use the Authorization manager.
>
>> If the authorization is managed using cookies or if it is fed in a form and
>>
> posted to the server using the HTTP post request then we >could ignore using
> the HTTP Authorization manager and have all the authorization work either
> done by passing credential >information in a post request with parameters or
> having a cookie manager.
>
> Loosely speaking , yes.
> regards
> deepak
>
> On Thu, Dec 24, 2009 at 9:08 PM, Jatin Davey <ja...@cisco.com> wrote:
>
>
>> Ok i get it. Please correct if my understanding is incorrect.
>>
>> If the web server is implemented in a way that all the requests to it
>> require authorization credentials to be passed in the HTTP header then we
>> ought to use the Authorization manager.
>>
>> If the authorization is managed using cookies or if it is fed in a form and
>> posted to the server using the HTTP post request then we could ignore using
>> the HTTP Authorization manager and have all the authorization work either
>> done by passing credential information in a post request with parameters or
>> having a cookie manager.
>>
>> Thanks
>> Jatin
>>
>>
>> Deepak Shetty wrote:
>>
>>
>>> Hi
>>> Its based on what your server / application accepts.
>>> Systems that need basic authentication pass authorization information in
>>> the
>>> headers and you need to pass it in every request(the browser does this
>>> automatically). (Other systems like NT authentication also use a similar
>>> mechanism). In these cases you need an authorization manager
>>>
>>> Systems that implement a form based system where you POST a
>>> username/password usually maintain your authorization with a session id
>>> (in
>>> turn the session id is in the url or cookie) and you dont need an
>>> authorization manager in this case.
>>> So assuming your application is of the latter variety, you dont need the
>>> authorization manager
>>>
>>> regards
>>> deepak
>>>
>>>
>>> On Thu, Dec 24, 2009 at 8:39 PM, Jatin Davey <ja...@cisco.com> wrote:
>>>
>>>
>>>
>>>
>>>> Hi
>>>>
>>>> I was reading through the documentation about the HTTP request sampler
>>>> and
>>>> found the following statement:
>>>>
>>>> If the request requires server or proxy login authorization (i.e. where a
>>>> browser would create a pop-up dialog box), you will also have to add an
>>>> HTTP
>>>> Authorization Manager <
>>>>
>>>> http://jakarta.apache.org/jmeter/usermanual/component_reference.html#HTTP_Authorization_Manager
>>>>
>>>> Configuration Element.
>>>>
>>>> I have a question in this regard , If i send the authorization parameters
>>>> in seperate HTTP Post requests do i need to use the HTTP Authorization
>>>> managers ?
>>>>
>>>> Thanks
>>>> Jatin
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
>>>> For additional commands, e-mail: jmeter-user-help@jakarta.apache.org
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: jmeter-user-help@jakarta.apache.org
>>
>>
>>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jmeter-user-help@jakarta.apache.org
Re: HTTP Sampler -- HTTP Authorization manager usage
Posted by Deepak Shetty <sh...@gmail.com>.
>If the web server is implemented in a way that all the requests to it
require authorization credentials to be passed in the HTTP >header then we
ought to use the Authorization manager.
>If the authorization is managed using cookies or if it is fed in a form and
posted to the server using the HTTP post request then we >could ignore using
the HTTP Authorization manager and have all the authorization work either
done by passing credential >information in a post request with parameters or
having a cookie manager.
Loosely speaking , yes.
regards
deepak
On Thu, Dec 24, 2009 at 9:08 PM, Jatin Davey <ja...@cisco.com> wrote:
> Ok i get it. Please correct if my understanding is incorrect.
>
> If the web server is implemented in a way that all the requests to it
> require authorization credentials to be passed in the HTTP header then we
> ought to use the Authorization manager.
>
> If the authorization is managed using cookies or if it is fed in a form and
> posted to the server using the HTTP post request then we could ignore using
> the HTTP Authorization manager and have all the authorization work either
> done by passing credential information in a post request with parameters or
> having a cookie manager.
>
> Thanks
> Jatin
>
>
> Deepak Shetty wrote:
>
>> Hi
>> Its based on what your server / application accepts.
>> Systems that need basic authentication pass authorization information in
>> the
>> headers and you need to pass it in every request(the browser does this
>> automatically). (Other systems like NT authentication also use a similar
>> mechanism). In these cases you need an authorization manager
>>
>> Systems that implement a form based system where you POST a
>> username/password usually maintain your authorization with a session id
>> (in
>> turn the session id is in the url or cookie) and you dont need an
>> authorization manager in this case.
>> So assuming your application is of the latter variety, you dont need the
>> authorization manager
>>
>> regards
>> deepak
>>
>>
>> On Thu, Dec 24, 2009 at 8:39 PM, Jatin Davey <ja...@cisco.com> wrote:
>>
>>
>>
>>> Hi
>>>
>>> I was reading through the documentation about the HTTP request sampler
>>> and
>>> found the following statement:
>>>
>>> If the request requires server or proxy login authorization (i.e. where a
>>> browser would create a pop-up dialog box), you will also have to add an
>>> HTTP
>>> Authorization Manager <
>>>
>>> http://jakarta.apache.org/jmeter/usermanual/component_reference.html#HTTP_Authorization_Manager
>>> >
>>> Configuration Element.
>>>
>>> I have a question in this regard , If i send the authorization parameters
>>> in seperate HTTP Post requests do i need to use the HTTP Authorization
>>> managers ?
>>>
>>> Thanks
>>> Jatin
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
>>> For additional commands, e-mail: jmeter-user-help@jakarta.apache.org
>>>
>>>
>>>
>>>
>>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: jmeter-user-help@jakarta.apache.org
>
>
Re: HTTP Sampler -- HTTP Authorization manager usage
Posted by Jatin Davey <ja...@cisco.com>.
Ok i get it. Please correct if my understanding is incorrect.
If the web server is implemented in a way that all the requests to it
require authorization credentials to be passed in the HTTP header then
we ought to use the Authorization manager.
If the authorization is managed using cookies or if it is fed in a form
and posted to the server using the HTTP post request then we could
ignore using the HTTP Authorization manager and have all the
authorization work either done by passing credential information in a
post request with parameters or having a cookie manager.
Thanks
Jatin
Deepak Shetty wrote:
> Hi
> Its based on what your server / application accepts.
> Systems that need basic authentication pass authorization information in the
> headers and you need to pass it in every request(the browser does this
> automatically). (Other systems like NT authentication also use a similar
> mechanism). In these cases you need an authorization manager
>
> Systems that implement a form based system where you POST a
> username/password usually maintain your authorization with a session id (in
> turn the session id is in the url or cookie) and you dont need an
> authorization manager in this case.
> So assuming your application is of the latter variety, you dont need the
> authorization manager
>
> regards
> deepak
>
>
> On Thu, Dec 24, 2009 at 8:39 PM, Jatin Davey <ja...@cisco.com> wrote:
>
>
>> Hi
>>
>> I was reading through the documentation about the HTTP request sampler and
>> found the following statement:
>>
>> If the request requires server or proxy login authorization (i.e. where a
>> browser would create a pop-up dialog box), you will also have to add an HTTP
>> Authorization Manager <
>> http://jakarta.apache.org/jmeter/usermanual/component_reference.html#HTTP_Authorization_Manager>
>> Configuration Element.
>>
>> I have a question in this regard , If i send the authorization parameters
>> in seperate HTTP Post requests do i need to use the HTTP Authorization
>> managers ?
>>
>> Thanks
>> Jatin
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: jmeter-user-help@jakarta.apache.org
>>
>>
>>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jmeter-user-help@jakarta.apache.org
Re: HTTP Sampler -- HTTP Authorization manager usage
Posted by Deepak Shetty <sh...@gmail.com>.
Hi
Its based on what your server / application accepts.
Systems that need basic authentication pass authorization information in the
headers and you need to pass it in every request(the browser does this
automatically). (Other systems like NT authentication also use a similar
mechanism). In these cases you need an authorization manager
Systems that implement a form based system where you POST a
username/password usually maintain your authorization with a session id (in
turn the session id is in the url or cookie) and you dont need an
authorization manager in this case.
So assuming your application is of the latter variety, you dont need the
authorization manager
regards
deepak
On Thu, Dec 24, 2009 at 8:39 PM, Jatin Davey <ja...@cisco.com> wrote:
> Hi
>
> I was reading through the documentation about the HTTP request sampler and
> found the following statement:
>
> If the request requires server or proxy login authorization (i.e. where a
> browser would create a pop-up dialog box), you will also have to add an HTTP
> Authorization Manager <
> http://jakarta.apache.org/jmeter/usermanual/component_reference.html#HTTP_Authorization_Manager>
> Configuration Element.
>
> I have a question in this regard , If i send the authorization parameters
> in seperate HTTP Post requests do i need to use the HTTP Authorization
> managers ?
>
> Thanks
> Jatin
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: jmeter-user-help@jakarta.apache.org
>
>