DO NOT REPLY [Bug 44690] New: Make Login Config data available as variables

Thu, 27 Mar 2008 07:55:56 -0700 

https://issues.apache.org/bugzilla/show_bug.cgi?id=44690

           Summary: Make Login Config data available as variables
           Product: JMeter
           Version: 2.3.1
          Platform: Macintosh
        OS/Version: Mac OS X 10.4
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Main
        AssignedTo: [email protected]
        ReportedBy: [EMAIL PROTECTED]


I would like to suggest that JMeter should make the username and password
entered in the Login Config Element available to other elements as user
variables.  This should be available as an option.

When I recently used JMeter to test a web application that involved form-based
athentication, I needed to specify the username and password form fields as
parameters in the HTTP Request element.  The field used for the password had no
protection at all, so it was readily visible.  Later, I noticed the Login
Config Element that can be used to supply login information to other elements
that require it (the LDAP element and perhaps others).  I see that it does
obscure passwords.

I think the option I am suggesting could be implemented in this way:  The Login
Config Element could have a checkbox that says "store username and password in
user variables".  If that checkbox is checked, two text fields would become
active that would let the user enter the names of variables to store each of
the username and password.  Default values for those variable names could be
already entered in the fields as "USER" and "PASS".  Then, when a user wants to
create an HTTP Request with username and password parameters, they can use
${USER} and ${PASS} instead of providing actual plain-text values in the
request element.

I realize that the Login Config Element stores the password as plain text in
.jmx files, and that should probably change as well.  But those changes should
be the subject of separate suggestions, and I think this will help make users
feel a little better about entering passwords in JMeter.


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to