I've applied a contribution from carl nygaard for https spoofing. it should be in the nightly or the next release.
peter On 8/18/06, Sen, Kakoli <[EMAIL PROTECTED]> wrote:
Hi, Regarding black-box testing of secured sites : No, it just means that you cannot use the JMeter proxy to generate the test plan. You can always generate the samplers manually, or by using Badboy. If we have to generate samplers manually, then we need to know the exact action that happens when we click 'Login'or 'submit' button in page to be tested. But that is not possible in black-box testing. What is the second option 'Badboy'? I don't know much about badboy. But I assume it is a testing tool and can be used to record HTTPS which can be exported in JMeter. If that is so, then JMeter can also include recording of HTTPS in its future road-map. Regards, Kakoli -----Original Message----- From: sebb [ mailto:[EMAIL PROTECTED] Sent: Thursday, August 17, 2006 8:40 PM To: JMeter Users List Subject: Re: JMeter proxy server supporting HTTPS On 17/08/06, Sen, Kakoli <[EMAIL PROTECTED]> wrote: > Hi Sebb, > Your reason on JMeter proxy not supporting HTTPS : > No, this is because it is not possible to extract the information > needed to construct the samplers from HTTPS traffic. If it was, then > HTTPS would not be secure. > Can you throw some more light on this since I am not so conversant with the nitty gritty of samplers from a developer's view-point. Please read the user manual. The samplers are the entries in the test plan that generate samples, e.g. by doing a GET of a particular URL. > No support for HTTPS is a bottleneck for using JMeter in black-box testing of secured sites. No, it just means that you cannot use the JMeter proxy to generate the test plan. You can always generate the samplers manually, or by using Badboy. > Thanks & Regards, > Kakoli > > -----Original Message----- > From: sebb [ mailto:[EMAIL PROTECTED] > Sent: Thursday, August 17, 2006 3:52 PM > To: JMeter Users List > Subject: Re: JMeter proxy server supporting HTTPS > > > On 17/08/06, Sen, Kakoli <[EMAIL PROTECTED]> wrote: > > Hi, > > JMeter's proxy server does not support HTTPS. Is it because of jdk bug? > > No, this is because it is not possible to extract the information > needed to construct the samplers from HTTPS traffic. If it was, then > HTTPS would not be secure. > > > The manual says : > > 'There is a bug in the handling of HTTPS via a Proxy (the CONNECT is not handled correctly). See Java bugs 6226610' > > Is it that a fundamental protocol like HTTPS is not supported even in Jdk1.5? > > I don't know if it has been fixed in Java 1.5. > > This is referring to a different proxy usage, where JMeter uses a > proxy to contact remote servers via a proxy. > > The JMeter proxy server is where JMeter is acting as a proxy, and you > tell the browser to connect via the JMeter proxy for the purpose of > creating samplers in a test plan. > > > Regards, > > Kakoli > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
