Hi team, I am trying to replay against an Oracle dashboard application (recording with HTTP proxy works fine) and it fails on an implicit re-direct. This single sign-on redirect gets the user's credentials from [*somewhere*] and authenticates the user. When I play back the initial page request, a redirect happens to the authentication page, which comes back with a 401 Unauthorised response. I am not sure what can be done about it, or even if the request is an SSL-encrypted request. I am pretty sure that it would be, otherwise it wouldn't be very good security. I read this thread http://markmail.org/message/ofm3kqfvappuramw but this is not what happens for me - no authentication pop-up window appears, the request just fails. Below are the two requests; the first one that succeeds and redirects, and the second one that fails.
========== ========== Thread Name: Thread Group 1-1 Sample Start: 2008-10-16 11:18:05 BST Load time: 0 Latency: 0 Size in bytes: 917 Sample Count: 1 Error Count: 0 Response code: 302 Response message: Redirect to Oracle SSO Server Response headers: HTTP/1.1 302 Redirect to Oracle SSO Server Date: Thu, 16 Oct 2008 10:18:04 GMT Server: Oracle-Application-Server-10g/10.1.3.1.0 Oracle-HTTP-Server Location: http://myserver:7777/pls/orasso/orasso.wwsso_app_admin.ls_login?Site2pstoreToken=v1.4~8D8A0B8B~blablabla Keep-Alive: timeout=15, max=99 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=iso-8859-1 ========== then the re-direct, and failure ========== Thread Name: Thread Group 1-1 Sample Start: 2008-10-16 11:18:05 BST Load time: 0 Latency: 0 Size in bytes: 0 Sample Count: 1 Error Count: 1 Response code: 401 Response message: Unauthorized Response headers: HTTP/1.1 401 Unauthorized Date: Thu, 16 Oct 2008 10:18:04 GMT Server: Oracle-Application-Server-10g/10.1.2.2.0 Oracle-HTTP-Server Set-Cookie: JSESSIONID=0a34001530d5baaf944b3cb84652a9d0c5d8610f6f23.e3aTb34SbNaSe34Sa38Pa38Nc3b0n6jAmljGr5XDqQLvpAe; path=/sso Cache-Control: private WWW-Authenticate: Negotiate WWW-Authenticate: Basic realm="SSO" Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: application/octet-stream ========== ========== Now, when I take that second request, and create a new HTTP request manually (from the automatic redirect request), but make it https, I get this error: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection? at com.sun.net.ssl.internal.ssl.InputRecord.b(Unknown Source) at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(Unknown Source) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source) at org.apache.jmeter.protocol.http.sampler.HTTPSampler.sample(HTTPSampler.java:431) at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1021) at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1007) at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:290) at java.lang.Thread.run(Unknown Source) Can anyone help ? I am really stuck and not sure where to continue investigating... Thanks in advance ! hiro --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
