> Download JMeter tool from below site to test servlet perfomance.
>
> <http://java.apache.org> http://java.apache.org
How feasible is it to use something like this for an
SSL-protected site? This isn't paranoia talking, part of the process
we need to test involves some of the security issues.
Is it feasible to set up jmeter as an applet, so it uses the
browser's SSL capabilities?
One thing I'd love is a browser plug-in that would let me
eavesdrop on the transactions between the browser and the server.
Easy enough to do with a proxy server on the PC, or a packet sniffer,
but of course when you add SSL to the picture, both of those break -
and again, a lot of my need for this involves working around browser
bugs that only crop up in secure sessions (if anybody ever tells me
how great Internet Explorer 4.0 is again, I'm gonna slap them :-( *).
(* Just one of the bugs: apparently if you point a POST form at an
SSL-protected servlet or CGI, IE4 hits the server, exchanges
certificates, etc, and in the process forgets what it did with the
data it was going to post. The workaround for this one was to make
sure the browser exchanged certificates before the form was submitted.
But figuring out what was happening, and why, and making sure this
workaround fixed it, was quite a painstaking task).
Steven J. Owens
[EMAIL PROTECTED]
[EMAIL PROTECTED]
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
