Hi, I am testing a web application. Application Description: • The application uses NTLM V2 authentication. • It’s hosted on IIS 7.5.
Scenario : • On entering the URL,the application accepts the NTLM (domain) credentials without prompting for credentials and authenticates the user i.e. the user is not providing the credentials here. • I am able to capture the HTTP request using (JAVA) HTTP Sampler but not with HTTPClient 3.1 or HTTPClient 4. 1st Method: Observations: • When the scenario is replayed it works properly but the only challenge here is to provide user credentials.There is no way to provide credentials. • It uses the same credentials with which the recording was done. • And Load test would require me to supply multiple/different credentials • I have not used HTTP AUTH Manager so far. • Now, when HTTP Auth Manager is used in conjunction with (JAVA) HTTP Sampler,the credentials supplied in HTTP Authorization Manager has no effect. i.e. irrespective of the login credentials supplied in"HTTP Authorization Manager" it is logging with the user credentials with which the recording was done. Note: The request sent does not contain NTLM Auth(challenge) specific headers under REQUEST Headers of each request. Ultimately,there is no way to provide different credentials with this approach. 2nd Method: Since,HTTP Client (3.1 or 4) does not capture the requests while recording,I constructed the application requests manually using HTTP client (3.1 & 4) and supplied the credentials using HTTP Auth Manager. Observations: • Now,when replayed the script,the request sent contains NTLM Auth(challenge) specific headers under REQUEST Headers of each request. • But the request fails with 401 error code [401 - Unauthorized: Access is denied due to invalid credentials].It does not authorize the user with the credentials provided in HTTP Authorization Manager but it understands NTLM challenge response. Challenges: • With Java HTTP Sampler i am not able to login with multiple credentials even though the requests is sent successfully.It does not use the credentials provided in HTTP Auth Manager. • With HTTP Client sampler,the request fails with 401-Unauthorized error code with the credentials provided in HTTP Auth Manager. Is there a way to send the requests successfully and also provide different credentials to log in with either of the samplers? Appreciate your help in this regard. -- View this message in context: http://jmeter.512774.n5.nabble.com/NTLM-Auth-Load-test-with-multiple-different-user-logins-tp5648603p5648603.html Sent from the JMeter - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
