My knowledge of SAML is dated - but it used to have an Auto Submit Form Post with dynamic data - not just the redirect so have you extracted and posted the data?
regards deepak On Fri, Nov 2, 2012 at 12:15 PM, Mark Miller <[email protected]>wrote: > Though I have not run through a federated authentication with JMeter, I > have had some success with complex authN redirection scenarios. In those > cases, I found the best approach was to tackle it with a sequence of 'as > raw and simple as possible' http samplers. > > I would capture a full header trace of a successful authentication using > LiveHTTPHeaders in Firefox, then set about manually recreating those > requests, one at a time, respecting every detail. Don't let JMeter do > anything automagically for you. When you get all the details right, it will > work. Wrap it all up in a test fragment and you can reuse your login > fragment. > > Pay close attention to cookie management. In some cases I have found reason > to add or remove cookies explicitly via BeanShell pre or post processors. > log.info is your friend. > > Hang in there and you will figure it out. > > Mark > > > On Fri, Nov 2, 2012 at 1:00 PM, Daniel Corredor <[email protected]> wrote: > > > Yes, I did not luck either. The whole problem is that in the login step > > there are 2 redirections with dynamic values and my script fails there. > > 1) It is a URL that gets a dynamic value as I explained before > > 2) using that URL I get a new SAMLResponse value > > > > Has anybody experience something like this? > > > > Thanks. > > Dan > > > > > > > > On Fri, Nov 2, 2012 at 2:41 PM, sebb <[email protected]> wrote: > > > > > On 2 November 2012 14:32, Daniel Corredor <[email protected]> wrote: > > > > Hi Everyone, > > > > > > > > I am trying to develop an script in which I am unable to > authenticate. > > > The > > > > analysis I have done for the script is the following: > > > > > > > > 1- Browse some initial pages, to get country, and language. > > > > > > > > 2- I get to the main sign in. At that point I extract 3 variables > from > > > that > > > > page: > > > > goto=.... > > > > SunQueryParamsString-...... > > > > and > > > > SAMLRequest=...... > > > > > > > > 3- I get into the login page > > > > http://xxxxxx.com/sso/UI/Login > > > > In this step I post > > > > goto=.... > > > > SunQueryParamsString-...... > > > > plus the userid and password. > > > > > > > > > > > > However, the authentication fails. When I analyze the transactions > > using > > > > Badboy I see that on the login step (3) there are 3 subrequest one of > > > them > > > > gets a new SAMLRequest which is a bigger size and also a new URL > with a > > > new > > > > parameter. Please refer below > > > > > > > > > > > > > > http://xxxxxx/SSORedirect/metaAlias/serion/idp?ReqID=a41jgig0630g57de3igeh6h > > > > > > > > The questions: > > > > > > > > I am not sure how to extract the variables SAMLRequest and the ReqID= > > > from > > > > the http://xxxxxx.com/sso/UI/Login because it fails in Jmeter. So I > am > > > not > > > > sure how I can handle that. > > > > > > > > Any ideas? > > > > > > > > > > Have you tried using the JMeter proxy to record the session? > > > > > > > Thanks in advance. > > > > > > > > Dan > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [email protected] > > > For additional commands, e-mail: [email protected] > > > > > > > > >
