On 14 November 2012 13:30, Shmuel Krakower <[email protected]> wrote: > Hi Sebb, > This is good news, last time we discussed this topic we agreed that NTLM v2 > is not supported by HC: > http://mail-archives.apache.org/mod_mbox/jmeter-user/201204.mbox/%3CCAOGo0VZnv3=q_w0mtgyuoghsfvjbw6+8tpwf+8bxvyyegdx...@mail.gmail.com%3E > > I think that in the link you provided they say that this is only somewhat > supported with HC4.1 and later, but we only have HC4.0 on JMeter
Depends on the jars that are included; 2.8 includes 4.2.1 > (or the name HTTPClient4 is misleading). 4 does not imply 4.0 only. > Anyhow this is good direction as I found NTLM not being supported in JMeter > as one of the key factors of Enterprises not tending to welcome JMeter > (as NTLM authentication is very popular in intranet applications). Surely only applications which rely on Microsoft servers. > SCOTT - I have no suggestion for you. > > Shmuel Krakower. > Beatsoo.org - re-use your jmeter scripts for application performance > monitoring from worldwide locations for free. > > > > On Tue, Nov 13, 2012 at 10:51 PM, sebb <[email protected]> wrote: > >> On 13 November 2012 20:42, Shmuel Krakower <[email protected]> wrote: >> > How did you figure that HC is choosing Kerberos? >> > Anyway - NTLM v2 is not supported by JMeter and NTLM v1 is too old for >> > being used in Sharepoint2010. >> >> HttpClient 4.x does support NTLMv2 [1], but the implementation is not >> guaranteed to work with all providers. >> >> [1] http://hc.apache.org/httpcomponents-client-ga/ntlm.html >> >> > Sorry to ruin the party, but you cannot use JMeter for load testing a >> NTLM >> > v2 based application. >> > You may only use anonymous users or switch to another authentication >> method >> > on the servers. >> > >> > Shmuel Krakower. >> > Beatsoo.org - re-use your jmeter scripts for application performance >> > monitoring from worldwide locations for free. >> > >> > >> > >> > On Tue, Nov 13, 2012 at 10:32 PM, HUSSEY, SCOTT T <[email protected]> >> wrote: >> > >> >> As a followup, I did sort out the logging configuration and it does look >> >> like HTTP Client is choosing Kerberos over NTLM even though Jmeter >> doesn't >> >> support it. Is this intended? >> >> >> >> 2012/11/13 12:17:56 DEBUG - >> >> org.apache.http.impl.client.DefaultTargetAuthenticationHandler: >> >> Authentication schemes in the order of preference: [negotiate, NTLM, >> >> Digest, Basic] >> >> 2012/11/13 12:17:56 DEBUG - >> >> org.apache.http.impl.client.DefaultTargetAuthenticationHandler: >> negotiate >> >> authentication scheme selected >> >> 2012/11/13 12:17:56 DEBUG - org.apache.http.impl.auth.NegotiateScheme: >> >> Received challenge '' from the auth server >> >> 2012/11/13 12:17:56 DEBUG - >> >> org.apache.http.client.protocol.RequestAddCookies: CookieSpec selected: >> >> ignoreCookies >> >> 2012/11/13 12:17:56 DEBUG - >> >> org.apache.http.client.protocol.RequestAuthCache: Auth cache not set in >> the >> >> context >> >> 2012/11/13 12:17:56 DEBUG - org.apache.http.impl.auth.NegotiateScheme: >> >> init <hostname> >> >> 2012/11/13 12:17:56 ERROR - >> >> org.apache.http.client.protocol.RequestTargetAuthentication: >> Authentication >> >> error: Invalid name provided (Mechanism level: Cannot locate default >> realm) >> >> >> >> -----Original Message----- >> >> From: HUSSEY, SCOTT T >> >> Sent: Tuesday, November 13, 2012 10:41 AM >> >> To: '[email protected]' >> >> Subject: HttpClient4 Selecting Authentication Method >> >> >> >> All, >> >> I'm trying to test a SharePoint 2010 site (Jmeter 2.7, JRE 1.6, >> Windows >> >> Server 2008). This site is configured to use Kerberos authentication, >> but >> >> fall back to NTLM if needed. >> >> >> >> 2012/11/13 08:19:10 DEBUG - httpclient.wire.header: << >> "WWW-Authenticate: >> >> Negotiate[\r][\n]" >> >> 2012/11/13 08:19:10 DEBUG - httpclient.wire.header: << >> "WWW-Authenticate: >> >> NTLM[\r][\n]" >> >> >> >> When I use HTTPClient 3.1 and enable trace, I see it selects NTLM but >> >> fails authentication because the site is using NTLM v2. When I switch to >> >> HTTPClient4 I only get the below error. I cannot figure out a way to >> enable >> >> more verbose output and do not know if this error is from HTTPClient4 >> >> attempting to use Kerberos (which it supports but Jmeter doesn't) or if >> it >> >> is from an NTLM issue. I'm leaning to the first issue of HTTPClient >> >> attempting to use Kerberos because a similar site setup as only NTLM >> works >> >> fine w/ HTTPClient4. I do have an HTTP Authorization Manager in scope >> with >> >> the domain and user account entered. >> >> >> >> 2012/11/13 08:06:02 ERROR - >> >> org.apache.http.client.protocol.RequestTargetAuthentication: >> Authentication >> >> error: Invalid name provided (Mechanism level: Cannot locate default >> realm) >> >> >> >> As a test, is there a way I can rewrite the server headers to remove " >> >> WWW-Authenticate: Negotiate" before HTTPClient responds? >> >> >> >> Thank you for your time. >> >> >> >> Scott >> >> >> >> --------------------------------------------------------------------- >> >> To unsubscribe, e-mail: [email protected] >> >> For additional commands, e-mail: [email protected] >> >> >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> >> --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
