I have the krb files config'd and my Kerberos seems to be working (it is
logging in with the currently logged in user's ID. My files are:
Jaas.conf:
JMeter {
com.sun.security.auth.module.Krb5LoginModule required
debug=true
keytab="D:\Data\JMeter\config\krb\krb5.conf"
doNotPrompt=true
useKeyTab=false
useTicketCache=true
renewTGT=true
storeKey=false
storePass=false
refreshKrb5Config=false
useFirstPass=false
tryFirstPass=false
;
};
[libdefaults]
default_realm = MY-REALM
default_keytab_name = FILE:c:/keytab/x.keytab
default_tkt_enctypes = des3-cbc-sha1 arcfour-hmac aes256-cts
des-cbc-md5 des-cbc-crc
default_tgs_enctypes = des3-cbc-sha1 arcfour-hmac aes256-cts
des-cbc-md5 des-cbc-crc
[realms]
MY-REALM = {
kdc = servername.my-realm:88
admin_server = serveradmin.my-realm:749
default_domain = my-domain
}
[domain_realm]
.my-domain = domain
other-domain = domain
[logging]
kdc = FILE:/Data/JMeter/logs/krb5kdc.log
admin_server = FILE:/Data/JMeter/logs/kadmin.log
default = FILE:/Data/JMeter/logs/krb5lib.log
I'm seeing a negotiate with a 200 since it is using my desktop user's ID. So,
if I'm logged into my Windows desktop as DESKTOPUSER and I added several
usernames (say test1, test2, test3) to the auth manager, I'm seeing (via my app
logs) the DESKTOPUSER logging in and not the test virtual users.
Could it be the way I have Kerberos setup?
Thanks,
Lou
> -----Original Message-----
> From: Felix Schumacher [mailto:[email protected]]
> Sent: Monday, June 02, 2014 10:44 AM
> To: JMeter Users List
> Subject: Re: Kerberos/client 4 not using specified username/pw
>
> Am 02.06.2014 14:50, schrieb Masters,Louis:
> > I'm trying to get Kerberos to work with the HTTP Authorization
> > Manager. It matches the URL correctly, but when I debug my app, I
> see
> > it is using the currently logged in user instead of the
> > username/password I specify in the manager. There are no
> > authentication errors in the log.
> >
> > Details:
> > JDK 1.6.0_32
> > JMeter 2.11
> > HTTPClient 4
>
> Have you configured the properties
>
> java.security.krb5.conf=krb5.conf
> java.security.auth.login.config=jaas.conf
>
> in your bin/system.properties file?
>
> What is your server sending? It has to send a header "WWW-Authenticate:
> Negotiate" with a status of 401.
>
> Regards
> Felix
> >
> >
> > I tried setting the "http.authentication.preemptive$Boolean" to false
> > and true, but that does not seem to work.
> >
> > Thanks,
> > Lou
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [email protected]
> For additional commands, e-mail: [email protected]
Confidentiality Notice: The information contained in this e-mail and any
attachments (including, but not limited to, any attached e-mails) may be
legally privileged and confidential. If you are not an intended recipient, you
are hereby notified that any dissemination, distribution or copying of this
e-mail is strictly prohibited. If you have received this e-mail in error,
please notify the sender and permanently delete the e-mail and any attachments
immediately. You should not retain, copy or use this e-mail or any attachment
for any purpose, nor disclose all or any part of the contents to any other
person. Thank you.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
