-------- Original Message --------
*Subject: *Re: Configuring kerberos sessions in jmeter
*From: *Felix Schumacher <[email protected]>
*To: *JMeter Users List <[email protected]>
*Date: *Wed Apr 26 2017 18:34:13 GMT+0100 (BST)
Am 26.04.2017 um 18:05 schrieb [email protected]:
I have successfully set up jmeter to make requests to a server
authenticating with kerberos, but I see that jmeter is re-authenticating
with every request.
In the server access logs, I see two requests to the server for every
attempt, the first requests results in a 401 status response, and then
jmeter replies properly and the server generates a 200 status response
with the expected content.
I'd like to set it up so that jmeter only needs to do the handshaking
negotiation and trip to the kerberos KDC once rather than with every call.
Have you tried, if a normal browser does, what you describe?
In my opinion the described behaviour is normal. In tomcat, for example, a
session will be established using a cookie. The user will be associated with
that session and the cookie will be used on further requests.
Depending on the server, it might use SSL Sessions for the same thing, but I
haven't seen that (knowingly).
It depends on your idea of "normal" ;)
I'm pretty sure but not certain because I'm at home right now and will have to
check tomorrow:
- IE will automatically store and re-use a kerberos session
- FF and Chrome and other won't although there are plugins which might (haven't
tried them all).
In my limited experience with Kerberos, I believe that the re-use of the
kerberos service ticket is done in Windows via calls to its GSSAPI or SSP module
which can access the in-memory credentials cache.
Regards
Adam
