OpenAM <https://en.wikipedia.org/wiki/OpenAM> authentication flow is a little bit more complex thing than a "normal" correlation, your request sequence should look like:
1. Request protected page 2. Extract details of the authentication redirect 3. Perform authentication against OpenAM 4. Extract required parameters (i.e. RelayState <https://stackoverflow.com/questions/34350160/what-is-exactly-relaystate-parameter-used-in-sso-ex-saml> and SAMLResponse <https://developers.onelogin.com/saml/examples/response> ) References: - Security Assertion Markup Language (SAML) V2.0 Technical Overview <http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0.html> - How to Load Test SAML SSO Secured Websites with JMeter <https://www.blazemeter.com/blog/how-load-test-saml-sso-secured-websites> - Setting up a load-test with JMeter for performing SP initiated SSO's with SAML 2.0 <http://www.martijnburgers.net/post/2013/11/12/Setting-up-a-load-test-with-JMeter-for-performing-SP-initiated-SSOs-with-SAML-20.aspx> -- Sent from: http://www.jmeter-archive.org/JMeter-User-f512775.html --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
