Am 06.06.2018 um 05:18 schrieb Swathi Chandrika:
Hi ,
I'm trying to use jmeter for Kerberos authentication but the authentication
is not happening successfully.
Here are the steps followed:
1.Updated the krb5.conf with right hosts and kdc details.
Could you show us the configuration? Replace the domain names with
something you would be comfortable to share publicly - like
domain.example.invalid and EXAMPLE.INVALID.
2. Add the applications url request (that is going to redirect to auth
server and after successfully validation it will redirect to the
application.)
3. Added the HTTP authorization manager and updated with the login
information.
Have you set the JVM parameters
java.security.krb5.conf=krb5.conf
java.security.auth.login.config=jaas.conf
and do they point to the correct files?
I would use the newly added feature of specifying them in bin/setenv.sh
(for a linux system) by adding something like
KRB_CONF=${JMETER_HOME}/bin/krb5.conf
JAAS_CONF=${JMETER_HOME}/bin/jaas.conf
export JMETER_OPTS="-Djava.security.krb5.conf=${KRB_CONF}
-Djava.security.auth.login.config=${JAAS_CONF}"
to that (probably newly created) file.
If it still doesn't work. I would modify the jaas.conf file to include
debug=true so that it would probably read:
JMeter {
com.sun.security.auth.module.Krb5LoginModule required
doNotPrompt=false
useKeyTab=false
debug=true
storeKey=false;
};
And always have a look in jmeter.log.
Tried the following:
1. Add invalid login credentials, I get error in jmeter logs saying userid
not found in kdc. So this make sure that kdc config is right.
Good.
1. If I run this script, the auth servers redirects back to the same since
it was not able to authorize
Maybe the server has a problem then? Are there any messages in the logs?
2. If I add the http header and include the UserAgent string , I get an
error saying:
Which header do you add?
WARN - org.apache.http.client.protocol.RequestTargetAuthentication:
NEGOTIATE authentication error: No valid credentials provided (Mechanism
level: No valid credentials provided (Mechanism level: Message stream
modified (41)))
WARN - org.apache.http.client.protocol.RequestTargetAuthentication:
NEGOTIATE authentication error: No valid credentials provided (Mechanism
level: No valid credentials provided (Mechanism level: Message stream
modified (41)))
Response headers:
Responsecode: 401
Response message: Unauthorized
Response headers:
HTTP/1.1 401 Unauthorized
Date: Tue, 05 Jun 2018 20:11:24 GMT
Server:
Content-Length: 0
Connection: keep-alive
Host: xxx.com
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows; Trident/6.0)
WWW-Authenticate: Negotiate
Did anyone come across similar issue? Any suggestions/pointers ?
What is the answer JMeter gives to this 401 request?
Regards,
Felix
Thank you.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@jmeter.apache.org
For additional commands, e-mail: user-h...@jmeter.apache.org
