SSO和Cookies的JMeter问题 [英] JMeter Issue with SSO and Cookies
问题描述
使用JMeter 3.1 r1770033,我在通过Single Sign-On存储公司特定的cookie时遇到两个问题. (SSO)
Using JMeter 3.1 r1770033, I am having two issues with storing a company-specific cookie via our Single Sign-On. (SSO)
我已经在该网站上阅读了许多有关Cookie的博客文章和问题,但似乎都没有解决我的特定问题" HC3CookieHandler:未存储无效的Cookie:"
I have read many blog posts and questions on this site regarding cookies, but none appear to address my specific issue of "HC3CookieHandler: Not storing invalid cookie:"
我相信这是由于公司希望cookie格式化的方式的实现.
I believe this is due to the implementation of how the company wants the cookie formatted.
Cookie:companyAuthorizedEnvironment = assignedTokenId
Cookie: companyAuthorizedEnvironment=assignedTokenId
使用 curl 的命令行界面能够成功,但不能通过JMeter.
I'm able to be successful using a Command Line Interface using curl, but not via JMeter.
curl --request POST --header "X-OpenAM-Username:username" --header "X-OpenAM-Password:password" --header "Content-Type:application/json" --data "{}" https://sso.company.com/access/authenticate/
Response
{"tokenId": "AQIC5w_TEXT_REMOVED_NTcy*", "successUrl": "/openam/console" }
下面是我的简单登录/登出测试的概述,并附有说明和 2个由此产生的问题的摘要.
Below is an outline of my simple login/logout test with explanations and a summary of the 2 resulting issues.
任何帮助将不胜感激!
测试计划
HTTP缓存管理器
Clear cache each iteration? = enabled
Use Cache-Control = disabled
Max # of elements = 5000
HTTP Cookie管理器
HTTP Cookie Manager
我尝试了每种可能的实施/政策组合,但均未成功.
Clear cookies each iteration = enabled
Implementation = HC3CookieHandler
Cookie Policy = default
设置线程组= SSO身份验证
此过程允许远程客户端使用有效的凭据向SSO进行身份验证.成功进行身份验证后,身份验证令牌将呈现给用户,然后该令牌将用于获得对安全应用程序的访问."
HTTP Header Mgr
X-OpenAM-Username: ${username}
X-OpenAM-Password: ${password}
Content-Type: application/json
HTTP Request
Server Name = sso.stage.company.com
Protocol = ${__P(protocol,https)}
Method = POST
Path = /access/authenticate/
REGEX
Ref Name = newTokenId
Reg Expression = "tokenId":(.+?)\,
Template = $1$
Match No. = 1
Default = null
BEANSHELL ASSERTION
${__setProperty(tokenId,${newTokenId})}
拆解线程组= SSO注销
此过程允许远程客户端通过注销系统来终止与SSO的活动会话"
HTTP Header Mgr
Cookie: companyauthstage=${tokenId}
Content-Type: application/json
HTTP Request
Server Name = sso.stage.company.com
Protocol = ${__P(protocol,https)}
Method = POST
Path = /access/logout/
问题1-登录
ISSUE 1 - LOGIN
我在跟踪日志中看到以下警告.
I am seeing the following warning in my trace log.
WARN - jmeter.protocol.http.control.HC3CookieHandler: Not storing invalid cookie: <amlbcookie=01; Domain=sso.stage.company.com.; Path=/> for URL https://sso.stage.company.com/access/authenticate/ (Illegal domain attribute "sso.stage.company.com.". Domain of origin: "sso.stage.company.com")
不知道为什么它是非法的.我想知道是否在域中添加了句点(.).我已经确认我没有多余的时间.
Not sure why it's illegal. I am wondering if somewhere a period (.) is being appended to the domain. I've verified I'm didn't have an extra period anywhere.
问题2-注销
Response code: 401
Response message: Unauthorized
我怀疑它是未经授权的,因为未存储"Cookie:companyauthstage = $ {tokenId}"标头,但不确定是否100%确定.
I suspect it's unauthorized because the "Cookie: companyauthstage=${tokenId}" header is not being stored, but am not 100% sure.
推荐答案
如果您完全确定cookie没问题,则可以通过在中添加下一行来强制JMeter禁用cookie检查并按原样存储它们. user.properties 文件(通常位于JMeter安装的"bin"文件夹下)
If you are totally sure that the cookie is fine you can force JMeter to disable cookies checks and store them as they are by adding the next line to user.properties file (normally lives under "bin" folder of your JMeter installation)
CookieManager.check.cookies=false
需要重新启动JMeter才能拾取该属性.
JMeter restart will be required to pick the property up.
您可以通过-J命令行参数传递属性来实现相同的目的,
You can achieve the same by passing the property via -J command-line argument like:
jmeter -JCookieManager.check.cookies=false -n -t ....
参考文献:
- HTTP Cookie Manager
- Configuring JMeter
- Apache JMeter Properties Customization Guide
这篇关于SSO和Cookies的JMeter问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
