jmeter-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mason Jones <ma...@dhapdigital.com>
Subject RE: siteminder
Date Tue, 21 May 2002 16:41:40 GMT

From: "Sosnowski, Andrew P [IT]" <andrew.p.sosnowski@citigroup.com>
>Siteminder is a product of Netegrity.

We are actually working with using JMeter on a site using Siteminder for 
authentication, and it has been tricky. We're still tackling one problem, 
which may be a Siteminder 4.5.1 bug, but we'll see.

>When you say deal with the cookie manager what do you mean?
>Do I have to enter these cookies into the Cookie Manager manually?
>I do see cookies being set.

Siteminder will set two cookies, I think. First, when a user enters 
id/password credentials, the form is posted to "login.fcc" for Siteminder 
to check the credentials. If they're accepted, then the cookie FORMCRED 
will be set. Then usually the user will be redirected to another page, 
typically a protected resource. Siteminder will be asked to authenticate, 
and if it finds the FORMCRED cookie it will parse it and create a 
SESSIONCOOKIE. That seems to be used from then on.

>I have recorded a session and it does record the headers but it still does
>not successfully log-in.
>When you record will it record the cookies too? I cannot set them because
>the value in set by Siteminder software

If you're using Siteminder 4.5.1 (service pack 2), you may be encountering 
the same problem we are. JMeter appears to behave most like Netscape 4.7, 
and we've actually found that using Netscape 4.7 on our Siteminder 
installation, we can't log in successfully even manually! Test that to make 
sure that your problem is really JMeter-related. Login will work with IE, 
Mozilla, etc but not with Netscape 4.7. We're working on this problem with 
Netegrity support right now...

>-----Original Message-----
>From: Martin Ramshaw [mailto:mramshaw@alumni.concordia.ca]
>Sent: Friday, May 10, 2002 12:49 PM
>To: jmeter-user@jakarta.apache.org
>Subject: Re: siteminder
>
>
> >We're trying to get use jmeter on a site protected by siteminder as
> >well although it is over http not https.
> >
> >Has anyone done this?
>
>I have changed the thread, as this really doesn't relate to the previous
>subject. I have never heard of siteminder; perhaps someone else has.
>
> >I am a new user of jmeter and so far have not been able to get through
> >siteminder. I don;t quite understand how siteminder works but I think
> >it sets a cookie; I have a Cookie Manager defined within my test script
> >but I haven't done anything to it except add it to the script.
>
>Something to do before you go too far, is to change your browers settings
>to 'warn me before accepting cookies' (or whatever the appropriate setting
>is for your browser) and then walk through a session. Make a note of all
>the cookie values. Then you will be better prepared to deal with the cookie
>manager.
>
> >Hopefully the cookies are unique per thread/session?
>
>I think this depends on the browser. I believe IE shares all cookies,
>so that all open IE applications share sessions. I believe Netscape
>honours session cookies.
>
>But you should check into these things for yourself.
>
>         Regards
>
>
>--
>To unsubscribe, e-mail:
><mailto:jmeter-user-unsubscribe@jakarta.apache.org>
>For additional commands, e-mail:
><mailto:jmeter-user-help@jakarta.apache.org>
>
>--
>To unsubscribe, e-mail:   <mailto:jmeter-user-unsubscribe@jakarta.apache.org>
>For additional commands, e-mail: <mailto:jmeter-user-help@jakarta.apache.org>



--
To unsubscribe, e-mail:   <mailto:jmeter-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:jmeter-user-help@jakarta.apache.org>


Mime
View raw message