jmeter-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sebb <seb...@gmail.com>
Subject Re: HTTP cookie manager and cross domain cookies
Date Wed, 11 Mar 2009 12:53:17 GMT
On 11/03/2009, Asanov, Leo <Leo.Asanov@sensis.com.au> wrote:
>
>  Hi,
>
>  It appears that HTTP cookie manager allows cross domain cookies, which
>  is different to the behaviour of the browsers. I'm writing a test for an
>  application, which is using Identity Management platform with cross
>  domain single sign on. The chain of event is the following:
>
>
>
>  111.com - website domain
>
>  222.com - identity management domain (different to the first domain)
>
>
>
>  1.      Login page on 111.com - sends request to 222.com with the
>  entered user credentials. 222.com sets cookies with authentication
>  information for both 222.com, and 111.com and redirects back to 111.com

So there is a cookie for 111.com?

>  2.      Since it's a different domain, the cookie for 111.com isn't set,
>  so it has to do a couple of redirects to check if the user is authorised
>  to see the page and only then returns the page.
>
>
>
>  That's how it works in the browser. In JMeter I can clearly see that at
>  the step 2 cookies for domain 111.com are passed through and the
>  requested page is returned straight away. I tried different  "Cookie
>  policy" settings, didn't help.
>
>
>
>  I don't think that's how it supposed to work, can anyone comment on
>  that? I'm using JMeter 2.3.2, "HTTP Request" sampler with "Follow
>  redirects" and "Redirect automatically" turned off.
>

What cookies are sent at step 1?
What cookies are returned from step 1?
What cookies are sent in step 2?

You may change the names and values for privacy, but please don't
leave out any parts of the host name.

>
>  Cheers,
>
>  Leo
>
>
>
>  Sensis. Helping you find, buy and sell.
>
>  www.sensis.com.au - www.yellow.com.au - www.whitepages.com.au - www.citysearch.com.au
- www.whereis.com.au - www.tradingpost.com.au
>
>  Sensis cares for the environment - think before you print.
>
>  This email and any attachments are intended only for the use of the recipient and may
be confidential and/or legally privileged. Sensis Pty Ltd disclaims liability for any errors,
omissions, viruses, loss and/or damage arising from using, opening or transmitting this email.
If you are not the intended recipient you must not use, interfere with, disclose, copy or
retain this email and you should notify the sender immediately by return email or by contacting
Sensis Pty Ltd by telephone on [+61 3 8653 5000]

---------------------------------------------------------------------
To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jmeter-user-help@jakarta.apache.org


Mime
View raw message