Return-Path: Delivered-To: apmail-jakarta-jmeter-user-archive@www.apache.org Received: (qmail 7401 invoked from network); 11 Mar 2009 12:53:50 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 11 Mar 2009 12:53:50 -0000 Received: (qmail 514 invoked by uid 500); 11 Mar 2009 12:53:48 -0000 Delivered-To: apmail-jakarta-jmeter-user-archive@jakarta.apache.org Received: (qmail 491 invoked by uid 500); 11 Mar 2009 12:53:48 -0000 Mailing-List: contact jmeter-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Help: List-Post: List-Id: "JMeter Users List" Reply-To: "JMeter Users List" Delivered-To: mailing list jmeter-user@jakarta.apache.org Received: (qmail 480 invoked by uid 99); 11 Mar 2009 12:53:48 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 11 Mar 2009 05:53:48 -0700 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of sebbaz@gmail.com designates 209.85.219.177 as permitted sender) Received: from [209.85.219.177] (HELO mail-ew0-f177.google.com) (209.85.219.177) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 11 Mar 2009 12:53:39 +0000 Received: by ewy25 with SMTP id 25so1646647ewy.37 for ; Wed, 11 Mar 2009 05:53:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=sDuobeUgchnA+ItzZWUiTAWulRkFubp2MwmXYJMeEqg=; b=pncAuCNpaNRqWZjdsz/b88YEw2GqrScAg0PG6dtftijazUTA+ZZlzwDNTjoZ4H7xoa 5csmaKyihTltfCmPuaV7yIGweUktxlVi2/UrJf7ZiRcg7xB6pD2BV/SW0cbn4RIAu+c6 sxMmFf/Y43j3xLxdxYrLJx4aR1fpELm+bB1uk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=bS5IkqK8XGJxCmyk9Tq5tAvSEOyWk/Btksc4NUbFpMkAadYXgMTUMnfm3fGZh6VGi5 8UjhQgI8ZiMSh5L9DDtrVBupKtYIt4blAC+pMeQ75/shYnwP7QS8I67VG6Pk3uQX8vUv +35uy0AFTMCr4RsCq0Q8u2R43MX4RZp4ZCVZ8= MIME-Version: 1.0 Received: by 10.210.125.13 with SMTP id x13mr5510401ebc.33.1236775997557; Wed, 11 Mar 2009 05:53:17 -0700 (PDT) In-Reply-To: References: Date: Wed, 11 Mar 2009 12:53:17 +0000 Message-ID: <25aac9fc0903110553k58f7b95ev45f3d77ce79bc7dd@mail.gmail.com> Subject: Re: HTTP cookie manager and cross domain cookies From: sebb To: JMeter Users List Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Virus-Checked: Checked by ClamAV on apache.org On 11/03/2009, Asanov, Leo wrote: > > Hi, > > It appears that HTTP cookie manager allows cross domain cookies, which > is different to the behaviour of the browsers. I'm writing a test for an > application, which is using Identity Management platform with cross > domain single sign on. The chain of event is the following: > > > > 111.com - website domain > > 222.com - identity management domain (different to the first domain) > > > > 1. Login page on 111.com - sends request to 222.com with the > entered user credentials. 222.com sets cookies with authentication > information for both 222.com, and 111.com and redirects back to 111.com So there is a cookie for 111.com? > 2. Since it's a different domain, the cookie for 111.com isn't set, > so it has to do a couple of redirects to check if the user is authorised > to see the page and only then returns the page. > > > > That's how it works in the browser. In JMeter I can clearly see that at > the step 2 cookies for domain 111.com are passed through and the > requested page is returned straight away. I tried different "Cookie > policy" settings, didn't help. > > > > I don't think that's how it supposed to work, can anyone comment on > that? I'm using JMeter 2.3.2, "HTTP Request" sampler with "Follow > redirects" and "Redirect automatically" turned off. > What cookies are sent at step 1? What cookies are returned from step 1? What cookies are sent in step 2? You may change the names and values for privacy, but please don't leave out any parts of the host name. > > Cheers, > > Leo > > > > Sensis. Helping you find, buy and sell. > > www.sensis.com.au - www.yellow.com.au - www.whitepages.com.au - www.city= search.com.au - www.whereis.com.au - www.tradingpost.com.au > > Sensis cares for the environment - think before you print. > > This email and any attachments are intended only for the use of the reci= pient and may be confidential and/or legally privileged. Sensis Pty Ltd dis= claims liability for any errors, omissions, viruses, loss and/or damage ari= sing from using, opening or transmitting this email. If you are not the int= ended recipient you must not use, interfere with, disclose, copy or retain = this email and you should notify the sender immediately by return email or = by contacting Sensis Pty Ltd by telephone on [+61 3 8653 5000] --------------------------------------------------------------------- To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org For additional commands, e-mail: jmeter-user-help@jakarta.apache.org