Return-Path: Delivered-To: apmail-jakarta-jmeter-user-archive@www.apache.org Received: (qmail 9085 invoked from network); 11 Mar 2009 06:39:10 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 11 Mar 2009 06:39:10 -0000 Received: (qmail 347 invoked by uid 500); 11 Mar 2009 06:39:04 -0000 Delivered-To: apmail-jakarta-jmeter-user-archive@jakarta.apache.org Received: (qmail 319 invoked by uid 500); 11 Mar 2009 06:39:04 -0000 Mailing-List: contact jmeter-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Help: List-Post: List-Id: "JMeter Users List" Reply-To: "JMeter Users List" Delivered-To: mailing list jmeter-user@jakarta.apache.org Received: (qmail 308 invoked by uid 99); 11 Mar 2009 06:39:04 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 10 Mar 2009 23:39:04 -0700 X-ASF-Spam-Status: No, hits=2.2 required=10.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: local policy) Received: from [203.7.207.71] (HELO mail12.sensis.com.au) (203.7.207.71) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 11 Mar 2009 06:38:53 +0000 Received: from c1-exg-cn2.corp.org.local (c1-exg-cn2.corp.org.local [161.117.217.132]) by mail12.sensis.com.au (Postfix) with ESMTP id 978CA418619 for ; Wed, 11 Mar 2009 17:38:29 +1100 (EST) Received: from c1-exg-cn1.corp.org.local ([161.117.217.131]) by c1-exg-cn2.corp.org.local with InterScan Message Security Suite; Wed, 11 Mar 2009 17:38:28 +1100 Received: from C1-EXG-VS1.corp.org.local ([161.117.217.134]) by c1-exg-cn1.corp.org.local with Microsoft SMTPSVC(6.0.3790.3959); Wed, 11 Mar 2009 17:38:28 +1100 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C9A213.FCBFFBEA" Subject: HTTP cookie manager and cross domain cookies Date: Wed, 11 Mar 2009 17:38:28 +1100 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: HTTP cookie manager and cross domain cookies Thread-Index: AcmiE/yaw1Eu+dIdRTu8Rj0ZZpn3qQ== From: "Asanov, Leo" To: X-OriginalArrivalTime: 11 Mar 2009 06:38:28.0427 (UTC) FILETIME=[FCB071B0:01C9A213] X-Virus-Checked: Checked by ClamAV on apache.org ------_=_NextPart_001_01C9A213.FCBFFBEA Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi,=20 It appears that HTTP cookie manager allows cross domain cookies, which is different to the behaviour of the browsers. I'm writing a test for an application, which is using Identity Management platform with cross domain single sign on. The chain of event is the following: =20 111.com - website domain 222.com - identity management domain (different to the first domain) =20 1. Login page on 111.com - sends request to 222.com with the entered user credentials. 222.com sets cookies with authentication information for both 222.com, and 111.com and redirects back to 111.com 2. Since it's a different domain, the cookie for 111.com isn't set, so it has to do a couple of redirects to check if the user is authorised to see the page and only then returns the page. =20 That's how it works in the browser. In JMeter I can clearly see that at the step 2 cookies for domain 111.com are passed through and the requested page is returned straight away. I tried different "Cookie policy" settings, didn't help. =20 I don't think that's how it supposed to work, can anyone comment on that? I'm using JMeter 2.3.2, "HTTP Request" sampler with "Follow redirects" and "Redirect automatically" turned off.=20 =20 Cheers, Leo Sensis. Helping you find, buy and sell. www.sensis.com.au - www.yellow.com.au - www.whitepages.com.au -= www.citysearch.com.au - www.whereis.com.au - www.tradingpost.com.au=20 Sensis cares for the environment - think before you print. This email and any attachments are intended only for the use of the= recipient and may be confidential and/or legally privileged. Sensis Pty= Ltd disclaims liability for any errors, omissions, viruses, loss and/or= damage arising from using, opening or transmitting this email. If you are= not the intended recipient you must not use, interfere with, disclose,= copy or retain this email and you should notify the sender immediately by= return email or by contacting Sensis Pty Ltd by telephone on [+61 3 8653= 5000] ------_=_NextPart_001_01C9A213.FCBFFBEA--