jmeter-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "HUSSEY, SCOTT T" <sh8...@att.com>
Subject RE: HttpClient4 Selecting Authentication Method
Date Tue, 13 Nov 2012 20:32:28 GMT
As a followup, I did sort out the logging configuration and it does look like HTTP Client is
choosing Kerberos over NTLM even though Jmeter doesn't support it. Is this intended?

2012/11/13 12:17:56 DEBUG - org.apache.http.impl.client.DefaultTargetAuthenticationHandler:
Authentication schemes in the order of preference: [negotiate, NTLM, Digest, Basic] 
2012/11/13 12:17:56 DEBUG - org.apache.http.impl.client.DefaultTargetAuthenticationHandler:
negotiate authentication scheme selected 
2012/11/13 12:17:56 DEBUG - org.apache.http.impl.auth.NegotiateScheme: Received challenge
'' from the auth server 
2012/11/13 12:17:56 DEBUG - org.apache.http.client.protocol.RequestAddCookies: CookieSpec
selected: ignoreCookies 
2012/11/13 12:17:56 DEBUG - org.apache.http.client.protocol.RequestAuthCache: Auth cache not
set in the context 
2012/11/13 12:17:56 DEBUG - org.apache.http.impl.auth.NegotiateScheme: init <hostname>
2012/11/13 12:17:56 ERROR - org.apache.http.client.protocol.RequestTargetAuthentication: Authentication
error: Invalid name provided (Mechanism level: Cannot locate default realm)

-----Original Message-----
From: HUSSEY, SCOTT T 
Sent: Tuesday, November 13, 2012 10:41 AM
To: 'user@jmeter.apache.org'
Subject: HttpClient4 Selecting Authentication Method

All,
  I'm trying to test a SharePoint 2010 site (Jmeter 2.7, JRE 1.6, Windows Server 2008). This
site is configured to use Kerberos authentication, but fall back to NTLM if needed. 

2012/11/13 08:19:10 DEBUG - httpclient.wire.header: << "WWW-Authenticate: Negotiate[\r][\n]"

2012/11/13 08:19:10 DEBUG - httpclient.wire.header: << "WWW-Authenticate: NTLM[\r][\n]"


When I use HTTPClient 3.1 and enable trace, I see it selects NTLM but fails authentication
because the site is using NTLM v2. When I switch to HTTPClient4 I only get the below error.
I cannot figure out a way to enable more verbose output and do not know if this error is from
HTTPClient4 attempting to use Kerberos (which it supports but Jmeter doesn't) or if it is
from an NTLM issue. I'm leaning to the first issue of HTTPClient attempting to use Kerberos
because a similar site setup as only NTLM works fine w/ HTTPClient4. I do have an HTTP Authorization
Manager in scope with the domain and user account entered.

2012/11/13 08:06:02 ERROR - org.apache.http.client.protocol.RequestTargetAuthentication: Authentication
error: Invalid name provided (Mechanism level: Cannot locate default realm)

As a test, is there a way I can rewrite the server headers to remove " WWW-Authenticate: Negotiate"
before HTTPClient responds?

Thank you for your time.

Scott

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
For additional commands, e-mail: user-help@jmeter.apache.org


Mime
View raw message