JMeter NTLM / Windows身份验证负载测试

Question

What is to be done?

We have an application deployed on the Sharepoint (corporate) Server which uses the windows credentials to log into the application.

• App URL format: http://testmachine:1000/sites/test/

• Windows Credentials Format: user_id@domain.co.in

The objective is to perform the load/performance testing on the application (especially the log in functionality) for such n number of users.

Normally when I hit the app URL in the Firefox/IE, it pops up a window asking for credentials. I enter the credentials, browse the app and then log out. I intend to capture this in JMeter and simulate this for large number of users.

Where I'm stuck?

Now I start the JMeter proxy server, and then try the same steps as above. But when the pop up window appears, JMeter simply doesn't record the it nor it does record anything else after the login.

What I've tried?

If I try the same steps after enabling “Automatically detect intranet network” in IE, then it simply auto detects my windows credentials (No credentials pop-up), logs me into the app (this is not recorded in JMeter either) and takes me to the home page. And any page thereafter I hit gets recorded in JMeter.

I've also tried to use the HTTP Authorization Manager using following parameters:

• BaseURL : http://testmachine:1000/sites/test/
• Username: DOMAIN\\USER_ID
• Password: i_wont_tell_you
• Domain: \\
• Realm:

It didn't help. I am quite confused about how-to-use the above element. And not even sure whether its a right approach to get the solution to my problem.

Any help/suggestions?

PS I know about a tool called Badboy, but have to go for it as a last resource. Also not even sure if it records the pop windows. And sorry if the post is verbose.

---

UPDATE:

I have also tried -

Username: USER_ID and Domain: my_company_domain

But this is not the actual problem. Problem is, when I try to hit the pages (automation) which I've recorded previously return success response even if I haven't used the HTTP Authorization Manager. I'm not sure what I'm missing.

Answer 1

OK. Finally I got what was missing.

First, I had to change the implementation of every request to HttpClient3.1

Second, it was really frustrating to see that JMeter documentation was misleading.

It says that the config file httpclient.parameters , should be edited as following:

http.authentication.preemptive$Boolean=false

But it didn't work. Changing it to true worked like a charm.

Hope this helps other people.

Answer 2

JMeter works at the HTTP layer so the proxy will only capture requests made over this protocol layer. It sounds to me like you have already found the right approach to use for recording by using '“Automatically detect intranet network” in IE', you can use this method to capture most requests and you will have to figure out authentication manually. How you do this depends on how your application communicates with your server to authenticate a user.