I have to load test a site ,which is protected by ht-password ,i used the following methods
http://username:password#site/path
Name: Authorization
Value: Basic [Base64-encoded username:password] string
http Authorization Manager -username and password given
But i failed to pass authentication using all these methods
Can anyone help ??
The correct way of bypassing Basic HTTP Authentication is using HTTP Authorization Manager configured like:
See How to Use HTTP Basic Authentication in JMeter article for more details and example configuration.
Note: above options will work for htpasswd-based authentication (or equivalent) only, if your server uses other mechanism - you will need different configuration.
Related
I'm using cypress-ntlm-auth plugin in my cypress automation project, providing me windows authentication (Ntlm, kerberos etc.)
In particular, I use the ntlmSso option for Negotiate with my app. If the server sends an authentication challenge, the ntlm-proxy will perform a NTLM or Negotiate login handshake with the credentials of the user running the test client.
The problem is that I need to use a pre-defined user (to be used in my pre-prod environment) to make api requests, instead of the logged on user on the computer.
How can I do that? thanks in advance
The cypress-ntlm-auth library allows you to specify this with cy.ntlm(), by passing in hosts, username, password, and domain.
cy.ntlm(["my.host.com"], "myUser", "myPass", "myDomain")
Check out the docs here. Take note of their strategy on storing passwords.
I've applied HTTP basic authentication in my mule application. When I am applying this for all resource and methods that time authentication is working but while doing this for specific resorce and method then HTTP basic authentication is not working or it's not asking for username and password.
I have applied auto-discovery currently.
I have 3 resource in the RAMP.
/employees, /employees/{id}, /departments
I am applying policy for /department.
How can i fix this issue?
Background:
I have an application server that has an endpoint of /api/token. What this API does is it performs authentication against the supplied username and password using the standard basic authentication protocol.
When the process is successful, it returns an access token and HTTP code of 200 (OK). When fails, HTTP code 401 (unauthorised) is returned.
Question: Is there any way I can make Grafana's login page to pass on the login credential to my application server for authentication?
No, unless you want to hack source code.
But you can use Grafana in auth proxy mode, where authentication will be made by some "auth" proxy. For example, auth will be made by reverse proxy (e.g. Apache+mod_authnz_external) which will be in front of Grafana. All auth logic will be there and Grafana will just receive the request with request header X-WEBAUTH-USER value when user authentication is successful.
Another option is to start OIDC Identity Provider (for example Keycloak), which will use your app auth endpoint for authentication. Grafana has native OIDC/OAuth support, so it will be just configured against your OIDC Identity Provider.
I have a request, which can be used on an endpoint with and without authentication too, but response is different in these cases. I send request to path like /MyService?wsdl. I tried to use HTTP Authorization Manager added it to HTTP Request element with whole url to this service, but it isn't working. I am sure, that username and password are correct. How is it possible to debug authentication process?
HTTP Authorisation Manager respects JMeter's Scoping Rules so make sure it is located either on the same level as HTTP Request sampler or add it as a child of this sampler (in the latter case it will be applied to this sampler only)
Configure it as follows:
Base URL: protocol followed by IP address or hostname of the application under test
Username: your username
Password: your password
Mechanism: BASIC_DIGEST
Assuming everything goes well you should see Authorization header added to your request
See How to Use HTTP Basic Authentication in JMeter article for more details.
Alternative solution is adding HTTP Header Manager and configuring it to send Authorisation header with the value of ${__base64Encode(username:password,)}
This approach assumes having __Base64Encode function installed, you can obtain it as a part of Custom JMeter Functions bundle using JMeter Plugins Manager
I suggest to use Fiddler which is a Web Debugging Proxy to send requests from JMeter through it. You can configure HTTP Request to use a proxy.
Make sure the Authorization: Basic ... header is sent within the request.
The HTTP Authorization Manager should be placed at the root of the thread group. You can then specify the full request path associated to each authorization.
I'm trying to use the authenticationendpoint application that comes with WSO2 as the new only login entry point of an old application. For testing purposes I just did a page that redirects to thi URL
https://localhost:9443/authenticationendpoint/login.do?relyingParty=My-Issuer&sp=Test-App&sessionDataKey=14792551&authenticators=BasicAuthenticator:LOCAL
The login page appears as expected, but once I set the user and password shows this message:
Authentication Error !
Attention:
Something went wrong during the authentication process. Please try signing in again.
Seeing the output in the console on debug mode, this is what is shown
... Many of the same error saying that Authentication Context is null
[2017-01-06 15:40:08,836] DEBUG {org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils} - Authentication Context is null
[2017-01-06 15:40:08,836] DEBUG {org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils} - Authentication Context is null
[2017-01-06 15:40:08,836] DEBUG {org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils} - Authentication Context is null
[2017-01-06 15:40:08,837] DEBUG {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - Session data key : 22451696
[2017-01-06 15:40:08,837] ERROR {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - Context does not exist. Probably due to invalidated cache
I thing I'm doing something wrong, maybe there are not enough parameters sent, or they are the wrong ones, the user and password are correct because I can login into the carbon itself with it, and it is also a valid user for the testing SP.
The SP config is described:
Basic Information
Service Provider Name: Test-App
Claim configuration
Use Local Claim Dialect
Subject Claim URI http://wso2.org/claims/username
Role/Permission Configuration
Permissions AdminTest
Role Mapping AdminTest->Admin
Inbound Authentication Configuration
SAML2 Web SSO Configuration
Issuer: My-Issuer
Assertion Consumer URLs: https : //localhost/Test/main.asp
Default Assertion Consumer URL: https : //localhost/Test/main.asp
NameID format: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
Certificate alias: wso2carbon
Response Signing Algorithm: ...#rsa-sha1
Response Digest Algorithm: ...#sha1
Checked values
Enable Response Signing
Enable Single Logout
Enable Attribute Profile
Include Attributes in the Response Always
Enable IdP Initiated SSO
Enable IdP Initiated SLO
Others are in blank OAuth, OpenID, etc (let me know if that is maybe the problem, so which should be filled out.
Local and Outbound Authentication Configuration
Authentication Type: I tried with Default and Local Authentication = basic and password-reset-enforcer
This is checked:
Assert identity using mapped local subject identifier
Use tenant domain in local subject identifier
Use user store domain in local subject identifier
Request Path Authentication Configuration
basic-auth
Inbound Provisioning Configuration
SCIM Configuration
PRIMARY
Dumb Mode is not enabled
The rest is left blank
I have spent many days tracking this problem but no answers or are for older versions.
I tested with JDK 7 and 8 (latest of them) I'm working with WSO2 IS 5.2.0. Someone can lead me to a solution to use this application as the only entry point for my SPs? The idea after is to send back a SAML2 response to a page in the SP side that read the information and control the authorization part.
Thanks in advance.
You have configured for a SAML SSO scenario. Therefore your SP have to call the SAML SSO endpoint of WSO2 Identity Server with a valid SAMLRequest. That is https://hostname:port/samlsso.
AuthenticationEndpoint is just an intermediary application. SAML SSO endpoint is the one that should redirect the user to AuthenticationEndpoint after first processing the SAMLRequest. You must not call it directly.
Refer this to learn how to run a sample SAML SSO application with WSO2 IS. While running that, you can monitor the HTTP Request/Response flow using a tool like SSOTracer for Firefox and understand how the communication works.
In similar to SAML SSO flow, if you are using any other authentication protocol, you first have to call the protocol specific endpoint. E.g. If you are using OAuth2 or OpenIDConnect, then you should call /oauth2 endpoint. Never /authenticationendpoint directly.