How to test CAS with jmeter?

半腔热情 提交于 2020-01-11 04:55:09

问题


  • request:

    I send a "get" http request, has no parameters;
    path: http://192.168.22.139:8080/KSP

  • response:

    <input id="username" type="text" name="username" required/>
    <input id="password" type="password" name="password" required/>
    <input type="hidden" name="lt" value="LT-697-vbNmm6NKOZ0cd7Wg1ywzbMKLa0DnOc" />
    <input type="hidden" name="execution" value="e1s1" />
    <input type="hidden" name="_eventId" value="submit" />
    

And I add two XPath Extractor to get lt and execution:

  • reference name: lt;
    xPath query: //*[@id="login"]/input[3]
  • reference name: execution;
    xPath query: //*[@id="login"]/input[4]

Then I send another request with username/password/service/It/execution/_eventId:

Error: ticket and execution I get is empty, I get the xpath by chrome, so what is the problem?


回答1:


From the first response, can use Regular Expression Extractor to extract ticke and lt.

Then send the second request with parameter:

username/password/It/execution/_eventId/_eventId

By the way, you should add HTTP Cookie Manager,




回答2:


I didnot see parameters of your first request. At least I didnot see the lt.

The second request should be a GET request, and the parameters are: service and ticket(This is not jsessionid, the value is generated by CAS, and it is the same with the parameter lt in the first request to the CAS login ).




回答3:


There is a few things you need to change in the second request:

  • add execution parameter (extract it from the first request, eg. with XPath Extractor or Regular Expression Extractor),

    • the XPath expression would be something like .//*[@id='fm1']//*[@name='execution']/@value
  • add _eventId=submit parameter,

  • the lt parameter (the login ticket) should be extracted from the login form, too - it changes each time; see XPath Extractor or Regular Expression Extractor,

    • XPath expression: .//*[@id='fm1']//*[@name='lt']/@value,
  • not required, but will look nicer - change GET to POST.



回答4:


If you're testing CAS login itself I can suggest using JMeter HTTP Proxy server to record login process, catch all values which are being passed, detect those, which are dynamic and deal with them via Regular Expression Extractor, XPath, Beanshell, etc. Post Processors - what you're most comfortable with.

In case if your application is behind CAS I guess that CAS login simply adds a cookie and your application considers user authenticated basing on it. In this case you can simply store cookies somewhere in CSV file and use them via HTTP Cookie Manager to simulate authenticated users.



来源:https://stackoverflow.com/questions/20039199/how-to-test-cas-with-jmeter

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!