Reputation: 11445
Jmeter load test SAML Request
I am trying to load test a web application that uses SAML for SSO, using JMeter. Our server sends a SAML request to another server. In JMeter, how do I create these requests on the fly and parameterize this for many users?
Thanks in advance. If you know the solution, please let me know as soon as possible.
In view results tree, I see the following request:
/app/login
under this there are three requests
https://xyz.org/app/start/login
https://abc.com/saml/SamlSsoService?SAMLRequest=eJxlj8FuwjAQRM%2F5i8j3xAlItLIIiLaqikQrBKGH3hxnSQzJ2vU6UT%2B%2FFrQSao87uzP7Zr786rt4%0D%0ABEfaYMHyNGMxoDK1xqZgh%2FI5uWfLxZxk31mxGnyLO%2FgcgHwcBSOSuGwKNjgURpImgbIHEl6J%2Fep1%0D%0AIyZpJqwz3ijTsWj9VDAwra2atmrPnamk7JU5nQzKxlZHiVA3qM7HDk6KxdH7L1ZICWaiAdZIXqIP%0D%0AUpZnST5JsmmZz8RkJrK7DxZtf149aLw2%2BMOV3nJV1yMSL2W5TXZQawfKX0JGXYN7C46CoVVpSOyg%0D%0AgcpIV4ehZ9GKCJwPcI8GaejB7cGNWsFhtylY670lwXkN4%2FSf3biGkx9qQM%2BltTy00Ua1QZPOcyLD%0D%0AA4hnfPENC8GO7w%3D%3D%0D%0A&RelayState=abc%3Astart&appId=250
https://def.com/account/login.jsp?destinationpage=start&applicationId=2
The second URL is the redirect URL. I want to capture what the system sends and tell JMeter to send it.
SAMLRequest=eJxlj8FuwjAQRM%2F5i8j3xAlItLIIiLaqikQrBKGH3hxnSQzJ2vU6UT%2B%2FFrQSao87uzP7Zr786rt4%0D%0ABEfaYMHyNGMxoDK1xqZgh%2FI5uWfLxZxk31mxGnyLO%2FgcgHwcBSOSuGwKNjgURpImgbIHEl6J%2Fep1%0D%0AIyZpJqwz3ijTsWj9VDAwra2atmrPnamk7JU5nQzKxlZHiVA3qM7HDk6KxdH7L1ZICWaiAdZIXqIP%0D%0AUpZnST5JsmmZz8RkJrK7DxZtf149aLw2%2BMOV3nJV1yMSL2W5TXZQawfKX0JGXYN7C46CoVVpSOyg%0D%0AgcpIV4ehZ9GKCJwPcI8GaejB7cGNWsFhtylY670lwXkN4%2FSf3biGkx9qQM%2BltTy00Ua1QZPOcyLD%0D%0AA4hnfPENC8GO7w%3D%3D%0D%0A&RelayState=abc%3Astart&appId=250
Can you tell me the regular expression to use inorder to capture this value? Also, if there are three different URLs, how does jmeter know which one to capture?
Thanks for your help
Upvotes: 3
Views: 7443
Answers (1)
Reputation: 7707
UPDATED
It looks like /start/login might be generating the token that gets passed to /saml/SamlSsoService.
I would try the structure below. Note, you need to have an HTTP request for each page. You may need to add these manually.
ThreadGroup
- CSV Data Set Config
- POST /app/start/login
- - Post Processor: Regular Expression
- POST /saml/SamlSsoService?{samlToken}
- POST /account/login.jsp
The CSV Data Set config points to CSV file with each user/password. This allows for multiple users.
The SAML Token Request has the username/password as variables whose values are determined by the CSV file.
The Regular Expression extracts the valid SAML token and stores it to a variable. The regex should be applied to the URL and would be something like this:
SAMLRequest=(.+?)
The SamlSsoService and login.jsp Requests have "SAML TOKEN" as a variable, allowing it to pass a unique SAML token to the server.
Resources:
- http://wiki.apache.org/jakarta-jmeter/JMeterFAQ
- http://jmeter.apache.org/usermanual/component_reference.html#CSV_Data_Set_Config
- http://jmeter.apache.org/usermanual/component_reference.html#SOAP/XML-RPC_Request
- http://jmeter.apache.org/usermanual/component_reference.html#Regular_Expression_Extractor
- NEW! http://www.regular-expressions.info/reference.html
Upvotes: 5
Related Questions
- Load Test - Jmeter PreProcessor
- Using JMeter testing tool
- Load testing on jmeter to compare request and response
- How to hit parameterized url in Apache Jmeter?
- Java Webservices Load testing using JMeter
- how to run Jmeter load test where a Http request is executed n number of time and each time with different parameter
- How to setup a load-test with JMeter for performing SP initiated SSO's with SAML
- Jmeter Request Execution
- Load Testing with JMeter
- How to generate load testing reports using jmeter?