安全 Web 服务 (NTLM) - Jmeter
我正在尝试使用 Jmeter 测试 Web 服务。 Web 服务受 NTLM 身份验证(Windows)保护。我可以使用 WebService(SOAP) Request 采样器加载 WSDL。 目前,仅当我将代理服务器与此 SO 答案中提到的 BurpSuit 一起使用时,它才有效(我使用的是 Jmeter 和 BurpSuite,而不是 SOUP UI)。
但我不想使用代理服务器,而是想直接在 Jmeter 中使用带有 NTLM 身份验证的 Web 服务。我已经尝试过带有 ntlm 身份验证的 HTTP 身份验证管理器。但它仍然在响应中给出 401 Authorization Need
感谢您的帮助。
采样器结果。
Thread Name: WebSVC 1-1
Sample Start: 2010-06-28 13:54:08 IST
Load time: 752
Latency: 0
Size in bytes: 401
Sample Count: 1
Error Count: 0
Response code: 200
Response message: OK
Response headers:
Date=Mon, 28 Jun 2010 08:24:08 GMT
Server=Apache/2.2.9 (Unix) DAV/2 mod_jk/1.2.26
Connection=close
WWW-Authenticate=NTLM
SampleResult fields:
ContentType: text/html; charset=iso-8859-1
DataEncoding: iso-8859-1
和回应
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Authorization Required</title>
</head><body>
<h1>Authorization Required</h1>
<p>This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
</body></html>
I am trying to test a web service with Jmeter. The web service is protected with NTLM authentication(windows).I can able to load WSDL using WebService(SOAP) Request sampler.
Currently it works only when I use proxy server with BurpSuit mentioned in this SO answer(Instead of SOUP UI, I'm using Jmeter with BurpSuite).
But Instead of using a proxy server,I would like to use a web service directly in Jmeter with NTLM authentication.I've already tried HTTP Authentication Manager with ntlm authentication. But still it gives 401 Authorization Required in a response
Thanks for the help.
Sampler result.
Thread Name: WebSVC 1-1
Sample Start: 2010-06-28 13:54:08 IST
Load time: 752
Latency: 0
Size in bytes: 401
Sample Count: 1
Error Count: 0
Response code: 200
Response message: OK
Response headers:
Date=Mon, 28 Jun 2010 08:24:08 GMT
Server=Apache/2.2.9 (Unix) DAV/2 mod_jk/1.2.26
Connection=close
WWW-Authenticate=NTLM
SampleResult fields:
ContentType: text/html; charset=iso-8859-1
DataEncoding: iso-8859-1
and Response
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Authorization Required</title>
</head><body>
<h1>Authorization Required</h1>
<p>This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
</body></html>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
我设法使用启用了
Use keepAlive选项的 SOAP/XML-RPC Request Sampler 使其工作(当然是在HTTP 身份验证管理器的帮助下。I managed to get it worked using
SOAP/XML-RPC Request SamplerwithUse keepAliveoption enabled( Ofcourse with the help ofHTTP Authentication Manager.您可以将安全参数添加到标头中。
You can add your security parameters to the header.
在 HTTP 授权管理器中,您是否为“基本 URL”字段提供值?
如果是,其格式是否为:https://${soap_domain}(注意安全 http)。
我的授权失败问题困扰了我一段时间,但发现一个快速解决方法是将基本 url 字段留空并仅提供用户名和密码。
In the HTTP Authorization manager, are you supplying a value for the "Base URL" field?
If so, is it in the form: https://${soap_domain} (note the secure http).
I had the authorization fail issue plague me for a while, but found a quick work-around was to leave the base url field empty and supply only the username and password.