Jmeter负载测试SAML请求
我正在尝试使用 JMeter 对使用 SAML 进行 SSO 的 Web 应用程序进行负载测试。我们的服务器向另一台服务器发送 SAML 请求。在 JMeter 中,如何动态创建这些请求并为许多用户对其进行参数化?
提前致谢。如果您知道解决方案,请尽快告诉我。
在查看结果树中,我看到以下请求:
/app/login
under this there are three requests
https://xyz.org/app/start/login
https://abc.com/saml/SamlSsoService?SAMLRequest=eJxlj8FuwjAQRM%2F5i8j3xAlItLIIiLaqikQrBKGH3hxnSQzJ2vU6UT%2B%2FFrQSao87uzP7Zr786rt4%0D%0ABEfaYMHyNGMxoDK1xqZgh%2FI5uWfLxZxk31mxGnyLO%2FgcgHwcBSOSuGwKNjgURpImgbIHEl6J%2Fep1%0D%0AIyZpJqwz3ijTsWj9VDAwra2atmrPnamk7JU5nQzKxlZHiVA3qM7HDk6KxdH7L1ZICWaiAdZIXqIP%0D%0AUpZnST5JsmmZz8RkJrK7DxZtf149aLw2%2BMOV3nJV1yMSL2W5TXZQawfKX0JGXYN7C46CoVVpSOyg%0D%0AgcpIV4ehZ9GKCJwPcI8GaejB7cGNWsFhtylY670lwXkN4%2FSf3biGkx9qQM%2BltTy00Ua1QZPOcyLD%0D%0AA4hnfPENC8GO7w%3D%3D%0D%0A&RelayState=abc%3Astart&appId=250
https://def.com/account/login.jsp?destinationpage=start&applicationId=2
第二个 URL 是重定向 URL。我想捕获系统发送的内容并告诉 JMeter 发送它。
SAMLRequest=eJxlj8FuwjAQRM%2F5i8j3xAlItLIIiLaqikQrBKGH3hxnSQzJ2vU6UT%2B%2FFrQSao87uzP7Zr786rt4%0D%0ABEfaYMHyNGMxoDK1xqZgh%2FI5uWfLxZxk31mxGnyLO%2FgcgHwcBSOSuGwKNjgURpImgbIHEl6J%2Fep1%0D%0AIyZpJqwz3ijTsWj9VDAwra2atmrPnamk7JU5nQzKxlZHiVA3qM7HDk6KxdH7L1ZICWaiAdZIXqIP%0D%0AUpZnST5JsmmZz8RkJrK7DxZtf149aLw2%2BMOV3nJV1yMSL2W5TXZQawfKX0JGXYN7C46CoVVpSOyg%0D%0AgcpIV4ehZ9GKCJwPcI8GaejB7cGNWsFhtylY670lwXkN4%2FSf3biGkx9qQM%2BltTy00Ua1QZPOcyLD%0D%0AA4hnfPENC8GO7w%3D%3D%0D%0A&RelayState=abc%3Astart&appId=250
您能告诉我用于捕获该值的正则表达式吗?另外,如果存在三个不同的 URL,jmeter 如何知道要捕获哪一个?
感谢您的帮助
I am trying to load test a web application that uses SAML for SSO, using JMeter. Our server sends a SAML request to another server. In JMeter, how do I create these requests on the fly and parameterize this for many users?
Thanks in advance. If you know the solution, please let me know as soon as possible.
In view results tree, I see the following request:
/app/login
under this there are three requests
https://xyz.org/app/start/login
https://abc.com/saml/SamlSsoService?SAMLRequest=eJxlj8FuwjAQRM%2F5i8j3xAlItLIIiLaqikQrBKGH3hxnSQzJ2vU6UT%2B%2FFrQSao87uzP7Zr786rt4%0D%0ABEfaYMHyNGMxoDK1xqZgh%2FI5uWfLxZxk31mxGnyLO%2FgcgHwcBSOSuGwKNjgURpImgbIHEl6J%2Fep1%0D%0AIyZpJqwz3ijTsWj9VDAwra2atmrPnamk7JU5nQzKxlZHiVA3qM7HDk6KxdH7L1ZICWaiAdZIXqIP%0D%0AUpZnST5JsmmZz8RkJrK7DxZtf149aLw2%2BMOV3nJV1yMSL2W5TXZQawfKX0JGXYN7C46CoVVpSOyg%0D%0AgcpIV4ehZ9GKCJwPcI8GaejB7cGNWsFhtylY670lwXkN4%2FSf3biGkx9qQM%2BltTy00Ua1QZPOcyLD%0D%0AA4hnfPENC8GO7w%3D%3D%0D%0A&RelayState=abc%3Astart&appId=250
https://def.com/account/login.jsp?destinationpage=start&applicationId=2
The second URL is the redirect URL. I want to capture what the system sends and tell JMeter to send it.
SAMLRequest=eJxlj8FuwjAQRM%2F5i8j3xAlItLIIiLaqikQrBKGH3hxnSQzJ2vU6UT%2B%2FFrQSao87uzP7Zr786rt4%0D%0ABEfaYMHyNGMxoDK1xqZgh%2FI5uWfLxZxk31mxGnyLO%2FgcgHwcBSOSuGwKNjgURpImgbIHEl6J%2Fep1%0D%0AIyZpJqwz3ijTsWj9VDAwra2atmrPnamk7JU5nQzKxlZHiVA3qM7HDk6KxdH7L1ZICWaiAdZIXqIP%0D%0AUpZnST5JsmmZz8RkJrK7DxZtf149aLw2%2BMOV3nJV1yMSL2W5TXZQawfKX0JGXYN7C46CoVVpSOyg%0D%0AgcpIV4ehZ9GKCJwPcI8GaejB7cGNWsFhtylY670lwXkN4%2FSf3biGkx9qQM%2BltTy00Ua1QZPOcyLD%0D%0AA4hnfPENC8GO7w%3D%3D%0D%0A&RelayState=abc%3Astart&appId=250
Can you tell me the regular expression to use inorder to capture this value? Also, if there are three different URLs, how does jmeter know which one to capture?
Thanks for your help
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
更新
看起来 /start/login 可能正在生成传递给 /saml/SamlSsoService 的令牌。
我会尝试下面的结构。请注意,每个页面都需要有一个 HTTP 请求。您可能需要手动添加这些。
CSV 数据集配置指向带有每个用户/密码的 CSV 文件。这允许多个用户。
SAML 令牌请求将用户名/密码作为变量,其值由 CSV 文件确定。
正则表达式提取有效的 SAML 令牌并将其存储到变量中。正则表达式应应用于 URL,如下所示:
SamlSsoService 和 login.jsp 请求将“SAML TOKEN”作为变量,允许其将唯一的 SAML 令牌传递到服务器。
资源:
UPDATED
It looks like /start/login might be generating the token that gets passed to /saml/SamlSsoService.
I would try the structure below. Note, you need to have an HTTP request for each page. You may need to add these manually.
The CSV Data Set config points to CSV file with each user/password. This allows for multiple users.
The SAML Token Request has the username/password as variables whose values are determined by the CSV file.
The Regular Expression extracts the valid SAML token and stores it to a variable. The regex should be applied to the URL and would be something like this:
The SamlSsoService and login.jsp Requests have "SAML TOKEN" as a variable, allowing it to pass a unique SAML token to the server.
Resources: