JMeter :: Sign SAML Req
695 views
Skip to first unread message
Francisco Almeida
Mar 1, 2016, 8:59:00 PM3/1/16
to SimpleSAMLphp
Hi,
I am trying to create a JMETER test to do a SSO login. However my SAML requests need to be signed.
I am getting this error:
"Caused by: SimpleSAML_Error_Exception: Neither the assertion nor the response was signed."
Does anyone had this problem with JMETER? and if so how could we get a solution for this problem?
Regards,
Francisco
Jaime Perez Crespo
Mar 2, 2016, 3:09:27 AM3/2/16
to simple...@googlegroups.com
Hola Francisco,
I don’t think that has anything to do with jmeter. It looks like a misconfiguration between your IdP and your SP. Have you verified both?
--
Jaime Pérez
UNINETT / Feide
mail: jaime...@uninett.no
xmpp: ja...@jabber.uninett.no
"Two roads diverged in a wood, and I, I took the one less traveled by, and that has made all the difference."
- Robert Frost
I don’t think that has anything to do with jmeter. It looks like a misconfiguration between your IdP and your SP. Have you verified both?
Jaime Pérez
UNINETT / Feide
mail: jaime...@uninett.no
xmpp: ja...@jabber.uninett.no
"Two roads diverged in a wood, and I, I took the one less traveled by, and that has made all the difference."
- Robert Frost
Francisco Almeida
Mar 2, 2016, 6:53:02 PM3/2/16
to SimpleSAMLphp
Hi Jaime,
If I use the Browser (IE, Firefox, ...) everything works fine (my IdP is an ADFS Server). When I am trying to replicate the steps to JMETER is where the problem happens.
One thing that I've doubts is related with the request to "adfs/ls" (HTTP POST) where I've seen the XML request
-----------------
<trust:RequestSecurityTokenResponseCollection xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
(...)
</trust:RequestSecurityTokenResponse>
-----------------with white spaces or with "+" (in this case replacing the white spaces). Could this have anything to do with the error?
Do you recommend anything to automate tests with SSO workflow?
Regards,
Francisco
Jaime Perez Crespo
Mar 3, 2016, 3:56:36 AM3/3/16
to simple...@googlegroups.com
¡Hola!
> On 03 Mar 2016, at 00:53 AM, Francisco Almeida <fral...@gmail.com> wrote:
> Hi Jaime,
>
> If I use the Browser (IE, Firefox, ...) everything works fine (my IdP is an ADFS Server). When I am trying to replicate the steps to JMETER is where the problem happens.
>
> One thing that I've doubts is related with the request to "adfs/ls" (HTTP POST) where I've seen the XML request
> -----------------
> <trust:RequestSecurityTokenResponseCollection xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
> (...)
> </trust:RequestSecurityTokenResponse>
> ————————
That’s not SAML at all, so I can’t help you much with that :-(
> with white spaces or with "+" (in this case replacing the white spaces). Could this have anything to do with the error?
That’s due to base64 encoding, and it depends on the particular encoding used. In general, it shouldn’t be a problem, but it might be that the recipient of the base64-encoded string is expecting a different encoding.
> Do you recommend anything to automate tests with SSO workflow?
I’ve used jmeter myself many years ago, and it worked fine. However, it’s difficult to use, and you need to add a lot of logic. Or at least you needed, because jmeter would not follow redirections or keep cookies back in the day. I don’t know how it is coping with all that nowadays.
Another option that might be more interesting for you is selenium, which you can use to automate testing with real, headless web browsers. But of course that’s more intended to test behaviour rather than performance, so it depends on what you want exactly.
> On 03 Mar 2016, at 00:53 AM, Francisco Almeida <fral...@gmail.com> wrote:
> Hi Jaime,
>
> If I use the Browser (IE, Firefox, ...) everything works fine (my IdP is an ADFS Server). When I am trying to replicate the steps to JMETER is where the problem happens.
>
> One thing that I've doubts is related with the request to "adfs/ls" (HTTP POST) where I've seen the XML request
> -----------------
> <trust:RequestSecurityTokenResponseCollection xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
> (...)
> </trust:RequestSecurityTokenResponse>
That’s not SAML at all, so I can’t help you much with that :-(
> with white spaces or with "+" (in this case replacing the white spaces). Could this have anything to do with the error?
> Do you recommend anything to automate tests with SSO workflow?
Another option that might be more interesting for you is selenium, which you can use to automate testing with real, headless web browsers. But of course that’s more intended to test behaviour rather than performance, so it depends on what you want exactly.
Francisco Almeida
Mar 9, 2016, 6:44:45 PM3/9/16
to SimpleSAMLphp
Hi,
The issue is related with encoding the parameters in the HTTP Post. I was able to do the full authentication process throw ADFS in JMETER.
Thanks for your help.
Regards,
Reply all
Reply to author
Forward
0 new messages