How to check CAS using jmeter?

Question

How to check CAS using jmeter?

request:
I am sending a request to "get" http, it has no parameters.
way: http://192.168.22.139:8080/KSP

answer:

 <input id="username" type="text" name="username" required/> <input id="password" type="password" name="password" required/> <input type="hidden" name="lt" value="LT-697-vbNmm6NKOZ0cd7Wg1ywzbMKLa0DnOc" /> <input type="hidden" name="execution" value="e1s1" /> <input type="hidden" name="_eventId" value="submit" />

And I add two XPath Extractor to get lt and execution :

link name: lt ;
XPath request: //*[@id="login"]/input[3]
link name: execution ;
XPath request: //*[@id="login"]/input[4]

enter image description here

Then I send another request with username/password/service/It/execution/_eventId :

enter image description here

Error : ticket and execution. I get empty, I get xpath using chrome, so what's the problem?

+7

xpath jmeter cas single-sign-on

Olivia wang Nov 18 '13 at 2:40

source share

5 answers

I did not see the parameters of your request first . At least I have not seen lt .

The second request should be a GET request, and the parameters are: service and ticket (this is not jsessionid, the value is generated by CAS, and this is the same with the lt parameter in the first CAS entry request).

+3

Bugdaily Nov 18 '13 at 3:28

source share

There are a few things you need to change in the second query:

add execution parameter (extract it from the first query, for example XPath Extractor or Regular Expression Extractor ),
- an XPath expression will look like .//*[@id='fm1']//*[@name='execution']/@value
add parameter _eventId=submit ,
the lt parameter (admission ticket) must also be extracted from the entry form - it changes every time; see XPath Extractor or Regular Expression Extractor ,
- XPath expression: .//*[@id='fm1']//*[@name='lt']/@value ,
not required, but it will look better - change GET to POST.

+3

psiqta Nov 18 '13 at 8:06

source share

If you are testing the CAS login itself, I can suggest using the JMeter HTTP Proxy server to record the login process, catch all the transmitted values, detect those that are dynamic and process them with the expressions Expression Extractor, XPath, Beanshell, etc. . Post Processors - what you like best.

In case your application is located behind CAS, I assume that logging into CAS simply adds a cookie, and your application considers that user authentication is based on it. In this case, you can simply store cookies somewhere in the CSV file and use them through the HTTP Cookie Manager to simulate authenticated users.

+2

Dmitri T Nov 18 '13 at 14:19

source share

test testtesttesttesttesttesttesttesttesttesttesttesttesttesttest

0

Olivia wang May 15, '19 at 7:18

source share

Olivia wang · Accepted Answer · 2013-12-17T09:39:26+0000

In the first answer, you can use the Regular Expression Extractor to extract ticke and lt.

Then send the second request with the parameter:

username/password/It/execution/_eventId/_eventId

By the way, you should add an HTTP Cookie Manager ,

How to check CAS using jmeter?

More articles: