Author: sebb Date: Wed Aug 5 23:58:28 2009 New Revision: 801473 URL: http://svn.apache.org/viewvc?rev=801473&view=rev Log: Bug 47622 - enable recording of HTTPS sessions Many thanks to Milamber.
Added: jakarta/jmeter/trunk/extras/proxycert.cmd (with props) jakarta/jmeter/trunk/extras/proxycert.sh (with props) Modified: jakarta/jmeter/trunk/bin/jmeter.properties jakarta/jmeter/trunk/build.xml jakarta/jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/proxy/HttpRequestHdr.java jakarta/jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/proxy/Proxy.java jakarta/jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/util/HTTPConstantsInterface.java jakarta/jmeter/trunk/xdocs/changes.xml jakarta/jmeter/trunk/xdocs/usermanual/best-practices.xml jakarta/jmeter/trunk/xdocs/usermanual/component_reference.xml jakarta/jmeter/trunk/xdocs/usermanual/get-started.xml Modified: jakarta/jmeter/trunk/bin/jmeter.properties URL: http://svn.apache.org/viewvc/jakarta/jmeter/trunk/bin/jmeter.properties?rev=801473&r1=801472&r2=801473&view=diff ============================================================================== --- jakarta/jmeter/trunk/bin/jmeter.properties (original) +++ jakarta/jmeter/trunk/bin/jmeter.properties Wed Aug 5 23:58:28 2009 @@ -419,6 +419,15 @@ # use command-line flags for user-name and password #http.proxyDomain=NTLM domain, if required by HTTPClient sampler +# SSL configuration +#proxy.cert.directory=. +#proxy.cert.file=proxyserver.jks +#proxy.cert.type=JKS +#proxy.cert.keystorepass=password +#proxy.cert.keypassword=password +#proxy.cert.factory=SunX509 +#proxy.ssl.protocol=SSLv3 + #--------------------------------------------------------------------------- # HTTPSampleResponse Parser configuration #--------------------------------------------------------------------------- Modified: jakarta/jmeter/trunk/build.xml URL: http://svn.apache.org/viewvc/jakarta/jmeter/trunk/build.xml?rev=801473&r1=801472&r2=801473&view=diff ============================================================================== --- jakarta/jmeter/trunk/build.xml (original) +++ jakarta/jmeter/trunk/build.xml Wed Aug 5 23:58:28 2009 @@ -995,6 +995,8 @@ <include name="${dest.jar.jmeter}/mirror-server.*"/> <include name="${dest.jar.jmeter}/shutdown.*"/> <include name="${dest.jar.jmeter}/stoptest.*"/> + <!-- Fake SSL cert for JMeter proxy recorder in https --> + <include name="${dest.jar.jmeter}/proxyserver.jks"/> <!-- Exclude any files that might be present from testing the release --> <exclude name="${dest.jar.jmeter}/*.log"/> <include name="${dest.jar}/"/> Added: jakarta/jmeter/trunk/extras/proxycert.cmd URL: http://svn.apache.org/viewvc/jakarta/jmeter/trunk/extras/proxycert.cmd?rev=801473&view=auto ============================================================================== --- jakarta/jmeter/trunk/extras/proxycert.cmd (added) +++ jakarta/jmeter/trunk/extras/proxycert.cmd Wed Aug 5 23:58:28 2009 @@ -0,0 +1,27 @@ +...@echo off + + +rem Licensed to the Apache Software Foundation (ASF) under one or more +rem contributor license agreements. See the NOTICE file distributed with +rem this work for additional information regarding copyright ownership. +rem The ASF licenses this file to You under the Apache License, Version 2.0 +rem (the "License"); you may not use this file except in compliance with +rem the License. You may obtain a copy of the License at +rem +rem http://www.apache.org/licenses/LICENSE-2.0 +rem +rem Unless required by applicable law or agreed to in writing, software +rem distributed under the License is distributed on an "AS IS" BASIS, +rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +rem See the License for the specific language governing permissions and +rem limitations under the License. + +rem Generate proxyserver certificate for JMeter + +set DNAME="cn=JMeter Proxy, ou=JMeter, o=Apache Software Foundation, c=US" + +rem generate the keystore with the certificate +keytool -genkey -alias jmeter -keystore proxyserver.jks -keypass password -storepass password -validity 1825 -keyalg RSA -dname %DNAME% + +rem show the contents +keytool -list -v -keystore proxyserver.jks -storepass password Propchange: jakarta/jmeter/trunk/extras/proxycert.cmd ------------------------------------------------------------------------------ svn:eol-style = CRLF Added: jakarta/jmeter/trunk/extras/proxycert.sh URL: http://svn.apache.org/viewvc/jakarta/jmeter/trunk/extras/proxycert.sh?rev=801473&view=auto ============================================================================== --- jakarta/jmeter/trunk/extras/proxycert.sh (added) +++ jakarta/jmeter/trunk/extras/proxycert.sh Wed Aug 5 23:58:28 2009 @@ -0,0 +1,27 @@ +#!/bin/sh + +## Licensed to the Apache Software Foundation (ASF) under one or more +## contributor license agreements. See the NOTICE file distributed with +## this work for additional information regarding copyright ownership. +## The ASF licenses this file to You under the Apache License, Version 2.0 +## (the "License"); you may not use this file except in compliance with +## the License. You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. + + +## Generate proxyserver certificate for JMeter + +DNAME="cn=JMeter Proxy, ou=JMeter, o=Apache Software Foundation, c=US" + +## generate the keystore with the certificate +keytool -genkey -alias jmeter -keystore proxyserver.jks -keypass password -storepass password -validity 1825 -keyalg RSA -dname ${DNAME} + +## show the contents +keytool -list -v -keystore proxyserver.jks -storepass password Propchange: jakarta/jmeter/trunk/extras/proxycert.sh ------------------------------------------------------------------------------ svn:eol-style = LF Modified: jakarta/jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/proxy/HttpRequestHdr.java URL: http://svn.apache.org/viewvc/jakarta/jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/proxy/HttpRequestHdr.java?rev=801473&r1=801472&r2=801473&view=diff ============================================================================== --- jakarta/jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/proxy/HttpRequestHdr.java (original) +++ jakarta/jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/proxy/HttpRequestHdr.java Wed Aug 5 23:58:28 2009 @@ -92,9 +92,12 @@ } /** - * Http Request method. Such as get or post. + * Http Request method, uppercased, e.g. GET or POST. */ private String method = ""; // $NON-NLS-1$ + + /** CONNECT url. */ + private String paramHttps = ""; // $NON-NLS-1$ /** * The requested url. The universal resource locator that hopefully uniquely @@ -192,15 +195,9 @@ if (log.isDebugEnabled()) { log.debug("browser request: " + firstLine); } - if (!CharUtils.isAsciiAlphanumeric(firstLine.charAt(0))) { - throw new IllegalArgumentException("Unrecognised header line (probably used HTTPS)"); - } StringTokenizer tz = new StringTokenizer(firstLine); method = getToken(tz).toUpperCase(java.util.Locale.ENGLISH); url = getToken(tz); - if (url.toLowerCase(java.util.Locale.ENGLISH).startsWith(HTTPConstants.PROTOCOL_HTTPS)) { - throw new IllegalArgumentException("Cannot handle https URLS: " + url); - } version = getToken(tz); if (log.isDebugEnabled()) { log.debug("parser input: " + firstLine); @@ -208,9 +205,14 @@ log.debug("parsed url: " + url); log.debug("parsed version:" + version); } - if ("CONNECT".equalsIgnoreCase(method)){ - throw new IllegalArgumentException("Cannot handle CONNECT - probably used HTTPS"); + // SSL connection + if (getMethod().startsWith(HTTPConstants.CONNECT)) { + paramHttps = url; + } + if (url.startsWith("/")) { + url = HTTPS + "://" + paramHttps + url; // $NON-NLS-1$ } + log.debug("First Line: " + url); } /* @@ -401,7 +403,7 @@ if (log.isDebugEnabled()) { log.debug("Proxy: setting path: " + sampler.getPath()); } - if (numberRequests) { + if (!HTTPConstants.CONNECT.equals(getMethod()) && numberRequests) { requestNumber++; sampler.setName(requestNumber + " " + sampler.getPath()); } else { @@ -416,7 +418,7 @@ // If it was a HTTP GET request, then all parameters in the URL // has been handled by the sampler.setPath above, so we just need // to do parse the rest of the request if it is not a GET request - if(!HTTPConstants.GET.equals(method)) { + if((!HTTPConstants.CONNECT.equals(getMethod())) && (!HTTPConstants.GET.equals(method))) { // Check if it was a multipart http post request final String contentType = getContentType(); MultipartUrlConfig urlConfig = getMultipartConfig(contentType); @@ -554,6 +556,15 @@ public String getUrl(){ return url; } + + /** + * Returns the method string extracted from the first line of the client request. + * + * @return the method (will always be upper case) + */ + public String getMethod(){ + return method; + } /** * Returns the next token in a string. Modified: jakarta/jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/proxy/Proxy.java URL: http://svn.apache.org/viewvc/jakarta/jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/proxy/Proxy.java?rev=801473&r1=801472&r2=801473&view=diff ============================================================================== --- jakarta/jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/proxy/Proxy.java (original) +++ jakarta/jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/proxy/Proxy.java Wed Aug 5 23:58:28 2009 @@ -21,13 +21,30 @@ import java.io.BufferedInputStream; import java.io.BufferedOutputStream; import java.io.DataOutputStream; +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; import java.io.IOException; +import java.io.InputStream; import java.io.OutputStream; import java.net.Socket; -import java.net.UnknownHostException; import java.net.URL; +import java.net.UnknownHostException; +import java.security.KeyManagementException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.UnrecoverableKeyException; +import java.security.cert.CertificateException; +import java.util.HashMap; import java.util.Map; +import javax.net.ssl.KeyManagerFactory; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSocket; +import javax.net.ssl.SSLSocketFactory; + +import org.apache.commons.io.IOUtils; import org.apache.jmeter.protocol.http.control.HeaderManager; import org.apache.jmeter.protocol.http.parser.HTMLParseException; import org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase; @@ -64,7 +81,36 @@ private static final String PROXY_HEADERS_REMOVE_DEFAULT = "If-Modified-Since,If-None-Match,Host"; // $NON-NLS-1$ private static final String PROXY_HEADERS_REMOVE_SEPARATOR = ","; // $NON-NLS-1$ - + + // for ssl connection + private static final String KEYSTORE_TYPE = + JMeterUtils.getPropDefault("proxy.cert.type", "JKS"); // $NON-NLS-1$ $NON-NLS-2$ + + private static final String KEYMANAGERFACTORY = + JMeterUtils.getPropDefault("proxy.cert.factory", "SunX509"); // $NON-NLS-1$ $NON-NLS-2$ + + private static final String SSLCONTEXT_PROTOCOL = + JMeterUtils.getPropDefault("proxy.ssl.protocol", "SSLv3"); // $NON-NLS-1$ $NON-NLS-2$ + + // HashMap to save ssl connection between Jmeter proxy and browser + private static HashMap hashHost = new HashMap(); + + // Proxy configuration SSL + private static final String CERT_DIRECTORY = + JMeterUtils.getPropDefault("proxy.cert.directory", "."); // $NON-NLS-1$ $NON-NLS-2$ + + private static final String CERT_FILE = + JMeterUtils.getPropDefault("proxy.cert.file", "proxyserver.jks"); // $NON-NLS-1$ $NON-NLS-2$ + + private static final char[] KEYSTORE_PASSWORD = + JMeterUtils.getPropDefault("proxy.cert.keystorepass", "password").toCharArray(); // $NON-NLS-1$ $NON-NLS-2$ + + private static final char[] KEY_PASSWORD = + JMeterUtils.getPropDefault("proxy.cert.keypassword","password").toCharArray(); // $NON-NLS-1$ $NON-NLS-2$ + + // Use with SSL connection + private OutputStream outStreamClient = null; + static { String removeList = JMeterUtils.getPropDefault(PROXY_HEADERS_REMOVE,PROXY_HEADERS_REMOVE_DEFAULT); headersToRemove = JOrphanUtils.split(removeList,PROXY_HEADERS_REMOVE_SEPARATOR); @@ -161,9 +207,28 @@ SampleResult result = null; HeaderManager headers = null; - try { + try { + // Now, parse only first line request.parse(new BufferedInputStream(clientSocket.getInputStream())); - + outStreamClient = clientSocket.getOutputStream(); + + if ((request.getMethod().startsWith(HTTPConstants.CONNECT)) && (outStreamClient != null)) { + log.debug("Method CONNECT => SSL"); + // write a OK reponse to browser, to engage SSL exchange + outStreamClient.write(("HTTP/1.0 200 OK\r\n\r\n").getBytes()); // $NON-NLS-1$ + outStreamClient.flush(); + // With ssl request, url is host:port (without https:// or path) + String[] param = request.getUrl().split(":"); // $NON-NLS-1$ + if (param.length == 2) { + log.debug("Start to negotiate SSL connection, host: " + param[0]); + clientSocket = startSSL(clientSocket, param[0]); + } else { + log.warn("In SSL request, unable to find host and port in CONNECT request"); + } + // Re-parse (now it's the http request over SSL) + request.parse(new BufferedInputStream(clientSocket.getInputStream())); + } + // Populate the sampler. It is the same sampler as we sent into // the constructor of the HttpRequestHdr instance above request.getSampler(pageEncodings, formEncodings); @@ -225,9 +290,17 @@ "To record https requests, see " + "<a href=\"http://jakarta.apache.org/jmeter/usermanual/component_reference.html#HTTP_Proxy_Server\">HTTP Proxy Server documentation</a>")); result = generateErrorResult(result, e); // Generate result (if nec.) and populate it + } catch (IOException ioe) { + log.error("Problem with SSL certificate? Ensure browser is set to accept the JMeter proxy cert: "+ioe.getLocalizedMessage()); + // won't work: writeErrorToClient(HttpReplyHdr.formInternalError()); + if (result == null) { + result = new SampleResult(); + result.setSampleLabel("Sample failed"); + } + result.setResponseMessage(ioe.getMessage()+ "\n**ensure browser is set to accept the JMeter proxy certificate**"); } catch (Exception e) { log.error("Exception when processing sample", e); - writeErrorToClient(HttpReplyHdr.formTimeout()); + writeErrorToClient(HttpReplyHdr.formInternalError()); result = generateErrorResult(result, e); // Generate result (if nec.) and populate it } finally { if (log.isDebugEnabled()) { @@ -253,6 +326,111 @@ sampler.threadFinished(); // Needed for HTTPSampler2 } } + + /** + * Get SSL connection from hashmap, creating it if necessary. + * + * @param host + * @return a ssl socket factory + * @throws IOException + */ + private SSLSocketFactory getSSLSocketFactory(String host) throws IOException { + synchronized (hashHost) { + if (hashHost.containsKey(host)) { + log.debug("Good, already in map, host=" + host); + return (SSLSocketFactory) hashHost.get(host); + } + InputStream in = getCertificate(); + Exception except = null; + if (in != null) { + KeyStore ks = null; + KeyManagerFactory kmf = null; + SSLContext sslcontext = null; + try { + ks = KeyStore.getInstance(KEYSTORE_TYPE); + ks.load(in, KEYSTORE_PASSWORD); + kmf = KeyManagerFactory.getInstance(KEYMANAGERFACTORY); + kmf.init(ks, KEY_PASSWORD); + sslcontext = SSLContext.getInstance(SSLCONTEXT_PROTOCOL); + sslcontext.init(kmf.getKeyManagers(), null, null); + SSLSocketFactory sslFactory = sslcontext.getSocketFactory(); + hashHost.put(host, sslFactory); + log.info("KeyStore for SSL loaded OK and put host in map ("+host+")"); + return sslFactory; + } catch (NoSuchAlgorithmException e) { + except=e; + } catch (KeyManagementException e) { + except=e; + } catch (KeyStoreException e) { + except=e; + } catch (UnrecoverableKeyException e) { + except=e; + } catch (CertificateException e) { + except=e; + } finally { + if (except != null){ + log.error("Problem with SSL certificate",except); + } + IOUtils.closeQuietly(in); + } + } else { + throw new IOException("Unable to read keystore"); + } + return null; + } + } + + /** + * Negotiate a SSL connection. + * + * @param sock socket in + * @param host + * @return a new client socket over ssl + * @throws Exception if negotiation failed + */ + private Socket startSSL(Socket sock, String host) throws IOException { + SSLSocketFactory sslFactory = getSSLSocketFactory(host); + SSLSocket secureSocket; + if (sslFactory != null) { + try { + secureSocket = (SSLSocket) sslFactory.createSocket(sock, + sock.getInetAddress().getHostName(), sock.getPort(), true); + secureSocket.setUseClientMode(false); + if (log.isDebugEnabled()){ + log.debug("SSL transaction ok with cipher: " + secureSocket.getSession().getCipherSuite()); + } + return secureSocket; + } catch (IOException e) { + log.error("Error in SSL socket negotiation: ", e); + throw e; + } + } else { + log.warn("Unable to negotiate SSL transaction, no keystore?"); + throw new IOException("Unable to negotiate SSL transaction, no keystore?"); + } + } + + /** + * Open the local certificate file. + * + * @return stream to key cert; null if there was a problem opening it + */ + private InputStream getCertificate() { + File certFile = new File(CERT_DIRECTORY, CERT_FILE); + InputStream in = null; + final String certPath = certFile.getAbsolutePath(); + if (certFile.exists() && certFile.canRead()) { + try { + in = new FileInputStream(certFile); + log.info("Opened Keystore file: "+certPath); + } catch (FileNotFoundException e) { + log.error("No server cert file found: "+certPath, e); + } + } else { + log.error("No server cert file found: "+certPath); + } + return in; + } private SampleResult generateErrorResult(SampleResult result, Exception e) { if (result == null) { Modified: jakarta/jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/util/HTTPConstantsInterface.java URL: http://svn.apache.org/viewvc/jakarta/jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/util/HTTPConstantsInterface.java?rev=801473&r1=801472&r2=801473&view=diff ============================================================================== --- jakarta/jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/util/HTTPConstantsInterface.java (original) +++ jakarta/jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/util/HTTPConstantsInterface.java Wed Aug 5 23:58:28 2009 @@ -38,6 +38,7 @@ public static final String OPTIONS = "OPTIONS"; // $NON-NLS-1$ public static final String TRACE = "TRACE"; // $NON-NLS-1$ public static final String DELETE = "DELETE"; // $NON-NLS-1$ + public static final String CONNECT = "CONNECT"; // $NON-NLS-1$ public static final String HEADER_AUTHORIZATION = "Authorization"; // $NON-NLS-1$ public static final String HEADER_COOKIE = "Cookie"; // $NON-NLS-1$ public static final String HEADER_CONNECTION = "Connection"; // $NON-NLS-1$ Modified: jakarta/jmeter/trunk/xdocs/changes.xml URL: http://svn.apache.org/viewvc/jakarta/jmeter/trunk/xdocs/changes.xml?rev=801473&r1=801472&r2=801473&view=diff ============================================================================== --- jakarta/jmeter/trunk/xdocs/changes.xml (original) +++ jakarta/jmeter/trunk/xdocs/changes.xml Wed Aug 5 23:58:28 2009 @@ -105,6 +105,7 @@ <h3>HTTP Samplers</h3> <ul> +<li>Bug 47622 - enable recording of HTTPS sessions</li> </ul> <h3>Other samplers</h3> Modified: jakarta/jmeter/trunk/xdocs/usermanual/best-practices.xml URL: http://svn.apache.org/viewvc/jakarta/jmeter/trunk/xdocs/usermanual/best-practices.xml?rev=801473&r1=801472&r2=801473&view=diff ============================================================================== --- jakarta/jmeter/trunk/xdocs/usermanual/best-practices.xml (original) +++ jakarta/jmeter/trunk/xdocs/usermanual/best-practices.xml Wed Aug 5 23:58:28 2009 @@ -95,10 +95,13 @@ If the browser works OK even if JMeter is not running, then the browser cannot be using the proxy. Some browsers ignore proxy settings for localhost or 127.0.0.1; try using the local hostname or IP instead. </p> +<p> +The error "unknown_ca" probably means that you are trying to record HTTPS, and the browser has not accepted the +JMeter Proxy server certificate. +</p> <!--TODO: Describe how to use this to record against one server[name] and run against another. Actually, this particular example may be beter for the HTTP Request Defaults... a good similar example for the variables is http vs. https.--> -<!--TODO: Hey! We need to mention that https is not supported and how to work around that!--> <!--SUMMARY of all TODO's above: we need some actual usage to identify best practices with this new features.--> </section> Modified: jakarta/jmeter/trunk/xdocs/usermanual/component_reference.xml URL: http://svn.apache.org/viewvc/jakarta/jmeter/trunk/xdocs/usermanual/component_reference.xml?rev=801473&r1=801472&r2=801473&view=diff ============================================================================== --- jakarta/jmeter/trunk/xdocs/usermanual/component_reference.xml (original) +++ jakarta/jmeter/trunk/xdocs/usermanual/component_reference.xml Wed Aug 5 23:58:28 2009 @@ -4233,8 +4233,6 @@ </component> <component name="HTTP Proxy Server" index="§-num;.9.5" width="951" height="611" screenshot="proxy_control.png"> -<note>The Proxy Server can only record HTTP traffic. -It is not possible to record HTTPS (SSL) sessions; however there is an HTTPS spoofing mode - see below.</note> <description><p>The Proxy Server allows JMeter to watch and record your actions while you browse your web application with your normal browser. JMeter will create test sample objects and store them directly into your test plan as you go (so you can view samples interactively while you make them).</p> @@ -4243,8 +4241,21 @@ Select the WorkBench element in the tree, and right-click on this element to get the Add menu (Add --> Non-Test Elements --> HTTP Proxy Server).</p> <p> -You also need to set up your browser to use the JMeter proxy port as the proxy for HTTP requests. -Do not use JMeter as the proxy for any other request types - HTTPS, FTP, etc. - as the JMeter proxy cannot handle them. +You also need to set up your browser to use the JMeter proxy port as the proxy for HTTP and HTTPS requests. +Do not use JMeter as the proxy for any other request types - FTP, etc. - as the JMeter proxy cannot handle them. +</p> +<p> +When recording HTTPS, the JMeter proxy server uses a dummy certificate to enable it to accept the SSL connection from +the browser. This certificate is not one of the certificates that browsers normally trust, and will not be for the +correct host, so the browser should display a dialogue asking if you want to accept the certificate or not. For example: +<code> +1) The server's name "www.example.com" does not match the certificate's name + "JMeter Proxy". Somebody may be trying to eavesdrop on you. +2) The certificate for "JMeter Proxy" is signed by the unknown Certificate Authority + "JMeter Proxy". It is not possible to verify that this is a valid certificate. +</code> +You will need to accept the certificate in order to allow the JMeter Proxy to intercept the SSL traffic in order to +record it. You should only accept the certificate temporarily. </p> <note> If your browser currently uses a proxy (e.g. a company intranet may route all external requests via a proxy), @@ -4258,6 +4269,7 @@ <property name="Name" required="No">Descriptive name for this controller that is shown in the tree.</property> <property name="Port" required="Yes">The port that the Proxy Server listens to. 8080 is the default, but you can change it.</property> <property name="Attempt HTTPS Spoofing" required="Yes"> + [Note: HTTPS spoofing should no longer be required] When you enable HTTPS spoofing, the following happens: <ul> <li>All matching (see below) http requests from the client are turned into https (between the proxy Modified: jakarta/jmeter/trunk/xdocs/usermanual/get-started.xml URL: http://svn.apache.org/viewvc/jakarta/jmeter/trunk/xdocs/usermanual/get-started.xml?rev=801473&r1=801472&r2=801473&view=diff ============================================================================== --- jakarta/jmeter/trunk/xdocs/usermanual/get-started.xml (original) +++ jakarta/jmeter/trunk/xdocs/usermanual/get-started.xml Wed Aug 5 23:58:28 2009 @@ -132,7 +132,7 @@ This is to allow the maximum flexibility in testing servers.</p> <p>If the server requires a client certificate, this can be provided.</p> <p>There is also the <complink name="SSL Manager"/>, for greater control of certificates.</p> -<note>The JMeter proxy server (see below) does not support recording SSL (https).</note> +<note>The JMeter proxy server (see below) supports recording HTTPS (SSL) in versions after 2.3.4</note> </subsection> <subsection name="§-num;.2.5 JDBC Driver" anchor="opt_jdbc"> @@ -268,7 +268,7 @@ <p><b>Example</b>: jmeter -H my.proxy.server -P 8000 -u username -a password -N localhost</p> <p>Alternatively, you can use --proxyHost, --proxyPort, --username, and --password</p> <note>JMeter also has its own in-built <complink name="HTTP Proxy Server">HTTP Proxy Server</complink>, -which can be used for recording HTTP (but not HTTPS) browser sessions. +which can be used for recording HTTP or HTTPS browser sessions. This is not to be confused with the proxy settings described above, which are used when JMeter makes HTTP or HTTPS requests itself.</note> </subsection> --------------------------------------------------------------------- To unsubscribe, e-mail: jmeter-dev-unsubscr...@jakarta.apache.org For additional commands, e-mail: jmeter-dev-h...@jakarta.apache.org