JMeter 4.0 client won't start if Secure RMI is configured
Hi, I asked this question on StackOverflow but got no answers or even tips so sending this to the mailing list. I am trying to set up remote testing infrastructure with secure RMI using JMeter 4.0 (one client and one server) but the client won't start because of 'Address already in use (Bind failed)' error. netstat shows that no process is listening on this port and from the log it seems that JMeter itself tries to listen on the port more than once (at least that's how I interpreted the log messages). Everything works fine if I disable Secure RMI (server.rmi.ssl.disable=true) Both the client and server use 4.0 r1823414 version. You can find details and the log here (SO post) - https://stackoverflow.com/questions/50752126/unable-to-start-jmeter-4-0-client-with-ssl-rmi Let me know if you want me to provide any details/settings. Thank you! Andrey Shevtsov - To unsubscribe, e-mail: user-unsubscr...@jmeter.apache.org For additional commands, e-mail: user-h...@jmeter.apache.org
Re: Jmeter Kerberos
thanks for the inputs. 1. i dont find bin/setenv.bat file anywhere in my jmeter directory. 2. I tried just removing all contents in krb5.conf . i still see same error: WARN - org.apache.http.client.protocol.RequestTargetAuthentication: >> NEGOTIATE authentication error: No valid credentials provided (Mechanism >> level: No valid credentials provided (Mechanism level: Message stream >> modified (41))) looks like jmeter is navigating to the krb5 and jaas files but the contents are not being parsed? -- Sent from: http://www.jmeter-archive.org/JMeter-User-f512775.html - To unsubscribe, e-mail: user-unsubscr...@jmeter.apache.org For additional commands, e-mail: user-h...@jmeter.apache.org
Re: Jmeter Kerberos
Am 08.06.2018 um 22:28 schrieb chandrikak: Thanks for the response Felix. 1. Yes the below two files are enabled in system.properties .: (if i give wrong path, i get error in jmeter log, so validated it that way) java.security.krb5.conf=krb5.conf java.security.auth.login.config=jaas.conf You could try to set -Dsun.security.krb5.debug=true to get more debug information. || || 2. I am using windows machine and hence cannot configure the bin/setenv.sh But you could place those settings in bin/setenv.bat :) 3.Request headers: Connection: keep-alive User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows; Trident/6.0) 4. The server doesnt have any problem because the same uris works fine in loadrunner and manually through browser as well. When recording the script via Loadrunner, it is recording fine succesfully, but replay again throws same error: WARN - org.apache.http.client.protocol.RequestTargetAuthentication: NEGOTIATE authentication error: No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Message stream modified (41))) WARN - org.apache.http.client.protocol.RequestTargetAuthentication: NEGOTIATE authentication error: No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Message stream modified (41))) The only things I found on google pointed to upper/lowercase problems with the domain. Check that you have uppercased the domain on every SPN: user@REALM 5. Already update the JAAS to include debug=true. here is the log response in command prompt: Debug is true storeKey false useTicketCache false useKeyTab false doNotPrompt f alse ticketCache is null isInitiator true KeyTab is null refreshKrb5Config is fa lse principal is null tryFirstPass is false useFirstPass is false storePass is f alse clearPass is false [Krb5LoginModule] user entered username: *testuser* principal is *testu...@xxx.test.com* Commit Succeeded 6. krb5.conf # Default Krb5.conf file for OctetString VDE 3.0 [libdefaults] default_realm = XXX.TEST.COM default_checksum = *** default_tkt_enctypes = *** default_tgs_enctypes = *** permitted_enctypes = *** I would omit all the above settings except the default_realm. udp_preference_limit=* # default_tgs_enctypes = ** # default_tkt_enctypes = ** # permitted_enctypes = ** ##clockskew=* ## kdc_timeout=** ##max_retries=* [realms] xxx.test.COM = { kdc = servername.XXX.TEST.COM admin_server = servername.xxx.test.com default_domain = XXX.TEST.COM Your kerberos domain is most probably set up correctly in DNS, so leave out this section completely. Regards, Felix } [domain_realm] .xxx.test.com = XXX.TEST.COM xxx.test.com = XXX.TEST.COM #[logging] #kdc = /opt/apps/Oracle/OViD/logs/local1 #admin-server = /opt/apps/Oracle/OViD/logs/local2 #default = /opt/apps/Oracle/OViD/logs/auth -- Sent from: http://www.jmeter-archive.org/JMeter-User-f512775.html - To unsubscribe, e-mail: user-unsubscr...@jmeter.apache.org For additional commands, e-mail: user-h...@jmeter.apache.org
Re: Jmeter Kerberos
Thanks for the response Felix. 1. Yes the below two files are enabled in system.properties .: (if i give wrong path, i get error in jmeter log, so validated it that way) java.security.krb5.conf=krb5.conf java.security.auth.login.config=jaas.conf 2. I am using windows machine and hence cannot configure the bin/setenv.sh 3.Request headers: Connection: keep-alive User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows; Trident/6.0) 4. The server doesnt have any problem because the same uris works fine in loadrunner and manually through browser as well. When recording the script via Loadrunner, it is recording fine succesfully, but replay again throws same error: > WARN - org.apache.http.client.protocol.RequestTargetAuthentication: > NEGOTIATE authentication error: No valid credentials provided (Mechanism > level: No valid credentials provided (Mechanism level: Message stream > modified (41))) > > WARN - org.apache.http.client.protocol.RequestTargetAuthentication: > NEGOTIATE authentication error: No valid credentials provided (Mechanism > level: No valid credentials provided (Mechanism level: Message stream > modified (41))) 5. Already update the JAAS to include debug=true. here is the log response in command prompt: Debug is true storeKey false useTicketCache false useKeyTab false doNotPrompt f alse ticketCache is null isInitiator true KeyTab is null refreshKrb5Config is fa lse principal is null tryFirstPass is false useFirstPass is false storePass is f alse clearPass is false [Krb5LoginModule] user entered username: *testuser* principal is *testu...@xxx.test.com* Commit Succeeded 6. krb5.conf # Default Krb5.conf file for OctetString VDE 3.0 [libdefaults] default_realm = XXX.TEST.COM default_checksum = *** default_tkt_enctypes = *** default_tgs_enctypes = *** permitted_enctypes = *** udp_preference_limit=* # default_tgs_enctypes = ** # default_tkt_enctypes = ** # permitted_enctypes = ** ##clockskew=* ## kdc_timeout=** ##max_retries=* [realms] xxx.test.COM = { kdc = servername.XXX.TEST.COM admin_server = servername.xxx.test.com default_domain = XXX.TEST.COM } [domain_realm] .xxx.test.com = XXX.TEST.COM xxx.test.com = XXX.TEST.COM #[logging] #kdc = /opt/apps/Oracle/OViD/logs/local1 #admin-server = /opt/apps/Oracle/OViD/logs/local2 #default = /opt/apps/Oracle/OViD/logs/auth -- Sent from: http://www.jmeter-archive.org/JMeter-User-f512775.html - To unsubscribe, e-mail: user-unsubscr...@jmeter.apache.org For additional commands, e-mail: user-h...@jmeter.apache.org