JMeter 4.0 client won't start if Secure RMI is configured
Hi, I asked this question on StackOverflow but got no answers or even tips so sending this to the mailing list. I am trying to set up remote testing infrastructure with secure RMI using JMeter 4.0 (one client and one server) but the client won't start because of 'Address already in use (Bind failed)' error. netstat shows that no process is listening on this port and from the log it seems that JMeter itself tries to listen on the port more than once (at least that's how I interpreted the log messages). Everything works fine if I disable Secure RMI (server.rmi.ssl.disable=true) Both the client and server use 4.0 r1823414 version. You can find details and the log here (SO post) - https://stackoverflow.com/questions/50752126/unable-to-start-jmeter-4-0-client-with-ssl-rmi Let me know if you want me to provide any details/settings. Thank you! Andrey Shevtsov - To unsubscribe, e-mail: user-unsubscr...@jmeter.apache.org For additional commands, e-mail: user-h...@jmeter.apache.org
Re: Jmeter Kerberos
thanks for the inputs. 1. i dont find bin/setenv.bat file anywhere in my jmeter directory. 2. I tried just removing all contents in krb5.conf . i still see same error: WARN - org.apache.http.client.protocol.RequestTargetAuthentication: >> NEGOTIATE authentication error: No valid credentials provided (Mechanism >> level: No valid credentials provided (Mechanism level: Message stream >> modified (41))) looks like jmeter is navigating to the krb5 and jaas files but the contents are not being parsed? -- Sent from: http://www.jmeter-archive.org/JMeter-User-f512775.html - To unsubscribe, e-mail: user-unsubscr...@jmeter.apache.org For additional commands, e-mail: user-h...@jmeter.apache.org
Re: Jmeter Kerberos
Am 08.06.2018 um 22:28 schrieb chandrikak:
Thanks for the response Felix.
1. Yes the below two files are enabled in system.properties .:
(if i give wrong path, i get error in jmeter log, so validated it that way)
java.security.krb5.conf=krb5.conf
java.security.auth.login.config=jaas.conf
You could try to set -Dsun.security.krb5.debug=true to get more debug
information. ||
||
2. I am using windows machine and hence cannot configure the bin/setenv.sh
But you could place those settings in bin/setenv.bat :)
3.Request headers:
Connection: keep-alive
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows; Trident/6.0)
4. The server doesnt have any problem because the same uris works fine in
loadrunner and manually through browser as well.
When recording the script via Loadrunner, it is recording fine succesfully,
but replay again throws same error:
WARN - org.apache.http.client.protocol.RequestTargetAuthentication:
NEGOTIATE authentication error: No valid credentials provided (Mechanism
level: No valid credentials provided (Mechanism level: Message stream
modified (41)))
WARN - org.apache.http.client.protocol.RequestTargetAuthentication:
NEGOTIATE authentication error: No valid credentials provided (Mechanism
level: No valid credentials provided (Mechanism level: Message stream
modified (41)))
The only things I found on google pointed to upper/lowercase problems
with the domain.
Check that you have uppercased the domain on every SPN: user@REALM
5. Already update the JAAS to include debug=true. here is the log response
in command prompt:
Debug is true storeKey false useTicketCache false useKeyTab false
doNotPrompt f
alse ticketCache is null isInitiator true KeyTab is null refreshKrb5Config
is fa
lse principal is null tryFirstPass is false useFirstPass is false storePass
is f
alse clearPass is false
[Krb5LoginModule] user entered username: *testuser*
principal is *testu...@xxx.test.com*
Commit Succeeded
6. krb5.conf
# Default Krb5.conf file for OctetString VDE 3.0
[libdefaults]
default_realm = XXX.TEST.COM
default_checksum = ***
default_tkt_enctypes = ***
default_tgs_enctypes = ***
permitted_enctypes = ***
I would omit all the above settings except the default_realm.
udp_preference_limit=*
# default_tgs_enctypes = **
# default_tkt_enctypes = **
# permitted_enctypes = **
##clockskew=*
## kdc_timeout=**
##max_retries=*
[realms]
xxx.test.COM = {
kdc = servername.XXX.TEST.COM
admin_server = servername.xxx.test.com
default_domain = XXX.TEST.COM
Your kerberos domain is most probably set up correctly in DNS, so leave
out this section completely.
Regards,
Felix
}
[domain_realm]
.xxx.test.com = XXX.TEST.COM
xxx.test.com = XXX.TEST.COM
#[logging]
#kdc = /opt/apps/Oracle/OViD/logs/local1
#admin-server = /opt/apps/Oracle/OViD/logs/local2
#default = /opt/apps/Oracle/OViD/logs/auth
--
Sent from: http://www.jmeter-archive.org/JMeter-User-f512775.html
-
To unsubscribe, e-mail: user-unsubscr...@jmeter.apache.org
For additional commands, e-mail: user-h...@jmeter.apache.org
Re: Jmeter Kerberos
Thanks for the response Felix.
1. Yes the below two files are enabled in system.properties .:
(if i give wrong path, i get error in jmeter log, so validated it that way)
java.security.krb5.conf=krb5.conf
java.security.auth.login.config=jaas.conf
2. I am using windows machine and hence cannot configure the bin/setenv.sh
3.Request headers:
Connection: keep-alive
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows; Trident/6.0)
4. The server doesnt have any problem because the same uris works fine in
loadrunner and manually through browser as well.
When recording the script via Loadrunner, it is recording fine succesfully,
but replay again throws same error:
> WARN - org.apache.http.client.protocol.RequestTargetAuthentication:
> NEGOTIATE authentication error: No valid credentials provided (Mechanism
> level: No valid credentials provided (Mechanism level: Message stream
> modified (41)))
>
> WARN - org.apache.http.client.protocol.RequestTargetAuthentication:
> NEGOTIATE authentication error: No valid credentials provided (Mechanism
> level: No valid credentials provided (Mechanism level: Message stream
> modified (41)))
5. Already update the JAAS to include debug=true. here is the log response
in command prompt:
Debug is true storeKey false useTicketCache false useKeyTab false
doNotPrompt f
alse ticketCache is null isInitiator true KeyTab is null refreshKrb5Config
is fa
lse principal is null tryFirstPass is false useFirstPass is false storePass
is f
alse clearPass is false
[Krb5LoginModule] user entered username: *testuser*
principal is *testu...@xxx.test.com*
Commit Succeeded
6. krb5.conf
# Default Krb5.conf file for OctetString VDE 3.0
[libdefaults]
default_realm = XXX.TEST.COM
default_checksum = ***
default_tkt_enctypes = ***
default_tgs_enctypes = ***
permitted_enctypes = ***
udp_preference_limit=*
# default_tgs_enctypes = **
# default_tkt_enctypes = **
# permitted_enctypes = **
##clockskew=*
## kdc_timeout=**
##max_retries=*
[realms]
xxx.test.COM = {
kdc = servername.XXX.TEST.COM
admin_server = servername.xxx.test.com
default_domain = XXX.TEST.COM
}
[domain_realm]
.xxx.test.com = XXX.TEST.COM
xxx.test.com = XXX.TEST.COM
#[logging]
#kdc = /opt/apps/Oracle/OViD/logs/local1
#admin-server = /opt/apps/Oracle/OViD/logs/local2
#default = /opt/apps/Oracle/OViD/logs/auth
--
Sent from: http://www.jmeter-archive.org/JMeter-User-f512775.html
-
To unsubscribe, e-mail: user-unsubscr...@jmeter.apache.org
For additional commands, e-mail: user-h...@jmeter.apache.org
