Re: HTTPS/SSL and Kerberos
By playing around, I noticed that JMeter lets you specify a system props file using the '-q' flag as well. This works. I verified it by removing all kerberos related config from the apache-jmeter-5.0/bin directory, and also by changing the LoginConfig name in the jaas.conf file so it couldn't be found. The tip about how to interpret the Kerberos error really helped. Hopefully this info about the -q flag will help someone else in future. Regards Adam -- Sent from: http://www.jmeter-archive.org/JMeter-User-f512775.html - To unsubscribe, e-mail: user-unsubscr...@jmeter.apache.org For additional commands, e-mail: user-h...@jmeter.apache.org
Re: HTTPS/SSL and Kerberos
So presumably then this error: javax.security.auth.login.LoginException: No LoginModules configured for JMeter at javax.security.auth.login.LoginContext.init(LoginContext.java:264) ~[?:1.8.0_131] at javax.security.auth.login.LoginContext.(LoginContext.java:417) ~[?:1.8.0_131] at org.apache.jmeter.protocol.http.control.KerberosManager.lambda$getSubjectForUser$0(KerberosManager.java:68) ~[ApacheJMeter_http.jar:5.0 r1840935] means that JMeter can't find the jaas.conf? I went back to basics and retried using system.properties with jaas config set to "jaas.conf" with no directory and JMeter found the jaas.conf straight away. I'll now work forwards again step by step and try to see where I went wrong. If it wasn't for this hiccup, it would be much easier to keep those jaas.conf and krb5.conf files with the other project files. -- Sent from: http://www.jmeter-archive.org/JMeter-User-f512775.html - To unsubscribe, e-mail: user-unsubscr...@jmeter.apache.org For additional commands, e-mail: user-h...@jmeter.apache.org
Re: HTTPS/SSL and Kerberos
I defined the properties in a system.properties file which I keep in my code repo and reference on the command line with the '-p' parameter. The jaas.conf is exactly the same. I copied it across to my code base, that's all. I also suspected the jaas.conf file, but I'm not able to force it to make an error which would show that it's using the jaas.conf specified. I was also so fixated on the jmeter.log that I only just noticed this warning on the command line: $ tools/apache-jmeter-5.0/bin/jmeter.sh -n -p workspace/jenna/jmeter/system.properties -t workspace/jenna/jmeter/benchmark.jmx -j logs/jmeter.log -e -l logs/jmeter-data.csv Nov 19, 2018 6:47:10 PM java.util.prefs.WindowsPreferences WARNING: Could not open/create prefs root node Software\JavaSoft\Prefs at root 0x8002. Windows RegCreateKeyEx(...) returned error code 5. Created the tree successfully using workspace/jenna/jmeter/benchmark.jmx Starting the test @ Mon Nov 19 18:47:10 GMT 2018 (1542653230567) Waiting for possible Shutdown/StopTestNow/Heapdump message on port 4445 Tidying up ...@ Mon Nov 19 18:47:17 GMT 2018 (1542653237675) ... end of run Is it critical? -- Sent from: http://www.jmeter-archive.org/JMeter-User-f512775.html - To unsubscribe, e-mail: user-unsubscr...@jmeter.apache.org For additional commands, e-mail: user-h...@jmeter.apache.org
Re: HTTPS/SSL and Kerberos
this: file.encoding=UTF-8 javax.net.ssl.keyStore=c:/dev/.secure/v3.jks javax.net.ssl.keyStorePassword=teaCUP876 sun.net.http.allowRestrictedHeaders=true java.security.krb5.conf=C:/dev/workspace/jenna/jmeter/krb5.conf java.security.auth.login.config=C:/dev/workspace/jenna/jmeter/jaas.conf sun.security.krb5.debug=true Where have you defined those properties? Are you sure they get used? For me it looks like JMeter is not using the correct jaas.conf. Have you had a look into that file? Any reason for not using the default jaas.conf that comes with JMeter? Regards, Felix so I don't know why the logs show SSL warnings. Just for the record, here is what my jmx file for the HTTP authorization manager looks like: test-url.bla-web.megacorp.com 443 https UTF-8 HttpClient4 6 adam42 scooby-secret X2.MEGACORP.COM X2.MEGACORP.COM KERBEROS The HTTPS/SSL configuration on the server is all hunky-dory as far as I can tell, and encryption has been working fine for weeks for all normal clients. What do I need to check here? Thanks Adam -- Sent from: http://www.jmeter-archive.org/JMeter-User-f512775.html - To unsubscribe, e-mail: user-unsubscr...@jmeter.apache.org For additional commands, e-mail: user-h...@jmeter.apache.org - To unsubscribe, e-mail: user-unsubscr...@jmeter.apache.org For additional commands, e-mail: user-h...@jmeter.apache.org
HTTPS/SSL and Kerberos
/v3.jks javax.net.ssl.keyStorePassword=teaCUP876 sun.net.http.allowRestrictedHeaders=true java.security.krb5.conf=C:/dev/workspace/jenna/jmeter/krb5.conf java.security.auth.login.config=C:/dev/workspace/jenna/jmeter/jaas.conf sun.security.krb5.debug=true so I don't know why the logs show SSL warnings. Just for the record, here is what my jmx file for the HTTP authorization manager looks like: test-url.bla-web.megacorp.com 443 https UTF-8 HttpClient4 6 adam42 scooby-secret X2.MEGACORP.COM X2.MEGACORP.COM KERBEROS The HTTPS/SSL configuration on the server is all hunky-dory as far as I can tell, and encryption has been working fine for weeks for all normal clients. What do I need to check here? Thanks Adam -- Sent from: http://www.jmeter-archive.org/JMeter-User-f512775.html - To unsubscribe, e-mail: user-unsubscr...@jmeter.apache.org For additional commands, e-mail: user-h...@jmeter.apache.org
