Hi, SAML response is generally comes when you send username/password. Below configuration, I used under 2nd request.
[cid:[email protected]] Please check whether the SAML response is coming in Main sample and sub samples your application along with "Field to check" options. Regards, Indu Gupta From: Gunturi, R. [mailto:[email protected]] Sent: 05 March 2019 15:35 To: JMeter Users List; [email protected] Subject: RE: Issue with capturing SAML Response Hi Indu, Please find the below information which we pass it thru Jmeter as a part of request and also attached are the response body logs for the 4 requests. 1. https://dsm.okta.com/<https://urldefense.proofpoint.com/v2/url?u=https-3A__dsm.okta.com_&d=DwMFAg&c=eIGjsITfXP_y-DLLX0uEHXJvU8nOHrUK8IrwNKOtkVU&r=GK-Y84W7d_yzKAT5iNwgjLO55JDqdrnDF2Ywmu3hF3w&m=ev1kd_hML_qS37OTNkvFt02WApCbgMb59_thVPB_RD4&s=bT9M155jTMejGtTqzSZxON1PYbyTJpU3BTyJTW6D5RU&e=> (Capturing SAML Request, Relay State from this URL and passing the values to next request which is ADFS Authentication). 2. https://sts-ad2.my-dsm.com/adfs/ls/<https://urldefense.proofpoint.com/v2/url?u=https-3A__sts-2Dad2.my-2Ddsm.com_adfs_ls_&d=DwMFAg&c=eIGjsITfXP_y-DLLX0uEHXJvU8nOHrUK8IrwNKOtkVU&r=GK-Y84W7d_yzKAT5iNwgjLO55JDqdrnDF2Ywmu3hF3w&m=ev1kd_hML_qS37OTNkvFt02WApCbgMb59_thVPB_RD4&s=cpi0TGK5Ixxaz18ejJOZIZjBAIOdB3wxi4qMH4v3wGk&e=> 3. https://sts-ad2.my-dsm.com/adfs/ls/wia<https://urldefense.proofpoint.com/v2/url?u=https-3A__sts-2Dad2.my-2Ddsm.com_adfs_ls_wia&d=DwMFAg&c=eIGjsITfXP_y-DLLX0uEHXJvU8nOHrUK8IrwNKOtkVU&r=GK-Y84W7d_yzKAT5iNwgjLO55JDqdrnDF2Ywmu3hF3w&m=ev1kd_hML_qS37OTNkvFt02WApCbgMb59_thVPB_RD4&s=Y5ktcDYu1Vi6V_WlJ92yVCoxF5_QaCQMTAJgKUkRb2A&e=> 4. https://dsm.okta.com/auth/saml20/dsmadfs<https://urldefense.proofpoint.com/v2/url?u=https-3A__dsm.okta.com_auth_saml20_dsmadfs&d=DwMFAg&c=eIGjsITfXP_y-DLLX0uEHXJvU8nOHrUK8IrwNKOtkVU&r=GK-Y84W7d_yzKAT5iNwgjLO55JDqdrnDF2Ywmu3hF3w&m=ev1kd_hML_qS37OTNkvFt02WApCbgMb59_thVPB_RD4&s=qM-Fw2cY4YiLyny29mVJoRFwgvS_FQolVNlyKxuPBo0&e=> [cid:[email protected]] Please provide your contact number/email id to get more insight on the issue. Regards, Ravi -----Original Message----- From: Indu Gupta <[email protected]<mailto:[email protected]>> Sent: Tuesday, March 5, 2019 3:29 PM To: [email protected]<mailto:[email protected]>; JMeter Users List <[email protected]<mailto:[email protected]>> Subject: [External] Re: Issue with capturing SAML Response This message is from an EXTERNAL SENDER - be CAUTIOUS, particularly with links and attachments. HiHi, Recently I worked on such kind of env, where multiple applications were required to access through single sign on. As per my understanding by reading your query, you are not able to capture SAML Response in Jmeter scripts. If yes, please send me previous API's response. Regards, Indu gupta ________________________________________ From: Gunturi, R. <[email protected]<mailto:[email protected]>> Sent: 05 March 2019 15:01:06 To: [email protected]<mailto:[email protected]>; JMeter Users List Subject: Issue with capturing SAML Response Hi All, We had an issue with the application i.e. https://urldefense.proofpoint.com/v2/url?u=https-3A__dsm.okta.com&d=DwIFAg&c=eIGjsITfXP_y-DLLX0uEHXJvU8nOHrUK8IrwNKOtkVU&r=GK-Y84W7d_yzKAT5iNwgjLO55JDqdrnDF2Ywmu3hF3w&m=XnQ3pX0bjQGgNVyuDHkjcOSMVnGI8FJUWJ5MYCmZXcs&s=PsDkgIuob8p76DvgGGAryq9v0OLcYAb0BWrvZgrHKaI&e= . We need help on scripting in Jmeter i.e. hitting the url which is SSO enabled and open the application from DSM web site. Flow: 1. To give insight on the flow, we will logon with Windows credentials (Say Ex: XXX user1) and open the url https://urldefense.proofpoint.com/v2/url?u=https-3A__dsm.okta.com&d=DwIFAg&c=eIGjsITfXP_y-DLLX0uEHXJvU8nOHrUK8IrwNKOtkVU&r=GK-Y84W7d_yzKAT5iNwgjLO55JDqdrnDF2Ywmu3hF3w&m=XnQ3pX0bjQGgNVyuDHkjcOSMVnGI8FJUWJ5MYCmZXcs&s=PsDkgIuob8p76DvgGGAryq9v0OLcYAb0BWrvZgrHKaI&e= post that application will be open (As SSO enabled application, only user1 will have access to application he can only open directly without entering username/password). Issue: Here couple of things needs to understand * URL https://urldefense.proofpoint.com/v2/url?u=https-3A__dsm.okta.com&d=DwIFAg&c=eIGjsITfXP_y-DLLX0uEHXJvU8nOHrUK8IrwNKOtkVU&r=GK-Y84W7d_yzKAT5iNwgjLO55JDqdrnDF2Ywmu3hF3w&m=XnQ3pX0bjQGgNVyuDHkjcOSMVnGI8FJUWJ5MYCmZXcs&s=PsDkgIuob8p76DvgGGAryq9v0OLcYAb0BWrvZgrHKaI&e= is secured web site. Through Jmeter We are able to record the flow using both options i.e. 1. Jmeter Proxy Recorder and 2. Blaze-meter Chrome extension add-in. * But while replay as it is SSO enabled application with Windows authentication, We are able to get SAML request & Relay String but not able to get SAML response from previous request (which is required ) to send the SAML response to the next request. * Client is not in a position to provide Client Certificates (SSL) for authentication purpose. (As per client, it might require a large change to their ADFS environment.) Any body worked with SSO application with out certificates using JMeter. If Yes, Please reply. Regards, Ravi ________________________________ This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of internal compliance with Accenture policy. Your privacy is important to us. Accenture uses your personal data only in compliance with data protection laws. For further information on how Accenture processes your personal data, please see our privacy statement at https://www.accenture.com/us-en/privacy-policy. ______________________________________________________________________________________ http://www.accenture.com --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected]<mailto:[email protected]> For additional commands, e-mail: [email protected]<mailto:[email protected]>
