Re: Testing web application that uses Windows Pass through Authenication (346 Views)
Reply
Trusted Contributor
Posts: 425
Registered: ‎12-19-2007
Message 1 of 5 (350 Views)

Testing web application that uses Windows Pass through Authenication

LoadRunner 11 / Windows Server 2003

 

I need to run a load against a web application that uses windows pass through authenication. When you launch the web app it automatically logs you in using the LDAP credentials that you used to log onto your PC. I know how to record etc. But how would this work when you replay the script using 100 users? I looked through all the settings but I don't see away to replay it using different users. I know how to use parmeters also but since it is using your logon ticket from your PC how can I simulate this? Thank you for any suggestions.

Trusted Contributor
Posts: 218
Registered: ‎03-12-2009
Message 2 of 5 (346 Views)

Re: Testing web application that uses Windows Pass through Authenication

This is NTLM authentication. With Basic Auth this is very simply addressed using web_set_user().

 

More advanced security requires more work. Basically you have to analyse the requests being sent / received but one thing you can try is to use WinInet reply (run time settings).

 

 

Oliver
Trusted Contributor
Posts: 425
Registered: ‎12-19-2007
Message 3 of 5 (342 Views)

Re: Testing web application that uses Windows Pass through Authentication

Thank you for the reply. Where would I put this parameter? and do I just use a basic parameter to replace the user name and password. I haven't had the chance to do this at all yet. I am just researching this right now. Got an email stating I need to do this Tuesday morning:)

Trusted Contributor
Posts: 218
Registered: ‎03-12-2009
Message 4 of 5 (338 Views)

Re: Testing web application that uses Windows Pass through Authentication

Read the help file for this function (it's not a parameter) you will find all you need in there but yes, you can parametise the username, password and domain.

 

As for the email, you might want to manage the expectations of your managers a little, if you are new to this tool then it will take you considerably longer than someone who has experience - they should be aware of this. This is epecially true if you have a more advanced security mechanism in place, if client side code is being used to generate keys then you have a lot more work ahead of you.

Oliver
Trusted Contributor
Posts: 425
Registered: ‎12-19-2007
Message 5 of 5 (328 Views)

Re: Testing web application that uses Windows Pass through Authentication



I used the “web_set_user but I am getting the error below. Any idea's? I also looked up web_set_certificate but that reall was nop help.

 

Action.c(8): Warning: Client Certificate was requested by SSL server  [MsgId: MMSG-26000]

Hello,

 

web_set_user("OxxxxAI.xxxxxx.COM\\10028851", 

lr_decrypt(xxxxxxxxxxxxxxxxx"), 

"enterpriseportal.q.xxxxxxxxx.com:443");

 

 

 

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.