Performance matters: Apache Jmeter and Digest Authentication

I've recently faced the need to test a web service deployed in WSO2 ESB.
Nothing special, but this time the access method is via digest authentication.

At first I followed the solution proposed by +abdul basit in his blog, but the snipped code he shared doesn't include the creation of the Timestamp tag.

In order to obtain a complete WSSE security header, here the same code just a little modified:

	import org.apache.ws.security.WSConstants;
	import org.apache.ws.security.message.WSSecHeader;
	import org.apache.ws.security.message.WSSecUsernameToken;
	import org.apache.ws.security.WSSConfig;
	import org.apache.xalan.processor.TransformerFactoryImpl;
	import org.apache.xerces.jaxp.DocumentBuilderFactoryImpl;
	import org.w3c.dom.Document;
	import org.w3c.dom.Element;

	import javax.xml.transform.OutputKeys;
	import javax.xml.transform.Transformer;
	import javax.xml.transform.dom.DOMSource;
	import javax.xml.transform.stream.StreamResult;

	import org.apache.ws.security.message.WSSecTimestamp;

	WSSecUsernameToken token = new WSSecUsernameToken();
	token.setPasswordType(WSConstants.PASSWORD_DIGEST);

	//Set your username and password here
	token.setUserInfo("myUser", "myPass");

	Document document = DocumentBuilderFactoryImpl.newInstance().newDocumentBuilder().newDocument();
	document.appendChild(document.createElement("envelope"));
	WSSecHeader header = new WSSecHeader();
	header.insertSecurityHeader(document);

	token.build(document, header);

	WSSecTimestamp timestamp = new WSSecTimestamp();
	timestamp.setTimeToLive(3000);
	timestamp.prepare(document);
	timestamp.prependToHeader(header);

	Transformer transformer = TransformerFactoryImpl.newInstance().newTransformer();
	transformer.setOutputProperty(OutputKeys.INDENT, "yes");
	transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");

	StreamResult result = new StreamResult(new StringWriter());
	DOMSource source = new DOMSource(header.getSecurityHeader());
	transformer.transform(source, result);



	String xmlString = result.getWriter().toString();


	vars.put("security", xmlString);
	//log.info(vars.get("security"));

view raw gistfile1.java hosted with ❤ by GitHub

Performance matters

Friday, 13 November 2015

Apache Jmeter and Digest Authentication

No comments:

Post a Comment