Issue with capturing SAML Response

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Issue with capturing SAML Response

Gunturi, R.
Hi All,

   We had an issue with the application i.e. https://dsm.okta.com . We need help on scripting in Jmeter i.e. hitting the url which is SSO enabled and open the application from DSM web site.

Flow:


  1.  To give insight on the flow, we will logon with Windows credentials (Say Ex: XXX user1) and open the url https://dsm.okta.com post that application will be open (As SSO enabled application, only user1 will have access to application he can only open directly without entering username/password).

Issue:
Here couple of things needs to understand


     *   URL https://dsm.okta.com is secured web site. Through Jmeter We are able to record the flow using both options i.e. 1. Jmeter Proxy Recorder and 2. Blaze-meter Chrome extension add-in.



     *   But while replay as it is SSO enabled application with Windows authentication, We are able to get SAML request & Relay String but not able to get SAML response from previous request (which is required ) to send the SAML response to the next request.



     *   Client is not in a position to provide Client Certificates (SSL) for authentication purpose. (As per client, it might require a large change to their ADFS environment.)

Any body worked with SSO application with out certificates using JMeter. If Yes, Please reply.


Regards,
Ravi



________________________________

This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of internal compliance with Accenture policy. Your privacy is important to us. Accenture uses your personal data only in compliance with data protection laws. For further information on how Accenture processes your personal data, please see our privacy statement at https://www.accenture.com/us-en/privacy-policy.
______________________________________________________________________________________

www.accenture.com
Reply | Threaded
Open this post in threaded view
|

Re: Issue with capturing SAML Response

indu
HiHi,

Recently I worked on such kind of env, where multiple applications were required to access through single sign on.
As per my understanding by reading your query, you are not able to capture SAML  Response in Jmeter scripts.
If yes, please send me previous API's response.


Regards,
Indu gupta

________________________________________
From: Gunturi, R. <[hidden email]>
Sent: 05 March 2019 15:01:06
To: [hidden email]; JMeter Users List
Subject: Issue with capturing SAML Response

Hi All,

   We had an issue with the application i.e. https://dsm.okta.com . We need help on scripting in Jmeter i.e. hitting the url which is SSO enabled and open the application from DSM web site.

Flow:


  1.  To give insight on the flow, we will logon with Windows credentials (Say Ex: XXX user1) and open the url https://dsm.okta.com post that application will be open (As SSO enabled application, only user1 will have access to application he can only open directly without entering username/password).

Issue:
Here couple of things needs to understand


     *   URL https://dsm.okta.com is secured web site. Through Jmeter We are able to record the flow using both options i.e. 1. Jmeter Proxy Recorder and 2. Blaze-meter Chrome extension add-in.



     *   But while replay as it is SSO enabled application with Windows authentication, We are able to get SAML request & Relay String but not able to get SAML response from previous request (which is required ) to send the SAML response to the next request.



     *   Client is not in a position to provide Client Certificates (SSL) for authentication purpose. (As per client, it might require a large change to their ADFS environment.)

Any body worked with SSO application with out certificates using JMeter. If Yes, Please reply.


Regards,
Ravi



________________________________

This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of internal compliance with Accenture policy. Your privacy is important to us. Accenture uses your personal data only in compliance with data protection laws. For further information on how Accenture processes your personal data, please see our privacy statement at https://www.accenture.com/us-en/privacy-policy.
______________________________________________________________________________________

www.accenture.com

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

RE: Issue with capturing SAML Response

Gunturi, R.

Hi Indu,

 

Please find the below information which we pass it thru Jmeter as a part of request and also attached are the response body logs for the 4 requests.

 

  1. https://dsm.okta.com/                                                               (Capturing SAML Request, Relay State from this URL and passing the values to next request which is ADFS Authentication).
  2. https://sts-ad2.my-dsm.com/adfs/ls/
  3. https://sts-ad2.my-dsm.com/adfs/ls/wia
  4. https://dsm.okta.com/auth/saml20/dsmadfs

 

 

 

Please provide your contact number/email id to get more insight on the issue.

 

Regards,

Ravi

 

 

-----Original Message-----
From: Indu Gupta <[hidden email]>
Sent: Tuesday, March 5, 2019 3:29 PM
To: [hidden email]; JMeter Users List <[hidden email]>
Subject: [External] Re: Issue with capturing SAML Response

 

This message is from an EXTERNAL SENDER - be CAUTIOUS, particularly with links and attachments.

 

HiHi,

 

Recently I worked on such kind of env, where multiple applications were required to access through single sign on.

As per my understanding by reading your query, you are not able to capture SAML  Response in Jmeter scripts.

If yes, please send me previous API's response.

 

 

Regards,

Indu gupta

 

________________________________________

From: Gunturi, R. <[hidden email]>

Sent: 05 March 2019 15:01:06

To: [hidden email]; JMeter Users List

Subject: Issue with capturing SAML Response

 

Hi All,

 

   We had an issue with the application i.e. https://urldefense.proofpoint.com/v2/url?u=https-3A__dsm.okta.com&d=DwIFAg&c=eIGjsITfXP_y-DLLX0uEHXJvU8nOHrUK8IrwNKOtkVU&r=GK-Y84W7d_yzKAT5iNwgjLO55JDqdrnDF2Ywmu3hF3w&m=XnQ3pX0bjQGgNVyuDHkjcOSMVnGI8FJUWJ5MYCmZXcs&s=PsDkgIuob8p76DvgGGAryq9v0OLcYAb0BWrvZgrHKaI&e= . We need help on scripting in Jmeter i.e. hitting the url which is SSO enabled and open the application from DSM web site.

 

Flow:

 

 

  1.  To give insight on the flow, we will logon with Windows credentials (Say Ex: XXX user1) and open the url https://urldefense.proofpoint.com/v2/url?u=https-3A__dsm.okta.com&d=DwIFAg&c=eIGjsITfXP_y-DLLX0uEHXJvU8nOHrUK8IrwNKOtkVU&r=GK-Y84W7d_yzKAT5iNwgjLO55JDqdrnDF2Ywmu3hF3w&m=XnQ3pX0bjQGgNVyuDHkjcOSMVnGI8FJUWJ5MYCmZXcs&s=PsDkgIuob8p76DvgGGAryq9v0OLcYAb0BWrvZgrHKaI&e= post that application will be open (As SSO enabled application, only user1 will have access to application he can only open directly without entering username/password).

 

Issue:

Here couple of things needs to understand

 

 

     *   URL https://urldefense.proofpoint.com/v2/url?u=https-3A__dsm.okta.com&d=DwIFAg&c=eIGjsITfXP_y-DLLX0uEHXJvU8nOHrUK8IrwNKOtkVU&r=GK-Y84W7d_yzKAT5iNwgjLO55JDqdrnDF2Ywmu3hF3w&m=XnQ3pX0bjQGgNVyuDHkjcOSMVnGI8FJUWJ5MYCmZXcs&s=PsDkgIuob8p76DvgGGAryq9v0OLcYAb0BWrvZgrHKaI&e= is secured web site. Through Jmeter We are able to record the flow using both options i.e. 1. Jmeter Proxy Recorder and 2. Blaze-meter Chrome extension add-in.

 

 

 

     *   But while replay as it is SSO enabled application with Windows authentication, We are able to get SAML request & Relay String but not able to get SAML response from previous request (which is required ) to send the SAML response to the next request.

 

 

 

     *   Client is not in a position to provide Client Certificates (SSL) for authentication purpose. (As per client, it might require a large change to their ADFS environment.)

 

Any body worked with SSO application with out certificates using JMeter. If Yes, Please reply.

 

 

Regards,

Ravi

 

 

 

________________________________

 

This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of internal compliance with Accenture policy. Your privacy is important to us. Accenture uses your personal data only in compliance with data protection laws. For further information on how Accenture processes your personal data, please see our privacy statement at https://www.accenture.com/us-en/privacy-policy.

______________________________________________________________________________________

 

http://www.accenture.com

 

---------------------------------------------------------------------

To unsubscribe, e-mail: [hidden email]

For additional commands, e-mail: [hidden email]

 



---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

1_dsm.okta.com_ResponseBody.txt (15K) Download Attachment
2_sts_ad2_my_dsmcom_adfs_ls_ResponseBody.txt (12K) Download Attachment
3_sts_ad2_my_dsmcom_adfs_ls_wia_ResponseBody.txt (12K) Download Attachment
4_dsm_okta_com_auth_saml20_dsmadfs_ResponseBody.txt (14K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

RE: Issue with capturing SAML Response

indu

Hi,

 

SAML response is generally comes when you send username/password.

Below configuration, I used under 2nd request.

 

 

Please check whether the SAML response is coming in Main sample and sub samples your application along with “Field to check” options.

 

Regards,

Indu Gupta

From: Gunturi, R. [mailto:[hidden email]]
Sent: 05 March 2019 15:35
To: JMeter Users List; [hidden email]
Subject: RE: Issue with capturing SAML Response

 

Hi Indu,

 

Please find the below information which we pass it thru Jmeter as a part of request and also attached are the response body logs for the 4 requests.

 

  1. https://dsm.okta.com/                                                               (Capturing SAML Request, Relay State from this URL and passing the values to next request which is ADFS Authentication).
  2. https://sts-ad2.my-dsm.com/adfs/ls/
  3. https://sts-ad2.my-dsm.com/adfs/ls/wia
  4. https://dsm.okta.com/auth/saml20/dsmadfs

 

 

 

Please provide your contact number/email id to get more insight on the issue.

 

Regards,

Ravi

 

 

-----Original Message-----
From: Indu Gupta <[hidden email]>
Sent: Tuesday, March 5, 2019 3:29 PM
To: [hidden email]; JMeter Users List <[hidden email]>
Subject: [External] Re: Issue with capturing SAML Response

 

This message is from an EXTERNAL SENDER - be CAUTIOUS, particularly with links and attachments.

 

HiHi,

 

Recently I worked on such kind of env, where multiple applications were required to access through single sign on.

As per my understanding by reading your query, you are not able to capture SAML  Response in Jmeter scripts.

If yes, please send me previous API's response.

 

 

Regards,

Indu gupta

 

________________________________________

From: Gunturi, R. <[hidden email]>

Sent: 05 March 2019 15:01:06

To: [hidden email]; JMeter Users List

Subject: Issue with capturing SAML Response

 

Hi All,

 

   We had an issue with the application i.e. https://urldefense.proofpoint.com/v2/url?u=https-3A__dsm.okta.com&d=DwIFAg&c=eIGjsITfXP_y-DLLX0uEHXJvU8nOHrUK8IrwNKOtkVU&r=GK-Y84W7d_yzKAT5iNwgjLO55JDqdrnDF2Ywmu3hF3w&m=XnQ3pX0bjQGgNVyuDHkjcOSMVnGI8FJUWJ5MYCmZXcs&s=PsDkgIuob8p76DvgGGAryq9v0OLcYAb0BWrvZgrHKaI&e= . We need help on scripting in Jmeter i.e. hitting the url which is SSO enabled and open the application from DSM web site.

 

Flow:

 

 

  1.  To give insight on the flow, we will logon with Windows credentials (Say Ex: XXX user1) and open the url https://urldefense.proofpoint.com/v2/url?u=https-3A__dsm.okta.com&d=DwIFAg&c=eIGjsITfXP_y-DLLX0uEHXJvU8nOHrUK8IrwNKOtkVU&r=GK-Y84W7d_yzKAT5iNwgjLO55JDqdrnDF2Ywmu3hF3w&m=XnQ3pX0bjQGgNVyuDHkjcOSMVnGI8FJUWJ5MYCmZXcs&s=PsDkgIuob8p76DvgGGAryq9v0OLcYAb0BWrvZgrHKaI&e= post that application will be open (As SSO enabled application, only user1 will have access to application he can only open directly without entering username/password).

 

Issue:

Here couple of things needs to understand

 

 

     *   URL https://urldefense.proofpoint.com/v2/url?u=https-3A__dsm.okta.com&d=DwIFAg&c=eIGjsITfXP_y-DLLX0uEHXJvU8nOHrUK8IrwNKOtkVU&r=GK-Y84W7d_yzKAT5iNwgjLO55JDqdrnDF2Ywmu3hF3w&m=XnQ3pX0bjQGgNVyuDHkjcOSMVnGI8FJUWJ5MYCmZXcs&s=PsDkgIuob8p76DvgGGAryq9v0OLcYAb0BWrvZgrHKaI&e= is secured web site. Through Jmeter We are able to record the flow using both options i.e. 1. Jmeter Proxy Recorder and 2. Blaze-meter Chrome extension add-in.

 

 

 

     *   But while replay as it is SSO enabled application with Windows authentication, We are able to get SAML request & Relay String but not able to get SAML response from previous request (which is required ) to send the SAML response to the next request.

 

 

 

     *   Client is not in a position to provide Client Certificates (SSL) for authentication purpose. (As per client, it might require a large change to their ADFS environment.)

 

Any body worked with SSO application with out certificates using JMeter. If Yes, Please reply.

 

 

Regards,

Ravi

 

 

 

________________________________

 

This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of internal compliance with Accenture policy. Your privacy is important to us. Accenture uses your personal data only in compliance with data protection laws. For further information on how Accenture processes your personal data, please see our privacy statement at https://www.accenture.com/us-en/privacy-policy.

______________________________________________________________________________________

 

http://www.accenture.com

 

---------------------------------------------------------------------

To unsubscribe, e-mail: [hidden email]

For additional commands, e-mail: [hidden email]