我已经记录了一个Web应用程序的流程,它(我认为)确实通过Windws用户登录。
:authority: XXX.XXXXX.es
:method: GET
:path: /
:scheme: https
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
accept-encoding: gzip, deflate, br
accept-language: es-ES,es;q=0.9
cache-control: max-age=0
sec-ch-ua: "Google Chrome";v="105", "Not)A;Brand";v="8", "Chromium";v="105"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: none
sec-fetch-user: ?1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36此项返回一个302重定向,并在jmeter中运行ok(即返回一个302重定向)
第二个请求(重定向)是
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate, br
Accept-Language: es-ES,es;q=0.9
Cache-Control: max-age=0
Connection: keep-alive
Host: XXXXX.XXXXX.es
sec-ch-ua: "Google Chrome";v="105", "Not)A;Brand";v="8", "Chromium";v="105"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36在jmeter脚本中返回一个401 Unauthorized。我在JMeter中有Auth管理器
在脚本中,在第一个请求中,我们发送一个“NTML”身份验证,
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate, br
Accept-Language: es-ES,es;q=0.9
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
DNT: 1
sec-ch-ua: "Google Chrome";v="105", "Not)A;Brand";v="8", "Chromium";v="105"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36
sec-fetch-User: ?1
sec-fetch-Site: none
Host: XXXXX.XXXXXX.XXX
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEgAAADQANAAYAAAAAAAAAAwAQAACgAKADABAAAQABAAOgEAAAAAAABKAQAABYKJogUBKAoAAAAPpG+BcRbb9Mv8EX9lGMYYvY9TRE0ddvXwHNW4kGw9skxCk1+crDQRAwEBAAAAAAAA4LrJUKfN2AFw2B3BDux8LgAAAAACAAwARABNAEIATQAwADAAAQAQAFMAVgBEAEUAOQAyADMAMQAEABoAYgBhAG4AYwBhAG0AYQByAGMAaAAuAGUAcwADACwAUwBWAEQARQA5ADIAMwAxAC4AYgBhAG4AYwBhAG0AYQByAGMAaAAuAGUAcwAFABoAYgBhAG4AYwBhAG0AYQByAGMAaAAuAGUAcwAHAAgAeyODUKfN2AEAAAAAAAAAADEAMAA3ADcAMwBQAFYAMQAwADcAMAAxADAA回应:
<head><title>Document Moved</title></head>
<body><h1>Object Moved</h1>This document may be found <a HREF="https://XXXXX.XXXX.XX/XXXXXXX/">here</a></body>并且返回302 - redirect,但是上面的第二个请求返回401:
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate, br
Accept-Language: es-ES,es;q=0.9
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
DNT: 1
sec-ch-ua: "Google Chrome";v="105", "Not)A;Brand";v="8", "Chromium";v="105"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36
sec-fetch-User: ?1
sec-fetch-Site: none
Host: XXXXX.XXXXXXX.XX回应信头:
HTTP/1.1 401 Unauthorized
Content-Type: text/html
Server: Microsoft-IIS/10.0
WWW-Authenticate: Negotiate
X-Powered-By: ASP.NET
Date: Wed, 21 Sep 2022 10:45:50 GMT
Content-Length: 1293有什么建议吗?非常感谢您的意见。
1条答案
按热度按时间igsr9ssn1#
WWW-Authenticate: Negotiate响应标头很可能意味着您的服务器需要Kerberos身份验证,因此您需要:1.使用
KERBEROS作为“机制”1.添加您的Domain and Realm
1.在jaas.conf和krb5.conf文件中执行特定于Kerberos的配置
更多信息:Windows Authentication with Apache JMeter