Hello!
I’m trying to write a Gatling load test scenario for a service that requires Kerberos authentication.
It seems one of the major items of 3.0 was to replace the old HttpClient, so documentation and user posts I have found on the topic don’t seem to be directly applicable anymore. As an example, HttpHelper.buildRealm no longer seems to exist and as far as I can tell the old Kerberos support was ultimately provided by the Apache client. I therefore wanted to check if anyone had any pointers on how to proceed wrt implementing this ourselves (and also, just a quick check to ensure I’m not simply overlooking support that’s actually still there). Disclaimer: I know Java/Kerberos reasonably well, but have very limited Gatling and Scala experience.
For adding support into the HttpClient itself, it seems the HttpProtocolBuilder.authRealm with the addition of a new KerberosRealm class might be a good starting point, following the examples of the existing DigestRealm and DigestAuthHandler. However, there appears to be no way of registering additional handlers currently. Would adding an additional if (realm instanceof KerberosRealm) {…} in DefaultHttpClient.java be the correct way to set this up? Any other considerations/things to look out for? I’m sure a lot of additional details will emerge while working on it as well.
An alternative solution, perhaps, would be to just write the SPNEGO exchange into the scenario itself. I.e. something like get("/login").header(“Authorization”, computeHeader(challenge)) or something to that effect. Subsequent requests would use the session cookie without triggering auth from that point anyway.
A third but not preferable option would be try to get this working “the old way” on Gatling 2.x for now, and transition to 3.x later.
Thoughts?