Hello,
I’m using Gatling to do performance testing on a authenication page that uses the Keycloak framework. In other words I’m recording the traffic that is generated when one attempts to login to a HTTP (not HTTPS at this point) that asks for a username & password. So I run the recorder, attempt a (failed) login, and save the RecordedSimulation. On the Keycloak Events list, I see the failed login.
NOW I run the gatling runner, and select what I just recorded. The run finishes fine, but on the Keycloak events list I see nothing. As if no one has tried to login at all.
The login attempt is made with a POST operation, and I can see that POST if I run a network trace with Wireshark. Yet the login attempt is not registered on the server.
The options I use on the recorder are:
Follow Redirects: ON
Remove cache headers: ON
Infer HTML resources: ON
Automatic referrers: ON
Save & check response bodies:OFF
What am I missing? Is there something special about login attempts via POST? Is Keycloak special in some way? Is anyone here familiar with Keycloak, I wonder…
Here is the recorded simulation (that I execute and the server doesn’t even log). There is some exchange with token and key that is probably complicating things…
package accounts_http_6_full
import scala.concurrent.duration._
import io.gatling.core.Predef._
import io.gatling.http.Predef._
import io.gatling.jdbc.Predef._
class RecordedSimulation extends Simulation {
val httpProtocol = http
.baseURL(“http://accounts.omilia.com:9080”)
.inferHtmlResources(BlackList("""..css""", “”"..js""", “”"..ico"""), WhiteList())
.acceptHeader("text/html,application/xhtml+xml,application/xml;q=0.9,/*;q=0.8")
.acceptEncodingHeader(“gzip, deflate”)
.acceptLanguageHeader(“en-US,en;q=0.5”)
.userAgentHeader(“Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0”)
val headers_0 = Map(“Upgrade-Insecure-Requests” → “1”)
val headers_1 = Map(“Accept” → “application/json”)
val headers_4 = Map(
“Accept” → “/”,
“Pragma” → “no-cache”)
val headers_5 = Map(“Content-Type” → “application/ocsp-request”)
val uri1 = “http://accounts.omilia.com:9080/auth”
val uri2 = “http://ocsp.digicert.com”
val uri3 = “http://detectportal.firefox.com/success.txt”
val scn = scenario(“RecordedSimulation”)
.exec(http(“request_0”)
.get("/auth/admin/")
.headers(headers_0)
.resources(http(“request_1”)
.get("/auth/admin/master/console/config")
.headers(headers_1),
http(“request_2”)
.get("/auth/realms/master/protocol/openid-connect/auth?client_id=security-admin-console&redirect_uri=http%3A%2F%2Faccounts.omilia.com%3A9080%2Fauth%2Fadmin%2Fmaster%2Fconsole%2F&state=276bf1ab-c755-4f82-89ff-34758acc7e94&nonce=106abfdc-1071-49f8-8ff7-6e9a6c0f5b61&response_mode=fragment&response_type=code&scope=openid")
.headers(headers_0)))
.pause(11)
.exec(http(“request_3”)
.post("/auth/realms/master/login-actions/authenticate?code=oDJKsc1NsNFkR7sVcZ6K5eoJkW_HUnNTBR8CYHd2dpc&execution=a512ccf3-cb6a-4018-aaca-eb03266147bc&client_id=security-admin-console")
.headers(headers_0)
.formParam(“username”, “foo”)
.formParam(“password”, “foobar”)
.formParam(“login”, “Log in”))
.pause(3)
.exec(http(“request_4”)
.get(uri3 + “”)
.headers(headers_4))
.pause(1)
.exec(http(“request_5”)
.post(uri2 + “/”)
.headers(headers_5)
.body(RawFileBody(“RecordedSimulation_0005_request.txt”)))
setUp(scn.inject(atOnceUsers(1))).protocols(httpProtocol)
}
Thanks for any advice,
George