|Summary:||LDAP related elements: Add option to implicitly trust SSL/TLS connections/Disable hostname verification|
|Product:||JMeter||Reporter:||Brian Wolfe <wolfebrian2120>|
|Component:||Main||Assignee:||JMeter issues mailing list <issues>|
Description Brian Wolfe 2019-02-17 20:54:57 UTC
Hi, I am looking for additional functionality regarding SSL connections. Specifically when doing LDAP load testing. Sometimes the servers I am working with have issues regarding their certificates or they are using custom certs and jmeter doesn't have the roots. In either case, it would be helpful to have an option to turn off hostname verification and cert path validity. In short have JMeter implicitly trust a connection to a server. The default behaviour should be that it does check those things, but we should have another checkbox next to the "Secure Connection?" that would ask us if we wanted to implicitly trust the connection. Pros: * Allow for faster development of load testing scripts. * Remove the need to manage the SSL on remote jmeter-server instances * Useful for HTTPS testing. My specific case is with regards to testing LDAP using the extended ldap request sampler. The best way I think this should be done would be to add a custom TrustManager instance and reference that when making any secure connections in jmeter if the option is turned on. btw which ever version this is completed for does not matter for me. I am using 3.2 since that is the last one I downloaded. As far as I know the new versions do not have this feature either.
Comment 1 Brian Wolfe 2019-02-26 23:13:32 UTC
I created pull request #443 with branch 63185. This pull request addresses the LDAP trust all feature for the Extended LDAP Request Sampler. It is currently awaiting review and a decision on when the feature can be merged for a release.
Comment 2 Philippe Mouawad 2019-03-01 10:04:51 UTC
Author: pmouawad Date: Fri Mar 1 10:03:02 2019 New Revision: 1854570 URL: http://svn.apache.org/viewvc?rev=1854570&view=rev Log: Bug 63185 - Add option to implicitly trust SSL/TLS connections/Disable hostname verification Based on contribution by Brian Wolfe Changes: - Fixed existing NPE if log level is DEBUG if attr is null - Fixed some SONAR warning - Simplified code - Modified TrustAllSocketFactory (renamed and fixed static attribute sf affectation from Constructor) This closes #443 Bugzilla Id: 63185 Added: jmeter/trunk/src/protocol/ldap/org/apache/jmeter/protocol/ldap/sampler/TrustAllSocketFactory.java (with props) Modified: jmeter/trunk/src/core/org/apache/jmeter/resources/messages.properties jmeter/trunk/src/core/org/apache/jmeter/resources/messages_es.properties jmeter/trunk/src/core/org/apache/jmeter/resources/messages_fr.properties jmeter/trunk/src/core/org/apache/jmeter/resources/messages_pt_BR.properties jmeter/trunk/src/core/org/apache/jmeter/resources/messages_tr.properties jmeter/trunk/src/protocol/ldap/org/apache/jmeter/protocol/ldap/config/gui/LdapExtConfigGui.java jmeter/trunk/src/protocol/ldap/org/apache/jmeter/protocol/ldap/sampler/LDAPExtSampler.java jmeter/trunk/src/protocol/ldap/org/apache/jmeter/protocol/ldap/sampler/LdapExtClient.java jmeter/trunk/xdocs/changes.xml jmeter/trunk/xdocs/usermanual/build-ldapext-test-plan.xml jmeter/trunk/xdocs/usermanual/component_reference.xml
Comment 3 Philippe Mouawad 2019-03-01 10:08:01 UTC
Thanks wolfebrian2120 for your contribution. It is now merged but I made modifications. Can you checkout the currently building jenkins if it's successful: https://builds.apache.org/job/JMeter-trunk/ Test and give us feedback. Also, it would be better to make in GUI, Trust All only enabled if "Use Secure LDAP Protocol" is enabled as it is only used then. Thanks