Friday, July 13, 2012

Extending JMeter with a password digest generator

Recently I had to work on loading an OpenLDAP instance with 50,000 user records and carry on some stress testing.

JMeter was the best choice to populate the LDAP.

But.. in my case, OpenLDAP was configured not to accept any clear text passwords.

So, I could not login in with any of the random generated passwords I added via JMeter LDAP Request sampler.

This made me to write this extension to JMeter, which can be used in a generic way to generate message digest of a given text.

You can download the JAR file from here.

Then, you need to copy this to JMETER_HOME\lib\ext.

In your test plan, add a Java Request sampler to the thread group, just before where the digested text is needed. Now, select, org.wso2.apache.jmeter.message.digest.DigestGenerator.

Then you can set a hashing algorithm and which text to be digested. In that case, you can set a variable or text as it is. That's it -  once done, you can access the digest value via ${password}.


1 comments:

Amrutha said...

Hi,

I have a situation where in I have to input the password as plain text and it gets hashed at the client side in the Login page.

In the next Request we can observe that we have 2 fields where one field named "ClientHashed Password" ( Dynamic Value ) is present and another field "Password" separately present for password text to be input in the Login screen.

we are unable to capture the Hash value that is generated on receiving the Login screen once URL is input. We see the same in the response of the Login screen and we have the Hash function itself in the response and it is generating this value.

Can you let me know how to retrieve the Hash value to be used as the response reflects a function and not the value?