wcfjmeterwshttpbinding

Jmeter load tests against WCF service with wsHttpBinding and TransportWithMessageCredential


I have a few WCF Services with wsHttpBinding with TransportWithMessageCredential security. Windows credentials must be provided on each request and therefore are used for authentication (by design by AD), authorization (with AD by AZman) and to identity the user who performed the action (auditory purposes).

The thing is now I need to perform some load tests on these services, using Jmeter, and I'm strugling how can I authenticate the user for each request, I was wondering if anyone had ever mede this?

I really need to test with this security concern because the authentication and authorization processes are part of the load tests itself. I could remove them but then the load tests wouldn't be accurate.

The solutions I have in my mind are:

  1. Ensure this is possible to achieve via JMeter
  2. Create a WCF Routing Service on top of these services, exposed as basicHttpsBinding which then routes the requests to appropriate destination service, performing impersonation (seems to be a choise but it is not the original test case as well)
  3. Remove security for load test purposes, but then a part of the tests would be removed as well (along with security)

Solution

  • Out of box JMeter doesn't support any SOAP security implementations so you might want to use i.e. WS Security for SOAP plugin

    You should be able to provide your Windows credentials via SOAP Message UsernameToken

    enter image description here

    and the plugin will generate the relevant wsse:Username token

    More information: Running SOAP WS-Security Load Tests in JMeter