JMeter Script Recording - NTLM Windows Authentication Fails - 401 Error

765 views Asked by At

A JMeter script for an application needs to be recorded which has Windows Integrated authentication enabled and deployed on IIS. I am working behind VPN and having a hard time getting the script ready(using JMeter 5.3, Java – 1.8), a Sign In authentication pop up comes up every time I start recording and I am unable to proceed further.

I tried various options like

  1. Setting up HTTP Authorization Manager to pass credentials as specified in the BlazeMeter guide but no luck.
  2. I also tried changing HTTP Sampler Settings Type to Java as well as HTTPClient4 but none of them worked.
  3. I did enable the setting “httpclient4.auth.preemptive=true” but this also did not help.
  4. I found this article which explains Jmeter recording error 401 which suggests to configure corporate_proxy_host and start the JMETER using command

"jmeter -H your_corporate_proxy_host -P your_corporate_proxy_port -u username -a password"

However, when I tried to identify the VPN IP/Hostname in ControlPanel --> Internet Options, I did not find this option enabled. And we connect to VPN using tool.

Is there any other way to identify "corporate_proxy_host", Moreover, should this option be considered?

enter image description here

My Authorization Manager has the following values:

• Base URL: https:// [test site] • Username: [my user name]

• Password: [my password]

• Domain: company domain (checked using systeminfo.exe)

• Mechanism: BASIC

However, I receive a 401 error (see Sampler Message below), Any suggestions?

enter image description here enter image description here

1

There are 1 answers

1
Dmitri T On

Wrong mechanism, for NTLM you need to use BASIC_DIGEST, the "Mechanism" is a dropdown:

enter image description here

also trying to recording NTLM login is not something you should really be doing, start your test with a HTTP Request sampler opening your application main page and well-behaved HTTP Authorization Manager will deal with the authentication/authorization sides of things.

More information: Windows Authentication with Apache JMeter