2

I am trying to circumvent ADFS authentication and when i sign in to the application i get the below response from the server:

name="wresult" value="<t:RequestSecurityTokenResponse
xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust"><t:Lifetime><wsu:Created
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2017-02-10T09:28:07.059Z</wsu:Created><wsu:Expires xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2017-02-10T10:28:07.059Z</wsu:Expires></t:Lifetime><wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"><wsa:EndpointReference
xmlns:wsa="http://www.w3.org/2005/08/addressing"><wsa:Address>https://gh-prem.accesscontrol.windows.net/</wsa:Address></wsa:EndpointReference></wsp:AppliesTo><t:RequestedSecurityToken><saml:Assertion
MajorVersion="1" MinorVersion="1"> AssertionID="_cb580c90-d0ac-49a8-a9c4-3ecb8b0a54d1"
Issuer="http://abc.abc.dev.comt/adfs/services/trust"
IssueInstant="2017-02-10T09:28:07.075Z"
 xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"><saml:Conditions NotBefore="2017-02-10T09:28:07.059Z"
NotOnOrAfter="2017-02-10T10:28:07.059Z"><saml:AudienceRestrictionCondition><saml:Audience>https://gh-prem.accesscontrol.windows.net/</saml:Audience></saml:AudienceRestrictionCondition></saml:Conditions><saml:AttributeStatement><saml:Subject><saml:SubjectConfirmation><saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod></saml:SubjectConfirmation></saml:Subject><saml:Attribute
AttributeName="name"

How to convert the &quot and &lt in jmeter. Since the POST body of the next sampler take the attributes as below:

<t:RequestSecurityTokenResponse
xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust"><t:Lifetime><wsu:Created
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2017-02-06T10:06:14.384Z</wsu:Created><wsu:Expires
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2017-02-06T11:06:14.384Z</wsu:Expires></t:Lifetime><wsp:AppliesTo
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"><wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing"><wsa:Address>https://gh-prem.accesscontrol.windows.net/</wsa:Address></wsa:EndpointReference></wsp:AppliesTo><t:RequestedSecurityToken><saml:Assertion
MajorVersion="1" MinorVersion="1"
AssertionID="_99273d06-e73c-4ce5-acf5-6ba43c8c7990"
Issuer="http://xxx.xxx-dev.comt/adfs/services/trust"
IssueInstant="2017-02-06T10:06:14.400Z"
xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"><saml:Conditions
NotBefore="2017-02-06T10:06:14.384Z"
NotOnOrAfter="2017-02-06T11:06:14.384Z"><saml:AudienceRestrictionCondition><saml:Audience>https://gh-prem.accesscontrol.windows.net/</saml:Audience></saml:AudienceRestrictionCondition></saml:Conditions><saml:AttributeStatement><saml:Subject><saml:SubjectConfirmation><saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod></saml:SubjectConfirmation></saml:Subject><saml:Attribute
AttributeName="name"
AttributeNamespace="http://schemas.xmlsoap.org/ws/2005/05/identity/claims"><saml:AttributeValue>

Could you please help me in solving this issue with some screenshots I got few tips on how to use Beanshell pre processor but its not helping me or im not sure how to implement beanshell to mitigate the issue.

Note: I am using content encoding as utf-8

2 Answers2

1

Take a look at __unescapeHtml() function, it can decode HTML-encoded strings on-the-fly

JMeter UnescapeHTML in action

You can use this function directly in the HTTP Request sampler body or wherever else.

See How to Use JMeter Functions posts series for more information on JMeter Functions, how they can be used, what are limitations, etc.

Dmitri T
  • 159,985
  • 5
  • 83
  • 133
  • Dmitri T: thanks for this update, Can I use parametrized value within the function? (i tried but jmeter was throwing exceptions). The encoded HTML is coming in as a request in the previous sampler - I am trying to extract the encoded HTML using regEx and passing the same in the next sample as POST request. '${__unescapeHtml(${HTML})}' – EnochManohar Feb 13 '17 at 11:11
  • Hi Dmitri, _unescapeHtml function did help me in extracting the wresult SAML token. Thanks a ton for your help on this. – EnochManohar Feb 14 '17 at 11:33
0

This is what I did to mitigate the issue. hope it helps for the newbees (Big thanks to Dmitri Tikhanski)

The above token is SAML 1.1 token that is generated as the response to a GET method. If your using ADFS authentication you will get a big HTML in which you will have - WA, Wresult, Wctx. (for me only wresult(SAML 1.1 token) which was a correlation candidate)

Extract the wresult as following using RegularExpression Extractor.

enter image description here

and the captured Wresult to be replaced in /v2/wsfederation with the function __unescapeHtml.

enter image description here

Note: 1) Wa result in my case its not dynamic 2) wctx string is a static string.

Hope this helps. thanks.