libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

KEYCLOAK-7056 Support SSL in performance testsuite

Browse source
This commit is contained in:
Tomas Kyjovsky 2018-04-03 10:45:26 +02:00 committed by Hynek Mlnařík
parent 2be6dec238
commit 2b14469a58
3 changed files with 63 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
testsuite/performance/README.md
View file

@ -240,6 +240,19 @@ Running the user registration simulation requires a different approach to datase
`mvn verify -P test -D test.properties=oidc-register-logout -DsequentialUsersFrom=100 -DusersPerRealm=<MAX_EXPECTED_REGISTRATIONS>`
### Testing with HTTPS
If the provisioned server is secured with HTTPS it is possible to set the truststore which contains the server certificate.
The truststore is used in phases `generate-data` and `test`.
Usage: `mvn verify -P generate-data,test -DtrustStore=<PATH_TO_TRUSTSTORE> -DtrustStorePassword=<TRUSTSTORE_PASSWORD>`
To automatically generate the truststore file run a utility script `tests/create-truststore.sh HOST:PORT [TRUSTSTORE_PASSWORD]`.
The script requires `openssl` and `keytool` (included in JDK).
Example: `tests/create-truststore.sh localhost:8443 truststorepass`
## Monitoring
### JMX

22
testsuite/performance/tests/create-truststore.sh Executable file
View file

@ -0,0 +1,22 @@
#!/bin/bash
cd "$(dirname "$0")"
. ./common.sh
HOST_PORT=${1:-localhost:8443}
TRUSTSTORE_PASSWORD=${2:-password}
#secure-sso-sso-perf-01.apps.summit-aws.sysdeseng.com:443
mkdir -p $PROJECT_BUILD_DIRECTORY
echo "Obtaining certificate from $HOST_PORT"
openssl s_client -showcerts -connect $HOST_PORT </dev/null 2>/dev/null|openssl x509 -outform PEM >$PROJECT_BUILD_DIRECTORY/keycloak.pem
if [ ! -s "$PROJECT_BUILD_DIRECTORY/keycloak.pem" ]; then echo "Obtaining cerfificate failed."; exit 1; fi
cat $PROJECT_BUILD_DIRECTORY/keycloak.pem
echo "Importing certificate"
rm $PROJECT_BUILD_DIRECTORY/truststore.jks
keytool -importcert -file $PROJECT_BUILD_DIRECTORY/keycloak.pem -keystore $PROJECT_BUILD_DIRECTORY/truststore.jks -alias "keycloak" -storepass "$TRUSTSTORE_PASSWORD" -noprompt
echo "Keystore file: $PROJECT_BUILD_DIRECTORY/truststore.jks"

28
testsuite/performance/tests/pom.xml
View file

@ -59,6 +59,13 @@
<gatling.simulationClass>keycloak.OIDCLoginAndLogoutSimulation</gatling.simulationClass>
<gatling.skip.run>true</gatling.skip.run>
<authRealm>master</authRealm>
<authUser>admin</authUser>
<authPassword>admin</authPassword>
<trustStoreArg/>
<trustStorePasswordArg/>
</properties>
<dependencies>
@ -280,6 +287,9 @@
<param>-DrefreshTokenPeriod=${refreshTokenPeriod}</param>
<param>-DrefreshTokenCount=${refreshTokenCount}</param>
<param>-DbadLoginAttempts=${badLoginAttempts}</param>
<param>${trustStoreArg}</param>
<param>${trustStorePasswordArg}</param>
</jvmArgs>
</configuration>
@ -318,6 +328,19 @@
</properties>
</profile>
<profile>
<id>ssl</id>
<activation>
<property>
<name>trustStore</name>
</property>
</activation>
<properties>
<trustStoreArg>-Djavax.net.ssl.trustStore=${trustStore}</trustStoreArg>
<trustStorePasswordArg>-Djavax.net.ssl.trustStorePassword=${trustStorePassword}</trustStorePasswordArg>
</properties>
</profile>
<profile>
<id>provision</id>
<properties>
@ -474,7 +497,12 @@
<arguments>
<argument>-classpath</argument>
<classpath/>
<argument>${trustStoreArg}</argument>
<argument>${trustStorePasswordArg}</argument>
<argument>-Dkeycloak.server.uris=${keycloak.frontend.servers}</argument>
<argument>-DauthRealm=${authRealm}</argument>
<argument>-DauthUser=${authUser}</argument>
<argument>-DauthPassword=${authPassword}</argument>
<argument>-DnumOfWorkers=${numOfWorkers}</argument>
<argument>org.keycloak.performance.RealmsConfigurationLoader</argument>
<argument>benchmark-realms.json</argument>