Prosoft Git

keycloak-memoizeit

KEYCLOAK-7056 Support SSL in performance testsuite

4/3/2018 5:45:26 AM
Tomas Kyjovsky

Tomas Kyjovsky

Commit: 2b14469

Tree: 1f9edcc

Parents: 2be6dec

Changes

testsuite/performance/README.md 13(+13 -0)

testsuite/performance/tests/create-truststore.sh 22(+22 -0)

testsuite/performance/tests/pom.xml 28(+28 -0)

Details

testsuite/performance/README.md 13(+13 -0) 

diff --git a/testsuite/performance/README.md b/testsuite/performance/README.md
index 4bc8675..b06d483 100644
--- a/testsuite/performance/README.md
+++ b/testsuite/performance/README.md
@@ -240,6 +240,19 @@ Running the user registration simulation requires a different approach to datase
 `mvn verify -P test -D test.properties=oidc-register-logout -DsequentialUsersFrom=100 -DusersPerRealm=<MAX_EXPECTED_REGISTRATIONS>`
 
 
+### Testing with HTTPS
+
+If the provisioned server is secured with HTTPS it is possible to set the truststore which contains the server certificate.
+The truststore is used in phases `generate-data` and `test`.
+
+Usage: `mvn verify -P generate-data,test -DtrustStore=<PATH_TO_TRUSTSTORE> -DtrustStorePassword=<TRUSTSTORE_PASSWORD>`
+
+To automatically generate the truststore file run a utility script `tests/create-truststore.sh HOST:PORT [TRUSTSTORE_PASSWORD]`.
+The script requires `openssl` and `keytool` (included in JDK).
+
+Example: `tests/create-truststore.sh localhost:8443 truststorepass`
+
+
 ## Monitoring
 
 ### JMX

testsuite/performance/tests/create-truststore.sh 22(+22 -0) 

diff --git a/testsuite/performance/tests/create-truststore.sh b/testsuite/performance/tests/create-truststore.sh
new file mode 100755
index 0000000..89a5efe
--- /dev/null
+++ b/testsuite/performance/tests/create-truststore.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+
+cd "$(dirname "$0")"
+. ./common.sh
+
+HOST_PORT=${1:-localhost:8443}
+TRUSTSTORE_PASSWORD=${2:-password}
+
+#secure-sso-sso-perf-01.apps.summit-aws.sysdeseng.com:443
+
+mkdir -p $PROJECT_BUILD_DIRECTORY
+
+echo "Obtaining certificate from $HOST_PORT"
+openssl s_client -showcerts -connect $HOST_PORT </dev/null 2>/dev/null|openssl x509 -outform PEM >$PROJECT_BUILD_DIRECTORY/keycloak.pem
+if [ ! -s "$PROJECT_BUILD_DIRECTORY/keycloak.pem" ]; then echo "Obtaining cerfificate failed."; exit 1; fi
+cat $PROJECT_BUILD_DIRECTORY/keycloak.pem
+
+echo "Importing certificate"
+rm $PROJECT_BUILD_DIRECTORY/truststore.jks
+keytool -importcert -file $PROJECT_BUILD_DIRECTORY/keycloak.pem -keystore $PROJECT_BUILD_DIRECTORY/truststore.jks -alias "keycloak" -storepass "$TRUSTSTORE_PASSWORD" -noprompt
+
+echo "Keystore file: $PROJECT_BUILD_DIRECTORY/truststore.jks"

testsuite/performance/tests/pom.xml 28(+28 -0) 

diff --git a/testsuite/performance/tests/pom.xml b/testsuite/performance/tests/pom.xml
index 77af264..0c7c77c 100644
--- a/testsuite/performance/tests/pom.xml
+++ b/testsuite/performance/tests/pom.xml
@@ -59,6 +59,13 @@
 
         <gatling.simulationClass>keycloak.OIDCLoginAndLogoutSimulation</gatling.simulationClass>
         <gatling.skip.run>true</gatling.skip.run>
+
+        <authRealm>master</authRealm>
+        <authUser>admin</authUser>
+        <authPassword>admin</authPassword>
+        
+        <trustStoreArg/>
+        <trustStorePasswordArg/>
     </properties>
 
     <dependencies>
@@ -280,6 +287,9 @@
                         <param>-DrefreshTokenPeriod=${refreshTokenPeriod}</param>
                         <param>-DrefreshTokenCount=${refreshTokenCount}</param>
                         <param>-DbadLoginAttempts=${badLoginAttempts}</param>
+                        
+                        <param>${trustStoreArg}</param>
+                        <param>${trustStorePasswordArg}</param>
                     </jvmArgs>
                 </configuration>
 
@@ -319,6 +329,19 @@
         </profile>
         
         <profile>
+            <id>ssl</id>
+            <activation>
+                <property>
+                    <name>trustStore</name>
+                </property>
+            </activation>
+            <properties>
+                <trustStoreArg>-Djavax.net.ssl.trustStore=${trustStore}</trustStoreArg>
+                <trustStorePasswordArg>-Djavax.net.ssl.trustStorePassword=${trustStorePassword}</trustStorePasswordArg>
+            </properties>
+        </profile>
+        
+        <profile>
             <id>provision</id>
             <properties>
                 <project.basedir>${project.basedir}</project.basedir>
@@ -474,7 +497,12 @@
                                     <arguments>
                                         <argument>-classpath</argument>
                                         <classpath/>
+                                        <argument>${trustStoreArg}</argument>
+                                        <argument>${trustStorePasswordArg}</argument>
                                         <argument>-Dkeycloak.server.uris=${keycloak.frontend.servers}</argument>
+                                        <argument>-DauthRealm=${authRealm}</argument>
+                                        <argument>-DauthUser=${authUser}</argument>
+                                        <argument>-DauthPassword=${authPassword}</argument>
                                         <argument>-DnumOfWorkers=${numOfWorkers}</argument>
                                         <argument>org.keycloak.performance.RealmsConfigurationLoader</argument>
                                         <argument>benchmark-realms.json</argument>

Bonobo Git Server (6.3.0.632) © 2015 Jakub Chodounský · Official Page · Github