Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for TLS authentication when using FastHttpUser #2066

Closed
jumaffre opened this issue Apr 4, 2022 · 4 comments
Closed

Support for TLS authentication when using FastHttpUser #2066

jumaffre opened this issue Apr 4, 2022 · 4 comments
Labels
feature request stale Issue had no activity. Might still be worth fixing, but dont expect someone else to fix it

Comments

@jumaffre
Copy link

jumaffre commented Apr 4, 2022

Is your feature request related to a problem? Please describe.

The FastHTTPUser does not support TLS client authentication (using a private key/certificate).

Describe the solution you'd like

It should be possible to set client TLS session authentication when using the FastHttpUser. Ideally, it should be possible to access the underlying SSL context object, or supply it when creating the user.

Describe alternatives you've considered

HttpUser supports this feature but is obviously slower.

Additional context

With HttpUser, when targeting a HTTPS server that makes use of TLS client authentication, the following works OK, but does not work (401 response code) when switching to FastHttpUser:

from locust import FastHttpUser, task,

class Submitter(HttpUser):

    @task()
    def submit(self):
        opts = self.environment.parsed_options
        self.client.get(
            "endpoint",
            cert=(opts.cert, opts.key),
            verify=opts.ca,
        )
@github-actions
Copy link

github-actions bot commented Jun 4, 2022

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 10 days.

@github-actions github-actions bot added the stale Issue had no activity. Might still be worth fixing, but dont expect someone else to fix it label Jun 4, 2022
@renato-farias
Copy link
Contributor

renato-farias commented Jun 13, 2022
edited
Loading

Hey @jumaffre,

I know this is not straightforward but you can try something like that (worked for me):

import gevent
from locust import task
from locust.contrib.fasthttp import FastHttpUser

def _create_default_context():
    context = gevent.ssl.create_default_context()
    context.check_hostname = True
    context.verify_mode = gevent.ssl.CERT_REQUIRED
    context.load_cert_chain(certfile="yourpempath", keyfile="yourkeypath")
    context.load_verify_locations(cafile="yourcapath")
    return context

class ApiLocust(FastHttpUser):
    def __init__(self, environment):
        super().__init__(environment=environment)
        self.client.client.clientpool.client_args['ssl_context_factory'] = _create_default_context

    @task()
    def submit(self):
        self.client.get('endpoint')

@renato-farias renato-farias mentioned this issue Jun 13, 2022
Merged
@github-actions github-actions bot removed the stale Issue had no activity. Might still be worth fixing, but dont expect someone else to fix it label Jun 14, 2022
@jumaffre
Copy link
Author

@renato-farias Thank you for the pointer. I'll give it a try shortly.

@cyberw cyberw added the stale Issue had no activity. Might still be worth fixing, but dont expect someone else to fix it label Jul 7, 2022
@github-actions
Copy link

This issue was closed because it has been stalled for 10 days with no activity. This does not necessarily mean that the issue is bad, but it most likely means that nobody is willing to take the time to fix it. If you have found Locust useful, then consider contributing a fix yourself!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request stale Issue had no activity. Might still be worth fixing, but dont expect someone else to fix it
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@cyberw @renato-farias @jumaffre