Menu

Load Tester 4.3 Improvements: Speculative Authentication for IE8 and IE9

Load Tester 4.3 carries a number of improvements for both ease of configuration, and accuracy of test simulation. Among these improvements comes support for speculative authentication, allowing Load Tester to simulate behavior from IE 9. The speculative authentication is only used for HTTP authentication schemes used by Load Tester’s Connection Negotiation Authentication feature. More information about HTTP authentication is available under How HTTP Authentication works and why load testers should care.

To describe the speculative authentication feature, it is easiest to simply look at a testcase using Basic Authentication.

"Speculative" Basic Authentication

Here, we see that we’re required to authenticate for the first resource. Afterwards, the browser knows that it will need to authentication for other resources in the same domain, and passes along the Authentication header automatically without needing further prompts.

For Basic Authentication, speculative authentication is used by all major web browsers, and Load Tester 4.3 is capable of simulating this behavior. This feature becomes more interesting for testcases using NTLM and/or Integrated Windows Authentication.

Using IE 8 and NTLM, we see that the browser authenticates once per connection, but only authenticates on demand.

NTLM Authentication with IE 8
Here, we see the initial authentication on a new connection, followed by 2 resources requested on the same connection without authentication (clear.gif and webperf3.gif), and 2 more resources requested on separate connections (tile8.jpg and homer.gif), both requiring a full re-authentication sequence. If you’re not used to seeing Load Tester present authentication chains, this feature was added for Load Tester 4.2 as part of Connection Negotiation Authentication. Since, in this case, authentication is always completed on demand, the speculative authentication feature is not required.

Now, let’s look at the same testcase recorded using IE 9:

Speculative Authentication with IE 9
As we can see, IE 9 completes a full authentication sequence on demand for the first transaction within this domain. Additionally, resources may be requested on the same connection without any further authentication (as seen for clear.gif). However, the browser will recognize that authentication will be required for new connections within this domain, and speculatively authenticates those connections (as seen for webperf3.gif and download.gif), reducing the number of HTTP transactions used for authentication, and thus reducing network traffic required to load the page. This improvement from IE 8 to IE 9 is among many other networking improvements introduced in IE 9, even though it is only likely to be appreciated by corporate intranet users.

Looking at how IE 9 is able to determine when it knows authentication will be used, we can look at the same testcase, but with some additional URLs made before reaching the root folder.
Protected Domain discovery with IE 9 speculative authentication
Here, we see that a URL is first requested under the /graphics/buttons folder, which requires authentication. When IE later requests another URL from the same domain, but from a parent folder, it still only authenticates the new connection on demand. Only after it has learned that the root folder is protected does it assume authentication for the root folder and all sub folders within the given domain. Load Tester 4.3’s speculative authentication feature simulates this behavior by modeling “Protected Domains”, which allows it to simulate the browser’s behavior of learning which folders are protected with authentication.

To enable or disable speculative authentication for a testcase, simply right click on the testcase, and select Properties. On the “User Identity” tab, the “Use speculative authentication” can be set as desired.

Speculative Authentication testcase property

Best of all though, Load Tester will automatically set this feature based on whether or not it was detected as being used by your web browser.

We hope that these improvements will continue to keep Load Tester a dependable and accurate tool, simulating browser behavior even as browsers themselves evolve. Of course, if you have any questions about this feature or any other feature of Load Tester, our friendly support staff is available to offer guidance and suggestions!

Happy Testing!

-Frank

Engineer at Web Performance

Add Your Comment

You must be logged in to post a comment.

Resources

Copyright © 2020 Web Performance, Inc.

A Durham web design company

×

(1) 919-845-7601 9AM-5PM EST

Just complete this form and we will get back to you as soon as possible with a quote. Please note: Technical support questions should be posted to our online support system.

About You
What you Need