Mindcraft® developed the AuthMark™ Benchmark to test authentication and authorization performance for Web access control products. The AuthMark Benchmark has two test scenarios that we commonly use:
The AuthMark Benchmark is run using our iLOAD MVP™ tool.
iLOAD MVP is a general-purpose, script-driven capacity planning, benchmarking, and regression testing tool. The major components of iLOAD MVP are:
iLOAD MVP provides the capabilities needed to test high-performance servers with a small number of load generator systems. Its capabilities include:
The AuthMark Benchmark
The AuthMark Benchmark is designed to test the performance of products that provide authentication and authorization services in support of Web servers. Authentication is the process of verifying who a user is; it typically occurs when a user logs in. Authorization is the process of verifying that an authenticated user is allowed to see or to use a particular resource. In the case of a Web server such resources include HTML files, graphic files, and programs that generate Web pages dynamically.
AuthMark simulates a large number of users accessing Web servers via their browsers. This approach permits AuthMark to test authentication and authorization performance independent of the technology used to provide those services.
AuthMark consists of several test scenarios to determine various aspects of performance for authentication and authorization systems under different circumstances. The AuthMark Login and Extranet Scenarios are the ones most commonly used.
The AuthMark Login Scenario focuses on testing authentication. It simulates users requesting and receiving the first Web page at a protected Web site. The Login Scenario measures the combination of one user authentication and one authorization for access to a protected resource (called a Login). We report Logins/minute. Understanding what happens during a login will help you understand what the Login Scenario measurements mean.
The following simplified sequence will walk you through the login process to show you how it works:
Login Scenario Configuration
Table 1 shows the AuthMark Login Scenario configuration parameters we use.
Running the Login Scenario
The basic steps for running the Login Scenario are:
The Login Scenario test script selects users randomly from the user database (see Table 1 for the numbers we use). The tester is free to select the number of load generator systems and the number of iLOAD MVP load generator threads to use.
The tester selects the number of load generators to get the highest performance possible from the authentication/authorization product being tested. In order to obtain the peak performance from an authentication/authorization product, the tester may need to use multiple Web servers and data repositories (directory or database servers).
The tester is permitted, but not required, to do a warm-up run of the test scenario in order to get the servers to a state that would more likely represent the state they would be in during normal operation. We typically warm-up the servers by running the test script in its entirety.
The Extranet Scenario simulates customers or suppliers logging into a private Web site and obtaining information they are authorized to get. It measures the combination of one user authentication and 10 authorizations for access to resources (these 11 Extranet operations constitute one Extranet sequence). We report the total operations per minute. The Extranet Scenario depicts a more complete and more realistic usage pattern than the Login Scenario.
The Extranet Scenario test execution starts with the same operation sequence as the Login Scenario (steps 1 - 4 above) and continues with the following operations:
For the Extranet Scenario, we typically warm-up the servers by running the test script in its entirety.
If you would like more information about the Mindcraft AuthMark Benchmark, please contact us.
|Copyright © 2001. Mindcraft, Inc. All rights reserved.
Mindcraft is a registered trademark of Mindcraft, Inc.
For more information, contact us at: firstname.lastname@example.org
Phone: +1 (408) 395-2404
Fax: +1 (408) 395-6324