How to Sign JMeter Parameters with Groovy: A Step‑by‑Step Guide
This article demonstrates how to use Groovy scripts within JMeter’s JSR223 pre‑processor to generate RSA‑based signatures for request parameters, providing a complete utility class, configuration steps, sample code, and console output to verify that the signature is correctly added to the request.
In a series of JMeter tutorials, the author collects previous Groovy‑related articles and introduces a new example that shows how to sign request parameters in JMeter using Groovy.
Setup
Create a simple Thread Group and a basic HTTP Request.
Add a JSR223 PreProcessor to the request.
Groovy Script
The script imports required Java classes, collects request arguments into a map, and calls the RSAUtilLJT.sign method to generate a signature, which is then added as a new argument named sign.
import org.apache.commons.codec.binary.Base64;
import javax.crypto.Cipher;
import java.io.ByteArrayOutputStream;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
import java.util.TreeMap;
vars.put("MY1","flow");
props.put("MY","ewewewerr");
log.info(props.get("MY"));
sampler.addArgument("name","funteddster");
sampler.addArgument("pwd","funtddester");
def args = sampler.getArguments();
def ss = [:];
log.info(sampler.getArguments().toString());
args.getArgumentCount().times{
def a = args.getArgument(it);
ss.put(a.ARG_NAME,a.VALUE);
}
def my_var = RSAUtilLJT.sign(ss,RSAUtilLJT.getPrivateKey(RSAUtilLJT.RSA_PRIVATE_KEY)) as String;
log.warn "输出参数-------- ${vars} console";
log.info "222222 " + my_var;
sampler.addArgument("sign", my_var);
public class RSAUtilLJT {
private static final int MAX_ENCRYPT_BLOCK = 117;
private static final int MAX_DECRYPT_BLOCK = 128;
public static final String RSA_PRIVATE_KEY = "保密内容";
public static final String RSA_PUBLIC_KEY = "保密内容";
private static final String excludeKey = "sign";
// methods for key handling, encryption, decryption, signing, verification, map conversion omitted for brevity
}Utility Class Overview
The RSAUtilLJT class provides static methods to:
Load RSA private and public keys from Base64 strings.
Encrypt and decrypt data with RSA, handling block size limits.
Generate a signature using MD5withRSA and verify it.
Sign a Map<String,String> by converting it to a sorted query string.
Convert a map to a query‑string format while excluding the sign key.
Execution Output
The JMeter console logs show the test start, the generated signature, and the final request parameters.
2020-04-17 17:13:30,989 INFO o.a.j.e.StandardJMeterEngine: Running the test!
... (log lines omitted for brevity) ...
2020-04-17 17:13:31,337 INFO o.a.j.m.J.JSR223 参数签名Groovy类: ewewewerr
2020-04-17 17:13:31,341 INFO o.a.j.m.J.JSR223 参数签名Groovy类: t=flow()&s=ewewewerr()&name=funteddster()&pwd=funtddester()
2020-04-17 17:13:31,360 WARN o.a.j.m.J.JSR223 参数签名Groovy类: 输出参数-------- org.apache.jmeter.threads.JMeterVariables@7bdab282 console
2020-04-17 17:13:31,361 INFO o.a.j.m.J.JSR223 参数签名Groovy类: 222222 DV1UC0RF7y7FWArtYJP8LaUYwWZm7Mc5P8vmx5e4cGqQstaW3LlfR+o5mSiBTTxLY3NSvsr5EHLkLzPcfJ3YCmjJnneZj+lCb7fR7XA5snwGHJNbeDejn6x3oNVEZF8i4MR/vPO9I1lawA6pEuO5t7kW21IizQdEyxAc2pxLcj8=
... (test end logs) ...Result Verification
Viewing the JMeter View Results Tree confirms that the sign parameter is present in the request payload.
The article ends with a disclaimer that the content is original and should not be reposted without permission.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.