Testing Active Directory (AD) with Kerberos authentication

I need to load test applications that use Keberos authentication against a local AD KDC with k6 and I haven’t found a way to do it.
I’ve also thought of deploying some kind of KDC proxy but not luck there either.
Has anyone been able to do it?

Hey @eden123,

The only supported Microsoft protocol for authentication in k6 is NTLM. So, the current version of k6 does not support Kerberos. Bundling Node.js modules is not an option either, since (almost) all libraries use C++ (as a native extension to Node.js) to access Microsoft authentication APIs, e.g. node-expose-sspi, node-krb5 and the notable kerberos.

The only option here is to wait for the extension/plugin system to be implemented in k6, so that you can write your own Kerberos extension to authenticate against AD KDC. Otherwise, you can also modify k6 on your own and build your custom Kerberos supported version, which we’d be very happy to see.

Good luck!

Is there more information about this xk6? Not sure I fully understand how it works

As of now, it’s in active development.

Edit by @simme 2021-06-01:

Since this post, xk6 is now publicly available at GitHub - k6io/xk6: Build k6 with extensions. More information is available in this blog post and in the ecosystem pages. :fire:

Thank you very much for your answers :slight_smile:

1 Like