Report: Load Testing

22 Aug 2024
7 Minutes to read

Print
Share
Dark
Light
PDF

Report: Load Testing

Updated on 22 Aug 2024
7 Minutes to read

Print
Share
Dark
Light
PDF

Article summary

Did you find this summary helpful?

Thank you for your feedback

Overview

The objective of the stress testing is to evaluate the performance and stability of the CrossIdentity IAM solution in an on-premises environment under maximum expected load. This includes assessing the system's ability to manage high volumes of concurrent operations, process large data imports, and maintain user responsiveness without degradation in service quality.

CI On-PremiseDeployment Architecture

Below is the architecture of the Cross Identity solution’s on-premises deployment:

The stress testing aimed to validate each component’s performance under realistic and peak load scenarios, ensuring that the system can operate efficiently and reliably in anon-premises deployment. This setup would be particularly tested for its resilience against potential bottlenecks that could arise from any of these interconnected components.

Test Scenarios and Procedure

The scenarios designed to test the platform include:

End User Logins: Testing the system’s capacity to handle a high volume of simultaneous user logins.
SOT/AD User Import from HRM Systems: Evaluating the platform's ability to efficiently import large numbers of users from external HRM systems.
CSV Imports for User Creation, Updates, and Termination: Checking the system's effectiveness in processing bulk operations for creating, updating, and terminating user accounts.
Access Request and Approval Processes: Verifying how well the platform manages concurrent access requests and approvals.
Review Campaign Execution: Assessing the system’s capability to execute access review campaigns involving multiple entitlements per user.
Account Reconciliation Tasks: Measuring the platform's ability to perform reconciliation tasks at scale.

Procedure

The procedure for each scenario involves initiating tests sequentially with a detailed recording of key metrics such as transaction times, concurrency levels, and overall system responses. This structured approach helps in pinpointing areas of strength and potential bottlenecks, ensuring that the platform can sustain its performance even under peak operational stress.

Sr. No.	Scenario	Actions	Concurrent Users	Actual Result
1.	End User Logins to Cross-Identity	5000 users concurrently should be able to log in to Cross Identity.	5000* users	Concurrently 5000 users log in to the Cross Identity home page (Within a second)
2.	SOT User Import from HRMS System	SOT import of 150,000+ users from HRMS System Import first 10,000 users in 3 mins and subsequent users accordingly.	30,000 users/ 150,000 users	Started with 30,000 users and then a total of 150,000 users created in Cross Identity.
3.	CSV user Import for new user creation	CSV import of 150000+ users. Start with Import of the first 30,000 users in 3 minutes and subsequent users accordingly.	30,000 users/ 150,000 users	Started with 30,000 users and then150,000 users imported in Cross Identity.
4.	CSV user Import for user update	CSV import of 150000+ users with updated records. Import the first 30,000 users in 3 minutes and subsequent users accordingly.	30,000 users/ 150,000 users	Started with 30,000 users with modified records and then 150,000 users imported in Cross Identity.
5.	CSV user Import for termination	CSV import of 150000+ users with status terminated. Import the first 30,000 users in 3 minutes and subsequent users accordingly.	30,000 users/ 150,000 users	Started with 30,000 users with status terminated and then 150,000 users imported in Cross Identity. In the target application, it should disable the account and remove accesses.
6.	Manual user creation	Ability to create 3000 users manually via user form in Cross Identity	3000 users	3000 users were created manually in Cross Identity within 5 minutes.
7.	End User Access Request	3000 users should be able to request access across multiple applications concurrently for roles/entitlements in 10 seconds.	3000 users	3000 users should be able to request access across multiple applications concurrently.
8.	Access Approval Process	3000 Approvers should be able to take action (Approve/Reject) on approval tasks concurrently in 5 seconds.	3000 Approvers	3000 Approvers should be able to take action
9.	Generate Review Campaign	The administrator should be able to generate an Access Review Campaign for 3000 users within 5 minutes. Each user should have an average of 60 entitlements for review.	3000 review tasks	Review Campaign for 3000 users with 60 entitlements have been generated.
10.	Perform action on Review Tasks	300 Reviewers should be able to do review tasks of 30 users with 60entitlement each within 10 secs simultaneously	300 Reviewers	300 Reviewers should be able to review 30 users with each user's 60 entitlements.
11.	Application Reconciliation Response	6000 Accounts and 15000 entitlements per minute - recon, compare without modification and processed	6000 Accounts and 15000 entitlements reconciliation	Reconciliation of 3000 Accounts and 15000 entitlements
12.	Application Reconciliation Response	3000 Accounts and 15000 entitlement – evaluate policy and enforce entitlement, attribute changes	6000 Accounts and 15000 entitlements reconciliation	Reconciliation of 3000 Accounts and 15000 entitlements
13.	Adding Role to Users (Dynamic Role Assignment based on Location)	Dynamic Role assignment to users based on location	3000 users	Dynamic Roles are added to 3000 users
14.	Target Provisioning for adding Dynamic Role to users	Account & Entitlements provisioning concurrently for 3000 users	3000 users	Account & Entitlements provisioning concurrently for 3000 users in target applications
15.	Target Provisioning for adding Static Role to users	Account provisioning concurrently for 3000 user accounts in 3 minutes	3000 users	Account & Entitlements provisioning concurrently for 3000 users in target applications
16.	End User Password Self-Service	Password Change of 3000 users within 15 mins	3000 users	Password reset of 3000 users
17.	SSO - End User single sign-on to Application home page	Concurrently 3000 users should be able to log in to the application homepage in 3 seconds.	3000 users	3000 users can login to the Cross Identity home page
18.	Generate Review Campaign & End User Logins	Administrator should be able to generate an Access Review Campaign for 3000users within 5 minutes. Each user should have an average of 60 entitlements for review. 3000 users concurrently should be able to log in to Cross Identity.	3000 users3000 review tasks	Review Campaign with 3000 review tasks are generated. Simultaneously 3000 users are able to login to the Cross Identity home page
19.	SOT User Import & End User Logins	SOT import of 150,000+ users from HRMS system Import first 30,000 users in 3 mins and subsequent users accordingly. 3000 users concurrently should be able to log in to Cross Identity.	3000 users3000 review tasks	Started with 30,000 users and then a total of 150,000 users created in Cross Identity. Simultaneously 3000 users can login to the Cross Identity home page
20.	Account Reconciliation & End User Logins	15000 Accounts per minute - recon, compare without modifying andprocessed). Simultaneously 3000 users concurrently should be able to login to Cross Identity.	3000 users	Login to the Cross Identity home page
21.	Generate Review Campaign & Account Reconciliation	The administrator should be able to generate an Access Review Campaign for 3000 users within 5 minutes. Each user should have an average of 60 entitlements for review. Simultaneously 3000 Accounts and 15000 entitlements per minute - recon, compare without modification and processed).	3000 review tasks 6000 Accounts and 15000 entitlements reconciliation	Review Campaign with 3000 review tasks are generated.
22.	Access Approval Process & Account Reconciliation	300 Approvers should be able to take action (Approve/Reject) on approval tasks in 5 secs15000 Accounts per minute - recon, compare without modification and process). 6000 Accounts and 15000 entitlements per minute - recon, compare without modifying and process)	300 Approvers 6000 Accounts and 15000 entitlements reconciliation	300 approvers should

*This is the peak concurrent users.

Concurrent user login toCross Identity

To test the capability of Cross Identity to handle a high volume of concurrent user logins.

• Number of Concurrent Users: 5000 users.

• Goal: All users should be able to log in concurrently, within a specific time frame (e.g., within one second).

Here is the graph depicting the stress test scenario for "Cross Identity" where 5000 users concurrently log in within a second. The graph shows a sharp spike at the 1-second mark, indicating the peak load of user logins, followed by a return to zero, which illustrates that this peak happens very briefly and precisely at that moment. This visualization helps in understanding the system's capacity to handle sudden high traffic.

Importing users from the HRMS

Here is the graph illustrating the stress test scenario for importing users from the HRMS system, specifically OrangeHRM, into Cross Identity. The graph display shows the first 10,000 users are imported within the first 3 minutes, followed by a consistent increase until reaching a total of 150,000 users by the 13th minute. This visualization helps demonstrate the system's capacity to handle large-scale user imports efficiently over time.

Access Request

Here's a graph showing the number of user access requests over time, from 0 to 10 seconds. The y-axis represents the number of users, ranging from 0 to 3000, and the data points are plotted at 2-second intervals.

Access Approval

Here’s the graph showing the access approval process, where 3000 approvers take action concurrently over 5 seconds. The x-axis represents the time intervals from 0 to 5 seconds, and the y-axis represents the number of approvers. This line graph shows the rapid increase in the number of approvers taking action, with increments every second.

Access Review

Here's the graph illustrating the review process over time, where 300 reviewers simultaneously review tasks of 30 users with 60 entitlements each within 10 seconds. The x-axis represents the time intervals from 0 to 10 seconds, and the y-axis represents the cumulative number of tasks reviewed. The graph shows a steady increase in the number of tasks reviewed, assuming a constant rate of review.

Conclusion

In summary, the stress testing underscores the Cross Identity platform’s capability to support an organization’s identity management requirements reliably and efficiently, even under stringent conditions. This testing forms a foundational part of preparing the platform for successful operational deployment, ensuring it meets both current and future demands.

Was this article helpful?

What's Next

Gartner and KuppingerCole