Login tab
Login Management is used to define how AppScan® logs in to your application, and how it can recognize when it gets logged out.
ADAC can automatically detect login requests and fills in the username and password parameters. If your application has a non-standard login sequence of actions, you can record these actions for ADAC to use.
Setting |
Details |
---|---|
Select Login Method |
|
Recorded (Recommended) |
(Default method) Select this method to open the browser and record a login sequence (both HTTP requests and user actions are recorded). AppScan® will use this sequence whenever it needs to login to the application. is used to record the sequence. Options are:
For web applications, see Record login with a browser. For web services see Record login with an external client |
Automatic Login |
Select this method to let AppScan® automatically detect the login form of your application and use the username and password you supply. (This method can be less reliable than the Recorded Login method.) |
Prompt |
Select this method if login requires human interaction each time (such as Two-Factor Authentication, One-Time Passwords, or CAPCHA). Note that even if you select this option, you must record a login sequence. This is to provide AppScan® with an in-session page that it can later use to verify that it is logged-in. For details see Record login with a browser |
None |
Select this option if the application does not require users to log in. |
Login Validation Status Indicator |
|
Key icon |
The key icon indicates the status of In-Session Detection: Enabled and configured. (An in-session page has been identified in login sequence, either automatically or by the user.) Enabled but not fully configured. Enabled but not configuration failed. Disabled. See Select Detection Pattern dialog box for details. |
Import or Export Login Settings |
|
Import |
When you record a login sequence it is saved as part of the scan. If you save the scan as a template, the login sequence is saved as part of the template. To import a login sequence that was previously saved as a |
Export |
To export the login sequence by itself, to use in future scans, click the Export button.
The sequence is saved as a |