About this task
If you select Form Authentication in the Authentication
Method section of the main window, the Setup button appears.
This is used to configure Authentication Tester with the correct Login procedure.
Procedure
- Click Setup.
The Authentication Tester browser opens.
- Browse to the login page of your web application.
- Perform the Login procedure using these credentials (you
can cut-and-paste them from the upper part of the browser window):
username: |
BruteUsername |
password: |
BrutePassword |
Authentication Tester requires that you model the site login procedure using these values.
During the testing stage, these strings will be replaced with possible
username and password combinations as Authentication Tester attempts to gain access
to the site by 'Brute Force". When you complete the Login procedure
now, however, Authentication Tester does
not actually attempt to log in using these credentials, but simply
examines the login request.
CAUTION: If the strings
"BruteUsername" and "BrutePassword" are not allowed by your client-side
verification, no Login request will be created for
Authentication Tester to examine! In such
a case you must change the placeholder values for the username and
password strings. See
Form Authentication tab.
When you have completed the login process, Authentication Tester "captures" the login
request, and a confirmation message appears.
- On the confirmation message, click OK