Login Management
Configure the login method, and record the login procedure if needed.
About this task
The Login Management step of the wizard lets you select one of three methods for AppScan to use when it encounters login pages during a scan:
- Recorded Login: (Recommended method) If you select this option, AppScan® uses a login procedure that you record, completing
fields and clicking on links like a real user.
For more details see Recording a login.
If login requires human interaction each time (such as Two-Factor Authentication, One-Time Passwords, or CAPTCHA), select the Prompt option.
- Prompt: In this case you must still record a login procedure. Although AppScan will not attempt to log in using the procedure you record, it needs the procedure as a reference to know when it is logged out.
- Automatic Login: If AppScan will be able to log in to the site using a name and password only, without a special procedure, select this option and enter the Username and Password.
- No Login: Select this option only if the application does not require logging in, or if for some other reason you do not want AppScan to log in.
Procedure
What to do next
If you selected "I want to configure In-Session Detection Options", continue with Login Management Details