This website uses cookies. By continuing to browse or login to this website, you consent to the use of cookies. Learn more.
OK
stevenjasson
Cadet 3rd Class
Cadet 3rd Class
‎2020-11-04 02:22
333 views

WebInspect: How to dynamically add request header

we are facing a problem when using WebInspect.

our website's login process is:

1. browse the login page, fulfill the login form then click the login button. the login http request will then return a token in json response value.

2. then the other following http requests need to set the prior token as a request header like MyTokenHeader: token.

So we donnot know how to set step2 in webinpsect. Maybe WI not support that??

0 Likes
Reply
Report Inappropriate Content
1 Reply
ebell
Micro Focus Expert
Micro Focus Expert
‎2020-11-06 22:34

We have information on how this can be accomplished using PostMan - https://www.microfocus.com/documentation/fortify-webinspect/2010/WI_Help_20.1.0/index.htm#PostmanScan_2a.htm

Manually Configuring Postman Login for Dynamic Tokens
This topic describes how to configure dynamic authenticationClosed manually if auto-configuration fails for a Postman scanClosed. Dynamic authentication uses dynamic tokens.

What are Dynamic Tokens?
Dynamic tokens are authentication tokens that are generated by software and are unique for each instance of authentication. Tokens can be created for a short period of time, and each instance is renewed individually.

0 Likes
Reply
Report Inappropriate Content
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.