WebInspect: How to dynamically add request header
we are facing a problem when using WebInspect.
our website's login process is:
1. browse the login page, fulfill the login form then click the login button. the login http request will then return a token in json response value.
2. then the other following http requests need to set the prior token as a request header like MyTokenHeader: token.
So we donnot know how to set step2 in webinpsect. Maybe WI not support that??
We have information on how this can be accomplished using PostMan - https://www.microfocus.com/documentation/fortify-webinspect/2010/WI_Help_20.1.0/index.htm#PostmanScan_2a.htm
Manually Configuring Postman Login for Dynamic Tokens
This topic describes how to configure dynamic authenticationClosed manually if auto-configuration fails for a Postman scanClosed. Dynamic authentication uses dynamic tokens.
What are Dynamic Tokens?
Dynamic tokens are authentication tokens that are generated by software and are unique for each instance of authentication. Tokens can be created for a short period of time, and each instance is renewed individually.