Forum Discussion
Alex_Nimo_26616
Altocumulus
AltocumulusASM JSON login page
Hi,
Trying to configure a JSON login page in ASM.
The page first asks for the username and only then for the password.
1) When configuring JSON login in ASM, you must supply both the parame...
samstep
Cirrocumulus
CirrocumulusYou have a very strange application to protect.
So you are saying that application has Page 1 where user enters username only and clicks login button - this generate a JSON request which contains only one parameter: "username" to the server after which the user is navigating to Page where only the Password is required and then again a JSON request is sent next to the server with only one parameter "password"???
How is the session state maintained between Page 1 and Page 2? there must be something ( a cookie, a token a header) sent back by the server in response to Page 1 request which would help the server to link the JSON data blurb with just username with bare Page 2 with just password.
You can try defining 2 x AJAX page URLs with username & password being the same parameter name (you can't leave the password field blank).
Can you provide examples of full HTTP requests and responses? (Page 1 request/response and Page 2 request/response) for a successful (and unsuccessful) login?