Forum Discussion

Nimbostratus

Oct 23, 2019

ASM JSON/AJAX start page for Exchange OWA

Running into a challenge and wondering if the community might be able to help. I'm using the ASM Brute Force Start Page to lookup user_id and password login request. Problem is, trying to understand ...

ASM Advanced WAF

security

Yoann_Le_Corvi1

Cumulonimbus

Oct 24, 2019

Didn't get a change to test it, but I think this concerns the payload JSON sent to a logon URI rather than a start page. Let's say you have a form to login at /login.aspx, when you click on "Login" this posts a request to /dologin, with the payload JSON {"my_username":"toto", "my_password":"toto"} as JSON payload. Then

Add the URL in the first field : /dologin
Username JSON Element is "my_username"
Password JSON Element is "ma_password"

Yoann

smiley_dba
Nimbostratus
Oct 24, 2019
Thank you Yoann. Will test that out today. Thank you.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

ASM JSON/AJAX start page for Exchange OWA

Introducing the F5 Application Study Tool (AST)

Displaying Application Study Tool (AST) Dashboards in Your Own Grafana Instance

Recent Discussions

What dose "Accept" do in BIG-IP ASM event logs

OSPF traps on BIG-IP v14

Problem with sending BotDefense logs to remote server

Change Content-Type from application/octet-stream to multipart/form-data

Is anyone using Certbot for F5 certificate automation? If not, what tool do you use?

Related Content

Getting Started on DevCentral

Getting Started with BIG-IP Next: Fundamentals

Get Started with WAAP Security Incidents

Getting Started with iRules: Variables

Getting Started with BIG-IP Next: Migrating an Application Workload

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS