Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

JSON elements for login page

Maksym
Nimbostratus
Nimbostratus

‎27-Aug-2021 04:49

Hello team! I need to configure login page for brute-force protection of application.

 

It was easy for a web browser because the HTML form is easy to configure and works well.

 

But the authentication type for the mobile app is JSON / AJAX. I'm facing a problem: I'm unable to select the correct values for the username and password JSON elements from the entire server response. Should I use <map>, <string> and other tags in these fields, or should I only use keywords? I only found one example using JSON / AJAX authentication https://clouddocs.f5.com/training/community/waf/html/waf241/module4-login-protect/lab1/lab1.html, without any tags, but this example doesn't work in our environment.

 

Thanks!

Labels:
0 Kudos
1 REPLY 1

Maksym
Nimbostratus
Nimbostratus

‎27-Aug-2021 06:42

For example, after trying to sign in from a mobile app with incorrect credentials, ASM received a large request. I found the password I entered, in the following context:

 

<string>password</string><string>value</string><string>Igxiguodufjffuu</string>

 

Which part of this line should we insert into the Password field? Same question about the the login field.

 

0691T00000Dz54MQAR.png 

0 Kudos
Copyright © 2023 Khoros, LLC