Hello team! I need to configure login page for brute-force protection of application.
It was easy for a web browser because the HTML form is easy to configure and works well.
But the authentication type for the mobile app is JSON / AJAX. I'm facing a problem: I'm unable to select the correct values for the username and password JSON elements from the entire server response. Should I use <map>, <string> and other tags in these fields, or should I only use keywords? I only found one example using JSON / AJAX authentication https://clouddocs.f5.com/training/community/waf/html/waf241/module4-login-protect/lab1/lab1.html, without any tags, but this example doesn't work in our environment.