Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Activity Processors

    The custom authentication processor is designed to add strong and secure authentication to any page in the protected application. The authentication processor also logs malicious activity like invalid logins and modifying cookies or query parameters.

    Table 1: Custom Authentication Processor Configuration Parameters

    Parameter

    Type

    Default Value

    Description

    Basic

    Processor Enabled

    Boolean

    True

    Whether traffic should be passed through this processor.

    User Accounts

    Collection

    [collection:0]

    The list of valid user accounts to use for this processor.

    Advanced

    Auth Cookie Name

    String

    Random

    The name of the authentication cookie.

    Login Page Timeout

    Integer

    10 Minutes

    The number of seconds a login page can be used before it times out. This is intended to prevent attacks based on watching network traffic. It should be as short as is tolerable.

    MD5 Script Name

    String

    Random

    The name of the Javascript resource that contains the MD5 code.

    Session Timeout

    Integer

    1 Hour

    The number of seconds a session can be idle before it times out.

    Incident: Auth Cookie Tampering

    Boolean

    True

    The user has modified the cookie used to manage custom authentication, probably in an attempt to expose sensitive information or bypass access restrictions.

    Incident: Auth Input Parameter Tampering

    Boolean

    True

    The user has modified the parameters used to manage custom authentication, probably in an attempt to expose sensitive information or bypass the authentication mechanism.

    Incident: Auth Invalid Login

    Boolean

    True

    The user has attempted to login but supplied invalid credentials, this could be perfectly normal, but large numbers of this type of incident would indicate a brute force attack.

    Incident: Auth Query Parameter Tampering

    Boolean

    True

    The user has modified the query parameters that were submitted when the user was asked to originally login. This is likely in an attempt to probe the authentication mechanism for exploits.

    Published: 2013-11-20