Activity Processors

The custom authentication processor is designed to add strong and secure authentication to any page in the protected application. The authentication processor also logs malicious activity like invalid logins and modifying cookies or query parameters.

Table 21: Custom Authentication Processor Configuration Parameters

Parameter

Type

Default Value

Description

Basic

Processor Enabled

Boolean

True

Whether traffic should be passed through this processor.

User Accounts

Collection

[collection:0]

The list of valid user accounts to use for this processor.

Advanced

Auth Cookie Name

String

Random

The name of the authentication cookie.

Login Page Timeout

Integer

10 Minutes

The number of seconds a login page can be used before it times out. This is intended to prevent attacks based on watching network traffic. It should be as short as is tolerable.

MD5 Script Name

String

Random

The name of the Javascript resource that contains the MD5 code.

Session Timeout

Integer

1 Hour

The number of seconds a session can be idle before it times out.

Incident: Auth Cookie Tampering

Boolean

True

The user has modified the cookie used to manage custom authentication, probably in an attempt to expose sensitive information or bypass access restrictions.

Incident: Auth Input Parameter Tampering

Boolean

True

The user has modified the parameters used to manage custom authentication, probably in an attempt to expose sensitive information or bypass the authentication mechanism.

Incident: Auth Invalid Login

Boolean

True

The user has attempted to login but supplied invalid credentials, this could be perfectly normal, but large numbers of this type of incident would indicate a brute force attack.

Incident: Auth Query Parameter Tampering

Boolean

True

The user has modified the query parameters that were submitted when the user was asked to originally login. This is likely in an attempt to probe the authentication mechanism for exploits.