Forum Discussion

George_33482's avatar
George_33482
Icon for Nimbostratus rankNimbostratus
Jun 10, 2014

ASM 11.4 brute force prevention

Hello,

 

I am trying to configure brute force prevention on ASM 11.4 on a login, where the username and password parameters are on different pages. when I access the site and enter the username, a 302 redirect page is triggered and a page with a password field appears.

 

How can I troubleshoot the issue on the ASM itself? Can i Capture/save the username parameter and use it during the password login page?

 

Example: main page with the username field /cb/pages/jsp-ns/submitUserName.jsp....username is entered.Then 302 /cb/pages/jsp-ns/login2.jsp ... entering the password.

 

Any assistance is appreciated.

 

Thanks, George

 

1 Reply

  • Looking over our brute force prevention, I don't think you can use this in a situation where the username is submitted then the password is requested on a completely different page which in no way references the Username. If you have both a username and a password in the submitted data for the password page, we should be able to make it work.