Hello!
I try to set up automation active scan with authentication with script based auth but have a fail.
What are necessery to run active scan with checking session and automatic re-auth if session was terminate?
I set up this options:
1) context - Authentication - script based - load zest script. Script handle auth token and set it to global variable.
2) activate http sender script to check and replace auth token from global variable. Script works fine (looking at other tests).
3) context -
Authentication - verification strategy - I'm try to set up check every response to handle in body regex via ".*non authorized.*", but it dont work
4) Session management - I'm try to set up Cookie-based or auto.
5) Context - authorization - I'm try to set up check every response to handle in body regex via "non authorized", like p.3, but it dont work
6) in automation plan I'm set import HAR, activate httpsender script and active scan. But unauthorized patterns dont works and I cath in active scans result messages via ""non authorized". Zest auth script not started.
What of options must be activated to check session and re-auth if session was terminated. What a trigger to run auth script?
Thanks.