/AWS1/CL_WA2REQUESTINSPECTION¶
The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage.
This is part of the AWSManagedRulesATPRuleSet configuration in ManagedRuleGroupConfig.
In these settings, you specify how your application accepts login attempts by providing the request payload type and the names of the fields within the request body where the username and password are provided.
CONSTRUCTOR¶
IMPORTING¶
Required arguments:¶
iv_payloadtype TYPE /AWS1/WA2PAYLOADTYPE /AWS1/WA2PAYLOADTYPE¶
The payload type for your login endpoint, either JSON or form encoded.
io_usernamefield TYPE REF TO /AWS1/CL_WA2USERNAMEFIELD /AWS1/CL_WA2USERNAMEFIELD¶
The name of the field in the request payload that contains your customer's username.
How you specify this depends on the request inspection payload type.
For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation JavaScript Object Notation (JSON) Pointer.
For example, for the JSON payload
{ "form": { "username": "THE_USERNAME" } }, the username field specification is/form/username.For form encoded payload types, use the HTML form names.
For example, for an HTML form with the input element named
username1, the username field specification isusername1
io_passwordfield TYPE REF TO /AWS1/CL_WA2PASSWORDFIELD /AWS1/CL_WA2PASSWORDFIELD¶
The name of the field in the request payload that contains your customer's password.
How you specify this depends on the request inspection payload type.
For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation JavaScript Object Notation (JSON) Pointer.
For example, for the JSON payload
{ "form": { "password": "THE_PASSWORD" } }, the password field specification is/form/password.For form encoded payload types, use the HTML form names.
For example, for an HTML form with the input element named
password1, the password field specification ispassword1.
Queryable Attributes¶
PayloadType¶
The payload type for your login endpoint, either JSON or form encoded.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_PAYLOADTYPE() |
Getter for PAYLOADTYPE, with configurable default |
ASK_PAYLOADTYPE() |
Getter for PAYLOADTYPE w/ exceptions if field has no value |
HAS_PAYLOADTYPE() |
Determine if PAYLOADTYPE has a value |
UsernameField¶
The name of the field in the request payload that contains your customer's username.
How you specify this depends on the request inspection payload type.
For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation JavaScript Object Notation (JSON) Pointer.
For example, for the JSON payload
{ "form": { "username": "THE_USERNAME" } }, the username field specification is/form/username.For form encoded payload types, use the HTML form names.
For example, for an HTML form with the input element named
username1, the username field specification isusername1
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_USERNAMEFIELD() |
Getter for USERNAMEFIELD |
PasswordField¶
The name of the field in the request payload that contains your customer's password.
How you specify this depends on the request inspection payload type.
For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation JavaScript Object Notation (JSON) Pointer.
For example, for the JSON payload
{ "form": { "password": "THE_PASSWORD" } }, the password field specification is/form/password.For form encoded payload types, use the HTML form names.
For example, for an HTML form with the input element named
password1, the password field specification ispassword1.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_PASSWORDFIELD() |
Getter for PASSWORDFIELD |