HTTP Server Authentication Settings in WAS Scans
In a web application scan, you can configure the following settings for HTTP server-based authentication credentials.
| Option | Action |
|---|---|
| Username | Type the username Tenable.io Web Application Scanning uses to authenticate to the HTTP-based server. |
| Password | Type the password Tenable.io Web Application Scanning uses to authenticate to the HTTP-based server. |
| Authentication Type |
In the drop-down list, select one of the following authentication types:
|
| Kerberos Domain | (Required when enabling the Kerberos Authentication Type) The realm to which Kerberos Target Authentication belongs, if applicable. |
| Key Distribution Center (KDC) | (Required when enabling the Kerberos Authentication Type) This host supplies the session tickets for the user. |
Note: Tenable.io does not support multiple HTTP authentication types for a single target.