TOC & Recently Viewed

Recently Viewed Topics

Configure Selenium Authentication

These steps describe how to create a Selenium script to use with the Selenium Authentication option in the Credentials settings for the Web App Overview and Web App Scan templates.

These steps assume that you are using Google Chrome as your browser and have downloaded the Selenium IDE extension from the Chrome Web Store.

To create a script to log in with your credentials:

  1. For the web application you want to scan, access the login page in Google Chrome.

    login form test page

  2. In the upper right corner of the browser window, click the button to launch the Selenium IDE extension.

    The Selenium IDE window appears.

  3. In the upper right corner of the Selenium IDE window, click the  button to begin the recording.
  4. On the login page, enter your credentials and submit.

    Selenium IDE captures your actions.

  5. In the upper right corner of the Selenium IDE window, click the button to stop the recording.
  6. Click the button to save the project.

To run a credentialed scan with Selenium authentication:

  1. In Tenable.io Web Application Scanning, either create a new scan, or access the scan settings for which you want to add credentials.
  2. In the scan settings, click the Credentials tab.
  3. Click Web Application Authentication.
    1. In the Authentication Method drop-down box, select Selenium Authentication.
    2. Click Add File, and select the .side project that you saved in step 6 of To create a script to log in with your credentials.
    3. In the Page to verify active session box, type the URL you want to use to verify if the session is still active.
    4. In the Regex to verify active session box, type the regex to match to confirm the session is still active.

      Note: In many cases, the regex is text that appears on the login page (e.g., Welcome!)

  4. Click the Save button.

    When you launch the scan, the Selenium script will run and authenticate for you.

Copyright 2017 - 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.