Posted Monday January 1, 0001
443 Words
These are the concepts that you will need to understand in order to configure authentication in ZAP.
Contexts ZAP contexts are a way of relating a set of URLs together. You can define any contexts you like, but it is expected that a context will correspond to a web application.
Posted Monday January 1, 0001
278 Words
Authentication is a key way of restricting access to an app. Some authentication mechanisms also make it significantly harder to use tools like ZAP, even for those people who have permission to use them.
Test in a Safe Environment Testing with valid credentials in a production environment is a really bad idea.
Posted Monday January 1, 0001
328 Words
If you are just performing manual testing then authentication is generally easier.
With manual testing you should be exploring the target app manually with a browser that is proxying through ZAP. In this case you can just use the valid credentials in the browser and in most cases you will be logged in.