Using a browser

About this task

If a login sequence has been configured (see Login tab), there are two options when recording a multi-step operation:
Log in and then record
AppScan will log in to the application automatically (using the login you recorded) before the browser opens. You can then record your multi-step operation without recording the login requests. This method has the advantage that the login requests will not be replayed every time this sequence is played, but only if AppScan is out-of-session.
Note: Parameters and cookies that are present in the Multi-Step sequence but not in the Login sequence, are always tracked as Dynamic, even if you change their tracking to Login Value.
Record without login
AppScan will begin recording the sequence without logging in. When the browser opens you record your multi-step sequence directly. If you need to log in, the login will be part of the recording and will therefore be replayed every time the sequence is played, which can significantly increase scan time. Where login is required, the best practice is to use the previous option.
Note: If you use this option and then record login requests as part of the sequence, parameters and cookies received are always tracked as Dynamic, even if they are Login requests, and even if you change their tracking to Login Value.

If no login sequence has been configured there is just one option: Record.

Important: During playback of a multi-step operation, in-session detection is Off (see Login tab). This means that AppScan® does not verify that it is logged in. Therefore, if the failure of the sequence will cause the user to be logged out of the application, it is important that login be recorded as part of the sequence (so it will be replayed each time the sequence runs). If this is not done the multi-step operation may fail.

Procedure

  1. Click the record button and select one of the record options (see above).
    The browser opens and begins recording.
    Note: The default browser is the AppScan Internet Explorer browser. If your site does not support Internet Explorer, select the AppScan Chromium browser instead.
  2. Click on links and fill in fields as necessary to induce the required state. (You can use the Pause button if you want to perform steps that should not be included in the sequence.)
  3. Close the browser.

    The sequence appears in the Sequence pane (upper right). Sequences are automatically named in order: "Sequence 1", "Sequence 2" etc., but you can rename by typing into the name field (top).


    Sample sequence
  4. To edit the sequence:
    • Give the sequence an easily recognizable name
    • View any step by selecting it and clicking the Show in browser button
    • Remove any unnecessary step by selecting it and clicking the minus button