AnsweredAssumed Answered

WAS scan configuration if SSO link is different from Scan URL

Question asked by Santhanakrishnan D on May 21, 2020
Latest reply on May 22, 2020 by Jayson Coulter

I need a scan a web application (https://xyz.com) with SSO but the issue is the application URL(https://xyz.com) and SSO URL(https://abc.com) is different. The problems I'm facing are listed below.

  1. If I access https://xyz.com it does not goes to https://abc.com. The process is I need to login to https://abc.com to go to https://xyz.com.
  2. If I logout I have a different login page (https://xyz.com/login) but I am not authorized to login it. And Developer is not ready to provide me the Login to that. I always need to Login to https://abc.com to access https://xyz.com.

 

My question is:

  1. Now in this case what I need to change in my configuration to get this scanned. Also as a note I should not scan https://abc.com and I only need to scan https://xyz.com
  2. Will the Qualys consider both my URL's as different application and deduct 2 Applications or it still consider as only one application.

 

Please help me to understand.

Outcomes