generated from SAP/repository-template
-
Notifications
You must be signed in to change notification settings - Fork 9
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
8 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -62,11 +62,9 @@ Visit `http://localhost:8000` from a web browser. You should be granted by a 'we | |
|
|
||
| Let's add a first simple decoy. It won't be very useful but it is easy to understand. | ||
|
|
||
| 1. stop the demo (CTRL-C in the docker window) | ||
| 1. open file `cloud-active-defense/configmanager/cad-default.json` | ||
|
|
||
| 2. open file `cloud-active-defense/configmanager/cad-default.json` | ||
|
|
||
| 3. replace the content with the following: | ||
| 2. replace the content with the following: | ||
|
|
||
| ``` | ||
| { | ||
|
|
@@ -104,23 +102,19 @@ Let's add a first simple decoy. It won't be very useful but it is easy to unders | |
| } | ||
| ``` | ||
|
|
||
| 4. restart the demo | ||
|
|
||
| `docker-compose up --build` | ||
| 3. check the console for the following line: `wasm log: read new config` | ||
|
|
||
| 5. visit `http://localhost:8000/forbidden`. This should give you an error message `Cannot GET /forbidden`. Check that an alert was sent to the console with LOW severity. | ||
| 4. visit `http://localhost:8000/forbidden`. This should give you an error message `Cannot GET /forbidden`. Check that an alert was sent to the console with LOW severity. | ||
|
|
||
|  | ||
|
|
||
| ## Add a post-authentication decoy | ||
|
|
||
| The decoy we just added might trigger if your application is scanned by bots, but what's more interesting is to detect compromised user accounts. So let's create a decoy which will be visible only to authenticated users. | ||
|
|
||
| 1. stop the demo (CTRL-C in the docker window) | ||
| 1. open file `cloud-active-defense/configmanager/cad-default.json` | ||
|
|
||
| 2. open file `cloud-active-defense/configmanager/cad-default.json` | ||
|
|
||
| 3. replace the content with the following: | ||
| 2. replace the content with the following: | ||
|
|
||
| ``` | ||
| { | ||
|
|
@@ -195,11 +189,9 @@ The decoy we just added might trigger if your application is scanned by bots, bu | |
| } | ||
| ``` | ||
|
|
||
| 4. restart the demo | ||
|
|
||
| `docker-compose up --build` | ||
| 3. check the console for the following line: `wasm log: read new config` | ||
|
|
||
| 5. visit `http://localhost:8000/login`. Login as **[email protected]/bob**. Press `CTRL-SHIFT-I` to open the developer tools and navigate to the 'storage' tab. Notice how, upon login, a 'role=user' cookie was injected into your cookie jar. | ||
| 4. visit `http://localhost:8000/login`. Login as **[email protected]/bob**. Press `CTRL-SHIFT-I` to open the developer tools and navigate to the 'storage' tab. Notice how, upon login, a 'role=user' cookie was injected into your cookie jar. | ||
|
|
||
|  | ||
|
|
||
|
|
||