.The Authentication section for a web application is defined in the sections below. This is where you create authentication records for the web application.
Each authentication record identifies credentials for one or more authentication types - Form, HTTP Basic, NTLM and Digest. To launch an authenticated web application scan, you'll be required to select a target web application and an authentication record that is defined for the target.
The authentication records list displays the authentication records defined for the web application. When there are no records defined, this list is empty.
To add an authentication record, click Add Record to the right of the records list. Provide authentication information and then click Save to add the record to the application.
Form Authentication. Enter one set of credentials for form authentication.
Server Authentication. Enter one or more sets of credentials for server authentication. Click Add Another Set of Credentials to add a set of login credentials. Select an authentication type (HTTP Basic, NTLM or Digest) and enter credentials in the fields provided.
Domain/Realm. (Optional) For NTLM server authentication, enter the Windows domain name containing the credentials supplied in User Name/Password. For HTTP Basic server authentication, specify the protected realm.
Identify the authentication record you want to edit, and click .
Identify the authentication record you want to delete, and click 
.