Hi. I'd like some clarification about how WI audits scans at a later date than the crawl. If I manually crawl a site in an authenticated area (without setting up a macro) and then audit it after the session has expired, WI will chug along without complaining, output some results and all is normal. However, if the session that the crawl was done with is no longer valid, does that mean that the authenticated pages are not getting tested? Cheers.
Great question! You are correct, once the session has expired, WI will not be able to audit the protected pages properly. Additionally, the audit threads each use their own sessions, so unless you scan with a shared requestor then the audit will not be able to access the protected pages even if the crawl session was still valid. The best solution is to create a login macro. Were you having any trouble creating a macro or were you just curious if there was a way to work around it?