F5 XC EMEA Workshop > Class 6 - AI Gateway > Protecting the Application Source |

Testing the App Security¶

We will go through testing steps to verify that our application has been successfully protected.

Let’s test the Web Application Firewall, browse to http://arcadia-re-$$makeId$$.workshop.emea.f5se.com/?a=<script

Test the API protection:

Browse to http://arcadia-re-$$makeId$$.workshop.emea.f5se.com/v1/api

Run the bellow cURL command:

curl -H "Content-Type: application/json;charset=UTF-8" \
  --data-raw "{\"email\":112233,\"password\":\"bitcoin\"}" \
  http://arcadia-re-$$makeId$$.workshop.emea.f5se.com/v1/login

Test that the ChatBot is protected from mallicious Bots

# Login and get JWT token
JWT_TOKEN=$(curl -s -X POST "http://arcadia-re-$$makeId$$.workshop.emea.f5se.com/v1/login" \
    -H "Content-Type: application/json" \
    -d '{"email":"sorin@nginx.com","password":"nginx"}' \
    | grep -o '"jwt":"[^"]*' | cut -d'"' -f4)

echo "JWT Token: $JWT_TOKEN"

# Send a message to AI chat
curl -s -X POST "http://arcadia-re-$$makeId$$.workshop.emea.f5se.com/v1/ai/chat" \
    -H "Content-Type: application/json" \
    -H "Authorization: Bearer $JWT_TOKEN" \
    -d '{"newQuestion":"Tell me about the current market trends for cryptocurrencies."}'

Previous Next