I am new to ZAP OWASP. I have created a ZAP Jenkins job. I am getting below Message with Form login authentication
7983 [ZAP-SpiderInitThread-0] INFO org.zaproxy.zap.extension.spider.SpiderThread - Starting spidering scan on Context: SecurityTest at Mon Oct 05 10:06:27 EDT 2020
7989 [ZAP-SpiderInitThread-0] INFO org.zaproxy.zap.spider.Spider - Spider initializing...
[ZAP Jenkins Plugin] SPIDER SCAN STATUS [ 0% ]
[ZAP Jenkins Plugin] ALERTS COUNT [ 0 ]
8023 [ZAP-SpiderInitThread-0] INFO org.zaproxy.zap.spider.Spider - Starting spider...
8023 [ZAP-SpiderInitThread-0] INFO org.zaproxy.zap.spider.Spider - Scan will be performed from the point of view of User: fred
8044 [ZAP-SpiderThreadPool-0-thread-1] INFO org.zaproxy.zap.users.User - Authenticating user: USer
8274 [ZAP-SpiderThreadPool-0-thread-2] INFO org.zaproxy.zap.spider.Spider - Spidering process is complete. Shutting down...
8278 [ZAP-SpiderShutdownThread-0] INFO org.zaproxy.zap.extension.spider.SpiderThread - Spider scanning complete: true
Spider Scanning status is showing only 0% and shows Spider scanning complete: true. It is not displaying a 100% completion and report is not displayed with expected result. How to fix this issue?
USER user IS NOW ENABLED
[ZAP Jenkins Plugin] ATTACK MODE(S) INITIATED
[ZAP Jenkins Plugin] SPIDER SCAN ENABLED [ TRUE ]
SPIDER SCAN SETTINGS
AUTHENTICATED SPIDER SCAN [ TRUE ]
RECURSE: [ TRUE ]
SUB TREE ONLY: [ FALSE ]
MAX CHILDREN: [ 0 ]
CONTEXT ID: [ 1 ]
USER ID: [ 0 ]
USER NAME: [ user ]
[ZAP Jenkins Plugin] SPIDER SCAN THE SITE [ https://localhost:8080/webui ] AS USER [ User ]
7983 [ZAP-SpiderInitThread-0] INFO org.zaproxy.zap.extension.spider.SpiderThread - Starting spidering scan on Context: SecurityTest at Mon Oct 05 10:06:27 EDT 2020
7989 [ZAP-SpiderInitThread-0] INFO org.zaproxy.zap.spider.Spider - Spider initializing...
[ZAP Jenkins Plugin] SPIDER SCAN STATUS [ 0% ]
[ZAP Jenkins Plugin] ALERTS COUNT [ 0 ]
8023 [ZAP-SpiderInitThread-0] INFO org.zaproxy.zap.spider.Spider - Starting spider...
8023 [ZAP-SpiderInitThread-0] INFO org.zaproxy.zap.spider.Spider - Scan will be performed from the point of view of User: fred
8044 [ZAP-SpiderThreadPool-0-thread-1] INFO org.zaproxy.zap.users.User - Authenticating user: user
8274 [ZAP-SpiderThreadPool-0-thread-2] INFO org.zaproxy.zap.spider.Spider - Spidering process is complete. Shutting down...
8278 [ZAP-SpiderShutdownThread-0] INFO org.zaproxy.zap.extension.spider.SpiderThread - Spider scanning complete: true
[ZAP Jenkins Plugin] AJAX SPIDER ENABLED [ FALSE ]
SKIP AXAJ SPIDER FOR THE SITE [ https://localhost:8080/webui ]
[ZAP Jenkins Plugin] ACTIVE SCAN ENABLED [ FALSE ]
SKIP ACTIVE SCAN FOR THE SITE [ https://localhost:8080/webui ]
[ZAP Jenkins Plugin] CLEAR WORKSPACE OF PREVIOUS REPORT(S) [ FALSE ]
SKIP CLEARING WORKSPACE
[ZAP Jenkins Plugin] GENERATE REPORT(S) [ TRUE ]
[ XML ] SAVED TO [ C:\Program Files (x86)\Jenkins\workspace\JENKINS_ZAP_VULNERABILITY_REPORT_34.xml ]
[ HTML ] SAVED TO [ C:\Program Files (x86)\Jenkins\workspace\JENKINS_ZAP_VULNERABILITY_REPORT_34.html ]
[ZAP Jenkins Plugin] CREATE JIRA ISSUES [ FALSE ]
SKIP CREATING JIRA ISSUES
[ZAP Jenkins Plugin] SUMMARY...
ALERTS COUNT [ 0 ]
MESSAGES COUNT [ 5 ]
[ZAP Jenkins Plugin] SHUTDOWN [ START ]
Dont try to debug authentication problems with ZAP on Jenkins unless there are no other alternatives. Do that using the ZAP desktop - that way you can see whats going on. Authentication is hard - see the ADDO Workshop videos on https://www.alldaydevops.com/zap-in-ten I go into a lot of detail on them.