1 <testcase> 2 <info> 3 <keywords> 4 HTTP 5 HTTP GET 6 HTTP Basic auth 7 HTTP Digest auth 8 </keywords> 9 </info> 10 # Server-side 11 <reply> 12 13 <!-- Alternate the order that Basic and Digest headers appear in responses to 14 ensure that the order doesn't matter. --> 15 16 <!-- First request has Digest auth, wrong password --> 17 <data100> 18 HTTP/1.1 401 Need Basic or Digest auth 19 Server: Microsoft-IIS/5.0 20 Content-Type: text/html; charset=iso-8859-1 21 Content-Length: 27 22 WWW-Authenticate: Digest realm="testrealm", nonce="1" 23 WWW-Authenticate: Basic realm="testrealm" 24 25 This is not the real page! 26 </data100> 27 28 <data1100> 29 HTTP/1.1 401 Sorry wrong password 30 Server: Microsoft-IIS/5.0 31 Content-Type: text/html; charset=iso-8859-1 32 Content-Length: 29 33 WWW-Authenticate: Basic realm="testrealm" 34 WWW-Authenticate: Digest realm="testrealm", nonce="2" 35 36 This is a bad password page! 37 </data1100> 38 39 <!-- Second request has Basic auth, right password --> 40 <data200> 41 HTTP/1.1 200 Things are fine in server land 42 Server: Microsoft-IIS/5.0 43 Content-Type: text/html; charset=iso-8859-1 44 Content-Length: 32 45 46 Finally, this is the real page! 47 </data200> 48 49 <!-- Third request has Digest auth, wrong password --> 50 <data300> 51 HTTP/1.1 401 Need Basic or Digest auth (2) 52 Server: Microsoft-IIS/5.0 53 Content-Type: text/html; charset=iso-8859-1 54 Content-Length: 27 55 WWW-Authenticate: Digest realm="testrealm", nonce="3" 56 WWW-Authenticate: Basic realm="testrealm" 57 58 This is not the real page! 59 </data300> 60 61 <data1300> 62 HTTP/1.1 401 Sorry wrong password (2) 63 Server: Microsoft-IIS/5.0 64 Content-Type: text/html; charset=iso-8859-1 65 Content-Length: 29 66 WWW-Authenticate: Basic realm="testrealm" 67 WWW-Authenticate: Digest realm="testrealm", nonce="4" 68 69 This is a bad password page! 70 </data1300> 71 72 <!-- Fourth request has Basic auth, wrong password --> 73 <data400> 74 HTTP/1.1 401 Sorry wrong password (3) 75 Server: Microsoft-IIS/5.0 76 Content-Type: text/html; charset=iso-8859-1 77 Content-Length: 29 78 WWW-Authenticate: Digest realm="testrealm", nonce="5" 79 WWW-Authenticate: Basic realm="testrealm" 80 81 This is a bad password page! 82 </data400> 83 84 <!-- Fifth request has Basic auth, right password --> 85 <data500> 86 HTTP/1.1 200 Things are fine in server land (2) 87 Server: Microsoft-IIS/5.0 88 Content-Type: text/html; charset=iso-8859-1 89 Content-Length: 32 90 91 Finally, this is the real page! 92 </data500> 93 94 <datacheck> 95 HTTP/1.1 401 Need Basic or Digest auth 96 Server: Microsoft-IIS/5.0 97 Content-Type: text/html; charset=iso-8859-1 98 Content-Length: 27 99 WWW-Authenticate: Digest realm="testrealm", nonce="1" 100 WWW-Authenticate: Basic realm="testrealm" 101 102 HTTP/1.1 401 Sorry wrong password 103 Server: Microsoft-IIS/5.0 104 Content-Type: text/html; charset=iso-8859-1 105 Content-Length: 29 106 WWW-Authenticate: Basic realm="testrealm" 107 WWW-Authenticate: Digest realm="testrealm", nonce="2" 108 109 This is a bad password page! 110 HTTP/1.1 200 Things are fine in server land 111 Server: Microsoft-IIS/5.0 112 Content-Type: text/html; charset=iso-8859-1 113 Content-Length: 32 114 115 Finally, this is the real page! 116 HTTP/1.1 401 Need Basic or Digest auth (2) 117 Server: Microsoft-IIS/5.0 118 Content-Type: text/html; charset=iso-8859-1 119 Content-Length: 27 120 WWW-Authenticate: Digest realm="testrealm", nonce="3" 121 WWW-Authenticate: Basic realm="testrealm" 122 123 HTTP/1.1 401 Sorry wrong password (2) 124 Server: Microsoft-IIS/5.0 125 Content-Type: text/html; charset=iso-8859-1 126 Content-Length: 29 127 WWW-Authenticate: Basic realm="testrealm" 128 WWW-Authenticate: Digest realm="testrealm", nonce="4" 129 130 This is a bad password page! 131 HTTP/1.1 401 Sorry wrong password (3) 132 Server: Microsoft-IIS/5.0 133 Content-Type: text/html; charset=iso-8859-1 134 Content-Length: 29 135 WWW-Authenticate: Digest realm="testrealm", nonce="5" 136 WWW-Authenticate: Basic realm="testrealm" 137 138 This is a bad password page! 139 HTTP/1.1 200 Things are fine in server land (2) 140 Server: Microsoft-IIS/5.0 141 Content-Type: text/html; charset=iso-8859-1 142 Content-Length: 32 143 144 Finally, this is the real page! 145 </datacheck> 146 147 </reply> 148 149 # Client-side 150 <client> 151 <server> 152 http 153 </server> 154 <features> 155 !SSPI 156 crypto 157 </features> 158 <tool> 159 libauthretry 160 </tool> 161 162 <name> 163 HTTP authorization retry (Digest switching to Basic) 164 </name> 165 <setenv> 166 # we force our own host name, in order to make the test machine independent 167 CURL_GETHOSTNAME=curlhost 168 # we try to use the LD_PRELOAD hack, if not a debug build 169 LD_PRELOAD=%PWD/libtest/.libs/libhostname.so 170 </setenv> 171 <command> 172 http://%HOSTIP:%HTTPPORT/2026 digest basic 173 </command> 174 <precheck> 175 chkhostname curlhost 176 </precheck> 177 </client> 178 179 # Verify data after the test has been "shot" 180 <verify> 181 <strip> 182 ^User-Agent:.* 183 </strip> 184 <protocol> 185 GET /20260100 HTTP/1.1 186 Host: %HOSTIP:%HTTPPORT 187 Accept: */* 188 189 GET /20260100 HTTP/1.1 190 Host: %HOSTIP:%HTTPPORT 191 Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20260100", response="5f992a2e761ab926256419f7c685f85b" 192 Accept: */* 193 194 GET /20260200 HTTP/1.1 195 Host: %HOSTIP:%HTTPPORT 196 Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M= 197 Accept: */* 198 199 GET /20260300 HTTP/1.1 200 Host: %HOSTIP:%HTTPPORT 201 Accept: */* 202 203 GET /20260300 HTTP/1.1 204 Host: %HOSTIP:%HTTPPORT 205 Authorization: Digest username="testuser", realm="testrealm", nonce="3", uri="/20260300", response="132242e602882251929be93228c830ae" 206 Accept: */* 207 208 GET /20260400 HTTP/1.1 209 Host: %HOSTIP:%HTTPPORT 210 Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz 211 Accept: */* 212 213 GET /20260500 HTTP/1.1 214 Host: %HOSTIP:%HTTPPORT 215 Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M= 216 Accept: */* 217 218 </protocol> 219 </verify> 220 </testcase> 221
