Home | History | Annotate | Download | only in data 
      1 <testcase>
      2 <info>
      3 <keywords>
      4 HTTP
      5 HTTP GET
      6 HTTP Digest auth
      7 HTTP NTLM auth
      8 </keywords>
      9 </info>
     10 # Server-side
     11 <reply>
     12 
     13 <!-- Alternate the order that Digest and NTLM headers appear in responses to
     14 ensure that the order doesn't matter. -->
     15 
     16 <!--
     17 
     18  Explanation for the duplicate 400 requests:
     19 
     20  libcurl doesn't detect that a given Digest password is wrong already on the
     21  first 401 response (as the data400 gives). libcurl will instead consider the
     22  new response just as a duplicate and it sends another and detects the auth
     23  problem on the second 401 response!
     24 
     25 -->
     26 
     27 
     28 <!-- First request has NTLM auth, wrong password -->
     29 <data100>
     30 HTTP/1.1 401 Need Digest or NTLM auth
     31 Server: Microsoft-IIS/5.0
     32 Content-Type: text/html; charset=iso-8859-1
     33 Content-Length: 27
     34 WWW-Authenticate: NTLM
     35 WWW-Authenticate: Digest realm="testrealm", nonce="1"
     36 
     37 This is not the real page!
     38 </data100>
     39 
     40 <data1101>
     41 HTTP/1.1 401 NTLM intermediate
     42 Server: Microsoft-IIS/5.0
     43 Content-Type: text/html; charset=iso-8859-1
     44 Content-Length: 33
     45 WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
     46 
     47 This is still not the real page!
     48 </data1101>
     49 
     50 <data1102>
     51 HTTP/1.1 401 Sorry wrong password
     52 Server: Microsoft-IIS/5.0
     53 Content-Type: text/html; charset=iso-8859-1
     54 Content-Length: 29
     55 WWW-Authenticate: Digest realm="testrealm", nonce="2"
     56 WWW-Authenticate: NTLM
     57 
     58 This is a bad password page!
     59 </data1102>
     60 
     61 <!-- Second request has Digest auth, right password -->
     62 <data200>
     63 HTTP/1.1 401 Need Digest or NTLM auth (2)
     64 Server: Microsoft-IIS/5.0
     65 Content-Type: text/html; charset=iso-8859-1
     66 Content-Length: 27
     67 WWW-Authenticate: NTLM
     68 WWW-Authenticate: Digest realm="testrealm", nonce="3"
     69 
     70 This is not the real page!
     71 </data200>
     72 
     73 <data1200>
     74 HTTP/1.1 200 Things are fine in server land
     75 Server: Microsoft-IIS/5.0
     76 Content-Type: text/html; charset=iso-8859-1
     77 Content-Length: 32
     78 
     79 Finally, this is the real page!
     80 </data1200>
     81 
     82 <!-- Third request has NTLM auth, wrong password -->
     83 <data300>
     84 HTTP/1.1 401 Need Digest or NTLM auth (3)
     85 Server: Microsoft-IIS/5.0
     86 Content-Type: text/html; charset=iso-8859-1
     87 Content-Length: 27
     88 WWW-Authenticate: Digest realm="testrealm", nonce="4"
     89 WWW-Authenticate: NTLM
     90 
     91 This is not the real page!
     92 </data300>
     93 
     94 <data1301>
     95 HTTP/1.1 401 NTLM intermediate (2)
     96 Server: Microsoft-IIS/5.0
     97 Content-Type: text/html; charset=iso-8859-1
     98 Content-Length: 33
     99 WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
    100 
    101 This is still not the real page!
    102 </data1301>
    103 
    104 <data1302>
    105 HTTP/1.1 401 Sorry wrong password (2)
    106 Server: Microsoft-IIS/5.0
    107 Content-Type: text/html; charset=iso-8859-1
    108 Content-Length: 29
    109 WWW-Authenticate: NTLM
    110 WWW-Authenticate: Digest realm="testrealm", nonce="5"
    111 
    112 This is a bad password page!
    113 </data1302>
    114 
    115 <!-- Fourth request has Digest auth, wrong password -->
    116 <data400>
    117 HTTP/1.1 401 Need Digest or NTLM auth (4)
    118 Server: Microsoft-IIS/5.0
    119 Content-Type: text/html; charset=iso-8859-1
    120 Content-Length: 27
    121 WWW-Authenticate: Digest realm="testrealm", nonce="6"
    122 WWW-Authenticate: NTLM
    123 
    124 This is not the real page!
    125 </data400>
    126 
    127 <data1400>
    128 HTTP/1.1 401 Sorry wrong password (3)
    129 Server: Microsoft-IIS/5.0
    130 Content-Type: text/html; charset=iso-8859-1
    131 Content-Length: 29
    132 WWW-Authenticate: NTLM
    133 WWW-Authenticate: Digest realm="testrealm", nonce="7"
    134 
    135 This is a bad password page!
    136 </data1400>
    137 
    138 <!-- Fifth request has Digest auth, right password -->
    139 <data500>
    140 HTTP/1.1 401 Need Digest or NTLM auth (5)
    141 Server: Microsoft-IIS/5.0
    142 Content-Type: text/html; charset=iso-8859-1
    143 Content-Length: 27
    144 WWW-Authenticate: Digest realm="testrealm", nonce="8"
    145 WWW-Authenticate: NTLM
    146 
    147 This is not the real page!
    148 </data500>
    149 
    150 <data1500>
    151 HTTP/1.1 200 Things are fine in server land (2)
    152 Server: Microsoft-IIS/5.0
    153 Content-Type: text/html; charset=iso-8859-1
    154 Content-Length: 32
    155 
    156 Finally, this is the real page!
    157 </data1500>
    158 
    159 <datacheck>
    160 HTTP/1.1 401 NTLM intermediate
    161 Server: Microsoft-IIS/5.0
    162 Content-Type: text/html; charset=iso-8859-1
    163 Content-Length: 33
    164 WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
    165 
    166 HTTP/1.1 401 Sorry wrong password
    167 Server: Microsoft-IIS/5.0
    168 Content-Type: text/html; charset=iso-8859-1
    169 Content-Length: 29
    170 WWW-Authenticate: Digest realm="testrealm", nonce="2"
    171 WWW-Authenticate: NTLM
    172 
    173 This is a bad password page!
    174 HTTP/1.1 200 Things are fine in server land
    175 Server: Microsoft-IIS/5.0
    176 Content-Type: text/html; charset=iso-8859-1
    177 Content-Length: 32
    178 
    179 Finally, this is the real page!
    180 HTTP/1.1 401 NTLM intermediate (2)
    181 Server: Microsoft-IIS/5.0
    182 Content-Type: text/html; charset=iso-8859-1
    183 Content-Length: 33
    184 WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
    185 
    186 HTTP/1.1 401 Sorry wrong password (2)
    187 Server: Microsoft-IIS/5.0
    188 Content-Type: text/html; charset=iso-8859-1
    189 Content-Length: 29
    190 WWW-Authenticate: NTLM
    191 WWW-Authenticate: Digest realm="testrealm", nonce="5"
    192 
    193 This is a bad password page!
    194 HTTP/1.1 401 Sorry wrong password (3)
    195 Server: Microsoft-IIS/5.0
    196 Content-Type: text/html; charset=iso-8859-1
    197 Content-Length: 29
    198 WWW-Authenticate: NTLM
    199 WWW-Authenticate: Digest realm="testrealm", nonce="7"
    200 
    201 HTTP/1.1 401 Sorry wrong password (3)
    202 Server: Microsoft-IIS/5.0
    203 Content-Type: text/html; charset=iso-8859-1
    204 Content-Length: 29
    205 WWW-Authenticate: NTLM
    206 WWW-Authenticate: Digest realm="testrealm", nonce="7"
    207 
    208 This is a bad password page!
    209 HTTP/1.1 200 Things are fine in server land (2)
    210 Server: Microsoft-IIS/5.0
    211 Content-Type: text/html; charset=iso-8859-1
    212 Content-Length: 32
    213 
    214 Finally, this is the real page!
    215 </datacheck>
    216 
    217 </reply>
    218 
    219 # Client-side
    220 <client>
    221 <features>
    222 NTLM
    223 !SSPI
    224 </features>
    225 <server>
    226 http
    227 </server>
    228 <tool>
    229 libauthretry
    230 </tool>
    231 
    232  <name>
    233 HTTP authorization retry (NTLM switching to Digest)
    234  </name>
    235  <setenv>
    236 # we force our own host name, in order to make the test machine independent
    237 CURL_GETHOSTNAME=curlhost
    238 # we try to use the LD_PRELOAD hack, if not a debug build
    239 LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
    240  </setenv>
    241  <command>
    242 http://%HOSTIP:%HTTPPORT/2030 ntlm digest
    243 </command>
    244 <precheck>
    245 chkhostname curlhost
    246 </precheck>
    247 </client>
    248 
    249 # Verify data after the test has been "shot"
    250 <verify>
    251 <strip>
    252 ^User-Agent:.*
    253 </strip>
    254 <protocol>
    255 GET /20300100 HTTP/1.1
    256 Host: %HOSTIP:%HTTPPORT
    257 Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
    258 Accept: */*
    259 
    260 GET /20300100 HTTP/1.1
    261 Host: %HOSTIP:%HTTPPORT
    262 Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=
    263 Accept: */*
    264 
    265 GET /20300200 HTTP/1.1
    266 Host: %HOSTIP:%HTTPPORT
    267 Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20300200", response="2f2d784ba53a0a307758a90e98d25c27"
    268 Accept: */*
    269 
    270 GET /20300300 HTTP/1.1
    271 Host: %HOSTIP:%HTTPPORT
    272 Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
    273 Accept: */*
    274 
    275 GET /20300300 HTTP/1.1
    276 Host: %HOSTIP:%HTTPPORT
    277 Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=
    278 Accept: */*
    279 
    280 GET /20300400 HTTP/1.1
    281 Host: %HOSTIP:%HTTPPORT
    282 Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20300400", response="d6262e9147db08c62ff2f53b515861e8"
    283 Accept: */*
    284 
    285 GET /20300400 HTTP/1.1
    286 Host: %HOSTIP:%HTTPPORT
    287 Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20300400", response="d6262e9147db08c62ff2f53b515861e8"
    288 Accept: */*
    289 
    290 GET /20300500 HTTP/1.1
    291 Host: %HOSTIP:%HTTPPORT
    292 Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/20300500", response="198757e61163a779cf24ed4c49c1ad7d"
    293 Accept: */*
    294 
    295 </protocol>
    296 </verify>
    297 </testcase>
    298