1 <testcase> 2 <info> 3 <keywords> 4 HTTP 5 HTTP GET 6 HTTP Digest auth 7 </keywords> 8 </info> 9 # Server-side 10 <reply> 11 <data> 12 HTTP/1.1 401 Authorization Required 13 Server: Apache/1.3.27 (Darwin) PHP/4.1.2 14 WWW-Authenticate: Digest realm="testrealm", nonce="2053604145" 15 Content-Type: text/html; charset=iso-8859-1 16 Content-Length: 26 17 18 This is not the real page 19 </data> 20 21 # This is supposed to be returned when the server gets a 22 # Authorization: Digest line passed-in from the client 23 <data1000> 24 HTTP/1.1 401 Still a bad password you moron 25 Server: Apache/1.3.27 (Darwin) PHP/4.1.2 26 Content-Type: text/html; charset=iso-8859-1 27 Content-Length: 34 28 29 This is not the real page either 30 </data1000> 31 32 <datacheck> 33 HTTP/1.1 401 Authorization Required 34 Server: Apache/1.3.27 (Darwin) PHP/4.1.2 35 WWW-Authenticate: Digest realm="testrealm", nonce="2053604145" 36 Content-Type: text/html; charset=iso-8859-1 37 Content-Length: 26 38 39 HTTP/1.1 401 Still a bad password you moron 40 Server: Apache/1.3.27 (Darwin) PHP/4.1.2 41 Content-Type: text/html; charset=iso-8859-1 42 Content-Length: 34 43 44 This is not the real page either 45 </datacheck> 46 47 </reply> 48 49 # Client-side 50 <client> 51 <server> 52 http 53 </server> 54 <features> 55 !SSPI 56 crypto 57 </features> 58 <name> 59 HTTP with Digest authorization with bad password 60 </name> 61 <command> 62 http://%HOSTIP:%HTTPPORT/65 -u testuser:test2pass --digest 63 </command> 64 </client> 65 66 # Verify data after the test has been "shot" 67 <verify> 68 <strip> 69 ^User-Agent:.* 70 </strip> 71 <protocol> 72 GET /65 HTTP/1.1 73 Host: %HOSTIP:%HTTPPORT 74 Accept: */* 75 76 GET /65 HTTP/1.1 77 Host: %HOSTIP:%HTTPPORT 78 Authorization: Digest username="testuser", realm="testrealm", nonce="2053604145", uri="/65", response="66d68d3251f1839576ba7c766cf9205b" 79 User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3 80 Accept: */* 81 82 </protocol> 83 </verify> 84 </testcase> 85
