1<testcase> 2<info> 3<keywords> 4HTTP 5HTTP GET 6HTTP Digest auth 7HTTP NTLM auth 8</keywords> 9</info> 10# Server-side 11<reply> 12 13<!-- Alternate the order that Digest and NTLM headers appear in responses to 14ensure that the order doesn't matter. --> 15 16<!-- First request has Digest auth, wrong password --> 17<data100> 18HTTP/1.1 401 Need Digest or NTLM auth 19Server: Microsoft-IIS/5.0 20Content-Type: text/html; charset=iso-8859-1 21Content-Length: 27 22WWW-Authenticate: NTLM 23WWW-Authenticate: Digest realm="testrealm", nonce="1" 24 25This is not the real page! 26</data100> 27 28<data1100> 29HTTP/1.1 401 Sorry wrong password 30Server: Microsoft-IIS/5.0 31Content-Type: text/html; charset=iso-8859-1 32Content-Length: 29 33WWW-Authenticate: Digest realm="testrealm", nonce="2" 34WWW-Authenticate: NTLM 35 36This is a bad password page! 37</data1100> 38 39<!-- Second request has NTLM auth, right password --> 40<data200> 41HTTP/1.1 401 Need Digest or NTLM auth (2) 42Server: Microsoft-IIS/5.0 43Content-Type: text/html; charset=iso-8859-1 44Content-Length: 27 45WWW-Authenticate: NTLM 46WWW-Authenticate: Digest realm="testrealm", nonce="3" 47 48This is not the real page! 49</data200> 50 51<data1201> 52HTTP/1.1 401 NTLM intermediate 53Server: Microsoft-IIS/5.0 54Content-Type: text/html; charset=iso-8859-1 55Content-Length: 33 56WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 57 58This is still not the real page! 59</data1201> 60 61<data1202> 62HTTP/1.1 200 Things are fine in server land 63Server: Microsoft-IIS/5.0 64Content-Type: text/html; charset=iso-8859-1 65Content-Length: 32 66 67Finally, this is the real page! 68</data1202> 69 70<!-- Third request has Digest auth, wrong password --> 71<data300> 72HTTP/1.1 401 Need Digest or NTLM auth (3) 73Server: Microsoft-IIS/5.0 74Content-Type: text/html; charset=iso-8859-1 75Content-Length: 27 76WWW-Authenticate: Digest realm="testrealm", nonce="4" 77WWW-Authenticate: NTLM 78 79This is not the real page! 80</data300> 81 82<data1300> 83HTTP/1.1 401 Sorry wrong password (2) 84Server: Microsoft-IIS/5.0 85Content-Type: text/html; charset=iso-8859-1 86Content-Length: 29 87WWW-Authenticate: NTLM 88WWW-Authenticate: Digest realm="testrealm", nonce="5" 89 90This is a bad password page! 91</data1300> 92 93<!-- Fourth request has NTLM auth, wrong password --> 94<data400> 95HTTP/1.1 401 Need Digest or NTLM auth (4) 96Server: Microsoft-IIS/5.0 97Content-Type: text/html; charset=iso-8859-1 98Content-Length: 27 99WWW-Authenticate: Digest realm="testrealm", nonce="6" 100WWW-Authenticate: NTLM 101 102This is not the real page! 103</data400> 104 105<data1401> 106HTTP/1.1 401 NTLM intermediate (2) 107Server: Microsoft-IIS/5.0 108Content-Type: text/html; charset=iso-8859-1 109Content-Length: 33 110WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 111 112This is still not the real page! 113</data1401> 114 115<data1402> 116HTTP/1.1 401 Sorry wrong password (3) 117Server: Microsoft-IIS/5.0 118Content-Type: text/html; charset=iso-8859-1 119Content-Length: 29 120WWW-Authenticate: NTLM 121WWW-Authenticate: Digest realm="testrealm", nonce="7" 122 123This is a bad password page! 124</data1402> 125 126<!-- Fifth request has NTLM auth, right password --> 127<data500> 128HTTP/1.1 401 Need Digest or NTLM auth (5) 129Server: Microsoft-IIS/5.0 130Content-Type: text/html; charset=iso-8859-1 131Content-Length: 27 132WWW-Authenticate: Digest realm="testrealm", nonce="8" 133WWW-Authenticate: NTLM 134 135This is not the real page! 136</data500> 137 138<data1501> 139HTTP/1.1 401 NTLM intermediate (3) 140Server: Microsoft-IIS/5.0 141Content-Type: text/html; charset=iso-8859-1 142Content-Length: 33 143WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 144 145This is still not the real page! 146</data1501> 147 148<data1502> 149HTTP/1.1 200 Things are fine in server land (2) 150Server: Microsoft-IIS/5.0 151Content-Type: text/html; charset=iso-8859-1 152Content-Length: 32 153 154Finally, this is the real page! 155</data1502> 156 157<datacheck> 158HTTP/1.1 401 Need Digest or NTLM auth 159Server: Microsoft-IIS/5.0 160Content-Type: text/html; charset=iso-8859-1 161Content-Length: 27 162WWW-Authenticate: NTLM 163WWW-Authenticate: Digest realm="testrealm", nonce="1" 164 165HTTP/1.1 401 Sorry wrong password 166Server: Microsoft-IIS/5.0 167Content-Type: text/html; charset=iso-8859-1 168Content-Length: 29 169WWW-Authenticate: Digest realm="testrealm", nonce="2" 170WWW-Authenticate: NTLM 171 172This is a bad password page! 173HTTP/1.1 401 NTLM intermediate 174Server: Microsoft-IIS/5.0 175Content-Type: text/html; charset=iso-8859-1 176Content-Length: 33 177WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 178 179HTTP/1.1 200 Things are fine in server land 180Server: Microsoft-IIS/5.0 181Content-Type: text/html; charset=iso-8859-1 182Content-Length: 32 183 184Finally, this is the real page! 185HTTP/1.1 401 Need Digest or NTLM auth (3) 186Server: Microsoft-IIS/5.0 187Content-Type: text/html; charset=iso-8859-1 188Content-Length: 27 189WWW-Authenticate: Digest realm="testrealm", nonce="4" 190WWW-Authenticate: NTLM 191 192HTTP/1.1 401 Sorry wrong password (2) 193Server: Microsoft-IIS/5.0 194Content-Type: text/html; charset=iso-8859-1 195Content-Length: 29 196WWW-Authenticate: NTLM 197WWW-Authenticate: Digest realm="testrealm", nonce="5" 198 199This is a bad password page! 200HTTP/1.1 401 NTLM intermediate (2) 201Server: Microsoft-IIS/5.0 202Content-Type: text/html; charset=iso-8859-1 203Content-Length: 33 204WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 205 206HTTP/1.1 401 Sorry wrong password (3) 207Server: Microsoft-IIS/5.0 208Content-Type: text/html; charset=iso-8859-1 209Content-Length: 29 210WWW-Authenticate: NTLM 211WWW-Authenticate: Digest realm="testrealm", nonce="7" 212 213This is a bad password page! 214HTTP/1.1 401 NTLM intermediate (3) 215Server: Microsoft-IIS/5.0 216Content-Type: text/html; charset=iso-8859-1 217Content-Length: 33 218WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 219 220HTTP/1.1 200 Things are fine in server land (2) 221Server: Microsoft-IIS/5.0 222Content-Type: text/html; charset=iso-8859-1 223Content-Length: 32 224 225Finally, this is the real page! 226</datacheck> 227 228</reply> 229 230# Client-side 231<client> 232<features> 233NTLM 234SSL 235!SSPI 236</features> 237<server> 238http 239</server> 240<tool> 241libauthretry 242</tool> 243 244 <name> 245HTTP authorization retry (Digest switching to NTLM) 246 </name> 247 <setenv> 248# we force our own host name, in order to make the test machine independent 249CURL_GETHOSTNAME=curlhost 250# we try to use the LD_PRELOAD hack, if not a debug build 251LD_PRELOAD=%PWD/libtest/.libs/libhostname.so 252 </setenv> 253 <command> 254http://%HOSTIP:%HTTPPORT/%TESTNUMBER digest ntlm 255</command> 256<precheck> 257chkhostname curlhost 258</precheck> 259</client> 260 261# Verify data after the test has been "shot" 262<verify> 263<protocol> 264GET /%TESTNUMBER0100 HTTP/1.1 265Host: %HOSTIP:%HTTPPORT 266Accept: */* 267 268GET /%TESTNUMBER0100 HTTP/1.1 269Host: %HOSTIP:%HTTPPORT 270Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/%TESTNUMBER0100", response="53c80666f5e3a4a55f92a66aaf0078bb" 271Accept: */* 272 273GET /%TESTNUMBER0200 HTTP/1.1 274Host: %HOSTIP:%HTTPPORT 275Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 276Accept: */* 277 278GET /%TESTNUMBER0200 HTTP/1.1 279Host: %HOSTIP:%HTTPPORT 280Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q= 281Accept: */* 282 283GET /%TESTNUMBER0300 HTTP/1.1 284Host: %HOSTIP:%HTTPPORT 285Accept: */* 286 287GET /%TESTNUMBER0300 HTTP/1.1 288Host: %HOSTIP:%HTTPPORT 289Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/%TESTNUMBER0300", response="1aa5d90da9803ca12d04b24e0f19476e" 290Accept: */* 291 292GET /%TESTNUMBER0400 HTTP/1.1 293Host: %HOSTIP:%HTTPPORT 294Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 295Accept: */* 296 297GET /%TESTNUMBER0400 HTTP/1.1 298Host: %HOSTIP:%HTTPPORT 299Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q= 300Accept: */* 301 302GET /%TESTNUMBER0500 HTTP/1.1 303Host: %HOSTIP:%HTTPPORT 304Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 305Accept: */* 306 307GET /%TESTNUMBER0500 HTTP/1.1 308Host: %HOSTIP:%HTTPPORT 309Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q= 310Accept: */* 311 312</protocol> 313</verify> 314</testcase> 315