1<testcase> 2<info> 3<keywords> 4HTTP 5HTTP GET 6HTTP Digest auth 7HTTP NTLM auth 8</keywords> 9</info> 10# Server-side 11<reply> 12 13<!-- Alternate the order that Digest and NTLM headers appear in responses to 14ensure that the order doesn't matter. --> 15 16<!-- 17 18 Explanation for the duplicate 400 requests: 19 20 libcurl doesn't detect that a given Digest password is wrong already on the 21 first 401 response (as the data400 gives). libcurl will instead consider the 22 new response just as a duplicate and it sends another and detects the auth 23 problem on the second 401 response! 24 25--> 26 27 28<!-- First request has NTLM auth, wrong password --> 29<data100> 30HTTP/1.1 401 Need Digest or NTLM auth 31Server: Microsoft-IIS/5.0 32Content-Type: text/html; charset=iso-8859-1 33Content-Length: 27 34WWW-Authenticate: NTLM 35WWW-Authenticate: Digest realm="testrealm", nonce="1" 36 37This is not the real page! 38</data100> 39 40<data1101> 41HTTP/1.1 401 NTLM intermediate 42Server: Microsoft-IIS/5.0 43Content-Type: text/html; charset=iso-8859-1 44Content-Length: 33 45WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 46 47This is still not the real page! 48</data1101> 49 50<data1102> 51HTTP/1.1 401 Sorry wrong password 52Server: Microsoft-IIS/5.0 53Content-Type: text/html; charset=iso-8859-1 54Content-Length: 29 55WWW-Authenticate: Digest realm="testrealm", nonce="2" 56WWW-Authenticate: NTLM 57 58This is a bad password page! 59</data1102> 60 61<!-- Second request has Digest auth, right password --> 62<data200> 63HTTP/1.1 401 Need Digest or NTLM auth (2) 64Server: Microsoft-IIS/5.0 65Content-Type: text/html; charset=iso-8859-1 66Content-Length: 27 67WWW-Authenticate: NTLM 68WWW-Authenticate: Digest realm="testrealm", nonce="3" 69 70This is not the real page! 71</data200> 72 73<data1200> 74HTTP/1.1 200 Things are fine in server land 75Server: Microsoft-IIS/5.0 76Content-Type: text/html; charset=iso-8859-1 77Content-Length: 32 78 79Finally, this is the real page! 80</data1200> 81 82<!-- Third request has NTLM auth, wrong password --> 83<data300> 84HTTP/1.1 401 Need Digest or NTLM auth (3) 85Server: Microsoft-IIS/5.0 86Content-Type: text/html; charset=iso-8859-1 87Content-Length: 27 88WWW-Authenticate: Digest realm="testrealm", nonce="4" 89WWW-Authenticate: NTLM 90 91This is not the real page! 92</data300> 93 94<data1301> 95HTTP/1.1 401 NTLM intermediate (2) 96Server: Microsoft-IIS/5.0 97Content-Type: text/html; charset=iso-8859-1 98Content-Length: 33 99WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 100 101This is still not the real page! 102</data1301> 103 104<data1302> 105HTTP/1.1 401 Sorry wrong password (2) 106Server: Microsoft-IIS/5.0 107Content-Type: text/html; charset=iso-8859-1 108Content-Length: 29 109WWW-Authenticate: NTLM 110WWW-Authenticate: Digest realm="testrealm", nonce="5" 111 112This is a bad password page! 113</data1302> 114 115<!-- Fourth request has Digest auth, wrong password --> 116<data400> 117HTTP/1.1 401 Need Digest or NTLM auth (4) 118Server: Microsoft-IIS/5.0 119Content-Type: text/html; charset=iso-8859-1 120Content-Length: 27 121WWW-Authenticate: Digest realm="testrealm", nonce="6" 122WWW-Authenticate: NTLM 123 124This is not the real page! 125</data400> 126 127<data1400> 128HTTP/1.1 401 Sorry wrong password (3) 129Server: Microsoft-IIS/5.0 130Content-Type: text/html; charset=iso-8859-1 131Content-Length: 29 132WWW-Authenticate: NTLM 133WWW-Authenticate: Digest realm="testrealm", nonce="7" 134 135This is a bad password page! 136</data1400> 137 138<!-- Fifth request has Digest auth, right password --> 139<data500> 140HTTP/1.1 401 Need Digest or NTLM auth (5) 141Server: Microsoft-IIS/5.0 142Content-Type: text/html; charset=iso-8859-1 143Content-Length: 27 144WWW-Authenticate: Digest realm="testrealm", nonce="8" 145WWW-Authenticate: NTLM 146 147This is not the real page! 148</data500> 149 150<data1500> 151HTTP/1.1 200 Things are fine in server land (2) 152Server: Microsoft-IIS/5.0 153Content-Type: text/html; charset=iso-8859-1 154Content-Length: 32 155 156Finally, this is the real page! 157</data1500> 158 159<datacheck> 160HTTP/1.1 401 NTLM intermediate 161Server: Microsoft-IIS/5.0 162Content-Type: text/html; charset=iso-8859-1 163Content-Length: 33 164WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 165 166HTTP/1.1 401 Sorry wrong password 167Server: Microsoft-IIS/5.0 168Content-Type: text/html; charset=iso-8859-1 169Content-Length: 29 170WWW-Authenticate: Digest realm="testrealm", nonce="2" 171WWW-Authenticate: NTLM 172 173This is a bad password page! 174HTTP/1.1 200 Things are fine in server land 175Server: Microsoft-IIS/5.0 176Content-Type: text/html; charset=iso-8859-1 177Content-Length: 32 178 179Finally, this is the real page! 180HTTP/1.1 401 NTLM intermediate (2) 181Server: Microsoft-IIS/5.0 182Content-Type: text/html; charset=iso-8859-1 183Content-Length: 33 184WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 185 186HTTP/1.1 401 Sorry wrong password (2) 187Server: Microsoft-IIS/5.0 188Content-Type: text/html; charset=iso-8859-1 189Content-Length: 29 190WWW-Authenticate: NTLM 191WWW-Authenticate: Digest realm="testrealm", nonce="5" 192 193This is a bad password page! 194HTTP/1.1 401 Sorry wrong password (3) 195Server: Microsoft-IIS/5.0 196Content-Type: text/html; charset=iso-8859-1 197Content-Length: 29 198WWW-Authenticate: NTLM 199WWW-Authenticate: Digest realm="testrealm", nonce="7" 200 201HTTP/1.1 401 Sorry wrong password (3) 202Server: Microsoft-IIS/5.0 203Content-Type: text/html; charset=iso-8859-1 204Content-Length: 29 205WWW-Authenticate: NTLM 206WWW-Authenticate: Digest realm="testrealm", nonce="7" 207 208This is a bad password page! 209HTTP/1.1 200 Things are fine in server land (2) 210Server: Microsoft-IIS/5.0 211Content-Type: text/html; charset=iso-8859-1 212Content-Length: 32 213 214Finally, this is the real page! 215</datacheck> 216 217</reply> 218 219# Client-side 220<client> 221<features> 222NTLM 223!SSPI 224</features> 225<server> 226http 227</server> 228<tool> 229libauthretry 230</tool> 231 232 <name> 233HTTP authorization retry (NTLM switching to Digest) 234 </name> 235 <setenv> 236# we force our own host name, in order to make the test machine independent 237CURL_GETHOSTNAME=curlhost 238# we try to use the LD_PRELOAD hack, if not a debug build 239LD_PRELOAD=%PWD/libtest/.libs/libhostname.so 240 </setenv> 241 <command> 242http://%HOSTIP:%HTTPPORT/2030 ntlm digest 243</command> 244<precheck> 245chkhostname curlhost 246</precheck> 247</client> 248 249# Verify data after the test has been "shot" 250<verify> 251<strip> 252^User-Agent:.* 253</strip> 254<protocol> 255GET /20300100 HTTP/1.1 256Host: %HOSTIP:%HTTPPORT 257Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 258Accept: */* 259 260GET /20300100 HTTP/1.1 261Host: %HOSTIP:%HTTPPORT 262Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q= 263Accept: */* 264 265GET /20300200 HTTP/1.1 266Host: %HOSTIP:%HTTPPORT 267Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20300200", response="2f2d784ba53a0a307758a90e98d25c27" 268Accept: */* 269 270GET /20300300 HTTP/1.1 271Host: %HOSTIP:%HTTPPORT 272Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 273Accept: */* 274 275GET /20300300 HTTP/1.1 276Host: %HOSTIP:%HTTPPORT 277Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q= 278Accept: */* 279 280GET /20300400 HTTP/1.1 281Host: %HOSTIP:%HTTPPORT 282Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20300400", response="d6262e9147db08c62ff2f53b515861e8" 283Accept: */* 284 285GET /20300400 HTTP/1.1 286Host: %HOSTIP:%HTTPPORT 287Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20300400", response="d6262e9147db08c62ff2f53b515861e8" 288Accept: */* 289 290GET /20300500 HTTP/1.1 291Host: %HOSTIP:%HTTPPORT 292Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/20300500", response="198757e61163a779cf24ed4c49c1ad7d" 293Accept: */* 294 295</protocol> 296</verify> 297</testcase> 298