test2026 5.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217
  1. <testcase>
  2. <info>
  3. <keywords>
  4. HTTP
  5. HTTP GET
  6. HTTP Basic auth
  7. HTTP Digest auth
  8. </keywords>
  9. </info>
  10. # Server-side
  11. <reply>
  12. <!-- Alternate the order that Basic and Digest headers appear in responses to
  13. ensure that the order doesn't matter. -->
  14. <!-- First request has Digest auth, wrong password -->
  15. <data100>
  16. HTTP/1.1 401 Need Basic or Digest auth
  17. Server: Microsoft-IIS/5.0
  18. Content-Type: text/html; charset=iso-8859-1
  19. Content-Length: 27
  20. WWW-Authenticate: Digest realm="testrealm", nonce="1"
  21. WWW-Authenticate: Basic realm="testrealm"
  22. This is not the real page!
  23. </data100>
  24. <data1100>
  25. HTTP/1.1 401 Sorry wrong password
  26. Server: Microsoft-IIS/5.0
  27. Content-Type: text/html; charset=iso-8859-1
  28. Content-Length: 29
  29. WWW-Authenticate: Basic realm="testrealm"
  30. WWW-Authenticate: Digest realm="testrealm", nonce="2"
  31. This is a bad password page!
  32. </data1100>
  33. <!-- Second request has Basic auth, right password -->
  34. <data200>
  35. HTTP/1.1 200 Things are fine in server land
  36. Server: Microsoft-IIS/5.0
  37. Content-Type: text/html; charset=iso-8859-1
  38. Content-Length: 32
  39. Finally, this is the real page!
  40. </data200>
  41. <!-- Third request has Digest auth, wrong password -->
  42. <data300>
  43. HTTP/1.1 401 Need Basic or Digest auth (2)
  44. Server: Microsoft-IIS/5.0
  45. Content-Type: text/html; charset=iso-8859-1
  46. Content-Length: 27
  47. WWW-Authenticate: Digest realm="testrealm", nonce="3"
  48. WWW-Authenticate: Basic realm="testrealm"
  49. This is not the real page!
  50. </data300>
  51. <data1300>
  52. HTTP/1.1 401 Sorry wrong password (2)
  53. Server: Microsoft-IIS/5.0
  54. Content-Type: text/html; charset=iso-8859-1
  55. Content-Length: 29
  56. WWW-Authenticate: Basic realm="testrealm"
  57. WWW-Authenticate: Digest realm="testrealm", nonce="4"
  58. This is a bad password page!
  59. </data1300>
  60. <!-- Fourth request has Basic auth, wrong password -->
  61. <data400>
  62. HTTP/1.1 401 Sorry wrong password (3)
  63. Server: Microsoft-IIS/5.0
  64. Content-Type: text/html; charset=iso-8859-1
  65. Content-Length: 29
  66. WWW-Authenticate: Digest realm="testrealm", nonce="5"
  67. WWW-Authenticate: Basic realm="testrealm"
  68. This is a bad password page!
  69. </data400>
  70. <!-- Fifth request has Basic auth, right password -->
  71. <data500>
  72. HTTP/1.1 200 Things are fine in server land (2)
  73. Server: Microsoft-IIS/5.0
  74. Content-Type: text/html; charset=iso-8859-1
  75. Content-Length: 32
  76. Finally, this is the real page!
  77. </data500>
  78. <datacheck>
  79. HTTP/1.1 401 Need Basic or Digest auth
  80. Server: Microsoft-IIS/5.0
  81. Content-Type: text/html; charset=iso-8859-1
  82. Content-Length: 27
  83. WWW-Authenticate: Digest realm="testrealm", nonce="1"
  84. WWW-Authenticate: Basic realm="testrealm"
  85. HTTP/1.1 401 Sorry wrong password
  86. Server: Microsoft-IIS/5.0
  87. Content-Type: text/html; charset=iso-8859-1
  88. Content-Length: 29
  89. WWW-Authenticate: Basic realm="testrealm"
  90. WWW-Authenticate: Digest realm="testrealm", nonce="2"
  91. This is a bad password page!
  92. HTTP/1.1 200 Things are fine in server land
  93. Server: Microsoft-IIS/5.0
  94. Content-Type: text/html; charset=iso-8859-1
  95. Content-Length: 32
  96. Finally, this is the real page!
  97. HTTP/1.1 401 Need Basic or Digest auth (2)
  98. Server: Microsoft-IIS/5.0
  99. Content-Type: text/html; charset=iso-8859-1
  100. Content-Length: 27
  101. WWW-Authenticate: Digest realm="testrealm", nonce="3"
  102. WWW-Authenticate: Basic realm="testrealm"
  103. HTTP/1.1 401 Sorry wrong password (2)
  104. Server: Microsoft-IIS/5.0
  105. Content-Type: text/html; charset=iso-8859-1
  106. Content-Length: 29
  107. WWW-Authenticate: Basic realm="testrealm"
  108. WWW-Authenticate: Digest realm="testrealm", nonce="4"
  109. This is a bad password page!
  110. HTTP/1.1 401 Sorry wrong password (3)
  111. Server: Microsoft-IIS/5.0
  112. Content-Type: text/html; charset=iso-8859-1
  113. Content-Length: 29
  114. WWW-Authenticate: Digest realm="testrealm", nonce="5"
  115. WWW-Authenticate: Basic realm="testrealm"
  116. This is a bad password page!
  117. HTTP/1.1 200 Things are fine in server land (2)
  118. Server: Microsoft-IIS/5.0
  119. Content-Type: text/html; charset=iso-8859-1
  120. Content-Length: 32
  121. Finally, this is the real page!
  122. </datacheck>
  123. </reply>
  124. # Client-side
  125. <client>
  126. <server>
  127. http
  128. </server>
  129. <features>
  130. !SSPI
  131. crypto
  132. </features>
  133. <tool>
  134. libauthretry
  135. </tool>
  136. <name>
  137. HTTP authorization retry (Digest switching to Basic)
  138. </name>
  139. <setenv>
  140. # we force our own host name, in order to make the test machine independent
  141. CURL_GETHOSTNAME=curlhost
  142. # we try to use the LD_PRELOAD hack, if not a debug build
  143. LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
  144. </setenv>
  145. <command>
  146. http://%HOSTIP:%HTTPPORT/%TESTNUMBER digest basic
  147. </command>
  148. <precheck>
  149. chkhostname curlhost
  150. </precheck>
  151. </client>
  152. # Verify data after the test has been "shot"
  153. <verify>
  154. <protocol>
  155. GET /%TESTNUMBER0100 HTTP/1.1
  156. Host: %HOSTIP:%HTTPPORT
  157. Accept: */*
  158. GET /%TESTNUMBER0100 HTTP/1.1
  159. Host: %HOSTIP:%HTTPPORT
  160. Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/%TESTNUMBER0100", response="5f992a2e761ab926256419f7c685f85b"
  161. Accept: */*
  162. GET /%TESTNUMBER0200 HTTP/1.1
  163. Host: %HOSTIP:%HTTPPORT
  164. Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
  165. Accept: */*
  166. GET /%TESTNUMBER0300 HTTP/1.1
  167. Host: %HOSTIP:%HTTPPORT
  168. Accept: */*
  169. GET /%TESTNUMBER0300 HTTP/1.1
  170. Host: %HOSTIP:%HTTPPORT
  171. Authorization: Digest username="testuser", realm="testrealm", nonce="3", uri="/%TESTNUMBER0300", response="132242e602882251929be93228c830ae"
  172. Accept: */*
  173. GET /%TESTNUMBER0400 HTTP/1.1
  174. Host: %HOSTIP:%HTTPPORT
  175. Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
  176. Accept: */*
  177. GET /%TESTNUMBER0500 HTTP/1.1
  178. Host: %HOSTIP:%HTTPPORT
  179. Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
  180. Accept: */*
  181. </protocol>
  182. </verify>
  183. </testcase>