123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172 |
- <testcase>
- <info>
- <keywords>
- HTTP
- HTTP GET
- HTTP Basic auth
- HTTP Digest auth
- </keywords>
- </info>
- # Server-side
- <reply>
- <!-- Alternate the order that Basic and Digest headers appear in responses to
- ensure that the order doesn't matter. -->
- <!-- First request has Basic auth, wrong password -->
- <data100>
- HTTP/1.1 401 Sorry wrong password
- Server: Microsoft-IIS/5.0
- Content-Type: text/html; charset=iso-8859-1
- Content-Length: 29
- WWW-Authenticate: Digest realm="testrealm", nonce="1"
- WWW-Authenticate: Basic realm="testrealm"
- This is a bad password page!
- </data100>
- <!-- Second request has Digest auth, right password -->
- <data1200>
- HTTP/1.1 200 Things are fine in server land
- Server: Microsoft-IIS/5.0
- Content-Type: text/html; charset=iso-8859-1
- Content-Length: 32
- Finally, this is the real page!
- </data1200>
- <!-- Third request has Basic auth, wrong password -->
- <data300>
- HTTP/1.1 401 Sorry wrong password (2)
- Server: Microsoft-IIS/5.0
- Content-Type: text/html; charset=iso-8859-1
- Content-Length: 29
- WWW-Authenticate: Digest realm="testrealm", nonce="2"
- WWW-Authenticate: Basic realm="testrealm"
- This is a bad password page!
- </data300>
- <!-- Fourth request has Digest auth, wrong password -->
- <data1400>
- HTTP/1.1 401 Sorry wrong password (3)
- Server: Microsoft-IIS/5.0
- Content-Type: text/html; charset=iso-8859-1
- Content-Length: 29
- WWW-Authenticate: Digest realm="testrealm", nonce="3"
- WWW-Authenticate: Basic realm="testrealm"
- This is a bad password page!
- </data1400>
- <!-- Fifth request has Digest auth, right password -->
- <data1500>
- HTTP/1.1 200 Things are fine in server land (2)
- Server: Microsoft-IIS/5.0
- Content-Type: text/html; charset=iso-8859-1
- Content-Length: 32
- Finally, this is the real page!
- </data1500>
- <datacheck>
- HTTP/1.1 401 Sorry wrong password
- Server: Microsoft-IIS/5.0
- Content-Type: text/html; charset=iso-8859-1
- Content-Length: 29
- WWW-Authenticate: Digest realm="testrealm", nonce="1"
- WWW-Authenticate: Basic realm="testrealm"
- This is a bad password page!
- HTTP/1.1 200 Things are fine in server land
- Server: Microsoft-IIS/5.0
- Content-Type: text/html; charset=iso-8859-1
- Content-Length: 32
- Finally, this is the real page!
- HTTP/1.1 401 Sorry wrong password (2)
- Server: Microsoft-IIS/5.0
- Content-Type: text/html; charset=iso-8859-1
- Content-Length: 29
- WWW-Authenticate: Digest realm="testrealm", nonce="2"
- WWW-Authenticate: Basic realm="testrealm"
- This is a bad password page!
- HTTP/1.1 401 Sorry wrong password (3)
- Server: Microsoft-IIS/5.0
- Content-Type: text/html; charset=iso-8859-1
- Content-Length: 29
- WWW-Authenticate: Digest realm="testrealm", nonce="3"
- WWW-Authenticate: Basic realm="testrealm"
- This is a bad password page!
- HTTP/1.1 200 Things are fine in server land (2)
- Server: Microsoft-IIS/5.0
- Content-Type: text/html; charset=iso-8859-1
- Content-Length: 32
- Finally, this is the real page!
- </datacheck>
- </reply>
- # Client-side
- <client>
- <server>
- http
- </server>
- <tool>
- libauthretry
- </tool>
- <name>
- HTTP authorization retry (Basic switching to Digest)
- </name>
- <setenv>
- # we force our own host name, in order to make the test machine independent
- CURL_GETHOSTNAME=curlhost
- # we try to use the LD_PRELOAD hack, if not a debug build
- LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
- </setenv>
- <command>
- http://%HOSTIP:%HTTPPORT/2024 basic digest
- </command>
- <precheck>
- chkhostname curlhost
- </precheck>
- </client>
- # Verify data after the test has been "shot"
- <verify>
- <strip>
- ^User-Agent:.*
- </strip>
- <protocol>
- GET /20240100 HTTP/1.1
- Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
- Host: %HOSTIP:%HTTPPORT
- Accept: */*
- GET /20240200 HTTP/1.1
- Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20240200", response="ed646c565f79e2dd9fa37cb5a621213c"
- Host: %HOSTIP:%HTTPPORT
- Accept: */*
- GET /20240300 HTTP/1.1
- Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
- Host: %HOSTIP:%HTTPPORT
- Accept: */*
- GET /20240400 HTTP/1.1
- Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20240400", response="9741ced8caacc6124770187b36f007c5"
- Host: %HOSTIP:%HTTPPORT
- Accept: */*
- GET /20240500 HTTP/1.1
- Authorization: Digest username="testuser", realm="testrealm", nonce="3", uri="/20240500", response="5bc77ec8c2d443b27a1b55f1fd8fbb13"
- Host: %HOSTIP:%HTTPPORT
- Accept: */*
- </protocol>
- </verify>
- </testcase>
|