test2026 5.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216
  1. <testcase>
  2. <info>
  3. <keywords>
  4. HTTP
  5. HTTP GET
  6. HTTP Basic auth
  7. HTTP Digest auth
  8. </keywords>
  9. </info>
  10. # Server-side
  11. <reply>
  12. <!-- Alternate the order that Basic and Digest headers appear in responses to
  13. ensure that the order doesn't matter. -->
  14. <!-- First request has Digest auth, wrong password -->
  15. <data100>
  16. HTTP/1.1 401 Need Basic or Digest auth
  17. Server: Microsoft-IIS/5.0
  18. Content-Type: text/html; charset=iso-8859-1
  19. Content-Length: 27
  20. WWW-Authenticate: Digest realm="testrealm", nonce="1"
  21. WWW-Authenticate: Basic realm="testrealm"
  22. This is not the real page!
  23. </data100>
  24. <data1100>
  25. HTTP/1.1 401 Sorry wrong password
  26. Server: Microsoft-IIS/5.0
  27. Content-Type: text/html; charset=iso-8859-1
  28. Content-Length: 29
  29. WWW-Authenticate: Basic realm="testrealm"
  30. WWW-Authenticate: Digest realm="testrealm", nonce="2"
  31. This is a bad password page!
  32. </data1100>
  33. <!-- Second request has Basic auth, right password -->
  34. <data200>
  35. HTTP/1.1 200 Things are fine in server land
  36. Server: Microsoft-IIS/5.0
  37. Content-Type: text/html; charset=iso-8859-1
  38. Content-Length: 32
  39. Finally, this is the real page!
  40. </data200>
  41. <!-- Third request has Digest auth, wrong password -->
  42. <data300>
  43. HTTP/1.1 401 Need Basic or Digest auth (2)
  44. Server: Microsoft-IIS/5.0
  45. Content-Type: text/html; charset=iso-8859-1
  46. Content-Length: 27
  47. WWW-Authenticate: Digest realm="testrealm", nonce="3"
  48. WWW-Authenticate: Basic realm="testrealm"
  49. This is not the real page!
  50. </data300>
  51. <data1300>
  52. HTTP/1.1 401 Sorry wrong password (2)
  53. Server: Microsoft-IIS/5.0
  54. Content-Type: text/html; charset=iso-8859-1
  55. Content-Length: 29
  56. WWW-Authenticate: Basic realm="testrealm"
  57. WWW-Authenticate: Digest realm="testrealm", nonce="4"
  58. This is a bad password page!
  59. </data1300>
  60. <!-- Fourth request has Basic auth, wrong password -->
  61. <data400>
  62. HTTP/1.1 401 Sorry wrong password (3)
  63. Server: Microsoft-IIS/5.0
  64. Content-Type: text/html; charset=iso-8859-1
  65. Content-Length: 29
  66. WWW-Authenticate: Digest realm="testrealm", nonce="5"
  67. WWW-Authenticate: Basic realm="testrealm"
  68. This is a bad password page!
  69. </data400>
  70. <!-- Fifth request has Basic auth, right password -->
  71. <data500>
  72. HTTP/1.1 200 Things are fine in server land (2)
  73. Server: Microsoft-IIS/5.0
  74. Content-Type: text/html; charset=iso-8859-1
  75. Content-Length: 32
  76. Finally, this is the real page!
  77. </data500>
  78. <datacheck>
  79. HTTP/1.1 401 Need Basic or Digest auth
  80. Server: Microsoft-IIS/5.0
  81. Content-Type: text/html; charset=iso-8859-1
  82. Content-Length: 27
  83. WWW-Authenticate: Digest realm="testrealm", nonce="1"
  84. WWW-Authenticate: Basic realm="testrealm"
  85. HTTP/1.1 401 Sorry wrong password
  86. Server: Microsoft-IIS/5.0
  87. Content-Type: text/html; charset=iso-8859-1
  88. Content-Length: 29
  89. WWW-Authenticate: Basic realm="testrealm"
  90. WWW-Authenticate: Digest realm="testrealm", nonce="2"
  91. This is a bad password page!
  92. HTTP/1.1 200 Things are fine in server land
  93. Server: Microsoft-IIS/5.0
  94. Content-Type: text/html; charset=iso-8859-1
  95. Content-Length: 32
  96. Finally, this is the real page!
  97. HTTP/1.1 401 Need Basic or Digest auth (2)
  98. Server: Microsoft-IIS/5.0
  99. Content-Type: text/html; charset=iso-8859-1
  100. Content-Length: 27
  101. WWW-Authenticate: Digest realm="testrealm", nonce="3"
  102. WWW-Authenticate: Basic realm="testrealm"
  103. HTTP/1.1 401 Sorry wrong password (2)
  104. Server: Microsoft-IIS/5.0
  105. Content-Type: text/html; charset=iso-8859-1
  106. Content-Length: 29
  107. WWW-Authenticate: Basic realm="testrealm"
  108. WWW-Authenticate: Digest realm="testrealm", nonce="4"
  109. This is a bad password page!
  110. HTTP/1.1 401 Sorry wrong password (3)
  111. Server: Microsoft-IIS/5.0
  112. Content-Type: text/html; charset=iso-8859-1
  113. Content-Length: 29
  114. WWW-Authenticate: Digest realm="testrealm", nonce="5"
  115. WWW-Authenticate: Basic realm="testrealm"
  116. This is a bad password page!
  117. HTTP/1.1 200 Things are fine in server land (2)
  118. Server: Microsoft-IIS/5.0
  119. Content-Type: text/html; charset=iso-8859-1
  120. Content-Length: 32
  121. Finally, this is the real page!
  122. </datacheck>
  123. </reply>
  124. # Client-side
  125. <client>
  126. <server>
  127. http
  128. </server>
  129. <tool>
  130. libauthretry
  131. </tool>
  132. <name>
  133. HTTP authorization retry (Digest switching to Basic)
  134. </name>
  135. <setenv>
  136. # we force our own host name, in order to make the test machine independent
  137. CURL_GETHOSTNAME=curlhost
  138. # we try to use the LD_PRELOAD hack, if not a debug build
  139. LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
  140. </setenv>
  141. <command>
  142. http://%HOSTIP:%HTTPPORT/2026 digest basic
  143. </command>
  144. <precheck>
  145. chkhostname curlhost
  146. </precheck>
  147. </client>
  148. # Verify data after the test has been "shot"
  149. <verify>
  150. <strip>
  151. ^User-Agent:.*
  152. </strip>
  153. <protocol>
  154. GET /20260100 HTTP/1.1
  155. Host: %HOSTIP:%HTTPPORT
  156. Accept: */*
  157. GET /20260100 HTTP/1.1
  158. Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20260100", response="5f992a2e761ab926256419f7c685f85b"
  159. Host: %HOSTIP:%HTTPPORT
  160. Accept: */*
  161. GET /20260200 HTTP/1.1
  162. Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
  163. Host: %HOSTIP:%HTTPPORT
  164. Accept: */*
  165. GET /20260300 HTTP/1.1
  166. Host: %HOSTIP:%HTTPPORT
  167. Accept: */*
  168. GET /20260300 HTTP/1.1
  169. Authorization: Digest username="testuser", realm="testrealm", nonce="3", uri="/20260300", response="132242e602882251929be93228c830ae"
  170. Host: %HOSTIP:%HTTPPORT
  171. Accept: */*
  172. GET /20260400 HTTP/1.1
  173. Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
  174. Host: %HOSTIP:%HTTPPORT
  175. Accept: */*
  176. GET /20260500 HTTP/1.1
  177. Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
  178. Host: %HOSTIP:%HTTPPORT
  179. Accept: */*
  180. </protocol>
  181. </verify>
  182. </testcase>