test2025 6.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272
  1. <testcase>
  2. <info>
  3. <keywords>
  4. HTTP
  5. HTTP GET
  6. HTTP Basic auth
  7. HTTP NTLM auth
  8. </keywords>
  9. </info>
  10. # Server-side
  11. <reply>
  12. <!-- Alternate the order that Basic and NTLM headers appear in responses to
  13. ensure that the order doesn't matter. -->
  14. <!-- First request has Basic auth, wrong password -->
  15. <data100>
  16. HTTP/1.1 401 Sorry wrong password
  17. Server: Microsoft-IIS/5.0
  18. Content-Type: text/html; charset=iso-8859-1
  19. Content-Length: 29
  20. WWW-Authenticate: NTLM
  21. WWW-Authenticate: Basic realm="testrealm"
  22. This is a bad password page!
  23. </data100>
  24. <!-- Second request has NTLM auth, right password -->
  25. <data200>
  26. HTTP/1.1 401 Need Basic or NTLM auth
  27. Server: Microsoft-IIS/5.0
  28. Content-Type: text/html; charset=iso-8859-1
  29. Content-Length: 27
  30. WWW-Authenticate: Basic realm="testrealm"
  31. WWW-Authenticate: NTLM
  32. This is not the real page!
  33. </data200>
  34. <data1201>
  35. HTTP/1.1 401 NTLM intermediate
  36. Server: Microsoft-IIS/5.0
  37. Content-Type: text/html; charset=iso-8859-1
  38. Content-Length: 33
  39. WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
  40. This is still not the real page!
  41. </data1201>
  42. <data1202>
  43. HTTP/1.1 200 Things are fine in server land
  44. Server: Microsoft-IIS/5.0
  45. Content-Type: text/html; charset=iso-8859-1
  46. Content-Length: 32
  47. Finally, this is the real page!
  48. </data1202>
  49. <!-- Third request has Basic auth, wrong password -->
  50. <data300>
  51. HTTP/1.1 401 Sorry wrong password (2)
  52. Server: Microsoft-IIS/5.0
  53. Content-Type: text/html; charset=iso-8859-1
  54. Content-Length: 29
  55. WWW-Authenticate: NTLM
  56. WWW-Authenticate: Basic realm="testrealm"
  57. This is a bad password page!
  58. </data300>
  59. <!-- Fourth request has NTLM auth, wrong password -->
  60. <data400>
  61. HTTP/1.1 401 Need Basic or NTLM auth (2)
  62. Server: Microsoft-IIS/5.0
  63. Content-Type: text/html; charset=iso-8859-1
  64. Content-Length: 27
  65. WWW-Authenticate: Basic realm="testrealm"
  66. WWW-Authenticate: NTLM
  67. This is not the real page!
  68. </data400>
  69. <data1401>
  70. HTTP/1.1 401 NTLM intermediate (2)
  71. Server: Microsoft-IIS/5.0
  72. Content-Type: text/html; charset=iso-8859-1
  73. Content-Length: 33
  74. WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
  75. This is still not the real page!
  76. </data1401>
  77. <data1402>
  78. HTTP/1.1 401 Sorry wrong password (3)
  79. Server: Microsoft-IIS/5.0
  80. Content-Type: text/html; charset=iso-8859-1
  81. Content-Length: 29
  82. WWW-Authenticate: NTLM
  83. WWW-Authenticate: Basic realm="testrealm"
  84. This is a bad password page!
  85. </data1402>
  86. <!-- Fifth request has NTLM auth, right password -->
  87. <data500>
  88. HTTP/1.1 401 Need Basic or NTLM auth (3)
  89. Server: Microsoft-IIS/5.0
  90. Content-Type: text/html; charset=iso-8859-1
  91. Content-Length: 27
  92. WWW-Authenticate: Basic realm="testrealm"
  93. WWW-Authenticate: NTLM
  94. This is not the real page!
  95. </data500>
  96. <data1501>
  97. HTTP/1.1 401 NTLM intermediate (3)
  98. Server: Microsoft-IIS/5.0
  99. Content-Type: text/html; charset=iso-8859-1
  100. Content-Length: 33
  101. WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
  102. This is still not the real page!
  103. </data1501>
  104. <data1502>
  105. HTTP/1.1 200 Things are fine in server land (2)
  106. Server: Microsoft-IIS/5.0
  107. Content-Type: text/html; charset=iso-8859-1
  108. Content-Length: 32
  109. Finally, this is the real page!
  110. </data1502>
  111. <datacheck>
  112. HTTP/1.1 401 Sorry wrong password
  113. Server: Microsoft-IIS/5.0
  114. Content-Type: text/html; charset=iso-8859-1
  115. Content-Length: 29
  116. WWW-Authenticate: NTLM
  117. WWW-Authenticate: Basic realm="testrealm"
  118. This is a bad password page!
  119. HTTP/1.1 401 NTLM intermediate
  120. Server: Microsoft-IIS/5.0
  121. Content-Type: text/html; charset=iso-8859-1
  122. Content-Length: 33
  123. WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
  124. HTTP/1.1 200 Things are fine in server land
  125. Server: Microsoft-IIS/5.0
  126. Content-Type: text/html; charset=iso-8859-1
  127. Content-Length: 32
  128. Finally, this is the real page!
  129. HTTP/1.1 401 Sorry wrong password (2)
  130. Server: Microsoft-IIS/5.0
  131. Content-Type: text/html; charset=iso-8859-1
  132. Content-Length: 29
  133. WWW-Authenticate: NTLM
  134. WWW-Authenticate: Basic realm="testrealm"
  135. This is a bad password page!
  136. HTTP/1.1 401 NTLM intermediate (2)
  137. Server: Microsoft-IIS/5.0
  138. Content-Type: text/html; charset=iso-8859-1
  139. Content-Length: 33
  140. WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
  141. HTTP/1.1 401 Sorry wrong password (3)
  142. Server: Microsoft-IIS/5.0
  143. Content-Type: text/html; charset=iso-8859-1
  144. Content-Length: 29
  145. WWW-Authenticate: NTLM
  146. WWW-Authenticate: Basic realm="testrealm"
  147. This is a bad password page!
  148. HTTP/1.1 401 NTLM intermediate (3)
  149. Server: Microsoft-IIS/5.0
  150. Content-Type: text/html; charset=iso-8859-1
  151. Content-Length: 33
  152. WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
  153. HTTP/1.1 200 Things are fine in server land (2)
  154. Server: Microsoft-IIS/5.0
  155. Content-Type: text/html; charset=iso-8859-1
  156. Content-Length: 32
  157. Finally, this is the real page!
  158. </datacheck>
  159. </reply>
  160. # Client-side
  161. <client>
  162. <features>
  163. NTLM
  164. !SSPI
  165. </features>
  166. <server>
  167. http
  168. </server>
  169. <tool>
  170. libauthretry
  171. </tool>
  172. <name>
  173. HTTP authorization retry (Basic switching to NTLM)
  174. </name>
  175. <setenv>
  176. # we force our own host name, in order to make the test machine independent
  177. CURL_GETHOSTNAME=curlhost
  178. # we try to use the LD_PRELOAD hack, if not a debug build
  179. LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
  180. </setenv>
  181. <command>
  182. http://%HOSTIP:%HTTPPORT/2025 basic ntlm
  183. </command>
  184. <precheck>
  185. chkhostname curlhost
  186. </precheck>
  187. </client>
  188. # Verify data after the test has been "shot"
  189. <verify>
  190. <strip>
  191. ^User-Agent:.*
  192. </strip>
  193. <protocol>
  194. GET /20250100 HTTP/1.1
  195. Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
  196. Host: %HOSTIP:%HTTPPORT
  197. Accept: */*
  198. GET /20250200 HTTP/1.1
  199. Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
  200. Host: %HOSTIP:%HTTPPORT
  201. Accept: */*
  202. GET /20250200 HTTP/1.1
  203. Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q=
  204. Host: %HOSTIP:%HTTPPORT
  205. Accept: */*
  206. GET /20250300 HTTP/1.1
  207. Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
  208. Host: %HOSTIP:%HTTPPORT
  209. Accept: */*
  210. GET /20250400 HTTP/1.1
  211. Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
  212. Host: %HOSTIP:%HTTPPORT
  213. Accept: */*
  214. GET /20250400 HTTP/1.1
  215. Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=
  216. Host: %HOSTIP:%HTTPPORT
  217. Accept: */*
  218. GET /20250500 HTTP/1.1
  219. Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
  220. Host: %HOSTIP:%HTTPPORT
  221. Accept: */*
  222. GET /20250500 HTTP/1.1
  223. Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q=
  224. Host: %HOSTIP:%HTTPPORT
  225. Accept: */*
  226. </protocol>
  227. </verify>
  228. </testcase>