12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182 |
- <testcase>
- <info>
- <keywords>
- HTTP
- HTTP GET
- HTTP Digest auth
- </keywords>
- </info>
- # Server-side
- <reply>
- <data>
- HTTP/1.1 401 Authorization Required
- Server: Apache/1.3.27 (Darwin) PHP/4.1.2
- WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-256", userhash=true
- Content-Type: text/html; charset=iso-8859-1
- Content-Length: 26
- This is not the real page
- </data>
- # This is supposed to be returned when the server gets a
- # Authorization: Digest line passed-in from the client
- <data1000>
- HTTP/1.1 401 Still a bad password you moron
- Server: Apache/1.3.27 (Darwin) PHP/4.1.2
- Content-Type: text/html; charset=iso-8859-1
- Content-Length: 34
- This is not the real page either
- </data1000>
- <datacheck>
- HTTP/1.1 401 Authorization Required
- Server: Apache/1.3.27 (Darwin) PHP/4.1.2
- WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-256", userhash=true
- Content-Type: text/html; charset=iso-8859-1
- Content-Length: 26
- HTTP/1.1 401 Still a bad password you moron
- Server: Apache/1.3.27 (Darwin) PHP/4.1.2
- Content-Type: text/html; charset=iso-8859-1
- Content-Length: 34
- This is not the real page either
- </datacheck>
- </reply>
- # Client-side
- <client>
- <server>
- http
- </server>
- <features>
- !SSPI
- crypto
- </features>
- <name>
- HTTP with RFC7616 Digest authorization with bad password, SHA-256 and userhash=true
- </name>
- <command>
- http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:test2pass --digest
- </command>
- </client>
- # Verify data after the test has been "shot"
- <verify>
- <protocol>
- GET /%TESTNUMBER HTTP/1.1
- Host: %HOSTIP:%HTTPPORT
- User-Agent: curl/%VERSION
- Accept: */*
- GET /%TESTNUMBER HTTP/1.1
- Host: %HOSTIP:%HTTPPORT
- Authorization: Digest username="75af8a3500f771e58a52093a25e7905d6e428a511285c12ea1420c73078dfd61", realm="testrealm", nonce="2053604145", uri="/%TESTNUMBER", response="374a35326cc09e7d1ec3165aee9de01cae46daac33d8999aa1f483fa7882b86c", algorithm=SHA-256, userhash=true
- User-Agent: curl/%VERSION
- Accept: */*
- </protocol>
- </verify>
- </testcase>
|