• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1<testcase>
2<info>
3<keywords>
4HTTP
5HTTP GET
6HTTP Basic auth
7HTTP NTLM auth
8</keywords>
9</info>
10# Server-side
11<reply>
12
13<!-- Alternate the order that Basic and NTLM headers appear in responses to
14ensure that the order doesn't matter. -->
15
16<!-- First request has NTLM auth, wrong password -->
17<data100>
18HTTP/1.1 401 Need Basic or NTLM auth
19Server: Microsoft-IIS/5.0
20Content-Type: text/html; charset=iso-8859-1
21Content-Length: 27
22WWW-Authenticate: NTLM
23WWW-Authenticate: Basic realm="testrealm"
24
25This is not the real page!
26</data100>
27
28<data1101>
29HTTP/1.1 401 NTLM intermediate
30Server: Microsoft-IIS/5.0
31Content-Type: text/html; charset=iso-8859-1
32Content-Length: 33
33WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
34
35This is still not the real page!
36</data1101>
37
38<data1102>
39HTTP/1.1 401 Sorry wrong password
40Server: Microsoft-IIS/5.0
41Content-Type: text/html; charset=iso-8859-1
42Content-Length: 29
43WWW-Authenticate: Basic realm="testrealm"
44WWW-Authenticate: NTLM
45
46This is a bad password page!
47</data1102>
48
49<!-- Second request has Basic auth, right password -->
50<data200>
51HTTP/1.1 200 Things are fine in server land
52Server: Microsoft-IIS/5.0
53Content-Type: text/html; charset=iso-8859-1
54Content-Length: 32
55
56Finally, this is the real page!
57</data200>
58
59<!-- Third request has NTLM auth, wrong password -->
60<data300>
61HTTP/1.1 401 Need Basic or NTLM auth (2)
62Server: Microsoft-IIS/5.0
63Content-Type: text/html; charset=iso-8859-1
64Content-Length: 27
65WWW-Authenticate: NTLM
66WWW-Authenticate: Basic realm="testrealm"
67
68This is not the real page!
69</data300>
70
71<data1301>
72HTTP/1.1 401 NTLM intermediate (2)
73Server: Microsoft-IIS/5.0
74Content-Type: text/html; charset=iso-8859-1
75Content-Length: 33
76WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
77
78This is still not the real page!
79</data1301>
80
81<data1302>
82HTTP/1.1 401 Sorry wrong password (2)
83Server: Microsoft-IIS/5.0
84Content-Type: text/html; charset=iso-8859-1
85Content-Length: 29
86WWW-Authenticate: Basic realm="testrealm"
87WWW-Authenticate: NTLM
88
89This is a bad password page!
90</data1302>
91
92<!-- Fourth request has Basic auth, wrong password -->
93<data400>
94HTTP/1.1 401 Sorry wrong password (3)
95Server: Microsoft-IIS/5.0
96Content-Type: text/html; charset=iso-8859-1
97Content-Length: 29
98WWW-Authenticate: NTLM
99WWW-Authenticate: Basic realm="testrealm"
100
101This is a bad password page!
102</data400>
103
104<!-- Fifth request has Basic auth, right password -->
105<data500>
106HTTP/1.1 200 Things are fine in server land (2)
107Server: Microsoft-IIS/5.0
108Content-Type: text/html; charset=iso-8859-1
109Content-Length: 32
110
111Finally, this is the real page!
112</data500>
113
114<datacheck>
115HTTP/1.1 401 NTLM intermediate
116Server: Microsoft-IIS/5.0
117Content-Type: text/html; charset=iso-8859-1
118Content-Length: 33
119WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
120
121HTTP/1.1 401 Sorry wrong password
122Server: Microsoft-IIS/5.0
123Content-Type: text/html; charset=iso-8859-1
124Content-Length: 29
125WWW-Authenticate: Basic realm="testrealm"
126WWW-Authenticate: NTLM
127
128This is a bad password page!
129HTTP/1.1 200 Things are fine in server land
130Server: Microsoft-IIS/5.0
131Content-Type: text/html; charset=iso-8859-1
132Content-Length: 32
133
134Finally, this is the real page!
135HTTP/1.1 401 NTLM intermediate (2)
136Server: Microsoft-IIS/5.0
137Content-Type: text/html; charset=iso-8859-1
138Content-Length: 33
139WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
140
141HTTP/1.1 401 Sorry wrong password (2)
142Server: Microsoft-IIS/5.0
143Content-Type: text/html; charset=iso-8859-1
144Content-Length: 29
145WWW-Authenticate: Basic realm="testrealm"
146WWW-Authenticate: NTLM
147
148This is a bad password page!
149HTTP/1.1 401 Sorry wrong password (3)
150Server: Microsoft-IIS/5.0
151Content-Type: text/html; charset=iso-8859-1
152Content-Length: 29
153WWW-Authenticate: NTLM
154WWW-Authenticate: Basic realm="testrealm"
155
156This is a bad password page!
157HTTP/1.1 200 Things are fine in server land (2)
158Server: Microsoft-IIS/5.0
159Content-Type: text/html; charset=iso-8859-1
160Content-Length: 32
161
162Finally, this is the real page!
163</datacheck>
164
165</reply>
166
167# Client-side
168<client>
169<features>
170NTLM
171SSL
172!SSPI
173</features>
174<server>
175http
176</server>
177<tool>
178libauthretry
179</tool>
180
181 <name>
182HTTP authorization retry (NTLM switching to Basic)
183 </name>
184 <setenv>
185# we force our own host name, in order to make the test machine independent
186CURL_GETHOSTNAME=curlhost
187# we try to use the LD_PRELOAD hack, if not a debug build
188LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
189 </setenv>
190 <command>
191http://%HOSTIP:%HTTPPORT/%TESTNUMBER ntlm basic
192</command>
193<precheck>
194chkhostname curlhost
195</precheck>
196</client>
197
198# Verify data after the test has been "shot"
199<verify>
200<protocol>
201GET /%TESTNUMBER0100 HTTP/1.1
202Host: %HOSTIP:%HTTPPORT
203Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
204Accept: */*
205
206GET /%TESTNUMBER0100 HTTP/1.1
207Host: %HOSTIP:%HTTPPORT
208Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=
209Accept: */*
210
211GET /%TESTNUMBER0200 HTTP/1.1
212Host: %HOSTIP:%HTTPPORT
213Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
214Accept: */*
215
216GET /%TESTNUMBER0300 HTTP/1.1
217Host: %HOSTIP:%HTTPPORT
218Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
219Accept: */*
220
221GET /%TESTNUMBER0300 HTTP/1.1
222Host: %HOSTIP:%HTTPPORT
223Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=
224Accept: */*
225
226GET /%TESTNUMBER0400 HTTP/1.1
227Host: %HOSTIP:%HTTPPORT
228Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
229Accept: */*
230
231GET /%TESTNUMBER0500 HTTP/1.1
232Host: %HOSTIP:%HTTPPORT
233Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
234Accept: */*
235
236</protocol>
237</verify>
238</testcase>
239