1<testcase> 2<info> 3<keywords> 4HTTP 5HTTP GET 6HTTP Digest auth 7HTTP NTLM auth 8</keywords> 9</info> 10# Server-side 11<reply> 12 13<!-- Alternate the order that Digest and NTLM headers appear in responses to 14ensure that the order doesn't matter. --> 15 16<!-- First request has Digest auth, wrong password --> 17<data100> 18HTTP/1.1 401 Need Digest or NTLM auth 19Server: Microsoft-IIS/5.0 20Content-Type: text/html; charset=iso-8859-1 21Content-Length: 27 22WWW-Authenticate: NTLM 23WWW-Authenticate: Digest realm="testrealm", nonce="1" 24 25This is not the real page! 26</data100> 27 28<data1100> 29HTTP/1.1 401 Sorry wrong password 30Server: Microsoft-IIS/5.0 31Content-Type: text/html; charset=iso-8859-1 32Content-Length: 29 33WWW-Authenticate: Digest realm="testrealm", nonce="2" 34WWW-Authenticate: NTLM 35 36This is a bad password page! 37</data1100> 38 39<!-- Second request has NTLM auth, right password --> 40<data200> 41HTTP/1.1 401 Need Digest or NTLM auth (2) 42Server: Microsoft-IIS/5.0 43Content-Type: text/html; charset=iso-8859-1 44Content-Length: 27 45WWW-Authenticate: NTLM 46WWW-Authenticate: Digest realm="testrealm", nonce="3" 47 48This is not the real page! 49</data200> 50 51<data1201> 52HTTP/1.1 401 NTLM intermediate 53Server: Microsoft-IIS/5.0 54Content-Type: text/html; charset=iso-8859-1 55Content-Length: 33 56WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 57 58This is still not the real page! 59</data1201> 60 61<data1202> 62HTTP/1.1 200 Things are fine in server land 63Server: Microsoft-IIS/5.0 64Content-Type: text/html; charset=iso-8859-1 65Content-Length: 32 66 67Finally, this is the real page! 68</data1202> 69 70<!-- Third request has Digest auth, wrong password --> 71<data300> 72HTTP/1.1 401 Need Digest or NTLM auth (3) 73Server: Microsoft-IIS/5.0 74Content-Type: text/html; charset=iso-8859-1 75Content-Length: 27 76WWW-Authenticate: Digest realm="testrealm", nonce="4" 77WWW-Authenticate: NTLM 78 79This is not the real page! 80</data300> 81 82<data1300> 83HTTP/1.1 401 Sorry wrong password (2) 84Server: Microsoft-IIS/5.0 85Content-Type: text/html; charset=iso-8859-1 86Content-Length: 29 87WWW-Authenticate: NTLM 88WWW-Authenticate: Digest realm="testrealm", nonce="5" 89 90This is a bad password page! 91</data1300> 92 93<!-- Fourth request has NTLM auth, wrong password --> 94<data400> 95HTTP/1.1 401 Need Digest or NTLM auth (4) 96Server: Microsoft-IIS/5.0 97Content-Type: text/html; charset=iso-8859-1 98Content-Length: 27 99WWW-Authenticate: Digest realm="testrealm", nonce="6" 100WWW-Authenticate: NTLM 101 102This is not the real page! 103</data400> 104 105<data1401> 106HTTP/1.1 401 NTLM intermediate (2) 107Server: Microsoft-IIS/5.0 108Content-Type: text/html; charset=iso-8859-1 109Content-Length: 33 110WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 111 112This is still not the real page! 113</data1401> 114 115<data1402> 116HTTP/1.1 401 Sorry wrong password (3) 117Server: Microsoft-IIS/5.0 118Content-Type: text/html; charset=iso-8859-1 119Content-Length: 29 120WWW-Authenticate: NTLM 121WWW-Authenticate: Digest realm="testrealm", nonce="7" 122 123This is a bad password page! 124</data1402> 125 126<!-- Fifth request has NTLM auth, right password --> 127<data500> 128HTTP/1.1 401 Need Digest or NTLM auth (5) 129Server: Microsoft-IIS/5.0 130Content-Type: text/html; charset=iso-8859-1 131Content-Length: 27 132WWW-Authenticate: Digest realm="testrealm", nonce="8" 133WWW-Authenticate: NTLM 134 135This is not the real page! 136</data500> 137 138<data1501> 139HTTP/1.1 401 NTLM intermediate (3) 140Server: Microsoft-IIS/5.0 141Content-Type: text/html; charset=iso-8859-1 142Content-Length: 33 143WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 144 145This is still not the real page! 146</data1501> 147 148<data1502> 149HTTP/1.1 200 Things are fine in server land (2) 150Server: Microsoft-IIS/5.0 151Content-Type: text/html; charset=iso-8859-1 152Content-Length: 32 153 154Finally, this is the real page! 155</data1502> 156 157<datacheck> 158HTTP/1.1 401 Need Digest or NTLM auth 159Server: Microsoft-IIS/5.0 160Content-Type: text/html; charset=iso-8859-1 161Content-Length: 27 162WWW-Authenticate: NTLM 163WWW-Authenticate: Digest realm="testrealm", nonce="1" 164 165HTTP/1.1 401 Sorry wrong password 166Server: Microsoft-IIS/5.0 167Content-Type: text/html; charset=iso-8859-1 168Content-Length: 29 169WWW-Authenticate: Digest realm="testrealm", nonce="2" 170WWW-Authenticate: NTLM 171 172This is a bad password page! 173HTTP/1.1 401 NTLM intermediate 174Server: Microsoft-IIS/5.0 175Content-Type: text/html; charset=iso-8859-1 176Content-Length: 33 177WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 178 179HTTP/1.1 200 Things are fine in server land 180Server: Microsoft-IIS/5.0 181Content-Type: text/html; charset=iso-8859-1 182Content-Length: 32 183 184Finally, this is the real page! 185HTTP/1.1 401 Need Digest or NTLM auth (3) 186Server: Microsoft-IIS/5.0 187Content-Type: text/html; charset=iso-8859-1 188Content-Length: 27 189WWW-Authenticate: Digest realm="testrealm", nonce="4" 190WWW-Authenticate: NTLM 191 192HTTP/1.1 401 Sorry wrong password (2) 193Server: Microsoft-IIS/5.0 194Content-Type: text/html; charset=iso-8859-1 195Content-Length: 29 196WWW-Authenticate: NTLM 197WWW-Authenticate: Digest realm="testrealm", nonce="5" 198 199This is a bad password page! 200HTTP/1.1 401 NTLM intermediate (2) 201Server: Microsoft-IIS/5.0 202Content-Type: text/html; charset=iso-8859-1 203Content-Length: 33 204WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 205 206HTTP/1.1 401 Sorry wrong password (3) 207Server: Microsoft-IIS/5.0 208Content-Type: text/html; charset=iso-8859-1 209Content-Length: 29 210WWW-Authenticate: NTLM 211WWW-Authenticate: Digest realm="testrealm", nonce="7" 212 213This is a bad password page! 214HTTP/1.1 401 NTLM intermediate (3) 215Server: Microsoft-IIS/5.0 216Content-Type: text/html; charset=iso-8859-1 217Content-Length: 33 218WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 219 220HTTP/1.1 200 Things are fine in server land (2) 221Server: Microsoft-IIS/5.0 222Content-Type: text/html; charset=iso-8859-1 223Content-Length: 32 224 225Finally, this is the real page! 226</datacheck> 227 228</reply> 229 230# Client-side 231<client> 232<features> 233NTLM 234!SSPI 235</features> 236<server> 237http 238</server> 239<tool> 240libauthretry 241</tool> 242 243 <name> 244HTTP authorization retry (Digest switching to NTLM) 245 </name> 246 <setenv> 247# we force our own host name, in order to make the test machine independent 248CURL_GETHOSTNAME=curlhost 249# we try to use the LD_PRELOAD hack, if not a debug build 250LD_PRELOAD=%PWD/libtest/.libs/libhostname.so 251 </setenv> 252 <command> 253http://%HOSTIP:%HTTPPORT/2028 digest ntlm 254</command> 255<precheck> 256chkhostname curlhost 257</precheck> 258</client> 259 260# Verify data after the test has been "shot" 261<verify> 262<strip> 263^User-Agent:.* 264</strip> 265<protocol> 266GET /20280100 HTTP/1.1 267Host: %HOSTIP:%HTTPPORT 268Accept: */* 269 270GET /20280100 HTTP/1.1 271Host: %HOSTIP:%HTTPPORT 272Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20280100", response="53c80666f5e3a4a55f92a66aaf0078bb" 273Accept: */* 274 275GET /20280200 HTTP/1.1 276Host: %HOSTIP:%HTTPPORT 277Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 278Accept: */* 279 280GET /20280200 HTTP/1.1 281Host: %HOSTIP:%HTTPPORT 282Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q= 283Accept: */* 284 285GET /20280300 HTTP/1.1 286Host: %HOSTIP:%HTTPPORT 287Accept: */* 288 289GET /20280300 HTTP/1.1 290Host: %HOSTIP:%HTTPPORT 291Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/20280300", response="1aa5d90da9803ca12d04b24e0f19476e" 292Accept: */* 293 294GET /20280400 HTTP/1.1 295Host: %HOSTIP:%HTTPPORT 296Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 297Accept: */* 298 299GET /20280400 HTTP/1.1 300Host: %HOSTIP:%HTTPPORT 301Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q= 302Accept: */* 303 304GET /20280500 HTTP/1.1 305Host: %HOSTIP:%HTTPPORT 306Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 307Accept: */* 308 309GET /20280500 HTTP/1.1 310Host: %HOSTIP:%HTTPPORT 311Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyY3VybGhvc3Q= 312Accept: */* 313 314</protocol> 315</verify> 316</testcase> 317