• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1<testcase>
2<info>
3<keywords>
4HTTP
5HTTP GET
6HTTP Basic auth
7HTTP NTLM auth
8</keywords>
9</info>
10# Server-side
11<reply>
12
13<!-- Alternate the order that Basic and NTLM headers appear in responses to
14ensure that the order doesn't matter. -->
15
16<!-- First request has NTLM auth, wrong password -->
17<data100>
18HTTP/1.1 401 Need Basic or NTLM auth
19Server: Microsoft-IIS/5.0
20Content-Type: text/html; charset=iso-8859-1
21Content-Length: 27
22WWW-Authenticate: NTLM
23WWW-Authenticate: Basic realm="testrealm"
24
25This is not the real page!
26</data100>
27
28<data1101>
29HTTP/1.1 401 NTLM intermediate
30Server: Microsoft-IIS/5.0
31Content-Type: text/html; charset=iso-8859-1
32Content-Length: 33
33WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
34
35This is still not the real page!
36</data1101>
37
38<data1102>
39HTTP/1.1 401 Sorry wrong password
40Server: Microsoft-IIS/5.0
41Content-Type: text/html; charset=iso-8859-1
42Content-Length: 29
43WWW-Authenticate: Basic realm="testrealm"
44WWW-Authenticate: NTLM
45
46This is a bad password page!
47</data1102>
48
49<!-- Second request has Basic auth, right password -->
50<data200>
51HTTP/1.1 200 Things are fine in server land
52Server: Microsoft-IIS/5.0
53Content-Type: text/html; charset=iso-8859-1
54Content-Length: 32
55
56Finally, this is the real page!
57</data200>
58
59<!-- Third request has NTLM auth, wrong password -->
60<data300>
61HTTP/1.1 401 Need Basic or NTLM auth (2)
62Server: Microsoft-IIS/5.0
63Content-Type: text/html; charset=iso-8859-1
64Content-Length: 27
65WWW-Authenticate: NTLM
66WWW-Authenticate: Basic realm="testrealm"
67
68This is not the real page!
69</data300>
70
71<data1301>
72HTTP/1.1 401 NTLM intermediate (2)
73Server: Microsoft-IIS/5.0
74Content-Type: text/html; charset=iso-8859-1
75Content-Length: 33
76WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
77
78This is still not the real page!
79</data1301>
80
81<data1302>
82HTTP/1.1 401 Sorry wrong password (2)
83Server: Microsoft-IIS/5.0
84Content-Type: text/html; charset=iso-8859-1
85Content-Length: 29
86WWW-Authenticate: Basic realm="testrealm"
87WWW-Authenticate: NTLM
88
89This is a bad password page!
90</data1302>
91
92<!-- Fourth request has Basic auth, wrong password -->
93<data400>
94HTTP/1.1 401 Sorry wrong password (3)
95Server: Microsoft-IIS/5.0
96Content-Type: text/html; charset=iso-8859-1
97Content-Length: 29
98WWW-Authenticate: NTLM
99WWW-Authenticate: Basic realm="testrealm"
100
101This is a bad password page!
102</data400>
103
104<!-- Fifth request has Basic auth, right password -->
105<data500>
106HTTP/1.1 200 Things are fine in server land (2)
107Server: Microsoft-IIS/5.0
108Content-Type: text/html; charset=iso-8859-1
109Content-Length: 32
110
111Finally, this is the real page!
112</data500>
113
114<datacheck>
115HTTP/1.1 401 NTLM intermediate
116Server: Microsoft-IIS/5.0
117Content-Type: text/html; charset=iso-8859-1
118Content-Length: 33
119WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
120
121HTTP/1.1 401 Sorry wrong password
122Server: Microsoft-IIS/5.0
123Content-Type: text/html; charset=iso-8859-1
124Content-Length: 29
125WWW-Authenticate: Basic realm="testrealm"
126WWW-Authenticate: NTLM
127
128This is a bad password page!
129HTTP/1.1 200 Things are fine in server land
130Server: Microsoft-IIS/5.0
131Content-Type: text/html; charset=iso-8859-1
132Content-Length: 32
133
134Finally, this is the real page!
135HTTP/1.1 401 NTLM intermediate (2)
136Server: Microsoft-IIS/5.0
137Content-Type: text/html; charset=iso-8859-1
138Content-Length: 33
139WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAAAGggEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
140
141HTTP/1.1 401 Sorry wrong password (2)
142Server: Microsoft-IIS/5.0
143Content-Type: text/html; charset=iso-8859-1
144Content-Length: 29
145WWW-Authenticate: Basic realm="testrealm"
146WWW-Authenticate: NTLM
147
148This is a bad password page!
149HTTP/1.1 401 Sorry wrong password (3)
150Server: Microsoft-IIS/5.0
151Content-Type: text/html; charset=iso-8859-1
152Content-Length: 29
153WWW-Authenticate: NTLM
154WWW-Authenticate: Basic realm="testrealm"
155
156This is a bad password page!
157HTTP/1.1 200 Things are fine in server land (2)
158Server: Microsoft-IIS/5.0
159Content-Type: text/html; charset=iso-8859-1
160Content-Length: 32
161
162Finally, this is the real page!
163</datacheck>
164
165</reply>
166
167# Client-side
168<client>
169<features>
170NTLM
171!SSPI
172</features>
173<server>
174http
175</server>
176<tool>
177libauthretry
178</tool>
179
180 <name>
181HTTP authorization retry (NTLM switching to Basic)
182 </name>
183 <setenv>
184# we force our own host name, in order to make the test machine independent
185CURL_GETHOSTNAME=curlhost
186# we try to use the LD_PRELOAD hack, if not a debug build
187LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
188 </setenv>
189 <command>
190http://%HOSTIP:%HTTPPORT/2029 ntlm basic
191</command>
192<precheck>
193chkhostname curlhost
194</precheck>
195</client>
196
197# Verify data after the test has been "shot"
198<verify>
199<strip>
200^User-Agent:.*
201</strip>
202<protocol>
203GET /20290100 HTTP/1.1
204Host: %HOSTIP:%HTTPPORT
205Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
206Accept: */*
207
208GET /20290100 HTTP/1.1
209Host: %HOSTIP:%HTTPPORT
210Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=
211Accept: */*
212
213GET /20290200 HTTP/1.1
214Host: %HOSTIP:%HTTPPORT
215Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
216Accept: */*
217
218GET /20290300 HTTP/1.1
219Host: %HOSTIP:%HTTPPORT
220Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
221Accept: */*
222
223GET /20290300 HTTP/1.1
224Host: %HOSTIP:%HTTPPORT
225Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAAIAAgAeAAAAAAAAAAAAAAABoIBANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyY3VybGhvc3Q=
226Accept: */*
227
228GET /20290400 HTTP/1.1
229Host: %HOSTIP:%HTTPPORT
230Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
231Accept: */*
232
233GET /20290500 HTTP/1.1
234Host: %HOSTIP:%HTTPPORT
235Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
236Accept: */*
237
238</protocol>
239</verify>
240</testcase>
241