1<testcase>
2<info>
3<keywords>
4HTTP
5HTTP GET
6HTTP Digest auth
7</keywords>
8</info>
9# Server-side
10<reply>
11
12<!--
13
14 Explanation for the duplicate 400 requests:
15
16 libcurl doesn't detect that a given Digest password is wrong already on the
17 first 401 response (as the data400 gives). libcurl will instead consider the
18 new response just as a duplicate and it sends another and detects the auth
19 problem on the second 401 response!
20
21-->
22
23<!-- First request has Digest auth, wrong password -->
24<data100>
25HTTP/1.1 401 Need Digest auth
26Server: Microsoft-IIS/5.0
27Content-Type: text/html; charset=iso-8859-1
28Content-Length: 27
29WWW-Authenticate: Digest realm="testrealm", nonce="1"
30
31This is not the real page!
32</data100>
33
34<data1100>
35HTTP/1.1 401 Sorry wrong password
36Server: Microsoft-IIS/5.0
37Content-Type: text/html; charset=iso-8859-1
38Content-Length: 29
39WWW-Authenticate: Digest realm="testrealm", nonce="2"
40
41This is a bad password page!
42</data1100>
43
44<!-- Second request has Digest auth, right password -->
45<data200>
46HTTP/1.1 401 Need Digest auth (2)
47Server: Microsoft-IIS/5.0
48Content-Type: text/html; charset=iso-8859-1
49Content-Length: 27
50WWW-Authenticate: Digest realm="testrealm", nonce="3"
51
52This is not the real page!
53</data200>
54
55<data1200>
56HTTP/1.1 200 Things are fine in server land
57Server: Microsoft-IIS/5.0
58Content-Type: text/html; charset=iso-8859-1
59Content-Length: 32
60
61Finally, this is the real page!
62</data1200>
63
64<!-- Third request has Digest auth, wrong password -->
65<data300>
66HTTP/1.1 401 Need Digest auth (3)
67Server: Microsoft-IIS/5.0
68Content-Type: text/html; charset=iso-8859-1
69Content-Length: 27
70WWW-Authenticate: Digest realm="testrealm", nonce="4"
71
72This is not the real page!
73</data300>
74
75<data1300>
76HTTP/1.1 401 Sorry wrong password (2)
77Server: Microsoft-IIS/5.0
78Content-Type: text/html; charset=iso-8859-1
79Content-Length: 29
80WWW-Authenticate: Digest realm="testrealm", nonce="5"
81
82This is a bad password page!
83</data1300>
84
85<!-- Fourth request has Digest auth, wrong password -->
86<data400>
87HTTP/1.1 401 Need Digest auth (4)
88Server: Microsoft-IIS/5.0
89Content-Type: text/html; charset=iso-8859-1
90Content-Length: 27
91WWW-Authenticate: Digest realm="testrealm", nonce="6"
92
93This is not the real page!
94</data400>
95
96<data1400>
97HTTP/1.1 401 Sorry wrong password (3)
98Server: Microsoft-IIS/5.0
99Content-Type: text/html; charset=iso-8859-1
100Content-Length: 29
101WWW-Authenticate: Digest realm="testrealm", nonce="7"
102
103This is a bad password page!
104</data1400>
105
106<!-- Fifth request has Digest auth, right password -->
107<data1500>
108HTTP/1.1 200 Things are fine in server land (2)
109Server: Microsoft-IIS/5.0
110Content-Type: text/html; charset=iso-8859-1
111Content-Length: 32
112
113Finally, this is the real page!
114</data1500>
115
116<datacheck>
117HTTP/1.1 401 Need Digest auth
118Server: Microsoft-IIS/5.0
119Content-Type: text/html; charset=iso-8859-1
120Content-Length: 27
121WWW-Authenticate: Digest realm="testrealm", nonce="1"
122
123HTTP/1.1 401 Sorry wrong password
124Server: Microsoft-IIS/5.0
125Content-Type: text/html; charset=iso-8859-1
126Content-Length: 29
127WWW-Authenticate: Digest realm="testrealm", nonce="2"
128
129This is a bad password page!
130HTTP/1.1 200 Things are fine in server land
131Server: Microsoft-IIS/5.0
132Content-Type: text/html; charset=iso-8859-1
133Content-Length: 32
134
135Finally, this is the real page!
136HTTP/1.1 401 Need Digest auth (3)
137Server: Microsoft-IIS/5.0
138Content-Type: text/html; charset=iso-8859-1
139Content-Length: 27
140WWW-Authenticate: Digest realm="testrealm", nonce="4"
141
142HTTP/1.1 401 Sorry wrong password (2)
143Server: Microsoft-IIS/5.0
144Content-Type: text/html; charset=iso-8859-1
145Content-Length: 29
146WWW-Authenticate: Digest realm="testrealm", nonce="5"
147
148This is a bad password page!
149HTTP/1.1 401 Sorry wrong password (3)
150Server: Microsoft-IIS/5.0
151Content-Type: text/html; charset=iso-8859-1
152Content-Length: 29
153WWW-Authenticate: Digest realm="testrealm", nonce="7"
154
155HTTP/1.1 401 Sorry wrong password (3)
156Server: Microsoft-IIS/5.0
157Content-Type: text/html; charset=iso-8859-1
158Content-Length: 29
159WWW-Authenticate: Digest realm="testrealm", nonce="7"
160
161This is a bad password page!
162HTTP/1.1 200 Things are fine in server land (2)
163Server: Microsoft-IIS/5.0
164Content-Type: text/html; charset=iso-8859-1
165Content-Length: 32
166
167Finally, this is the real page!
168</datacheck>
169
170</reply>
171
172# Client-side
173<client>
174<server>
175http
176</server>
177<features>
178!SSPI
179crypto
180</features>
181<tool>
182libauthretry
183</tool>
184
185 <name>
186HTTP authorization retry (Digest)
187 </name>
188 <setenv>
189# we force our own host name, in order to make the test machine independent
190CURL_GETHOSTNAME=curlhost
191# we try to use the LD_PRELOAD hack, if not a debug build
192LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
193 </setenv>
194 <command>
195http://%HOSTIP:%HTTPPORT/2027 digest digest
196</command>
197<precheck>
198chkhostname curlhost
199</precheck>
200</client>
201
202# Verify data after the test has been "shot"
203<verify>
204<protocol>
205GET /20270100 HTTP/1.1
206Host: %HOSTIP:%HTTPPORT
207Accept: */*
208
209GET /20270100 HTTP/1.1
210Host: %HOSTIP:%HTTPPORT
211Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20270100", response="f7fd60eefaff5225971bf9b3d80d6ba6"
212Accept: */*
213
214GET /20270200 HTTP/1.1
215Host: %HOSTIP:%HTTPPORT
216Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20270200", response="785ca3ef511999f7e9c178195f5b388c"
217Accept: */*
218
219GET /20270300 HTTP/1.1
220Host: %HOSTIP:%HTTPPORT
221Accept: */*
222
223GET /20270300 HTTP/1.1
224Host: %HOSTIP:%HTTPPORT
225Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/20270300", response="4c735d2360fd6848e7cb32a11ae3612b"
226Accept: */*
227
228GET /20270400 HTTP/1.1
229Host: %HOSTIP:%HTTPPORT
230Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead"
231Accept: */*
232
233GET /20270400 HTTP/1.1
234Host: %HOSTIP:%HTTPPORT
235Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/20270400", response="f5906785511fb60a2af8b1cd53008ead"
236Accept: */*
237
238GET /20270500 HTTP/1.1
239Host: %HOSTIP:%HTTPPORT
240Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/20270500", response="8ef4d935fd964a46c3965c0863b52cf1"
241Accept: */*
242
243</protocol>
244</verify>
245</testcase>
246