1<testcase> 2<info> 3<keywords> 4HTTP 5HTTP GET 6HTTP Basic auth 7HTTP Digest auth 8</keywords> 9</info> 10# Server-side 11<reply> 12 13<!-- Alternate the order that Basic and Digest headers appear in responses to 14ensure that the order doesn't matter. --> 15 16<!-- First request has Basic auth, wrong password --> 17<data100> 18HTTP/1.1 401 Sorry wrong password 19Server: Microsoft-IIS/5.0 20Content-Type: text/html; charset=iso-8859-1 21Content-Length: 29 22WWW-Authenticate: Digest realm="testrealm", nonce="1" 23WWW-Authenticate: Basic realm="testrealm" 24 25This is a bad password page! 26</data100> 27 28<!-- Second request has Digest auth, right password --> 29<data1200> 30HTTP/1.1 200 Things are fine in server land 31Server: Microsoft-IIS/5.0 32Content-Type: text/html; charset=iso-8859-1 33Content-Length: 32 34 35Finally, this is the real page! 36</data1200> 37 38<!-- Third request has Basic auth, wrong password --> 39<data300> 40HTTP/1.1 401 Sorry wrong password (2) 41Server: Microsoft-IIS/5.0 42Content-Type: text/html; charset=iso-8859-1 43Content-Length: 29 44WWW-Authenticate: Digest realm="testrealm", nonce="2" 45WWW-Authenticate: Basic realm="testrealm" 46 47This is a bad password page! 48</data300> 49 50<!-- Fourth request has Digest auth, wrong password --> 51<data1400> 52HTTP/1.1 401 Sorry wrong password (3) 53Server: Microsoft-IIS/5.0 54Content-Type: text/html; charset=iso-8859-1 55Content-Length: 29 56WWW-Authenticate: Digest realm="testrealm", nonce="3" 57WWW-Authenticate: Basic realm="testrealm" 58 59This is a bad password page! 60</data1400> 61 62<!-- Fifth request has Digest auth, right password --> 63<data1500> 64HTTP/1.1 200 Things are fine in server land (2) 65Server: Microsoft-IIS/5.0 66Content-Type: text/html; charset=iso-8859-1 67Content-Length: 32 68 69Finally, this is the real page! 70</data1500> 71 72<datacheck> 73HTTP/1.1 401 Sorry wrong password 74Server: Microsoft-IIS/5.0 75Content-Type: text/html; charset=iso-8859-1 76Content-Length: 29 77WWW-Authenticate: Digest realm="testrealm", nonce="1" 78WWW-Authenticate: Basic realm="testrealm" 79 80This is a bad password page! 81HTTP/1.1 200 Things are fine in server land 82Server: Microsoft-IIS/5.0 83Content-Type: text/html; charset=iso-8859-1 84Content-Length: 32 85 86Finally, this is the real page! 87HTTP/1.1 401 Sorry wrong password (2) 88Server: Microsoft-IIS/5.0 89Content-Type: text/html; charset=iso-8859-1 90Content-Length: 29 91WWW-Authenticate: Digest realm="testrealm", nonce="2" 92WWW-Authenticate: Basic realm="testrealm" 93 94This is a bad password page! 95HTTP/1.1 401 Sorry wrong password (3) 96Server: Microsoft-IIS/5.0 97Content-Type: text/html; charset=iso-8859-1 98Content-Length: 29 99WWW-Authenticate: Digest realm="testrealm", nonce="3" 100WWW-Authenticate: Basic realm="testrealm" 101 102This is a bad password page! 103HTTP/1.1 200 Things are fine in server land (2) 104Server: Microsoft-IIS/5.0 105Content-Type: text/html; charset=iso-8859-1 106Content-Length: 32 107 108Finally, this is the real page! 109</datacheck> 110 111</reply> 112 113# Client-side 114<client> 115<server> 116http 117</server> 118<features> 119!SSPI 120crypto 121</features> 122<tool> 123libauthretry 124</tool> 125 126 <name> 127HTTP authorization retry (Basic switching to Digest) 128 </name> 129 <setenv> 130# we force our own host name, in order to make the test machine independent 131CURL_GETHOSTNAME=curlhost 132# we try to use the LD_PRELOAD hack, if not a debug build 133LD_PRELOAD=%PWD/libtest/.libs/libhostname.so 134 </setenv> 135 <command> 136http://%HOSTIP:%HTTPPORT/2024 basic digest 137</command> 138<precheck> 139chkhostname curlhost 140</precheck> 141</client> 142 143# Verify data after the test has been "shot" 144<verify> 145<strip> 146^User-Agent:.* 147</strip> 148<protocol> 149GET /20240100 HTTP/1.1 150Host: %HOSTIP:%HTTPPORT 151Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz 152Accept: */* 153 154GET /20240200 HTTP/1.1 155Host: %HOSTIP:%HTTPPORT 156Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20240200", response="ed646c565f79e2dd9fa37cb5a621213c" 157Accept: */* 158 159GET /20240300 HTTP/1.1 160Host: %HOSTIP:%HTTPPORT 161Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz 162Accept: */* 163 164GET /20240400 HTTP/1.1 165Host: %HOSTIP:%HTTPPORT 166Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20240400", response="9741ced8caacc6124770187b36f007c5" 167Accept: */* 168 169GET /20240500 HTTP/1.1 170Host: %HOSTIP:%HTTPPORT 171Authorization: Digest username="testuser", realm="testrealm", nonce="3", uri="/20240500", response="5bc77ec8c2d443b27a1b55f1fd8fbb13" 172Accept: */* 173 174</protocol> 175</verify> 176</testcase> 177