1<testcase>
2<info>
3<keywords>
4HTTP
5HTTP GET
6HTTP Basic auth
7HTTP Digest auth
8</keywords>
9</info>
10# Server-side
11<reply>
12
13<!-- Alternate the order that Basic and Digest headers appear in responses to
14ensure that the order doesn't matter. -->
15
16<!-- First request has Basic auth, wrong password -->
17<data100>
18HTTP/1.1 401 Sorry wrong password
19Server: Microsoft-IIS/5.0
20Content-Type: text/html; charset=iso-8859-1
21Content-Length: 29
22WWW-Authenticate: Digest realm="testrealm", nonce="1"
23WWW-Authenticate: Basic realm="testrealm"
24
25This is a bad password page!
26</data100>
27
28<!-- Second request has Digest auth, right password -->
29<data1200>
30HTTP/1.1 200 Things are fine in server land
31Server: Microsoft-IIS/5.0
32Content-Type: text/html; charset=iso-8859-1
33Content-Length: 32
34
35Finally, this is the real page!
36</data1200>
37
38<!-- Third request has Basic auth, wrong password -->
39<data300>
40HTTP/1.1 401 Sorry wrong password (2)
41Server: Microsoft-IIS/5.0
42Content-Type: text/html; charset=iso-8859-1
43Content-Length: 29
44WWW-Authenticate: Digest realm="testrealm", nonce="2"
45WWW-Authenticate: Basic realm="testrealm"
46
47This is a bad password page!
48</data300>
49
50<!-- Fourth request has Digest auth, wrong password -->
51<data1400>
52HTTP/1.1 401 Sorry wrong password (3)
53Server: Microsoft-IIS/5.0
54Content-Type: text/html; charset=iso-8859-1
55Content-Length: 29
56WWW-Authenticate: Digest realm="testrealm", nonce="3"
57WWW-Authenticate: Basic realm="testrealm"
58
59This is a bad password page!
60</data1400>
61
62<!-- Fifth request has Digest auth, right password -->
63<data1500>
64HTTP/1.1 200 Things are fine in server land (2)
65Server: Microsoft-IIS/5.0
66Content-Type: text/html; charset=iso-8859-1
67Content-Length: 32
68
69Finally, this is the real page!
70</data1500>
71
72<datacheck>
73HTTP/1.1 401 Sorry wrong password
74Server: Microsoft-IIS/5.0
75Content-Type: text/html; charset=iso-8859-1
76Content-Length: 29
77WWW-Authenticate: Digest realm="testrealm", nonce="1"
78WWW-Authenticate: Basic realm="testrealm"
79
80This is a bad password page!
81HTTP/1.1 200 Things are fine in server land
82Server: Microsoft-IIS/5.0
83Content-Type: text/html; charset=iso-8859-1
84Content-Length: 32
85
86Finally, this is the real page!
87HTTP/1.1 401 Sorry wrong password (2)
88Server: Microsoft-IIS/5.0
89Content-Type: text/html; charset=iso-8859-1
90Content-Length: 29
91WWW-Authenticate: Digest realm="testrealm", nonce="2"
92WWW-Authenticate: Basic realm="testrealm"
93
94This is a bad password page!
95HTTP/1.1 401 Sorry wrong password (3)
96Server: Microsoft-IIS/5.0
97Content-Type: text/html; charset=iso-8859-1
98Content-Length: 29
99WWW-Authenticate: Digest realm="testrealm", nonce="3"
100WWW-Authenticate: Basic realm="testrealm"
101
102This is a bad password page!
103HTTP/1.1 200 Things are fine in server land (2)
104Server: Microsoft-IIS/5.0
105Content-Type: text/html; charset=iso-8859-1
106Content-Length: 32
107
108Finally, this is the real page!
109</datacheck>
110
111</reply>
112
113# Client-side
114<client>
115<server>
116http
117</server>
118<features>
119!SSPI
120crypto
121</features>
122<tool>
123libauthretry
124</tool>
125
126 <name>
127HTTP authorization retry (Basic switching to Digest)
128 </name>
129 <setenv>
130# we force our own host name, in order to make the test machine independent
131CURL_GETHOSTNAME=curlhost
132# we try to use the LD_PRELOAD hack, if not a debug build
133LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
134 </setenv>
135 <command>
136http://%HOSTIP:%HTTPPORT/2024 basic digest
137</command>
138<precheck>
139chkhostname curlhost
140</precheck>
141</client>
142
143# Verify data after the test has been "shot"
144<verify>
145<strip>
146^User-Agent:.*
147</strip>
148<protocol>
149GET /20240100 HTTP/1.1
150Host: %HOSTIP:%HTTPPORT
151Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
152Accept: */*
153
154GET /20240200 HTTP/1.1
155Host: %HOSTIP:%HTTPPORT
156Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/20240200", response="ed646c565f79e2dd9fa37cb5a621213c"
157Accept: */*
158
159GET /20240300 HTTP/1.1
160Host: %HOSTIP:%HTTPPORT
161Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
162Accept: */*
163
164GET /20240400 HTTP/1.1
165Host: %HOSTIP:%HTTPPORT
166Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/20240400", response="9741ced8caacc6124770187b36f007c5"
167Accept: */*
168
169GET /20240500 HTTP/1.1
170Host: %HOSTIP:%HTTPPORT
171Authorization: Digest username="testuser", realm="testrealm", nonce="3", uri="/20240500", response="5bc77ec8c2d443b27a1b55f1fd8fbb13"
172Accept: */*
173
174</protocol>
175</verify>
176</testcase>
177