xref: /curl/tests/data/test2026 (revision 09437d8c) 
1<testcase>
2<info>
3<keywords>
4HTTP
5HTTP GET
6HTTP Basic auth
7HTTP Digest auth
8</keywords>
9</info>
10# Server-side
11<reply>
12
13<!-- Alternate the order that Basic and Digest headers appear in responses to
14ensure that the order doesn't matter. -->
15
16<!-- First request has Digest auth, wrong password -->
17<data100>
18HTTP/1.1 401 Need Basic or Digest auth
19Server: Microsoft-IIS/5.0
20Content-Type: text/html; charset=iso-8859-1
21Content-Length: 27
22WWW-Authenticate: Digest realm="testrealm", nonce="1"
23WWW-Authenticate: Basic realm="testrealm"
24
25This is not the real page!
26</data100>
27
28<data1100>
29HTTP/1.1 401 Sorry wrong password
30Server: Microsoft-IIS/5.0
31Content-Type: text/html; charset=iso-8859-1
32Content-Length: 29
33WWW-Authenticate: Basic realm="testrealm"
34WWW-Authenticate: Digest realm="testrealm", nonce="2"
35
36This is a bad password page!
37</data1100>
38
39<!-- Second request has Basic auth, right password -->
40<data200>
41HTTP/1.1 200 Things are fine in server land
42Server: Microsoft-IIS/5.0
43Content-Type: text/html; charset=iso-8859-1
44Content-Length: 32
45
46Finally, this is the real page!
47</data200>
48
49<!-- Third request has Digest auth, wrong password -->
50<data300>
51HTTP/1.1 401 Need Basic or Digest auth (2)
52Server: Microsoft-IIS/5.0
53Content-Type: text/html; charset=iso-8859-1
54Content-Length: 27
55WWW-Authenticate: Digest realm="testrealm", nonce="3"
56WWW-Authenticate: Basic realm="testrealm"
57
58This is not the real page!
59</data300>
60
61<data1300>
62HTTP/1.1 401 Sorry wrong password (2)
63Server: Microsoft-IIS/5.0
64Content-Type: text/html; charset=iso-8859-1
65Content-Length: 29
66WWW-Authenticate: Basic realm="testrealm"
67WWW-Authenticate: Digest realm="testrealm", nonce="4"
68
69This is a bad password page!
70</data1300>
71
72<!-- Fourth request has Basic auth, wrong password -->
73<data400>
74HTTP/1.1 401 Sorry wrong password (3)
75Server: Microsoft-IIS/5.0
76Content-Type: text/html; charset=iso-8859-1
77Content-Length: 29
78WWW-Authenticate: Digest realm="testrealm", nonce="5"
79WWW-Authenticate: Basic realm="testrealm"
80
81This is a bad password page!
82</data400>
83
84<!-- Fifth request has Basic auth, right password -->
85<data500>
86HTTP/1.1 200 Things are fine in server land (2)
87Server: Microsoft-IIS/5.0
88Content-Type: text/html; charset=iso-8859-1
89Content-Length: 32
90
91Finally, this is the real page!
92</data500>
93
94<datacheck>
95HTTP/1.1 401 Need Basic or Digest auth
96Server: Microsoft-IIS/5.0
97Content-Type: text/html; charset=iso-8859-1
98Content-Length: 27
99WWW-Authenticate: Digest realm="testrealm", nonce="1"
100WWW-Authenticate: Basic realm="testrealm"
101
102HTTP/1.1 401 Sorry wrong password
103Server: Microsoft-IIS/5.0
104Content-Type: text/html; charset=iso-8859-1
105Content-Length: 29
106WWW-Authenticate: Basic realm="testrealm"
107WWW-Authenticate: Digest realm="testrealm", nonce="2"
108
109This is a bad password page!
110HTTP/1.1 200 Things are fine in server land
111Server: Microsoft-IIS/5.0
112Content-Type: text/html; charset=iso-8859-1
113Content-Length: 32
114
115Finally, this is the real page!
116HTTP/1.1 401 Need Basic or Digest auth (2)
117Server: Microsoft-IIS/5.0
118Content-Type: text/html; charset=iso-8859-1
119Content-Length: 27
120WWW-Authenticate: Digest realm="testrealm", nonce="3"
121WWW-Authenticate: Basic realm="testrealm"
122
123HTTP/1.1 401 Sorry wrong password (2)
124Server: Microsoft-IIS/5.0
125Content-Type: text/html; charset=iso-8859-1
126Content-Length: 29
127WWW-Authenticate: Basic realm="testrealm"
128WWW-Authenticate: Digest realm="testrealm", nonce="4"
129
130This is a bad password page!
131HTTP/1.1 401 Sorry wrong password (3)
132Server: Microsoft-IIS/5.0
133Content-Type: text/html; charset=iso-8859-1
134Content-Length: 29
135WWW-Authenticate: Digest realm="testrealm", nonce="5"
136WWW-Authenticate: Basic realm="testrealm"
137
138This is a bad password page!
139HTTP/1.1 200 Things are fine in server land (2)
140Server: Microsoft-IIS/5.0
141Content-Type: text/html; charset=iso-8859-1
142Content-Length: 32
143
144Finally, this is the real page!
145</datacheck>
146
147</reply>
148
149# Client-side
150<client>
151<server>
152http
153</server>
154<features>
155!SSPI
156crypto
157</features>
158<tool>
159libauthretry
160</tool>
161
162<name>
163HTTP authorization retry (Digest switching to Basic)
164</name>
165<command>
166http://%HOSTIP:%HTTPPORT/%TESTNUMBER digest basic
167</command>
168</client>
169
170# Verify data after the test has been "shot"
171<verify>
172<protocol>
173GET /%TESTNUMBER0100 HTTP/1.1
174Host: %HOSTIP:%HTTPPORT
175Accept: */*
176
177GET /%TESTNUMBER0100 HTTP/1.1
178Host: %HOSTIP:%HTTPPORT
179Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/%TESTNUMBER0100", response="5f992a2e761ab926256419f7c685f85b"
180Accept: */*
181
182GET /%TESTNUMBER0200 HTTP/1.1
183Host: %HOSTIP:%HTTPPORT
184Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
185Accept: */*
186
187GET /%TESTNUMBER0300 HTTP/1.1
188Host: %HOSTIP:%HTTPPORT
189Accept: */*
190
191GET /%TESTNUMBER0300 HTTP/1.1
192Host: %HOSTIP:%HTTPPORT
193Authorization: Digest username="testuser", realm="testrealm", nonce="3", uri="/%TESTNUMBER0300", response="132242e602882251929be93228c830ae"
194Accept: */*
195
196GET /%TESTNUMBER0400 HTTP/1.1
197Host: %HOSTIP:%HTTPPORT
198Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
199Accept: */*
200
201GET /%TESTNUMBER0500 HTTP/1.1
202Host: %HOSTIP:%HTTPPORT
203Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
204Accept: */*
205
206</protocol>
207</verify>
208</testcase>
209