xref: /curl/tests/data/test2029 (revision 5a41abef) 
1<testcase>
2<info>
3<keywords>
4HTTP
5HTTP GET
6HTTP Basic auth
7HTTP NTLM auth
8NTLM
9</keywords>
10</info>
11# Server-side
12<reply>
13
14<!-- Alternate the order that Basic and NTLM headers appear in responses to
15ensure that the order doesn't matter. -->
16
17<!-- First request has NTLM auth, wrong password -->
18<data100>
19HTTP/1.1 401 Need Basic or NTLM auth
20Server: Microsoft-IIS/5.0
21Content-Type: text/html; charset=iso-8859-1
22Content-Length: 27
23WWW-Authenticate: NTLM
24WWW-Authenticate: Basic realm="testrealm"
25
26This is not the real page!
27</data100>
28
29<data1101>
30HTTP/1.1 401 NTLM intermediate
31Server: Microsoft-IIS/5.0
32Content-Type: text/html; charset=iso-8859-1
33Content-Length: 33
34WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
35
36This is still not the real page!
37</data1101>
38
39<data1102>
40HTTP/1.1 401 Sorry wrong password
41Server: Microsoft-IIS/5.0
42Content-Type: text/html; charset=iso-8859-1
43Content-Length: 29
44WWW-Authenticate: Basic realm="testrealm"
45WWW-Authenticate: NTLM
46
47This is a bad password page!
48</data1102>
49
50<!-- Second request has Basic auth, right password -->
51<data200>
52HTTP/1.1 200 Things are fine in server land
53Server: Microsoft-IIS/5.0
54Content-Type: text/html; charset=iso-8859-1
55Content-Length: 32
56
57Finally, this is the real page!
58</data200>
59
60<!-- Third request has NTLM auth, wrong password -->
61<data300>
62HTTP/1.1 401 Need Basic or NTLM auth (2)
63Server: Microsoft-IIS/5.0
64Content-Type: text/html; charset=iso-8859-1
65Content-Length: 27
66WWW-Authenticate: NTLM
67WWW-Authenticate: Basic realm="testrealm"
68
69This is not the real page!
70</data300>
71
72<data1301>
73HTTP/1.1 401 NTLM intermediate (2)
74Server: Microsoft-IIS/5.0
75Content-Type: text/html; charset=iso-8859-1
76Content-Length: 33
77WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
78
79This is still not the real page!
80</data1301>
81
82<data1302>
83HTTP/1.1 401 Sorry wrong password (2)
84Server: Microsoft-IIS/5.0
85Content-Type: text/html; charset=iso-8859-1
86Content-Length: 29
87WWW-Authenticate: Basic realm="testrealm"
88WWW-Authenticate: NTLM
89
90This is a bad password page!
91</data1302>
92
93<!-- Fourth request has Basic auth, wrong password -->
94<data400>
95HTTP/1.1 401 Sorry wrong password (3)
96Server: Microsoft-IIS/5.0
97Content-Type: text/html; charset=iso-8859-1
98Content-Length: 29
99WWW-Authenticate: NTLM
100WWW-Authenticate: Basic realm="testrealm"
101
102This is a bad password page!
103</data400>
104
105<!-- Fifth request has Basic auth, right password -->
106<data500>
107HTTP/1.1 200 Things are fine in server land (2)
108Server: Microsoft-IIS/5.0
109Content-Type: text/html; charset=iso-8859-1
110Content-Length: 32
111
112Finally, this is the real page!
113</data500>
114
115<datacheck>
116HTTP/1.1 401 NTLM intermediate
117Server: Microsoft-IIS/5.0
118Content-Type: text/html; charset=iso-8859-1
119Content-Length: 33
120WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
121
122HTTP/1.1 401 Sorry wrong password
123Server: Microsoft-IIS/5.0
124Content-Type: text/html; charset=iso-8859-1
125Content-Length: 29
126WWW-Authenticate: Basic realm="testrealm"
127WWW-Authenticate: NTLM
128
129This is a bad password page!
130HTTP/1.1 200 Things are fine in server land
131Server: Microsoft-IIS/5.0
132Content-Type: text/html; charset=iso-8859-1
133Content-Length: 32
134
135Finally, this is the real page!
136HTTP/1.1 401 NTLM intermediate (2)
137Server: Microsoft-IIS/5.0
138Content-Type: text/html; charset=iso-8859-1
139Content-Length: 33
140WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
141
142HTTP/1.1 401 Sorry wrong password (2)
143Server: Microsoft-IIS/5.0
144Content-Type: text/html; charset=iso-8859-1
145Content-Length: 29
146WWW-Authenticate: Basic realm="testrealm"
147WWW-Authenticate: NTLM
148
149This is a bad password page!
150HTTP/1.1 401 Sorry wrong password (3)
151Server: Microsoft-IIS/5.0
152Content-Type: text/html; charset=iso-8859-1
153Content-Length: 29
154WWW-Authenticate: NTLM
155WWW-Authenticate: Basic realm="testrealm"
156
157This is a bad password page!
158HTTP/1.1 200 Things are fine in server land (2)
159Server: Microsoft-IIS/5.0
160Content-Type: text/html; charset=iso-8859-1
161Content-Length: 32
162
163Finally, this is the real page!
164</datacheck>
165
166</reply>
167
168# Client-side
169<client>
170<features>
171NTLM
172SSL
173!SSPI
174</features>
175<server>
176http
177</server>
178<tool>
179libauthretry
180</tool>
181
182<name>
183HTTP authorization retry (NTLM switching to Basic)
184</name>
185<command>
186http://%HOSTIP:%HTTPPORT/%TESTNUMBER ntlm basic
187</command>
188</client>
189
190# Verify data after the test has been "shot"
191<verify>
192<protocol>
193GET /%TESTNUMBER0100 HTTP/1.1
194Host: %HOSTIP:%HTTPPORT
195Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
196Accept: */*
197
198GET /%TESTNUMBER0100 HTTP/1.1
199Host: %HOSTIP:%HTTPPORT
200Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04=
201Accept: */*
202
203GET /%TESTNUMBER0200 HTTP/1.1
204Host: %HOSTIP:%HTTPPORT
205Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
206Accept: */*
207
208GET /%TESTNUMBER0300 HTTP/1.1
209Host: %HOSTIP:%HTTPPORT
210Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
211Accept: */*
212
213GET /%TESTNUMBER0300 HTTP/1.1
214Host: %HOSTIP:%HTTPPORT
215Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04=
216Accept: */*
217
218GET /%TESTNUMBER0400 HTTP/1.1
219Host: %HOSTIP:%HTTPPORT
220Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz
221Accept: */*
222
223GET /%TESTNUMBER0500 HTTP/1.1
224Host: %HOSTIP:%HTTPPORT
225Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
226Accept: */*
227
228</protocol>
229</verify>
230</testcase>
231