1<testcase> 2<info> 3<keywords> 4HTTP 5HTTP GET 6HTTP Basic auth 7HTTP NTLM auth 8NTLM 9</keywords> 10</info> 11# Server-side 12<reply> 13 14<!-- Alternate the order that Basic and NTLM headers appear in responses to 15ensure that the order doesn't matter. --> 16 17<!-- First request has Basic auth, wrong password --> 18<data100> 19HTTP/1.1 401 Sorry wrong password 20Server: Microsoft-IIS/5.0 21Content-Type: text/html; charset=iso-8859-1 22Content-Length: 29 23WWW-Authenticate: NTLM 24WWW-Authenticate: Basic realm="testrealm" 25 26This is a bad password page! 27</data100> 28 29<!-- Second request has NTLM auth, right password --> 30<data200> 31HTTP/1.1 401 Need Basic or NTLM auth 32Server: Microsoft-IIS/5.0 33Content-Type: text/html; charset=iso-8859-1 34Content-Length: 27 35WWW-Authenticate: Basic realm="testrealm" 36WWW-Authenticate: NTLM 37 38This is not the real page! 39</data200> 40 41<data1201> 42HTTP/1.1 401 NTLM intermediate 43Server: Microsoft-IIS/5.0 44Content-Type: text/html; charset=iso-8859-1 45Content-Length: 33 46WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 47 48This is still not the real page! 49</data1201> 50 51<data1202> 52HTTP/1.1 200 Things are fine in server land 53Server: Microsoft-IIS/5.0 54Content-Type: text/html; charset=iso-8859-1 55Content-Length: 32 56 57Finally, this is the real page! 58</data1202> 59 60<!-- Third request has Basic auth, wrong password --> 61<data300> 62HTTP/1.1 401 Sorry wrong password (2) 63Server: Microsoft-IIS/5.0 64Content-Type: text/html; charset=iso-8859-1 65Content-Length: 29 66WWW-Authenticate: NTLM 67WWW-Authenticate: Basic realm="testrealm" 68 69This is a bad password page! 70</data300> 71 72<!-- Fourth request has NTLM auth, wrong password --> 73<data400> 74HTTP/1.1 401 Need Basic or NTLM auth (2) 75Server: Microsoft-IIS/5.0 76Content-Type: text/html; charset=iso-8859-1 77Content-Length: 27 78WWW-Authenticate: Basic realm="testrealm" 79WWW-Authenticate: NTLM 80 81This is not the real page! 82</data400> 83 84<data1401> 85HTTP/1.1 401 NTLM intermediate (2) 86Server: Microsoft-IIS/5.0 87Content-Type: text/html; charset=iso-8859-1 88Content-Length: 33 89WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 90 91This is still not the real page! 92</data1401> 93 94<data1402> 95HTTP/1.1 401 Sorry wrong password (3) 96Server: Microsoft-IIS/5.0 97Content-Type: text/html; charset=iso-8859-1 98Content-Length: 29 99WWW-Authenticate: NTLM 100WWW-Authenticate: Basic realm="testrealm" 101 102This is a bad password page! 103</data1402> 104 105<!-- Fifth request has NTLM auth, right password --> 106<data500> 107HTTP/1.1 401 Need Basic or NTLM auth (3) 108Server: Microsoft-IIS/5.0 109Content-Type: text/html; charset=iso-8859-1 110Content-Length: 27 111WWW-Authenticate: Basic realm="testrealm" 112WWW-Authenticate: NTLM 113 114This is not the real page! 115</data500> 116 117<data1501> 118HTTP/1.1 401 NTLM intermediate (3) 119Server: Microsoft-IIS/5.0 120Content-Type: text/html; charset=iso-8859-1 121Content-Length: 33 122WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 123 124This is still not the real page! 125</data1501> 126 127<data1502> 128HTTP/1.1 200 Things are fine in server land (2) 129Server: Microsoft-IIS/5.0 130Content-Type: text/html; charset=iso-8859-1 131Content-Length: 32 132 133Finally, this is the real page! 134</data1502> 135 136<datacheck> 137HTTP/1.1 401 Sorry wrong password 138Server: Microsoft-IIS/5.0 139Content-Type: text/html; charset=iso-8859-1 140Content-Length: 29 141WWW-Authenticate: NTLM 142WWW-Authenticate: Basic realm="testrealm" 143 144This is a bad password page! 145HTTP/1.1 401 NTLM intermediate 146Server: Microsoft-IIS/5.0 147Content-Type: text/html; charset=iso-8859-1 148Content-Length: 33 149WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 150 151HTTP/1.1 200 Things are fine in server land 152Server: Microsoft-IIS/5.0 153Content-Type: text/html; charset=iso-8859-1 154Content-Length: 32 155 156Finally, this is the real page! 157HTTP/1.1 401 Sorry wrong password (2) 158Server: Microsoft-IIS/5.0 159Content-Type: text/html; charset=iso-8859-1 160Content-Length: 29 161WWW-Authenticate: NTLM 162WWW-Authenticate: Basic realm="testrealm" 163 164This is a bad password page! 165HTTP/1.1 401 NTLM intermediate (2) 166Server: Microsoft-IIS/5.0 167Content-Type: text/html; charset=iso-8859-1 168Content-Length: 33 169WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 170 171HTTP/1.1 401 Sorry wrong password (3) 172Server: Microsoft-IIS/5.0 173Content-Type: text/html; charset=iso-8859-1 174Content-Length: 29 175WWW-Authenticate: NTLM 176WWW-Authenticate: Basic realm="testrealm" 177 178This is a bad password page! 179HTTP/1.1 401 NTLM intermediate (3) 180Server: Microsoft-IIS/5.0 181Content-Type: text/html; charset=iso-8859-1 182Content-Length: 33 183WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 184 185HTTP/1.1 200 Things are fine in server land (2) 186Server: Microsoft-IIS/5.0 187Content-Type: text/html; charset=iso-8859-1 188Content-Length: 32 189 190Finally, this is the real page! 191</datacheck> 192 193</reply> 194 195# Client-side 196<client> 197<features> 198NTLM 199SSL 200!SSPI 201</features> 202<server> 203http 204</server> 205<tool> 206libauthretry 207</tool> 208 209<name> 210HTTP authorization retry (Basic switching to NTLM) 211</name> 212<command> 213http://%HOSTIP:%HTTPPORT/%TESTNUMBER basic ntlm 214</command> 215</client> 216 217# Verify data after the test has been "shot" 218<verify> 219<protocol> 220GET /%TESTNUMBER0100 HTTP/1.1 221Host: %HOSTIP:%HTTPPORT 222Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz 223Accept: */* 224 225GET /%TESTNUMBER0200 HTTP/1.1 226Host: %HOSTIP:%HTTPPORT 227Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 228Accept: */* 229 230GET /%TESTNUMBER0200 HTTP/1.1 231Host: %HOSTIP:%HTTPPORT 232Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyV09SS1NUQVRJT04= 233Accept: */* 234 235GET /%TESTNUMBER0300 HTTP/1.1 236Host: %HOSTIP:%HTTPPORT 237Authorization: Basic dGVzdHVzZXI6d3JvbmdwYXNz 238Accept: */* 239 240GET /%TESTNUMBER0400 HTTP/1.1 241Host: %HOSTIP:%HTTPPORT 242Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 243Accept: */* 244 245GET /%TESTNUMBER0400 HTTP/1.1 246Host: %HOSTIP:%HTTPPORT 247Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= 248Accept: */* 249 250GET /%TESTNUMBER0500 HTTP/1.1 251Host: %HOSTIP:%HTTPPORT 252Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 253Accept: */* 254 255GET /%TESTNUMBER0500 HTTP/1.1 256Host: %HOSTIP:%HTTPPORT 257Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABAI+/Fp9IERAQ74OsdNPbBpg7o8CVwLSO4DtFyIcZHUMKVktWIu92s2892OVpd2JzqnRlc3R1c2VyV09SS1NUQVRJT04= 258Accept: */* 259 260</protocol> 261</verify> 262</testcase> 263