xref: /curl/tests/data/test2027 (revision 09437d8c)
1<testcase>
2<info>
3<keywords>
4HTTP
5HTTP GET
6HTTP Digest auth
7</keywords>
8</info>
9# Server-side
10<reply>
11
12<!--
13
14 Explanation for the duplicate 400 requests:
15
16 libcurl doesn't detect that a given Digest password is wrong already on the
17 first 401 response (as the data400 gives). libcurl will instead consider the
18 new response just as a duplicate and it sends another and detects the auth
19 problem on the second 401 response!
20
21-->
22
23<!-- First request has Digest auth, wrong password -->
24<data100>
25HTTP/1.1 401 Need Digest auth
26Server: Microsoft-IIS/5.0
27Content-Type: text/html; charset=iso-8859-1
28Content-Length: 27
29WWW-Authenticate: Digest realm="testrealm", nonce="1"
30
31This is not the real page!
32</data100>
33
34<data1100>
35HTTP/1.1 401 Sorry wrong password
36Server: Microsoft-IIS/5.0
37Content-Type: text/html; charset=iso-8859-1
38Content-Length: 29
39WWW-Authenticate: Digest realm="testrealm", nonce="2"
40
41This is a bad password page!
42</data1100>
43
44<!-- Second request has Digest auth, right password -->
45<data200>
46HTTP/1.1 401 Need Digest auth (2)
47Server: Microsoft-IIS/5.0
48Content-Type: text/html; charset=iso-8859-1
49Content-Length: 27
50WWW-Authenticate: Digest realm="testrealm", nonce="3"
51
52This is not the real page!
53</data200>
54
55<data1200>
56HTTP/1.1 200 Things are fine in server land
57Server: Microsoft-IIS/5.0
58Content-Type: text/html; charset=iso-8859-1
59Content-Length: 32
60
61Finally, this is the real page!
62</data1200>
63
64<!-- Third request has Digest auth, wrong password -->
65<data300>
66HTTP/1.1 401 Need Digest auth (3)
67Server: Microsoft-IIS/5.0
68Content-Type: text/html; charset=iso-8859-1
69Content-Length: 27
70WWW-Authenticate: Digest realm="testrealm", nonce="4"
71
72This is not the real page!
73</data300>
74
75<data1300>
76HTTP/1.1 401 Sorry wrong password (2)
77Server: Microsoft-IIS/5.0
78Content-Type: text/html; charset=iso-8859-1
79Content-Length: 29
80WWW-Authenticate: Digest realm="testrealm", nonce="5"
81
82This is a bad password page!
83</data1300>
84
85<!-- Fourth request has Digest auth, wrong password -->
86<data400>
87HTTP/1.1 401 Need Digest auth (4)
88Server: Microsoft-IIS/5.0
89Content-Type: text/html; charset=iso-8859-1
90Content-Length: 27
91WWW-Authenticate: Digest realm="testrealm", nonce="6"
92
93This is not the real page!
94</data400>
95
96<data1400>
97HTTP/1.1 401 Sorry wrong password (3)
98Server: Microsoft-IIS/5.0
99Content-Type: text/html; charset=iso-8859-1
100Content-Length: 29
101WWW-Authenticate: Digest realm="testrealm", nonce="7"
102
103This is a bad password page!
104</data1400>
105
106<!-- Fifth request has Digest auth, right password -->
107<data1500>
108HTTP/1.1 200 Things are fine in server land (2)
109Server: Microsoft-IIS/5.0
110Content-Type: text/html; charset=iso-8859-1
111Content-Length: 32
112
113Finally, this is the real page!
114</data1500>
115
116<datacheck>
117HTTP/1.1 401 Need Digest auth
118Server: Microsoft-IIS/5.0
119Content-Type: text/html; charset=iso-8859-1
120Content-Length: 27
121WWW-Authenticate: Digest realm="testrealm", nonce="1"
122
123HTTP/1.1 401 Sorry wrong password
124Server: Microsoft-IIS/5.0
125Content-Type: text/html; charset=iso-8859-1
126Content-Length: 29
127WWW-Authenticate: Digest realm="testrealm", nonce="2"
128
129This is a bad password page!
130HTTP/1.1 200 Things are fine in server land
131Server: Microsoft-IIS/5.0
132Content-Type: text/html; charset=iso-8859-1
133Content-Length: 32
134
135Finally, this is the real page!
136HTTP/1.1 401 Need Digest auth (3)
137Server: Microsoft-IIS/5.0
138Content-Type: text/html; charset=iso-8859-1
139Content-Length: 27
140WWW-Authenticate: Digest realm="testrealm", nonce="4"
141
142HTTP/1.1 401 Sorry wrong password (2)
143Server: Microsoft-IIS/5.0
144Content-Type: text/html; charset=iso-8859-1
145Content-Length: 29
146WWW-Authenticate: Digest realm="testrealm", nonce="5"
147
148This is a bad password page!
149HTTP/1.1 401 Sorry wrong password (3)
150Server: Microsoft-IIS/5.0
151Content-Type: text/html; charset=iso-8859-1
152Content-Length: 29
153WWW-Authenticate: Digest realm="testrealm", nonce="7"
154
155HTTP/1.1 401 Sorry wrong password (3)
156Server: Microsoft-IIS/5.0
157Content-Type: text/html; charset=iso-8859-1
158Content-Length: 29
159WWW-Authenticate: Digest realm="testrealm", nonce="7"
160
161This is a bad password page!
162HTTP/1.1 200 Things are fine in server land (2)
163Server: Microsoft-IIS/5.0
164Content-Type: text/html; charset=iso-8859-1
165Content-Length: 32
166
167Finally, this is the real page!
168</datacheck>
169
170</reply>
171
172# Client-side
173<client>
174<server>
175http
176</server>
177<features>
178!SSPI
179crypto
180</features>
181<tool>
182libauthretry
183</tool>
184
185<name>
186HTTP authorization retry (Digest)
187</name>
188<command>
189http://%HOSTIP:%HTTPPORT/%TESTNUMBER digest digest
190</command>
191</client>
192
193# Verify data after the test has been "shot"
194<verify>
195<protocol>
196GET /%TESTNUMBER0100 HTTP/1.1
197Host: %HOSTIP:%HTTPPORT
198Accept: */*
199
200GET /%TESTNUMBER0100 HTTP/1.1
201Host: %HOSTIP:%HTTPPORT
202Authorization: Digest username="testuser", realm="testrealm", nonce="1", uri="/%TESTNUMBER0100", response="f7fd60eefaff5225971bf9b3d80d6ba6"
203Accept: */*
204
205GET /%TESTNUMBER0200 HTTP/1.1
206Host: %HOSTIP:%HTTPPORT
207Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/%TESTNUMBER0200", response="785ca3ef511999f7e9c178195f5b388c"
208Accept: */*
209
210GET /%TESTNUMBER0300 HTTP/1.1
211Host: %HOSTIP:%HTTPPORT
212Accept: */*
213
214GET /%TESTNUMBER0300 HTTP/1.1
215Host: %HOSTIP:%HTTPPORT
216Authorization: Digest username="testuser", realm="testrealm", nonce="4", uri="/%TESTNUMBER0300", response="4c735d2360fd6848e7cb32a11ae3612b"
217Accept: */*
218
219GET /%TESTNUMBER0400 HTTP/1.1
220Host: %HOSTIP:%HTTPPORT
221Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/%TESTNUMBER0400", response="f5906785511fb60a2af8b1cd53008ead"
222Accept: */*
223
224GET /%TESTNUMBER0400 HTTP/1.1
225Host: %HOSTIP:%HTTPPORT
226Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/%TESTNUMBER0400", response="f5906785511fb60a2af8b1cd53008ead"
227Accept: */*
228
229GET /%TESTNUMBER0500 HTTP/1.1
230Host: %HOSTIP:%HTTPPORT
231Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/%TESTNUMBER0500", response="8ef4d935fd964a46c3965c0863b52cf1"
232Accept: */*
233
234</protocol>
235</verify>
236</testcase>
237