xref: /curl/tests/data/test2030 (revision 5a41abef) 
1<testcase>
2<info>
3<keywords>
4HTTP
5HTTP GET
6HTTP Digest auth
7HTTP NTLM auth
8NTLM
9</keywords>
10</info>
11# Server-side
12<reply>
13
14<!-- Alternate the order that Digest and NTLM headers appear in responses to
15ensure that the order doesn't matter. -->
16
17<!--
18
19 Explanation for the duplicate 400 requests:
20
21 libcurl doesn't detect that a given Digest password is wrong already on the
22 first 401 response (as the data400 gives). libcurl will instead consider the
23 new response just as a duplicate and it sends another and detects the auth
24 problem on the second 401 response!
25
26-->
27
28
29<!-- First request has NTLM auth, wrong password -->
30<data100>
31HTTP/1.1 401 Need Digest or NTLM auth
32Server: Microsoft-IIS/5.0
33Content-Type: text/html; charset=iso-8859-1
34Content-Length: 27
35WWW-Authenticate: NTLM
36WWW-Authenticate: Digest realm="testrealm", nonce="1"
37
38This is not the real page!
39</data100>
40
41<data1101>
42HTTP/1.1 401 NTLM intermediate
43Server: Microsoft-IIS/5.0
44Content-Type: text/html; charset=iso-8859-1
45Content-Length: 33
46WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
47
48This is still not the real page!
49</data1101>
50
51<data1102>
52HTTP/1.1 401 Sorry wrong password
53Server: Microsoft-IIS/5.0
54Content-Type: text/html; charset=iso-8859-1
55Content-Length: 29
56WWW-Authenticate: Digest realm="testrealm", nonce="2"
57WWW-Authenticate: NTLM
58
59This is a bad password page!
60</data1102>
61
62<!-- Second request has Digest auth, right password -->
63<data200>
64HTTP/1.1 401 Need Digest or NTLM auth (2)
65Server: Microsoft-IIS/5.0
66Content-Type: text/html; charset=iso-8859-1
67Content-Length: 27
68WWW-Authenticate: NTLM
69WWW-Authenticate: Digest realm="testrealm", nonce="3"
70
71This is not the real page!
72</data200>
73
74<data1200>
75HTTP/1.1 200 Things are fine in server land
76Server: Microsoft-IIS/5.0
77Content-Type: text/html; charset=iso-8859-1
78Content-Length: 32
79
80Finally, this is the real page!
81</data1200>
82
83<!-- Third request has NTLM auth, wrong password -->
84<data300>
85HTTP/1.1 401 Need Digest or NTLM auth (3)
86Server: Microsoft-IIS/5.0
87Content-Type: text/html; charset=iso-8859-1
88Content-Length: 27
89WWW-Authenticate: Digest realm="testrealm", nonce="4"
90WWW-Authenticate: NTLM
91
92This is not the real page!
93</data300>
94
95<data1301>
96HTTP/1.1 401 NTLM intermediate (2)
97Server: Microsoft-IIS/5.0
98Content-Type: text/html; charset=iso-8859-1
99Content-Length: 33
100WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
101
102This is still not the real page!
103</data1301>
104
105<data1302>
106HTTP/1.1 401 Sorry wrong password (2)
107Server: Microsoft-IIS/5.0
108Content-Type: text/html; charset=iso-8859-1
109Content-Length: 29
110WWW-Authenticate: NTLM
111WWW-Authenticate: Digest realm="testrealm", nonce="5"
112
113This is a bad password page!
114</data1302>
115
116<!-- Fourth request has Digest auth, wrong password -->
117<data400>
118HTTP/1.1 401 Need Digest or NTLM auth (4)
119Server: Microsoft-IIS/5.0
120Content-Type: text/html; charset=iso-8859-1
121Content-Length: 27
122WWW-Authenticate: Digest realm="testrealm", nonce="6"
123WWW-Authenticate: NTLM
124
125This is not the real page!
126</data400>
127
128<data1400>
129HTTP/1.1 401 Sorry wrong password (3)
130Server: Microsoft-IIS/5.0
131Content-Type: text/html; charset=iso-8859-1
132Content-Length: 29
133WWW-Authenticate: NTLM
134WWW-Authenticate: Digest realm="testrealm", nonce="7"
135
136This is a bad password page!
137</data1400>
138
139<!-- Fifth request has Digest auth, right password -->
140<data500>
141HTTP/1.1 401 Need Digest or NTLM auth (5)
142Server: Microsoft-IIS/5.0
143Content-Type: text/html; charset=iso-8859-1
144Content-Length: 27
145WWW-Authenticate: Digest realm="testrealm", nonce="8"
146WWW-Authenticate: NTLM
147
148This is not the real page!
149</data500>
150
151<data1500>
152HTTP/1.1 200 Things are fine in server land (2)
153Server: Microsoft-IIS/5.0
154Content-Type: text/html; charset=iso-8859-1
155Content-Length: 32
156
157Finally, this is the real page!
158</data1500>
159
160<datacheck>
161HTTP/1.1 401 NTLM intermediate
162Server: Microsoft-IIS/5.0
163Content-Type: text/html; charset=iso-8859-1
164Content-Length: 33
165WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
166
167HTTP/1.1 401 Sorry wrong password
168Server: Microsoft-IIS/5.0
169Content-Type: text/html; charset=iso-8859-1
170Content-Length: 29
171WWW-Authenticate: Digest realm="testrealm", nonce="2"
172WWW-Authenticate: NTLM
173
174This is a bad password page!
175HTTP/1.1 200 Things are fine in server land
176Server: Microsoft-IIS/5.0
177Content-Type: text/html; charset=iso-8859-1
178Content-Length: 32
179
180Finally, this is the real page!
181HTTP/1.1 401 NTLM intermediate (2)
182Server: Microsoft-IIS/5.0
183Content-Type: text/html; charset=iso-8859-1
184Content-Length: 33
185WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg=
186
187HTTP/1.1 401 Sorry wrong password (2)
188Server: Microsoft-IIS/5.0
189Content-Type: text/html; charset=iso-8859-1
190Content-Length: 29
191WWW-Authenticate: NTLM
192WWW-Authenticate: Digest realm="testrealm", nonce="5"
193
194This is a bad password page!
195HTTP/1.1 401 Sorry wrong password (3)
196Server: Microsoft-IIS/5.0
197Content-Type: text/html; charset=iso-8859-1
198Content-Length: 29
199WWW-Authenticate: NTLM
200WWW-Authenticate: Digest realm="testrealm", nonce="7"
201
202HTTP/1.1 401 Sorry wrong password (3)
203Server: Microsoft-IIS/5.0
204Content-Type: text/html; charset=iso-8859-1
205Content-Length: 29
206WWW-Authenticate: NTLM
207WWW-Authenticate: Digest realm="testrealm", nonce="7"
208
209This is a bad password page!
210HTTP/1.1 200 Things are fine in server land (2)
211Server: Microsoft-IIS/5.0
212Content-Type: text/html; charset=iso-8859-1
213Content-Length: 32
214
215Finally, this is the real page!
216</datacheck>
217
218</reply>
219
220# Client-side
221<client>
222<features>
223NTLM
224SSL
225!SSPI
226</features>
227<server>
228http
229</server>
230<tool>
231libauthretry
232</tool>
233
234<name>
235HTTP authorization retry (NTLM switching to Digest)
236</name>
237<command>
238http://%HOSTIP:%HTTPPORT/%TESTNUMBER ntlm digest
239</command>
240</client>
241
242# Verify data after the test has been "shot"
243<verify>
244<protocol>
245GET /%TESTNUMBER0100 HTTP/1.1
246Host: %HOSTIP:%HTTPPORT
247Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
248Accept: */*
249
250GET /%TESTNUMBER0100 HTTP/1.1
251Host: %HOSTIP:%HTTPPORT
252Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04=
253Accept: */*
254
255GET /%TESTNUMBER0200 HTTP/1.1
256Host: %HOSTIP:%HTTPPORT
257Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/%TESTNUMBER0200", response="2f2d784ba53a0a307758a90e98d25c27"
258Accept: */*
259
260GET /%TESTNUMBER0300 HTTP/1.1
261Host: %HOSTIP:%HTTPPORT
262Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
263Accept: */*
264
265GET /%TESTNUMBER0300 HTTP/1.1
266Host: %HOSTIP:%HTTPPORT
267Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04=
268Accept: */*
269
270GET /%TESTNUMBER0400 HTTP/1.1
271Host: %HOSTIP:%HTTPPORT
272Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/%TESTNUMBER0400", response="d6262e9147db08c62ff2f53b515861e8"
273Accept: */*
274
275GET /%TESTNUMBER0400 HTTP/1.1
276Host: %HOSTIP:%HTTPPORT
277Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/%TESTNUMBER0400", response="d6262e9147db08c62ff2f53b515861e8"
278Accept: */*
279
280GET /%TESTNUMBER0500 HTTP/1.1
281Host: %HOSTIP:%HTTPPORT
282Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/%TESTNUMBER0500", response="198757e61163a779cf24ed4c49c1ad7d"
283Accept: */*
284
285</protocol>
286</verify>
287</testcase>
288