1<testcase> 2<info> 3<keywords> 4HTTP 5HTTP GET 6HTTP Digest auth 7HTTP NTLM auth 8NTLM 9</keywords> 10</info> 11# Server-side 12<reply> 13 14<!-- Alternate the order that Digest and NTLM headers appear in responses to 15ensure that the order doesn't matter. --> 16 17<!-- 18 19 Explanation for the duplicate 400 requests: 20 21 libcurl doesn't detect that a given Digest password is wrong already on the 22 first 401 response (as the data400 gives). libcurl will instead consider the 23 new response just as a duplicate and it sends another and detects the auth 24 problem on the second 401 response! 25 26--> 27 28 29<!-- First request has NTLM auth, wrong password --> 30<data100> 31HTTP/1.1 401 Need Digest or NTLM auth 32Server: Microsoft-IIS/5.0 33Content-Type: text/html; charset=iso-8859-1 34Content-Length: 27 35WWW-Authenticate: NTLM 36WWW-Authenticate: Digest realm="testrealm", nonce="1" 37 38This is not the real page! 39</data100> 40 41<data1101> 42HTTP/1.1 401 NTLM intermediate 43Server: Microsoft-IIS/5.0 44Content-Type: text/html; charset=iso-8859-1 45Content-Length: 33 46WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 47 48This is still not the real page! 49</data1101> 50 51<data1102> 52HTTP/1.1 401 Sorry wrong password 53Server: Microsoft-IIS/5.0 54Content-Type: text/html; charset=iso-8859-1 55Content-Length: 29 56WWW-Authenticate: Digest realm="testrealm", nonce="2" 57WWW-Authenticate: NTLM 58 59This is a bad password page! 60</data1102> 61 62<!-- Second request has Digest auth, right password --> 63<data200> 64HTTP/1.1 401 Need Digest or NTLM auth (2) 65Server: Microsoft-IIS/5.0 66Content-Type: text/html; charset=iso-8859-1 67Content-Length: 27 68WWW-Authenticate: NTLM 69WWW-Authenticate: Digest realm="testrealm", nonce="3" 70 71This is not the real page! 72</data200> 73 74<data1200> 75HTTP/1.1 200 Things are fine in server land 76Server: Microsoft-IIS/5.0 77Content-Type: text/html; charset=iso-8859-1 78Content-Length: 32 79 80Finally, this is the real page! 81</data1200> 82 83<!-- Third request has NTLM auth, wrong password --> 84<data300> 85HTTP/1.1 401 Need Digest or NTLM auth (3) 86Server: Microsoft-IIS/5.0 87Content-Type: text/html; charset=iso-8859-1 88Content-Length: 27 89WWW-Authenticate: Digest realm="testrealm", nonce="4" 90WWW-Authenticate: NTLM 91 92This is not the real page! 93</data300> 94 95<data1301> 96HTTP/1.1 401 NTLM intermediate (2) 97Server: Microsoft-IIS/5.0 98Content-Type: text/html; charset=iso-8859-1 99Content-Length: 33 100WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 101 102This is still not the real page! 103</data1301> 104 105<data1302> 106HTTP/1.1 401 Sorry wrong password (2) 107Server: Microsoft-IIS/5.0 108Content-Type: text/html; charset=iso-8859-1 109Content-Length: 29 110WWW-Authenticate: NTLM 111WWW-Authenticate: Digest realm="testrealm", nonce="5" 112 113This is a bad password page! 114</data1302> 115 116<!-- Fourth request has Digest auth, wrong password --> 117<data400> 118HTTP/1.1 401 Need Digest or NTLM auth (4) 119Server: Microsoft-IIS/5.0 120Content-Type: text/html; charset=iso-8859-1 121Content-Length: 27 122WWW-Authenticate: Digest realm="testrealm", nonce="6" 123WWW-Authenticate: NTLM 124 125This is not the real page! 126</data400> 127 128<data1400> 129HTTP/1.1 401 Sorry wrong password (3) 130Server: Microsoft-IIS/5.0 131Content-Type: text/html; charset=iso-8859-1 132Content-Length: 29 133WWW-Authenticate: NTLM 134WWW-Authenticate: Digest realm="testrealm", nonce="7" 135 136This is a bad password page! 137</data1400> 138 139<!-- Fifth request has Digest auth, right password --> 140<data500> 141HTTP/1.1 401 Need Digest or NTLM auth (5) 142Server: Microsoft-IIS/5.0 143Content-Type: text/html; charset=iso-8859-1 144Content-Length: 27 145WWW-Authenticate: Digest realm="testrealm", nonce="8" 146WWW-Authenticate: NTLM 147 148This is not the real page! 149</data500> 150 151<data1500> 152HTTP/1.1 200 Things are fine in server land (2) 153Server: Microsoft-IIS/5.0 154Content-Type: text/html; charset=iso-8859-1 155Content-Length: 32 156 157Finally, this is the real page! 158</data1500> 159 160<datacheck> 161HTTP/1.1 401 NTLM intermediate 162Server: Microsoft-IIS/5.0 163Content-Type: text/html; charset=iso-8859-1 164Content-Length: 33 165WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 166 167HTTP/1.1 401 Sorry wrong password 168Server: Microsoft-IIS/5.0 169Content-Type: text/html; charset=iso-8859-1 170Content-Length: 29 171WWW-Authenticate: Digest realm="testrealm", nonce="2" 172WWW-Authenticate: NTLM 173 174This is a bad password page! 175HTTP/1.1 200 Things are fine in server land 176Server: Microsoft-IIS/5.0 177Content-Type: text/html; charset=iso-8859-1 178Content-Length: 32 179 180Finally, this is the real page! 181HTTP/1.1 401 NTLM intermediate (2) 182Server: Microsoft-IIS/5.0 183Content-Type: text/html; charset=iso-8859-1 184Content-Length: 33 185WWW-Authenticate: NTLM TlRMTVNTUAACAAAACAAIADAAAACGgAEAq6U1NAWaJCIAAAAAAAAAAAAAAAA4AAAATlRMTUF1dGg= 186 187HTTP/1.1 401 Sorry wrong password (2) 188Server: Microsoft-IIS/5.0 189Content-Type: text/html; charset=iso-8859-1 190Content-Length: 29 191WWW-Authenticate: NTLM 192WWW-Authenticate: Digest realm="testrealm", nonce="5" 193 194This is a bad password page! 195HTTP/1.1 401 Sorry wrong password (3) 196Server: Microsoft-IIS/5.0 197Content-Type: text/html; charset=iso-8859-1 198Content-Length: 29 199WWW-Authenticate: NTLM 200WWW-Authenticate: Digest realm="testrealm", nonce="7" 201 202HTTP/1.1 401 Sorry wrong password (3) 203Server: Microsoft-IIS/5.0 204Content-Type: text/html; charset=iso-8859-1 205Content-Length: 29 206WWW-Authenticate: NTLM 207WWW-Authenticate: Digest realm="testrealm", nonce="7" 208 209This is a bad password page! 210HTTP/1.1 200 Things are fine in server land (2) 211Server: Microsoft-IIS/5.0 212Content-Type: text/html; charset=iso-8859-1 213Content-Length: 32 214 215Finally, this is the real page! 216</datacheck> 217 218</reply> 219 220# Client-side 221<client> 222<features> 223NTLM 224SSL 225!SSPI 226</features> 227<server> 228http 229</server> 230<tool> 231libauthretry 232</tool> 233 234<name> 235HTTP authorization retry (NTLM switching to Digest) 236</name> 237<command> 238http://%HOSTIP:%HTTPPORT/%TESTNUMBER ntlm digest 239</command> 240</client> 241 242# Verify data after the test has been "shot" 243<verify> 244<protocol> 245GET /%TESTNUMBER0100 HTTP/1.1 246Host: %HOSTIP:%HTTPPORT 247Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 248Accept: */* 249 250GET /%TESTNUMBER0100 HTTP/1.1 251Host: %HOSTIP:%HTTPPORT 252Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= 253Accept: */* 254 255GET /%TESTNUMBER0200 HTTP/1.1 256Host: %HOSTIP:%HTTPPORT 257Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/%TESTNUMBER0200", response="2f2d784ba53a0a307758a90e98d25c27" 258Accept: */* 259 260GET /%TESTNUMBER0300 HTTP/1.1 261Host: %HOSTIP:%HTTPPORT 262Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 263Accept: */* 264 265GET /%TESTNUMBER0300 HTTP/1.1 266Host: %HOSTIP:%HTTPPORT 267Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoABANgKEcT5xUUBHw5+0m4FjWTGNzg6PeHJHbaPwNwCt/tXcnIeTQCTMAg12SPDyNXMf3Rlc3R1c2VyV09SS1NUQVRJT04= 268Accept: */* 269 270GET /%TESTNUMBER0400 HTTP/1.1 271Host: %HOSTIP:%HTTPPORT 272Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/%TESTNUMBER0400", response="d6262e9147db08c62ff2f53b515861e8" 273Accept: */* 274 275GET /%TESTNUMBER0400 HTTP/1.1 276Host: %HOSTIP:%HTTPPORT 277Authorization: Digest username="testuser", realm="testrealm", nonce="5", uri="/%TESTNUMBER0400", response="d6262e9147db08c62ff2f53b515861e8" 278Accept: */* 279 280GET /%TESTNUMBER0500 HTTP/1.1 281Host: %HOSTIP:%HTTPPORT 282Authorization: Digest username="testuser", realm="testrealm", nonce="7", uri="/%TESTNUMBER0500", response="198757e61163a779cf24ed4c49c1ad7d" 283Accept: */* 284 285</protocol> 286</verify> 287</testcase> 288