1<testcase> 2<info> 3<keywords> 4HTTP 5HTTP GET 6HTTP Digest auth 7</keywords> 8</info> 9# Server-side 10<reply> 11<data> 12HTTP/1.1 401 Authorization Required 13Server: Apache/1.3.27 (Darwin) PHP/4.1.2 14WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-256" 15Content-Type: text/html; charset=iso-8859-1 16Content-Length: 26 17 18This is not the real page 19</data> 20 21# This is supposed to be returned when the server gets a 22# Authorization: Digest line passed-in from the client 23<data1000> 24HTTP/1.1 401 Still a bad password you moron 25Server: Apache/1.3.27 (Darwin) PHP/4.1.2 26Content-Type: text/html; charset=iso-8859-1 27Content-Length: 34 28 29This is not the real page either 30</data1000> 31 32<datacheck> 33HTTP/1.1 401 Authorization Required 34Server: Apache/1.3.27 (Darwin) PHP/4.1.2 35WWW-Authenticate: Digest realm="testrealm", nonce="2053604145", algorithm="SHA-256" 36Content-Type: text/html; charset=iso-8859-1 37Content-Length: 26 38 39HTTP/1.1 401 Still a bad password you moron 40Server: Apache/1.3.27 (Darwin) PHP/4.1.2 41Content-Type: text/html; charset=iso-8859-1 42Content-Length: 34 43 44This is not the real page either 45</datacheck> 46 47</reply> 48 49# Client-side 50<client> 51<server> 52http 53</server> 54<features> 55!SSPI 56crypto 57</features> 58<name> 59HTTP with RFC7616 Digest authorization with bad password and SHA256 60</name> 61<command> 62http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:test2pass --digest 63</command> 64</client> 65 66# Verify data after the test has been "shot" 67<verify> 68<protocol> 69GET /%TESTNUMBER HTTP/1.1 70Host: %HOSTIP:%HTTPPORT 71User-Agent: curl/%VERSION 72Accept: */* 73 74GET /%TESTNUMBER HTTP/1.1 75Host: %HOSTIP:%HTTPPORT 76Authorization: Digest username="testuser", realm="testrealm", nonce="2053604145", uri="/%TESTNUMBER", response="a9c3ec1036068b336cbabefe9dfcad52ee8b89bc7c91ddbb5bb415c6acdf38a5", algorithm=SHA-256 77User-Agent: curl/%VERSION 78Accept: */* 79 80</protocol> 81</verify> 82</testcase> 83