1<testcase> 2<info> 3<keywords> 4HTTP 5HTTP GET 6HTTP NTLM auth 7--anyauth 8followlocation 9NTLM 10</keywords> 11</info> 12# Server-side 13<reply> 14 15<data> 16HTTP/1.1 401 Authorization Required swsclose 17Server: Apache/1.3.27 (Darwin) PHP/4.1.2 18WWW-Authenticate: Basic 19WWW-Authenticate: Wild-and-crazy 20WWW-Authenticate: NTLM 21Content-Type: text/html; charset=iso-8859-1 22Content-Length: 26 23 24This is not the real page 25</data> 26 27# This is supposed to be returned when the server gets a first 28# Authorization: NTLM line passed-in from the client 29<data1001> 30HTTP/1.1 401 Now gimme that second request of crap 31Server: Microsoft-IIS/5.0 32Content-Type: text/html; charset=iso-8859-1 33Content-Length: 34 34WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== 35 36This is not the real page either! 37</data1001> 38 39# This is supposed to be returned when the server gets the second 40# Authorization: NTLM line passed-in from the client 41<data1002> 42HTTP/1.1 301 Things are fine in server land swsclose 43Server: Microsoft-IIS/5.0 44Connection: close 45Location: /you/%TESTNUMBER0010 46 47</data1002> 48 49# This is the first reply after the redirection 50<data10> 51HTTP/1.1 401 Authorization Required swsclose 52Server: Apache/1.3.27 (Darwin) PHP/4.1.2 53WWW-Authenticate: Basic 54WWW-Authenticate: Wild-and-crazy 55WWW-Authenticate: NTLM 56Content-Type: text/html; charset=iso-8859-1 57Content-Length: 26 58 59This is not the real page 60</data10> 61 62<data1011> 63HTTP/1.1 401 Now gimme that second round of crap 64Server: Microsoft-IIS/5.0 65Content-Type: text/html; charset=iso-8859-1 66Content-Length: 34 67WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== 68 69This is not the real page either! 70</data1011> 71 72# This is supposed to be returned when the server gets the second 73# Authorization: NTLM line passed-in from the client 74<data1012> 75HTTP/1.1 200 Things are fine in server land swsclose 76Server: Microsoft-IIS/5.0 77Content-Type: text/html; charset=iso-8859-1 78Content-Length: 32 79 80Finally, this is the real page! 81</data1012> 82 83<datacheck> 84HTTP/1.1 401 Authorization Required swsclose 85Server: Apache/1.3.27 (Darwin) PHP/4.1.2 86WWW-Authenticate: Basic 87WWW-Authenticate: Wild-and-crazy 88WWW-Authenticate: NTLM 89Content-Type: text/html; charset=iso-8859-1 90Content-Length: 26 91 92HTTP/1.1 401 Now gimme that second request of crap 93Server: Microsoft-IIS/5.0 94Content-Type: text/html; charset=iso-8859-1 95Content-Length: 34 96WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== 97 98HTTP/1.1 301 Things are fine in server land swsclose 99Server: Microsoft-IIS/5.0 100Connection: close 101Location: /you/%TESTNUMBER0010 102 103HTTP/1.1 401 Authorization Required swsclose 104Server: Apache/1.3.27 (Darwin) PHP/4.1.2 105WWW-Authenticate: Basic 106WWW-Authenticate: Wild-and-crazy 107WWW-Authenticate: NTLM 108Content-Type: text/html; charset=iso-8859-1 109Content-Length: 26 110 111HTTP/1.1 401 Now gimme that second round of crap 112Server: Microsoft-IIS/5.0 113Content-Type: text/html; charset=iso-8859-1 114Content-Length: 34 115WWW-Authenticate: NTLM TlRMTVNTUAACAAAAAgACADAAAACGggEAc51AYVDgyNcAAAAAAAAAAG4AbgAyAAAAQ0MCAAQAQwBDAAEAEgBFAEwASQBTAEEAQgBFAFQASAAEABgAYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAwAsAGUAbABpAHMAYQBiAGUAdABoAC4AYwBjAC4AaQBjAGUAZABlAHYALgBuAHUAAAAAAA== 116 117HTTP/1.1 200 Things are fine in server land swsclose 118Server: Microsoft-IIS/5.0 119Content-Type: text/html; charset=iso-8859-1 120Content-Length: 32 121 122Finally, this is the real page! 123</datacheck> 124 125</reply> 126 127# Client-side 128<client> 129<features> 130NTLM 131SSL 132!SSPI 133</features> 134<server> 135http 136</server> 137<name> 138HTTP with NTLM via --anyauth, and then follow-location with NTLM again 139</name> 140<command> 141http://%HOSTIP:%HTTPPORT/%TESTNUMBER -u testuser:testpass --anyauth -L 142</command> 143</client> 144 145# Verify data after the test has been "shot" 146<verify> 147<protocol> 148GET /%TESTNUMBER HTTP/1.1 149Host: %HOSTIP:%HTTPPORT 150User-Agent: curl/%VERSION 151Accept: */* 152 153GET /%TESTNUMBER HTTP/1.1 154Host: %HOSTIP:%HTTPPORT 155Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 156User-Agent: curl/%VERSION 157Accept: */* 158 159GET /%TESTNUMBER HTTP/1.1 160Host: %HOSTIP:%HTTPPORT 161Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= 162User-Agent: curl/%VERSION 163Accept: */* 164 165GET /you/%TESTNUMBER0010 HTTP/1.1 166Host: %HOSTIP:%HTTPPORT 167User-Agent: curl/%VERSION 168Accept: */* 169 170GET /you/%TESTNUMBER0010 HTTP/1.1 171Host: %HOSTIP:%HTTPPORT 172Authorization: NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 173User-Agent: curl/%VERSION 174Accept: */* 175 176GET /you/%TESTNUMBER0010 HTTP/1.1 177Host: %HOSTIP:%HTTPPORT 178Authorization: NTLM TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAAAAABwAAAACAAIAHAAAAALAAsAeAAAAAAAAAAAAAAAhoIBAFpkQwKRCZFMhjj0tw47wEjKHRHlvzfxQamFcheMuv8v+xeqphEO5V41xRd7R9deOXRlc3R1c2VyV09SS1NUQVRJT04= 179User-Agent: curl/%VERSION 180Accept: */* 181 182</protocol> 183</verify> 184</testcase> 185