| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 1 | <testcase> |
| 2 | <info> |
| 3 | <keywords> |
| 4 | HTTP |
| 5 | HTTP GET |
| 6 | HTTP Basic auth |
| 7 | </keywords> |
| 8 | </info> |
| 9 | # Server-side |
| 10 | <reply> |
| 11 | |
| 12 | <!-- First request has Basic auth, right password --> |
| 13 | <data100> |
| 14 | HTTP/1.1 200 Things are fine in server land |
| 15 | Server: Microsoft-IIS/5.0 |
| 16 | Content-Type: text/html; charset=iso-8859-1 |
| 17 | Content-Length: 32 |
| 18 | |
| 19 | Finally, this is the real page! |
| 20 | </data100> |
| 21 | |
| 22 | <!-- Second request with Basic auth disabled --> |
| 23 | <data200> |
| 24 | HTTP/1.1 401 Sorry wrong password (2) |
| 25 | Server: Microsoft-IIS/5.0 |
| 26 | Content-Type: text/html; charset=iso-8859-1 |
| 27 | Content-Length: 29 |
| 28 | WWW-Authenticate: Basic realm="testrealm" |
| 29 | |
| 30 | This is a bad password page! |
| 31 | </data200> |
| 32 | |
| 33 | </reply> |
| 34 | |
| 35 | # Client-side |
| 36 | <client> |
| 37 | <server> |
| 38 | http |
| 39 | </server> |
| 40 | <name> |
| 41 | HTTP Basic authorization, then without authorization |
| 42 | </name> |
| 43 | <command option="no-output,no-include"> |
| 44 | -u testuser:testpass http://%HOSTIP:%HTTPPORT/20400100 --next --no-basic http://%HOSTIP:%HTTPPORT/20400200 |
| 45 | </command> |
| 46 | </client> |
| 47 | |
| 48 | # Verify data after the test has been "shot" |
| 49 | <verify> |
| 50 | <strip> |
| 51 | ^User-Agent:.* |
| 52 | </strip> |
| 53 | <protocol> |
| 54 | GET /20400100 HTTP/1.1
|
| 55 | Host: %HOSTIP:%HTTPPORT
|
| 56 | Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
|
| 57 | Accept: */*
|
| 58 |
|
| 59 | GET /20400200 HTTP/1.1
|
| 60 | Host: %HOSTIP:%HTTPPORT
|
| 61 | Accept: */*
|
| 62 |
|
| 63 | </protocol> |
| 64 | <stdout> |
| 65 | Finally, this is the real page! |
| 66 | This is a bad password page! |
| 67 | </stdout> |
| 68 | </verify> |
| 69 | </testcase> |