1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
<?xml version="1.0" encoding="US-ASCII"?>
<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP Basic auth
</keywords>
</info>
# Server-side
<reply>
<!-- First request has Basic auth, right password -->
<data100>
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data100>
<!-- Second request with Basic auth disabled -->
<data200>
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
</data200>
</reply>
# Client-side
<client>
<server>
http
</server>
<name>
HTTP Basic authorization, then without authorization
</name>
<command option="no-output,no-include">
-u testuser:testpass http://%HOSTIP:%HTTPPORT/%TESTNUMBER0100 --next --no-basic http://%HOSTIP:%HTTPPORT/%TESTNUMBER0200
</command>
</client>
# Verify data after the test has been "shot"
<verify>
<protocol crlf="headers">
GET /%TESTNUMBER0100 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Authorization: Basic %b64[testuser:testpass]b64%
User-Agent: curl/%VERSION
Accept: */*
GET /%TESTNUMBER0200 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
User-Agent: curl/%VERSION
Accept: */*
</protocol>
<stdout>
Finally, this is the real page!
This is a bad password page!
</stdout>
</verify>
</testcase>
|
