|
|
|||||||||||||||
last updated on 4/13/2011 12:32:35 PM |
Basic Authentication
Name: BasicAuthUser
This is another asp-authentication test case. When using this asp the username must be added
in the querystring in the form: secure_authrequ.asp?LOGON_USER=username.
Don't use this samples with NTLM
For the people who are too lazy to type:
Following links open in a new window (or tab on newer browsers):
Password: BasicAuthPass
secure_auth.asp
http://demo.borland.com/testsite/secure_authrequ.asp?LOGON_USER=BasicAuthUser
http://demo.borland.com/testsite/secure_authrequ.asp?LOGON_USER=BasicAuthUserA
http://demo.borland.com/testsite/secure_authrequ.asp?LOGON_USER=BasicAuthUserB
http://BasicAuthUser:BasicAuthPass@demo.borland.com/testsite/secure_authrequ.asp?LOGON_USER=BasicAuthUser
http://BasicAuthUserA:BasicAuthPassA@demo.borland.com/testsite/secure_authrequ.asp?LOGON_USER=BasicAuthUserA
http://BasicAuthUserB:BasicAuthPassB@demo.borland.com/testsite/secure_authrequ.asp?LOGON_USER=BasicAuthUserB
BDLT: Login Form (ASP)
http://demo.borland.com/testsite/LoginForm.html (BasicAuthUser/BasicAuthPass)
http://demo.borland.com/testsite/secure_authrequ.asp?LOGON_USER=BasicAuthUserA
http://demo.borland.com/testsite/secure_authrequ.asp?LOGON_USER=BasicAuthUserB
For the people who are too lazy to type:
http://BasicAuthUser:BasicAuthPass@demo.borland.com/testsite/secure_authrequ.asp?LOGON_USER=BasicAuthUser
http://BasicAuthUserA:BasicAuthPassA@demo.borland.com/testsite/secure_authrequ.asp?LOGON_USER=BasicAuthUserA
http://BasicAuthUserB:BasicAuthPassB@demo.borland.com/testsite/secure_authrequ.asp?LOGON_USER=BasicAuthUserB
BDLT: Login Form (ASP)
http://demo.borland.com/testsite/LoginForm.html (BasicAuthUser/BasicAuthPass)
Security Mode Changes
Plain HTTPS to this page:
Plain HTTP to this page:
Move to another virtual site: Basic Authentication: NTLM:
https://demo.borland.com/testsite/secure_main.asp
http://demo.borland.com/testsite/secure_main.asp
http://demo.borland.com/testsite/secure/secure_main.asp
https://demo.borland.com/testsite/secure/secure_main.asp
http://demo.borland.com/testsite/ntlm/secure_main.asp
https://demo.borland.com/testsite/ntlm/secure_main.asp
Redirect to this page and change security mode:
http://demo.borland.com/testsite/secure_http2https.asp
Redirect to this page and change security mode:
https://demo.borland.com/testsite/secure/secure_https2http.asp
Link to this page again:
http://demo.borland.com/testsite/secure_main.asp
Client Certificate Handling
Link to this page in secure mode and requesting a client certificate:
Show the data of the client certificate:
https://demo.borland.com/testsite/clientcert/secure_main.asp
https://demo.borland.com/testsite/clientcert/secure_clientcert.asp
Basic Authentication II - different paths
The realm is set to demo.borland.com: The realm is set to testlab000:
http://demo.borland.com/testsite/secure_sub1/secure_authrequ.asp?LOGON_USER=BasicAuthUser
http://demo.borland.com/testsite/secure_sub2/secure_authrequ.asp?LOGON_USER=BasicAuthUser
http://demo.borland.com/testsite/secure_sub1/sub1/secure_authrequ.asp?LOGON_USER=BasicAuthUser
http://demo.borland.com/testsite/secure_sub2/sub1/secure_authrequ.asp?LOGON_USER=BasicAuthUser
http://demo.borland.com/testsite/secure_sub1/sub2/secure_authrequ.asp?LOGON_USER=BasicAuthUser
http://demo.borland.com/testsite/secure_sub2/sub2/secure_authrequ.asp?LOGON_USER=BasicAuthUser
http://demo.borland.com/testsite/secure_sub1/secure_authrequrealm.asp?LOGON_USER=BasicAuthUser
http://demo.borland.com/testsite/secure_sub2/secure_authrequrealm.asp?LOGON_USER=BasicAuthUser
http://demo.borland.com/testsite/secure_sub1/sub1/secure_authrequrealm.asp?LOGON_USER=BasicAuthUser
http://demo.borland.com/testsite/secure_sub2/sub1/secure_authrequrealm.asp?LOGON_USER=BasicAuthUser
http://demo.borland.com/testsite/secure_sub1/sub2/secure_authrequrealm.asp?LOGON_USER=BasicAuthUser
http://demo.borland.com/testsite/secure_sub2/sub2/secure_authrequrealm.asp?LOGON_USER=BasicAuthUser
Basic Authentication III - challenging realm
HTTP Basic Authentication sample
Note:
The challenge_verification.asp samples use either the HTTP request-headers LOGON_USER or HTTP_AUTHORIZATION to grant or
deny permission to access a page inside the protection space.
Basic Authentication IV - embedded images and https
For the following sample, Basic Authentication must be enabled by the Web server.
Basic Authentication, https and embedded images