TST: apache-auth digest logs

2013-07-18 00:36:17 +10:00 · 2013-07-18 00:36:17 +10:00 · 8ce9c78474
parent f8b5b3a1ef
commit 8ce9c78474
8 changed files with 39 additions and 3 deletions
--- a/config/filter.d/apache-auth.conf
+++ b/config/filter.d/apache-auth.conf
@ -25,13 +25,17 @@ before = apache-common.conf
 # for ap_log_rerror(APLOG_MARK, APLOG_ERR and examining resulting return code should get
 # all of these expressions. Lots of submodules like mod_authz_* return back to mod_authz_core
 # to return the actual failure.
-
+#
+# See also: http://wiki.apache.org/httpd/ListOfErrors
+#
 failregex = ^%(_apache_error_client)s client denied by server configuration: (uri )?\S*\s*$
            ^%(_apache_error_client)s user .* authentication failure for "\S*": Password Mismatch$
            ^%(_apache_error_client)s user .* not found: \S*\s*$
            ^%(_apache_error_client)s client used wrong authentication scheme: \S*\s*$
            ^%(_apache_error_client)s Authorization of user \S+ to access \S* failed, reason: .*$
            ^%(_apache_error_client)s authorization failure \(no authenticated user\): \S*\s*$
+            ^%(_apache_error_client)s (Digest: )?user .*: password mismatch: \S*\s*$
+            ^%(_apache_error_client)s (Digest: )?user `.*' in realm `.+' (not found|denied by provider): \S*\s*$
            ^%(_apache_error_client)s user .* authorization failure: \S*\s*$
            ^%(_apache_error_client)s user .* authorization failure for "\S*": \s*$
            ^%(_apache_error_client)s invalid nonce .* received - (length|hash) is not \S+\s*$
@ -40,8 +44,6 @@ failregex = ^%(_apache_error_client)s client denied by server configuration: (ur
            ^%(_apache_error_client)s user .*: one-time-nonce mismatch - sending new nonce\s*$
            ^%(_apache_error_client)s realm mismatch - got `.*' but expected `.+'\s*$
            ^%(_apache_error_client)s unknown algorithm `\S+' received: \S*\s*"$
-            ^%(_apache_error_client)s user `.*' in realm `.+' (not found|denied by provider): \S*\s*"$
-            ^%(_apache_error_client)s user .* password mismatch: \S*\s*"$
            ^%(_apache_error_client)s invalid qop `.*' received: \S*\s*"$


--- a/testcases/files/config/apache-auth/digest/.htaccess
+++ b/testcases/files/config/apache-auth/digest/.htaccess
@ -0,0 +1,6 @@
+AuthType Digest
+AuthName "digest private area"
+AuthDigestDomain /digest/
+AuthBasicProvider file
+AuthUserFile /var/www/html/digest/.htpasswd
+Require valid-user
--- a/testcases/files/config/apache-auth/digest/.htpasswd
+++ b/testcases/files/config/apache-auth/digest/.htpasswd
@ -0,0 +1 @@
+username:digest private area:fad48d3a7c63f61b5b3567a4105bbb04
--- a/testcases/files/config/apache-auth/digest_anon/.htaccess
+++ b/testcases/files/config/apache-auth/digest_anon/.htaccess
@ -0,0 +1,9 @@
+AuthType Digest
+AuthName "digest anon"
+AuthDigestDomain /digest_anon/
+AuthBasicProvider file anon
+AuthUserFile /var/www/html/digest_anon/.htpasswd
+Anonymous_NoUserID off
+Anonymous anonymous
+Anonymous_LogEmail on
+Require valid-user
--- a/testcases/files/config/apache-auth/digest_anon/.htpasswd
+++ b/testcases/files/config/apache-auth/digest_anon/.htpasswd
@ -0,0 +1,3 @@
+username:digest anon:25e4077a9344ceb1a88f2a62c9fb60d8
+05bbb04
+anonymous:digest anon:faa4e5870970cf935bb9674776e6b26a
--- a/testcases/files/config/apache-auth/digest_wrongrelm/.htaccess
+++ b/testcases/files/config/apache-auth/digest_wrongrelm/.htaccess
@ -0,0 +1,6 @@
+AuthType Digest
+AuthName "digest private area"
+AuthDigestDomain /digest_wrongrelm/
+AuthBasicProvider file
+AuthUserFile /var/www/html/digest_wrongrelm/.htpasswd
+Require valid-user
--- a/testcases/files/config/apache-auth/digest_wrongrelm/.htpasswd
+++ b/testcases/files/config/apache-auth/digest_wrongrelm/.htpasswd
@ -0,0 +1,2 @@
+username:wrongrelm:99cd340e1283c6d0ab34734bd47bdc30
+4105bbb04
--- a/testcases/files/logs/apache-auth
+++ b/testcases/files/logs/apache-auth
@ -33,3 +33,10 @@
 # failJSON: { "time": "2013-07-17T22:54:32", "match": true , "host": "127.0.0.1" }
 [Wed Jul 17 22:54:32 2013] [error] [client 127.0.0.1] Authorization of user username to access /basic/authz_owner/cant_get_me.html failed, reason: file owner dan does not match.

+# wget --http-user='username' --http-password='wrongpassword' http://localhost/digest/cant_get_me.html -O /dev/null
+# failJSON: { "time": "2013-07-17T23:50:37", "match": true , "host": "127.0.0.1" }
+[Wed Jul 17 23:50:37 2013] [error] [client 127.0.0.1] Digest: user username: password mismatch: /digest/cant_get_me.html
+
+# wget --http-user='username' --http-password='password' http://localhost/digest_wrongrelm/cant_get_me.html -O /dev/null
+# failJSON: { "time": "2013-07-18T00:08:39", "match": true , "host": "127.0.0.1" }
+[Thu Jul 18 00:08:39 2013] [error] [client 127.0.0.1] Digest: user `username' in realm `digest private area' not found: /digest_wrongrelm/cant_get_me.html
				`@ -0,0 +1 @@`
				`username:digest private area:fad48d3a7c63f61b5b3567a4105bbb04`