HTTP HTTP proxy HTTP proxy Digest auth # Server-side # this is returned first since we get no proxy-auth HTTP/1.1 407 Authorization Required to proxy me my dear Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" Content-Length: 33 And you should ignore this data. # then this is returned when we get proxy-auth HTTP/1.1 200 OK Content-Length: 21 Server: no Nice proxy auth sir! HTTP/1.1 407 Authorization Required to proxy me my dear Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" Content-Length: 33 HTTP/1.1 200 OK Content-Length: 21 Server: no Nice proxy auth sir! HTTP/1.1 407 Authorization Required to proxy me my dear Proxy-Authenticate: Digest realm="weirdorealm", nonce="12345" Content-Length: 33 HTTP/1.1 200 OK Content-Length: 21 Server: no Nice proxy auth sir! # Client-side http http-proxy # tool is what to use instead of 'curl' lib%TESTNUMBER !SSPI crypto proxy digest HTTP proxy auth Digest, then change proxy port and do it again http://test.remote.example.com/path/%TESTNUMBER %HOSTIP %HTTPPORT %PROXYPORT silly:person # Verify data after the test has been "shot" GET http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 Host: test.remote.example.com Accept: */* Proxy-Connection: Keep-Alive GET http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 Host: test.remote.example.com Proxy-Authorization: Digest username="silly", realm="weirdorealm", nonce="12345", uri="/path/%TESTNUMBER", response="9a547f8fa81cff330c68095603f3819e" Accept: */* Proxy-Connection: Keep-Alive GET http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 Host: test.remote.example.com Accept: */* Proxy-Connection: Keep-Alive GET http://test.remote.example.com/path/%TESTNUMBER HTTP/1.1 Host: test.remote.example.com Proxy-Authorization: Digest username="silly", realm="weirdorealm", nonce="12345", uri="/path/%TESTNUMBER", response="9a547f8fa81cff330c68095603f3819e" Accept: */* Proxy-Connection: Keep-Alive