SsoAuthenticator[] authenticators = ssoManager.getAuthenticators();
        assertEquals(3, authenticators.length);
        assertEquals(authenticator1, authenticators[0]);
        assertEquals(authenticator2, authenticators[1]);
        assertEquals(authenticator3, authenticators[2]);
    }

    public void test_getAuthenticators_withNoRegisteredAuthenticators() {
        SsoAuthenticator[] authenticators = ssoManager.getAuthenticators();

        // Execute
        authenticator.resolveCredential(resolver);

        // Verify
        assertTrue(authenticator.isResolverCalled());
        assertNotNull(authenticator.getLastResolver());
    }

    public void test_resolveCredential_withNullResolver() {
        // Execute
        authenticator.resolveCredential(null);

        // Verify

import jcifs.CIFSContext;
import jcifs.CIFSException;
import jcifs.spnego.NegTokenInit;

/**
 * Base kerberos authenticator
 *
 * Uses a subject that contains kerberos credentials for use in GSSAPI context establishment.
 *
 * Be advised that short/NetBIOS name usage is not supported with this authenticator. Always specify full FQDNs.

    val hostnameVerifier: HostnameVerifier? = address.hostnameVerifier
    val certificatePinner: CertificatePinner? = address.certificatePinner
  }

  @Test
  fun authenticator() {
    var authenticator: Authenticator = Authenticator { route, response -> TODO() }
  }

  @Test
  fun cache() {
    val cache = Cache(File("/cache/"), Integer.MAX_VALUE.toLong())
    cache.initialize()
    cache.delete()

    }

    /**
     * Test that closed authenticator prevents all sensitive operations
     */
    @Test
    @DisplayName("Test closed authenticator blocks all sensitive operations")
    public void testClosedAuthenticatorBlocking() throws Exception {
        NtlmPasswordAuthenticator auth = new NtlmPasswordAuthenticator("DOMAIN", "user", "BlockedPass123!");

        // Close the authenticator
        auth.close();

    val hostnameVerifier: HostnameVerifier = client.hostnameVerifier()
    val certificatePinner: CertificatePinner = client.certificatePinner()
    val proxyAuthenticator: Authenticator = client.proxyAuthenticator()
    val authenticator: Authenticator = client.authenticator()
    val connectionPool: ConnectionPool = client.connectionPool()
    val dns: Dns = client.dns()
    val followSslRedirects: Boolean = client.followSslRedirects()

    /** The underlying SPNEGO authenticator instance. */
    protected org.codelibs.spnego.SpnegoAuthenticator authenticator = null;

    /**
     * Constructs a new SPNEGO authenticator.
     */
    public SpnegoAuthenticator() {
        // do nothing
    }

    /**
     * Initializes the SPNEGO authenticator and registers it with the SSO manager.

        auth.refresh();
        Subject afterRefresh = auth.getSubject();
        // After refresh, may succeed or fail depending on JAAS configuration
        // Just verify that refresh doesn't break the authenticator
        assertNotNull(auth, "Authenticator should remain usable after refresh");
    }

    @Test
    @DisplayName("handle: sets NameCallback and PasswordCallback on happy path")

        cloneInternal(cloned, this);
        return cloned;
    }

    /**
     * Clone internal fields from one authenticator to another.
     *
     * @param cloned the target authenticator to copy to
     * @param toClone the source authenticator to copy from
     */
    protected static void cloneInternal(NtlmPasswordAuthenticator cloned, NtlmPasswordAuthenticator toClone) {

import jakarta.annotation.PostConstruct;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;

/**
 * Authenticator for SAML.
 */
public class SamlAuthenticator implements SsoAuthenticator {

    /**
     * Constructor.
     */
    public SamlAuthenticator() {
        super();
    }