/** Configuration key for allowing unsecure basic authentication. */
    protected static final String SPNEGO_ALLOW_UNSECURE_BASIC = "spnego.allow.unsecure.basic";

    /** Configuration key for allowing basic authentication. */
    protected static final String SPNEGO_ALLOW_BASIC = "spnego.allow.basic";

    /** Configuration key for pre-authentication password. */

        filter.doFilter(request, response, filterChain);

        // Should only offer NTLM, not Basic auth
        verify(response).setHeader("WWW-Authenticate", "NTLM");
        verify(response, never()).addHeader(eq("WWW-Authenticate"), eq("Basic realm=\"TestRealm\""));
    }

    @Test
    void testDoFilter_ntlmType1Message() throws Exception {

     */
    private byte[] createLargeBufferForContexts() {
        byte[] buffer = new byte[1024]; // Large enough for contexts

        // Copy basic structure
        byte[] basic = createBasicNegotiateResponseBuffer();
        System.arraycopy(basic, 0, buffer, 0, basic.length);

        return buffer;
    }

    /**
     * Creates a completely valid negotiate response buffer for positive testing.
     */

            verify(session, never()).setAttribute(anyString(), any());
        }
    }

    /**
     * Test the service method with a valid Basic Authorization header.
     * Simulates a successful Basic authentication.
     * @throws ServletException
     * @throws IOException
     * @throws CIFSException
     */
    @Test
    void testService_BasicAuth_Success() throws Exception {

     * This is a simplified test that verifies the basic flow without full NTLM protocol simulation.
     * @throws IOException
     * @throws SecurityException
     */
    @Test
    void testSuccessfulHandshake() throws IOException, SecurityException {
        // This test is simplified to verify basic handshake behavior
        // Full NTLM handshake testing would require more complex mocking

    /** The NTLM SSP handler */
    private NtlmSsp ntlmSsp;
    /** Flag indicating if credentials were supplied */
    private boolean credentialsSupplied;
    /** Flag to enable basic authentication */
    private boolean enableBasic;
    /** Flag to allow insecure basic authentication */
    private boolean insecureBasic;
    /** The authentication realm */
    private String realm;
    /** The default domain for authentication */

import jcifs.smb1.util.Base64;
import jcifs.smb1.util.LogStream;

/**
 * This servlet Filter can be used to negotiate password hashes with
 * MSIE clients using NTLM SSP. This is similar to {@code Authentication:
 * BASIC} but weakly encrypted and without requiring the user to re-supply
 * authentication credentials.
 * <p>

    private String style;
    /** Flag indicating if credentials were supplied */
    private boolean credentialsSupplied;
    /** Flag to enable basic authentication */
    private boolean enableBasic;
    /** Flag to allow insecure basic authentication */
    private boolean insecureBasic;
    /** The authentication realm */
    private String realm;
    /** The default domain for authentication */

    }

    /**
     * Test Basic authentication when enabled
     */
    @Test
    void testDoGet_BasicAuth() throws Exception {
        // Initialize with Basic auth enabled
        initializeNetworkExplorer(true, "TestRealm");

        // Test with no auth - should request Basic
        when(request.getHeader("Authorization")).thenReturn(null);

import jcifs.smb.SmbSessionInternal;
import jcifs.smb.SmbTransportInternal;

/**
 * This servlet Filter can be used to negotiate password hashes with
 * MSIE clients using NTLM SSP. This is similar to {@code Authentication:
 * BASIC} but weakly encrypted and without requiring the user to re-supply
 * authentication credentials.
 * <p>
 * Read <a href="../../../ntlmhttpauth.html">jCIFS NTLM HTTP Authentication and the Network Explorer Servlet</a> for