TestCredentials creds = new TestCredentials("A", true, false, subject, false);

        // Act
        TestCredentials copy = creds.clone();

        // Assert
        assertNotSame(creds, copy, "clone must return a new instance");
        assertEquals(creds.getUserDomain(), copy.getUserDomain());
        assertEquals(creds.isAnonymous(), copy.isAnonymous());
        assertEquals(creds.isGuest(), copy.isGuest());

		t.Fatalf("unable initialize config file, %s", err)
	}

	initAllSubsystems(ctx)

	initConfigSubsystem(ctx, objLayer)

	creds, err := auth.CreateCredentials("myuser", "mypassword")
	if err != nil {
		t.Fatalf("unable create credential, %s", err)
	}

	globalActiveCred = creds

	globalIAMSys.Init(ctx, objLayer, globalEtcdClient, 2*time.Second)

	// List of test cases for validating http request authentication.

        assertNull(b.getServer());
    }

    @Test
    @DisplayName("shouldForceSigning depends on config, creds, and IPC")
    void testShouldForceSigning() {
        when(config.isIpcSigningEnforced()).thenReturn(true);
        when(creds.isAnonymous()).thenReturn(false);

        // Case 1: share is IPC$ -> IPC
        SmbResourceLocatorImpl ipc = locator("smb://server/IPC$/");

        // Arrange: minimal credentials chain so SmbSessionImpl constructor succeeds
        CredentialsInternal creds = mock(CredentialsInternal.class);
        when(ctx.getCredentials()).thenReturn(creds);
        when(creds.unwrap(CredentialsInternal.class)).thenReturn(creds);
        when(creds.clone()).thenReturn(creds);

        assertEquals(0, transport.getNumSessions());

        // Act: create new session (happy path)

	case madmin.S3:
		if creds.AWSRole {
			cfg.S3.AWSRole = true
		}
		if creds.AWSRoleWebIdentityTokenFile != "" && creds.AWSRoleARN != "" {
			cfg.S3.AWSRoleARN = creds.AWSRoleARN
			cfg.S3.AWSRoleWebIdentityTokenFile = creds.AWSRoleWebIdentityTokenFile
		}
		if creds.AccessKey != "" && creds.SecretKey != "" {
			cfg.S3.AccessKey = creds.AccessKey
			cfg.S3.SecretKey = creds.SecretKey
		}
	case madmin.Azure:

        // Mock CIFSContext behavior
        NtlmPasswordAuthentication creds = new NtlmPasswordAuthentication(
                new BaseContext(new PropertyConfiguration(System.getProperties())), "domain", "user", "password");
        when(mockCifsContext.getCredentials()).thenReturn(creds);
        when(mockCifsContext.getConfig()).thenReturn(new PropertyConfiguration(System.getProperties()));

	}{
		// Test case - 1.
		// Filter contains more than (Prefix,Tag,And) rule
		{
			method:             http.MethodPut,
			bucketName:         bucketName,
			accessKey:          creds.AccessKey,
			secretKey:          creds.SecretKey,

func (sys *BucketTargetSys) getRemoteTargetClient(tcfg *madmin.BucketTarget) (*TargetClient, error) {
	config := tcfg.Credentials
	creds := credentials.NewStaticV4(config.AccessKey, config.SecretKey, "")

	api, err := minio.New(tcfg.Endpoint, &minio.Options{
		Creds:     creds,
		Secure:    tcfg.Secure,
		Region:    tcfg.Region,
		Transport: globalRemoteTargetTransport,
	})
	if err != nil {
		return nil, err

			Creds:           mcreds,
			Secure:          globalIsTLS,
			Transport:       tr,
			TrailingHeaders: true,
		})
	}

	// ok == true - at this point

	if ui.Credentials.IsTemp() {
		// Temporary credentials are not allowed.
		return nil, errAuthentication
	}

	return minio.New(driver.endpoint, &minio.Options{

    private SmbTransportPoolImpl pool;

    @Mock
    private CIFSContext ctx;
    @Mock
    private Configuration config;
    @Mock
    private NameServiceClient nameSvc;
    @Mock
    private Credentials creds;
    @Mock
    private Address address;
    @Mock
    private SmbNegotiationResponse negotiationResponse;

    @BeforeEach
    void setUp() {
        // Create a fresh pool instance for each test