assertEquals("DRguest", permissionHelper.encode("(deny){role}guest"));
        assertEquals("D2guest", permissionHelper.encode("(deny){group}guest"));
        assertEquals("D1guest", permissionHelper.encode("(deny){USER}guest"));
        assertEquals("DRguest", permissionHelper.encode("(deny){ROLE}guest"));
        assertEquals("D2guest", permissionHelper.encode("(deny){GROUP}guest"));

        assertFalse(auth1.isGuest());
        assertFalse(auth1.isAnonymous());

        // Test guest type with char array
        char[] guestPassword = "GuestPass123!".toCharArray();
        NtlmPasswordAuthenticator auth2 =
                new NtlmPasswordAuthenticator("DOMAIN", "guest", guestPassword, NtlmPasswordAuthenticator.AuthenticationType.GUEST);

        assertTrue(auth2.isGuest());

        private final boolean anonymous;
        private final boolean guest;
        private final Subject subject;
        private final boolean failOnRefresh;

        TestCredentials(String domain, boolean anonymous, boolean guest, Subject subject, boolean failOnRefresh) {
            this.domain = domain;
            this.anonymous = anonymous;
            this.guest = guest;
            this.subject = subject;

        }
    }

    @Test
    @DisplayName("isAnonymous and isGuest are always false")
    void testIsAnonymousAndGuestFalse() {
        JAASAuthenticator auth = new JAASAuthenticator();
        // JAAS-based authenticator should never be anonymous or guest
        assertFalse(auth.isAnonymous());
        assertFalse(auth.isGuest());
    }

    @ParameterizedTest
    @EnumSource(SubjectVariant.class)

    }

    @Override
    public boolean isAnonymous() {
        return this.type == AuthenticationType.NULL;
    }

    @Override
    public boolean isGuest() {
        return this.type == AuthenticationType.GUEST;
    }

    static String unescape(String str) throws NumberFormatException, UnsupportedEncodingException {
        char ch;
        int i, j, state, len;
        char[] out;

        return new Type3Message(this.transportContext, msg2, this.targetName, passwordString,
                this.auth.isGuest() ? null : this.auth.getUserDomain(),
                this.auth.isGuest() ? this.transportContext.getConfig().getGuestUsername() : this.auth.getUsername(), this.workstation,
                this.ntlmsspFlags, this.auth.isGuest() || !this.auth.isAnonymous());
    }

    /**

    public void test_validateFields_validDoc() {
        final Map<String, Object> doc = new HashMap<>();
        doc.put("url", "https://example.com");
        doc.put("title", "Test Title");
        doc.put("role", "Rguest");
        doc.put("boost", "1.0");

        final List<String> errors = new ArrayList<>();
        AdminSearchlistAction.validateFields(doc, messages -> {
            errors.add("error");
        });

            doc.put("url", "http://example.com/bulk/" + i);
            doc.put("content", "This is test content for bulk document " + i);
            doc.put("boost", 1.0f);
            doc.put("role", "Rguest");
            documents.add(doc);
        }

        requestBody.put("documents", documents);

        // Execute bulk create

        assertTrue(fessUserBean.hasRoles(new String[] { "admin", "user" }));
        assertTrue(fessUserBean.hasRoles(new String[] { "guest", "admin" }));

        // Test with no matching roles
        assertFalse(fessUserBean.hasRoles(new String[] { "guest", "viewer" }));

        // Test with multiple roles
        testUser.setRoleNames(new String[] { "admin", "user", "manager" });

        assertTrue(disablePlainTextPasswords, "Should delegate plain text password setting");
        assertEquals("GUEST", guestUsername, "Should delegate guest username");
        assertEquals("", guestPassword, "Should delegate guest password");
        assertFalse(allowGuestFallback, "Should delegate guest fallback setting");

        verify(mockDelegate).getLanManCompatibility();
        verify(mockDelegate).isAllowNTLMFallback();