assertEquals("DRguest", permissionHelper.encode("(deny){role}guest"));
        assertEquals("D2guest", permissionHelper.encode("(deny){group}guest"));
        assertEquals("D1guest", permissionHelper.encode("(deny){USER}guest"));
        assertEquals("DRguest", permissionHelper.encode("(deny){ROLE}guest"));
        assertEquals("D2guest", permissionHelper.encode("(deny){GROUP}guest"));

        private final boolean anonymous;
        private final boolean guest;
        private final Subject subject;
        private final boolean failOnRefresh;

        TestCredentials(String domain, boolean anonymous, boolean guest, Subject subject, boolean failOnRefresh) {
            this.domain = domain;
            this.anonymous = anonymous;
            this.guest = guest;
            this.subject = subject;

        assertTrue(fessUserBean.hasRoles(new String[] { "admin", "user" }));
        assertTrue(fessUserBean.hasRoles(new String[] { "guest", "admin" }));

        // Test with no matching roles
        assertFalse(fessUserBean.hasRoles(new String[] { "guest", "viewer" }));

        // Test with multiple roles
        testUser.setRoleNames(new String[] { "admin", "user", "manager" });

        assertTrue(disablePlainTextPasswords, "Should delegate plain text password setting");
        assertEquals("GUEST", guestUsername, "Should delegate guest username");
        assertEquals("", guestPassword, "Should delegate guest password");
        assertFalse(allowGuestFallback, "Should delegate guest fallback setting");

        verify(mockDelegate).getLanManCompatibility();
        verify(mockDelegate).isAllowNTLMFallback();

        assertFalse(auth1.isGuest());
        assertFalse(auth1.isAnonymous());

        // Test guest type with char array
        char[] guestPassword = "GuestPass123!".toCharArray();
        NtlmPasswordAuthenticator auth2 =
                new NtlmPasswordAuthenticator("DOMAIN", "guest", guestPassword, NtlmPasswordAuthenticator.AuthenticationType.GUEST);

        assertTrue(auth2.isGuest());
        assertFalse(auth2.isAnonymous());

import jcifs.util.SecureKeyManager;
import jcifs.util.Strings;

/**
 * This class stores and encrypts NTLM user credentials.
 *
 * Contrary to {@link NtlmPasswordAuthentication} this does not cause guest authentication
 * when the "guest" username is supplied. Use {@link AuthenticationType} instead.
 *
 * @author mbechler
 */
public class NtlmPasswordAuthenticator implements Principal, CredentialsInternal, Serializable, AutoCloseable {

     *
     * @return password used when guest authentication is requested
     */
    String getGuestPassword();

    /**
     * Property {@code jcifs.smb.client.guestUsername}, defaults to GUEST
     *
     * @return username used when guest authentication is requested
     */
    String getGuestUsername();

    /**

                            throw sae;
                        } catch (final SmbException se) {
                            ex = se;
                        }

                        if (response.isLoggedInAsGuest && !"GUEST".equalsIgnoreCase(auth.username)
                                && transport.server.security != SmbConstants.SECURITY_SHARE
                                && auth != NtlmPasswordAuthentication.ANONYMOUS) {

    protected boolean sendNTLMTargetName = true;
    private byte[] machineId;
    /** Username for guest authentication */
    protected String guestUsername = "GUEST";
    /** Password for guest authentication */
    protected String guestPassword = "";
    /** Whether to allow fallback to guest authentication */
    protected boolean allowGuestFallback = false;

        requestBody.put("max_access_count", 10);
        requestBody.put("num_of_thread", 1);
        requestBody.put("interval_time", 0);
        requestBody.put("boost", 100);
        requestBody.put("permissions", "{role}guest");
        requestBody.put("available", true);
        requestBody.put("sort_order", 0);
        createFileConfig(requestBody);
    }

    private static void createJob() {