final String jwtHeader = new String(decodeBase64(jwt[0]), Constants.UTF_8_CHARSET);
            final String jwtClaim = new String(decodeBase64(jwt[1]), Constants.UTF_8_CHARSET);
            final String jwtSignature = new String(decodeBase64(jwt[2]), Constants.UTF_8_CHARSET);

            if (logger.isDebugEnabled()) {
                logger.debug("jwtHeader={}", jwtHeader);

        when(request.getHeader("Authorization")).thenReturn(null);
        when(httpSession.getAttribute("NtlmHttpAuth")).thenReturn(null);

        filter.doFilter(request, response, filterChain);

        verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        verify(response).setHeader("WWW-Authenticate", "NTLM");

        public String getMethod() {
            return method;
        }

        public void setHeader(String name, String value) {
            if ("Origin".equals(name)) {
                originHeader = value;
            }
        }

        @Override
        public String getHeader(String name) {
            if ("Origin".equals(name)) {
                return originHeader;
            }

        // Setup: No "Authorization" header
        when(mockRequest.getHeader("Authorization")).thenReturn(null);

        // Execute
        NtlmPasswordAuthentication result = NtlmSsp.authenticate(mockCifsContext, mockRequest, mockResponse, challenge);

        // Verify
        assertNull(result, "Authentication result should be null");
        verify(mockResponse).setHeader("WWW-Authenticate", "NTLM");

        ntlmServlet.init(servletConfig);
        when(request.getHeader("Authorization")).thenReturn(null);
        when(request.getSession(false)).thenReturn(null);
        lenient().when(request.isSecure()).thenReturn(true);

        ntlmServlet.service(request, response);

        verify(response).setHeader("WWW-Authenticate", "NTLM");

        TestFilterChain chain = new TestFilterChain();

        manager.process(request, response, chain);

        assertEquals("application/json", response.getHeader("Content-Type"));
        assertEquals("no-cache", response.getHeader("Cache-Control"));
    }

    @Test
    public void test_matches_withPatternMatching() throws IOException, ServletException {
        // Test regex pattern matching

        initializeNetworkExplorer(false, "jCIFS");

        when(request.getHeader("Authorization")).thenReturn(null);

        networkExplorer.doGet(request, response);

        verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        verify(response).setHeader("WWW-Authenticate", "NTLM");
        verify(response).flushBuffer();
    }

    /**

                if (StringUtil.isBlank(responseContentType)) {
                    response.setHeader("Content-Type", "application/json");
                } else {
                    response.setHeader("Content-Type", responseContentType);
                }
                CopyUtil.copy(in, out);
            } catch (final ClientAbortException e) {

            final boolean skipAuthentication) throws IOException, ServletException {
        UniAddress dc;
        String msg;
        NtlmPasswordAuthentication ntlm = null;
        msg = req.getHeader("Authorization");
        final boolean offerBasic = enableBasic && (insecureBasic || req.isSecure());

        if (msg != null && (msg.startsWith("NTLM ") || offerBasic && msg.startsWith("Basic "))) {

            url = file.getLocator().getPath();
            resp.setContentType("text/plain");
            resp.setContentType(URLConnection.guessContentTypeFromName(url));
            resp.setHeader("Content-Length", file.length() + "");
            resp.setHeader("Accept-Ranges", "Bytes");

            while ((n = in.read(buf)) != -1) {
                out.write(buf, 0, n);
            }
        }
    }

    /**