@DisplayName("getUserDomain: derives from KerberosPrincipal in Subject")
        void getUserDomain_fromSubjectPrincipal() {
            Subject subject = new Subject();
            Principal kp = new KerberosPrincipal("******@****.***");
            subject.getPrincipals().add(kp);

            Kerb5Authenticator auth = new Kerb5Authenticator(subject);
            assertEquals("EXAMPLE.COM", auth.getUserDomain());
        }

        }
    }

    private static class MockSMailPostingDiscloser implements SMailPostingDiscloser {
        private String subject;
        private String plainText;

        public void setSubject(String subject) {
            this.subject = subject;
        }

        public void setPlainText(String plainText) {
            this.plainText = plainText;
        }

        @Override

        private final boolean guest;
        private final Subject subject;
        private final boolean failOnRefresh;

        TestCredentials(String domain, boolean anonymous, boolean guest, Subject subject, boolean failOnRefresh) {
            this.domain = domain;
            this.anonymous = anonymous;
            this.guest = guest;
            this.subject = subject;
            this.failOnRefresh = failOnRefresh;
        }

        // Test the cloning behavior with both null and non-null cached subjects
        if (first != null) {
            // If we got a valid subject, test that it's properly cached and cloned
            Subject cachedOrig = orig.getSubject();
            assertNotNull(cachedOrig);

            // Cached subject is copied and visible via getSubject()
            Subject copySubj = copy.getSubject();
            assertNotNull(copySubj);

            throw new SmbException("Context setup failed", e);
        }
    }

    /**
     * Set the Kerberos subject
     *
     * @param subject
     *            the subject to set
     */
    protected void setSubject(Subject subject) {
        this.subject = subject;
    }

    @Override
    public void refresh() throws CIFSException {

      }

    fun build(): HeldCertificate {
      // Subject keys & identity.
      val subjectKeyPair = keyPair ?: generateKeyPair()
      val subjectPublicKeyInfo =
        CertificateAdapters.subjectPublicKeyInfo.fromDer(
          subjectKeyPair.public.encoded.toByteString(),
        )
      val subject: List<List<AttributeTypeAndValue>> = subject()

	if err := DB.AutoMigrate(&Blog{}, &Tag{}); err != nil {
		t.Fatalf("Failed to auto migrate, got error: %v", err)
	}

	blog := Blog{
		Locale:  "ZH",
		Subject: "subject",
		Body:    "body",
		Tags: []Tag{
			{Locale: "ZH", Value: "tag1"},
			{Locale: "ZH", Value: "tag2"},
		},
	}

	DB.Save(&blog)
	if !compareTags(blog.Tags, []string{"tag1", "tag2"}) {

        }
    }

    Key searchSessionKey(Subject subject) throws GSSException {
        MIEName src = new MIEName(this.gssContext.getSrcName().export());
        MIEName targ = new MIEName(this.gssContext.getTargName().export());

        ASN1ObjectIdentifier mech = ASN1ObjectIdentifier.getInstance(this.gssContext.getMech().getDER());
        for (KerberosTicket ticket : subject.getPrivateCredentials(KerberosTicket.class)) {

   *   serialNumber         CertificateSerialNumber,
   *   signature            AlgorithmIdentifier,
   *   issuer               Name,
   *   validity             Validity,
   *   subject              Name,
   *   subjectPublicKeyInfo SubjectPublicKeyInfo,
   *   issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL, -- If present, version MUST be v2 or v3

    // these checks test alternative subjects. The test data contains an
    // alternative subject starting with a japanese kanji character. This is
    // not supported by Android because the underlying implementation from
    // harmony follows the definition from rfc 1034 page 10 for alternative
    // subject names. This causes the code to drop all alternative subjects.
    assertThat(verifier.verify("bar.com", session)).isTrue()