import jcifs.CIFSException;

/**
 * Unified authentication provider interface for SMB authentication
 *
 * This interface provides a consistent authentication mechanism across
 * SMB1, SMB2, and SMB3 protocols, addressing the issue of multiple
 * scattered authentication implementations.
 */
public interface AuthenticationProvider {

    /**
     * Authentication type enumeration
     */
    enum AuthType {

     * @param tc the CIFS context containing credentials
     * @throws CIFSException if an error occurs during authentication
     * @deprecated functionality is broken and will be removed at some point,
     *             use actual Active Directory authentication instead
     */
    @Deprecated
    void logon(CIFSContext tc, Address dc) throws CIFSException;

    /**

        // Authentication errors
        AUTHENTICATION_FAILED("Authentication failed", ErrorCategory.AUTHENTICATION, false), ACCESS_DENIED("Access denied",
                ErrorCategory.AUTHENTICATION, false), INVALID_CREDENTIALS("Invalid credentials", ErrorCategory.AUTHENTICATION,
                        false), SESSION_EXPIRED("Session expired", ErrorCategory.AUTHENTICATION, true),

        // File system errors

- **Pre-Authentication Integrity**: SMB 3.1.1 PAI for preventing downgrade attacks
- **Automatic Detection**: Encryption automatically enabled when servers require it
- **Secure Key Management**: Proper key derivation and nonce generation

### Core Features
- **Per-context configuration**: No global state, each context encapsulates configuration
- **Authentication**: NTLM, Kerberos, SPNEGO unified subsystem

        return result == 1;
    }

    /** The authentication type */
    private AuthenticationType type;
    /** The authentication domain */
    private String domain;
    /** The username for authentication */
    private String username;
    /** The password for authentication */
    private char[] password;
    /** The client challenge for NTLM authentication */
    private byte[] clientChallenge = null;

     * Gets the authentication exception that triggered this request.
     * @return the authentication exception
     */
    protected final SmbAuthException getRequestingException() {
        return this.sae;
    }

    /**
     * Used internally by jCIFS when an <code>SmbAuthException</code> is trapped to retrieve new user credentials.
     *
     * @param url the URL that requires authentication

        /** User's computed permissions. */
        protected String[] permissions;

        /** Azure AD authentication result. */
        protected IAuthenticationResult authResult;

        /**
         * Constructs an Azure AD user with the authentication result.
         * @param authResult The authentication result from Azure AD.
         */
        public AzureAdUser(final IAuthenticationResult authResult) {

                TimeUnit.MILLISECONDS);

        log.info("Authentication rate limiter initialized: maxAccount={}, maxIp={}, maxGlobal={}/min", maxAttemptsPerAccount,
                maxAttemptsPerIp, maxGlobalAttemptsPerMinute);
    }

    /**
     * Check if authentication attempt is allowed
     *
     * @param username the username attempting authentication
     * @param sourceIp the source IP address

 * <p>
 * How NTLMSSP is used in conjunction with HTTP and MSIE clients is
 * described in an <A HREF="http://www.innovation.ch/java/ntlm.html">NTLM
 * Authentication Scheme for HTTP</A>.
 * <p>
 * Also, read <a
 * href="../../../ntlmhttpauth.html">jCIFS NTLM HTTP Authentication and
 * the Network Explorer Servlet</a> related information.
 */
@Deprecated
public class NtlmSsp implements NtlmFlags {

    /**

coredns_path     (path)      shared bucket DNS records, default is "/skydns"
client_cert      (path)      client cert for mTLS authentication
client_cert_key  (path)      client cert key for mTLS authentication
comment          (sentence)  optionally add a comment to this setting
```

or environment variables

```
KEY: