SsoAuthenticator[] authenticators = ssoManager.getAuthenticators();
        assertEquals(3, authenticators.length);
        assertEquals(authenticator1, authenticators[0]);
        assertEquals(authenticator2, authenticators[1]);
        assertEquals(authenticator3, authenticators[2]);
    }

    public void test_getAuthenticators_withNoRegisteredAuthenticators() {
        SsoAuthenticator[] authenticators = ssoManager.getAuthenticators();

     * @return The action response from the SSO authenticator, or null if SSO is not available
     */
    public ActionResponse getResponse(final SsoResponseType responseType) {
        if (available()) {
            final SsoAuthenticator authenticator = getAuthenticator();
            if (authenticator != null) {
                return authenticator.getResponse(responseType);
            }
        }
        return null;

 */
public class NtlmPasswordAuthenticatorSecurityTest {

    private NtlmPasswordAuthenticator authenticator;

    @BeforeEach
    public void setUp() {
        authenticator = null;
    }

    @AfterEach
    public void tearDown() throws Exception {
        if (authenticator != null) {
            authenticator.close();
        }
    }

    @Test
    @DisplayName("Test password stored as char array")

        // Execute
        authenticator.resolveCredential(resolver);

        // Verify
        assertTrue(authenticator.isResolverCalled());
        assertNotNull(authenticator.getLastResolver());
    }

    public void test_resolveCredential_withNullResolver() {
        // Execute
        authenticator.resolveCredential(null);

        // Verify

import jcifs.CIFSContext;
import jcifs.CIFSException;
import jcifs.spnego.NegTokenInit;

/**
 * Base kerberos authenticator
 *
 * Uses a subject that contains kerberos credentials for use in GSSAPI context establishment.
 *
 * Be advised that short/NetBIOS name usage is not supported with this authenticator. Always specify full FQDNs.

     *
     * @return The login credential containing the authenticated username,
     *         an ActionResponseCredential for authentication challenges,
     *         or null if no authentication information is available
     * @throws SsoLoginException if SPNEGO authentication fails
     */
    @Override
    public LoginCredential getLoginCredential() {

    }

    /**
     * Create an authenticator using the given JAAS service and the specified credentials
     *
     * @param serviceName
     *            JAAS configuration name
     * @param domain the domain for authentication
     * @param username the username for authentication
     * @param password the password for authentication
     */

    }

    /**
     * Test that closed authenticator prevents all sensitive operations
     */
    @Test
    @DisplayName("Test closed authenticator blocks all sensitive operations")
    public void testClosedAuthenticatorBlocking() throws Exception {
        NtlmPasswordAuthenticator auth = new NtlmPasswordAuthenticator("DOMAIN", "user", "BlockedPass123!");

        // Close the authenticator
        auth.close();

        return requestNtlmPasswordAuthentication(auth, url, sae);
    }

    /**
     * Requests NTLM password authentication using the specified authenticator.
     * @param a the authenticator to use for retrieving credentials
     * @param url the URL that requires authentication
     * @param sae the authentication exception that was thrown
     * @return credentials returned by prompt
     */

            try {
                final AzureAdAuthenticator authenticator = ComponentUtil.getComponent(AzureAdAuthenticator.class);
                final IAuthenticationResult newResult = authenticator.refreshTokenSilently(this);
                if (newResult != null) {
                    authResult = newResult;
                    authenticator.updateMemberOf(this);