SsoAuthenticator[] authenticators = ssoManager.getAuthenticators();
        assertEquals(3, authenticators.length);
        assertEquals(authenticator1, authenticators[0]);
        assertEquals(authenticator2, authenticators[1]);
        assertEquals(authenticator3, authenticators[2]);
    }

    public void test_getAuthenticators_withNoRegisteredAuthenticators() {
        SsoAuthenticator[] authenticators = ssoManager.getAuthenticators();

 */
public class NtlmPasswordAuthenticatorSecurityTest {

    private NtlmPasswordAuthenticator authenticator;

    @BeforeEach
    public void setUp() {
        authenticator = null;
    }

    @AfterEach
    public void tearDown() throws Exception {
        if (authenticator != null) {
            authenticator.close();
        }
    }

    @Test
    @DisplayName("Test password stored as char array")

        char[] diffAtMiddle = "supersecretpXssword123456789".toCharArray();
        char[] diffAtEnd = "supersecretpassword12345678X".toCharArray();

        // Create authenticators
        NtlmPasswordAuthenticator baseAuth = new NtlmPasswordAuthenticator("domain", "user", new String(basePassword));

    }

    /**
     * Test that closed authenticator prevents all sensitive operations
     */
    @Test
    @DisplayName("Test closed authenticator blocks all sensitive operations")
    public void testClosedAuthenticatorBlocking() throws Exception {
        NtlmPasswordAuthenticator auth = new NtlmPasswordAuthenticator("DOMAIN", "user", "BlockedPass123!");

        // Close the authenticator
        auth.close();

- Introduced a new metric `kubelet_admission_rejections_total` to track the number of pods rejected during admission. ([#128556](https://github.com/kubernetes/kubernetes/pull/128556), [@AnishShah](https://github.com/AnishShah))

- Added support for specifying `controlplane` or `cluster` egress selectors in JWT authenticators via the `issuer.egressSelectorType` field in the `AuthenticationConfiguration.jwt` array. If unset, the previous behavior of using no egress selector is preserved. This functionality requires the `StructuredAuthenticationConfigurationEgressSelector`...

                }
            }
        }
    }

    /**
     * Creates an NTLM password authenticator from the given SMB authentication.
     *
     * @param smbAuthentication the SMB authentication information
     * @return the NTLM password authenticator
     */
    protected NtlmPasswordAuthenticator getAuthenticator(final SmbAuthentication smbAuthentication) {

        // Execute
        authenticator.resolveCredential(resolver);

        // Verify
        assertTrue(authenticator.isResolverCalled());
        assertNotNull(authenticator.getLastResolver());
    }

    public void test_resolveCredential_withNullResolver() {
        // Execute
        authenticator.resolveCredential(null);

        // Verify

import jcifs.CIFSContext;
import jcifs.CIFSException;
import jcifs.spnego.NegTokenInit;

/**
 * Base kerberos authenticator
 *
 * Uses a subject that contains kerberos credentials for use in GSSAPI context establishment.
 *
 * Be advised that short/NetBIOS name usage is not supported with this authenticator. Always specify full FQDNs.

import org.slf4j.LoggerFactory;

import jcifs.CIFSException;

/**
 * JAAS kerberos authenticator
 *
 * Either configure JAAS for credential caching or reuse a single instance of this authenticator -otherwise you won't
 * get proper ticket caching.
 *
 * Be advised that short/NetBIOS name usage is not supported with this authenticator. Always specify full FQDNs/Realm.