ssn.setAttribute("NtlmHttpAuth", ntlm);
            ssn.setAttribute("ntlmdomain", ntlm.getDomain());
            ssn.setAttribute("ntlmuser", ntlm.getUsername());
        } else {
            final HttpSession ssn = request.getSession(false);
            if (ssn == null || ssn.getAttribute("NtlmHttpAuth") == null) {
                response.setHeader("WWW-Authenticate", "NTLM");
                if (offerBasic) {

    }

    @Test
    @DisplayName("auth type is always NTLM")
    void testAuthTypeConstant(@Mock HttpServletRequest mockRequest, @Mock Principal mockPrincipal) {
        // No need to stub getName() since we're not calling getRemoteUser()
        NtlmHttpServletRequest request = new NtlmHttpServletRequest(mockRequest, mockPrincipal);
        assertEquals("NTLM", request.getAuthType());

 * {@code NtlmServlet}, and {@code NetworkExplorer} to negotiate password
 * hashes via NTLM SSP with MSIE. It might also be used directly by servlet
 * containers to incorporate similar functionality.
 * <p>
 * How NTLMSSP is used in conjunction with HTTP and MSIE clients is
 * described in an <A HREF="http://www.innovation.ch/java/ntlm.html">NTLM
 * Authentication Scheme for HTTP</A>.
 * <p>
 * Also, read <a

     * Verifies that the method always returns "NTLM".
     */
    @Test
    void testGetAuthType() {
        // Arrange: Define the expected authentication type
        String expectedAuthType = "NTLM";

        // Act: Call the method under test
        String actualAuthType = ntlmRequest.getAuthType();

        // Assert: Verify that the returned authentication type is "NTLM"

        NtlmPasswordAuthentication ntlm = negotiate(req, resp, false);

        if (ntlm == null) {
            return;
        }

        chain.doFilter(new NtlmHttpServletRequest(req, ntlm), response);
    }

    /**
     * Negotiate password hashes with MSIE clients using NTLM SSP
     * @param req The servlet request
     * @param resp The servlet response

        // This test is simplified to verify basic handshake behavior
        // Full NTLM handshake testing would require more complex mocking

        // Arrange - Mock a server that supports NTLM
        mockResponse(HTTP_UNAUTHORIZED, "Unauthorized", Collections.singletonMap("WWW-Authenticate", Collections.singletonList("NTLM")),
                new ByteArrayInputStream(new byte[0]));

        // Act - Trigger handshake

        NtlmPasswordAuthentication ntlm = negotiate(req, resp, false);

        if (ntlm == null) {
            return;
        }

        chain.doFilter(new NtlmHttpServletRequest(req, ntlm), response);
    }

    /**
     * Negotiate password hashes with MSIE clients using NTLM SSP
     *
     * @param req
     *            The servlet request

            }
            NtlmPasswordAuthentication ntlm;
            if (msg.startsWith("NTLM ")) {
                final byte[] challenge = getTransportContext().getTransportPool().getChallenge(getTransportContext(), dc);
                ntlm = NtlmSsp.authenticate(getTransportContext(), request, response, challenge);
                if (ntlm == null) {
                    return;
                }

    static {
        String domain = System.getProperty("http.auth.ntlm.domain");
        if (domain == null) {
            domain = Type3Message.getDefaultDomain();
        }
        DEFAULT_DOMAIN = domain;
    }

    /**
     * Creates a new NTLM HTTP URL connection that wraps an existing HTTP connection.
     *
     * @param connection the HTTP connection to wrap for NTLM authentication
     */

 * hashes via NTLM SSP with MSIE. It might also be used directly by servlet
 * containers to incorporate similar functionality.
 * <p>
 * How NTLMSSP is used in conjunction with HTTP and MSIE clients is
 * described in an <A HREF="http://www.innovation.ch/java/ntlm.html">NTLM
 * Authentication Scheme for HTTP</A>.  <p> Also, read <a
 * href="../../../ntlmhttpauth.html">jCIFS NTLM HTTP Authentication and