Kerb5Authenticator cloned = auth.clone();

        assertNotSame(auth, cloned);
        assertEquals(subj, cloned.getSubject());
        assertEquals("alice", cloned.getUser());
        assertEquals("EXAMPLE.COM", cloned.getRealm());
        assertEquals("cifs", cloned.getService());
        assertEquals(123, cloned.getUserLifeTime());
        assertEquals(456, cloned.getLifeTime());

        assertArrayEquals(originalPassword, clonedPassword, "Cloned password content should match");

        // Wipe original - should not affect clone
        authenticator.secureWipePassword();

        char[] originalAfterWipe = (char[]) passwordField.get(authenticator);
        char[] clonedAfterWipe = (char[]) passwordField.get(cloned);

     */
    protected static void cloneInternal(NtlmPasswordAuthenticator cloned, NtlmPasswordAuthenticator toClone) {
        cloned.domain = toClone.domain;
        cloned.username = toClone.username;
        cloned.password = toClone.password != null ? toClone.password.clone() : null;
        cloned.type = toClone.type;
    }

    /**
     * Returns the domain.
     */
    @Override
    public String getUserDomain() {

    @Override
    protected byte[] getNTHash() {
        return this.ntHash;
    }

    @Override
    public NtlmPasswordAuthenticator clone() {
        final NtlmNtHashAuthenticator cloned = new NtlmNtHashAuthenticator(this.ntHash.clone());
        cloneInternal(cloned, this);
        return cloned;
    }

        return this.context;
    }

    @Override
    public NtlmPasswordAuthentication clone() {
        final NtlmPasswordAuthentication cloned = new NtlmPasswordAuthentication();
        cloneInternal(cloned, this);
        return cloned;
    }

    /**
     * Clone internal fields from one NtlmPasswordAuthentication to another.
     *

        assertEquals(original.getUsername(), cloned.getUsername());
        assertEquals(original.getPassword(), cloned.getPassword());

        // Verify password arrays are independent
        original.secureWipePassword();
        assertNull(original.getPassword());
        assertEquals("ClonePass123!", cloned.getPassword());
    }

    /**
     * Test authentication type guessing with secure password

        // Cast and check we can call clone() from CredentialsInternal contract
        CredentialsInternal ci = (CredentialsInternal) impl;
        CredentialsInternal cloned = ci.clone();
        assertNotNull(cloned, "clone() should return a non-null CredentialsInternal");
    }

   * for this call will not be included on the cloned call. If necessary you may manually copy over
   * specific tags by re-computing them:
   *
   * ```kotlin
   * val copy = original.clone()
   *
   * val myTag = original.tag(MyTag::class)
   * if (myTag != null) {
   *   copy.tag(MyTag::class) { myTag }
   * }
   * ```
   *
   * ```java
   * Call copy = original.clone();
   *

        MavenProject clonedProject = projectToClone.clone();
        assertEquals(projectToClone.getFile(), clonedProject.getFile(), "POM file is preserved across clone");
        assertEquals(
                projectToClone.getBasedir(), clonedProject.getBasedir(), "Base directory is preserved across clone");
    }

    @Test
    void testUndefinedOutputDirectory() throws Exception {

            orig.refresh();
            // Clone should retain its cached Subject
            assertSame(copySubj, copy.getSubject(), "Clone should retain its cached Subject");
        } else {
            // If JAAS is not configured and getSubject() returns null, verify cloning still works
            assertNull(first, "First call to getSubject() returned null - JAAS not configured");