when(request.getHeader("Authorization")).thenReturn(null);
        when(httpSession.getAttribute("NtlmHttpAuth")).thenReturn(null);

        filter.doFilter(request, response, filterChain);

        verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        verify(response).setHeader("WWW-Authenticate", "NTLM");

        ntlmServlet.init(servletConfig);
        when(request.getHeader("Authorization")).thenReturn(null);
        when(request.getSession(false)).thenReturn(null);
        lenient().when(request.isSecure()).thenReturn(true);

        ntlmServlet.service(request, response);

        verify(response).setHeader("WWW-Authenticate", "NTLM");

        // Setup: No "Authorization" header
        when(mockRequest.getHeader("Authorization")).thenReturn(null);

        // Execute
        NtlmPasswordAuthentication result = NtlmSsp.authenticate(mockCifsContext, mockRequest, mockResponse, challenge);

        // Verify
        assertNull(result, "Authentication result should be null");
        verify(mockResponse).setHeader("WWW-Authenticate", "NTLM");

    public static NtlmPasswordAuthentication authenticate(final CIFSContext tc, final HttpServletRequest req,
            final HttpServletResponse resp, final byte[] challenge) throws IOException {
        String msg = req.getHeader("Authorization");
        if (msg != null && msg.startsWith("NTLM ")) {
            final byte[] src = Base64.decode(msg.substring(5));
            if (src[8] == 1) {

            throws IOException, ServletException {
        final HttpServletRequest httpRequest = (HttpServletRequest) request;
        final String origin = httpRequest.getHeader("Origin");
        if (StringUtil.isNotBlank(origin)) {
            if (logger.isDebugEnabled()) {
                logger.debug("HTTP Request: method={}", httpRequest.getMethod());
            }

     */
    public static NtlmPasswordAuthentication authenticate(final HttpServletRequest req, final HttpServletResponse resp,
            final byte[] challenge) throws IOException, ServletException {
        String msg = req.getHeader("Authorization");
        if (msg != null && msg.startsWith("NTLM ")) {
            final byte[] src = Base64.decode(msg.substring(5));
            if (src[8] == 1) {

                SmbSession.logon(dc, ntlm);
            } catch (final SmbAuthException sae) {
                response.setHeader("WWW-Authenticate", "NTLM");
                if (offerBasic) {
                    response.addHeader("WWW-Authenticate", "Basic realm=\"" + realm + "\"");
                }
                response.setHeader("Connection", "close");
                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);

        initializeNetworkExplorer(false, "jCIFS");

        when(request.getHeader("Authorization")).thenReturn(null);

        networkExplorer.doGet(request, response);

        verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        verify(response).setHeader("WWW-Authenticate", "NTLM");
        verify(response).flushBuffer();
    }

    /**

            } catch (final SmbAuthException sae) {
                response.setHeader("WWW-Authenticate", "NTLM");
                if (offerBasic) {
                    response.addHeader("WWW-Authenticate", "Basic realm=\"" + this.realm + "\"");
                }
                response.setHeader("Connection", "close");
                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);

        }

        if (SingletonLaContainerFactory.getExternalContext().getRequest() != null) {
            return LaRequestUtil.getOptionalRequest().map(request -> {
                final String userAgent = request.getHeader("user-agent");
                if (StringUtil.isBlank(userAgent)) {
                    return false;
                }

                return pathMapping.getUAMatcher(userAgent).find();