// Patterns for sensitive data - compiled once and cached
    private static final Pattern PASSWORD_PATTERN = Pattern.compile(
            "(?i)(password|passwd|pwd|secret|token|key|credential|auth)([\"']?\\s*[:=]\\s*[\"']?)([^\"',\\s]+)", Pattern.CASE_INSENSITIVE);

    private static final Pattern IP_PATTERN = Pattern.compile("\\b(?:[0-9]{1,3}\\.){3}[0-9]{1,3}\\b");

    /** The key of the message: Current Password */
    public static final String LABELS_OLD_PASSWORD = "{labels.oldPassword}";

    /** The key of the message: New Password */
    public static final String LABELS_NEW_PASSWORD = "{labels.newPassword}";

    /** The key of the message: New Password (Confirm) */

            lastDeletedUser = user;
        }

        @Override
        public boolean changePassword(String username, String password) {
            changePasswordCallCount++;
            lastChangePasswordUsername = username;
            lastChangePasswordPassword = password;
            return changePasswordResult;
        }

        @Override
        public User load(User user) {

        * `clientCredentials`— облікові дані клієнта
        * `authorizationCode` — код авторизації
    * Але є один окремий «потік», який ідеально підходить для реалізації автентифікації всередині одного додатку:
        * `password`: у наступних розділах буде приклад використання цього потоку.
* `openIdConnect`: дозволяє автоматично виявляти параметри автентифікації OAuth2.
    * Це автоматичне виявлення визначається у специфікації OpenID Connect.

	typedef struct {
		[string] wchar_t *netname;
		int type;
		[string] wchar_t *remark;
		uint32_t permissions;
		uint32_t max_uses;
		uint32_t current_uses;
		[string] wchar_t *path;
		[string] wchar_t *password;
		uint32_t sd_size;
		[size_is(sd_size)] uint8_t *security_descriptor;
	} ShareInfo502;

	typedef struct {
		int count;
		[size_is(count)] ShareInfo502 *array;
	} ShareInfoCtr502;

If a client tries to send some extra data, they will receive an **error** response.

For example, if the client tries to send the form fields:

* `username`: `Rick`
* `password`: `Portal Gun`
* `extra`: `Mr. Poopybutthole`

They will receive an error response telling them that the field `extra` is not allowed:

```json
{
    "detail": [
        {

        return requestNtlmPasswordAuthentication(auth, url, sae);
    }

    /**
     * Requests NTLM password authentication using the specified authenticator.
     * @param a the authenticator to use for retrieving credentials
     * @param url the URL that requires authentication

        assertFalse(useRawNTLM, "Should delegate raw NTLM setting");
        assertTrue(disablePlainTextPasswords, "Should delegate plain text password setting");
        assertEquals("GUEST", guestUsername, "Should delegate guest username");
        assertEquals("", guestPassword, "Should delegate guest password");
        assertFalse(allowGuestFallback, "Should delegate guest fallback setting");

        verify(mockDelegate).getLanManCompatibility();

    protected static final String SPNEGO_ALLOW_BASIC = "spnego.allow.basic";

    /** Configuration key for pre-authentication password. */
    protected static final String SPNEGO_PREAUTH_PASSWORD = "spnego.preauth.password";

    /** Configuration key for pre-authentication username. */
    protected static final String SPNEGO_PREAUTH_USERNAME = "spnego.preauth.username";

import jcifs.ntlmssp.Type3Message;
import jcifs.smb.NtlmPasswordAuthentication;

/**
 * This class is used internally by {@code NtlmHttpFilter},
 * {@code NtlmServlet}, and {@code NetworkExplorer} to negotiate password
 * hashes via NTLM SSP with MSIE. It might also be used directly by servlet
 * containers to incorporate similar functionality.
 * <p>
 * How NTLMSSP is used in conjunction with HTTP and MSIE clients is