* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */

package jcifs.spnego;

import java.io.IOException;

/**
 * Abstract base class for SPNEGO authentication tokens used in GSS-API negotiation
 */
public abstract class SpnegoToken {

    /**
     * Protected constructor for SPNEGO token implementations.
     */
    protected SpnegoToken() {
    }

import jcifs.internal.smb2.ServerMessageBlock2Response;
import jcifs.internal.util.SMBUtil;
import jcifs.smb.NtStatus;

/**
 * SMB2 Session Setup response message. This response contains the server's authentication
 * challenge or confirms successful session establishment.
 *
 * @author mbechler
 *
 */
public class Smb2SessionSetupResponse extends ServerMessageBlock2Response {

    /**

        assertFalse(exception.isAuthenticationError());
        assertFalse(exception.isFileSystemError());
        assertFalse(exception.isTransientError());

        // Authentication error
        exception = new SmbOperationException(SmbOperationException.ErrorCode.INVALID_CREDENTIALS, "Bad password");
        assertFalse(exception.isNetworkError());
        assertTrue(exception.isAuthenticationError());

in handling your report.

Please, provide a detailed explanation of the issue. In particular, outline the type of the security
issue (DoS, authentication bypass, information disclose, ...) and the assumptions you're making (e.g. do
you need access credentials for a successful exploit).

labels.menu_label_type=Label
labels.menu_key_match=Key Match
labels.menu_boost_document_rule=Document Boost
labels.menu_path_mapping=Path Mapping
labels.menu_web_authentication=Web Authentication
labels.menu_file_authentication=File Authentication
labels.menu_request_header=Request Header
labels.menu_duplicate_host=Duplicate Host
labels.menu_user=User
labels.menu_role=Role
labels.menu_group=Group
labels.menu_suggest=Suggest

        authenticator.setResponseForType(SsoResponseType.METADATA, metadataResponse);

        String logoutUrl = "https://sso.example.com/logout";
        authenticator.setLogoutUrl(logoutUrl);

        // Execute authentication flow
        LoginCredential loginResult = authenticator.getLoginCredential();
        assertNotNull(loginResult);

     * @return a child context using using the given credentials
     */
    CIFSContext withCredentials(Credentials creds);

    /**
     * Attempt to renew credentials after authentication failure
     *
     * @param locationHint URL or location hint for credential renewal
     * @param error the error that triggered renewal
     * @return whether new credentials are obtained
     */

import kotlin.text.Charsets.ISO_8859_1
import okhttp3.internal.unmodifiable

/**
 * An [RFC 7235][rfc_7235] challenge.
 *
 * [rfc_7235]: https://tools.ietf.org/html/rfc7235
 */
class Challenge(
  /** Returns the authentication scheme, like `Basic`. */
  @get:JvmName("scheme") val scheme: String,
  authParams: Map<String?, String>,
) {
  /**
   * Returns the auth params, including [realm] and [charset] if present, but as

import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.BERTags;

import jcifs.pac.ASN1Util;
import jcifs.pac.PACDecodingException;

/**
 * Represents a Kerberos authentication token.
 */
public class KerberosToken {

    private KerberosApRequest apRequest;

    /**
     * Constructs a KerberosToken from token bytes.
     *
     * @param token the token bytes

import jakarta.servlet.ServletContext;

/**
 * Base action class for admin pages in Fess.
 * <p>
 * This abstract class provides common functionality for all admin actions,
 * including authentication, authorization, and HTML data setup.
 * </p>
 *
 */
public abstract class FessAdminAction extends FessBaseAction {

    /** Constant suffix for view names. */
    public static final String VIEW = "-view";