import jcifs.CIFSException;

/**
 * Security Support Provider (SSP) context.
 *
 * This interface provides context for security support provider
 * operations during SMB authentication.
 *
 * @author mbechler
 */
public interface SSPContext {

    /**
     * Gets the signing key for the session.
     * @return the signing key for the session

        // Should be an error status (0xC prefix)
        assertTrue((status & (int) 0xC0000000L) == (int) 0xC0000000L);
    }

    @Test
    @DisplayName("Should handle authentication failure status")
    void testAuthenticationFailureStatus() {
        // Given
        int status = NtStatus.NT_STATUS_LOGON_FAILURE;

        // When/Then
        assertEquals((int) 0xC000006DL, status);

      }
    }
    return new MacHasher(getMac(prototype.getAlgorithm(), key));
  }

  @Override
  public String toString() {
    return toString;
  }

  /** Hasher that updates a {@link Mac} (message authentication code). */
  private static final class MacHasher extends AbstractByteHasher {
    private final Mac mac;
    private boolean done;

    private MacHasher(Mac mac) {
      this.mac = mac;
    }

```
export MINIO_ETCD_ENDPOINTS=http://localhost:2379
minio server /data
```

NOTE: If `etcd` is configured with `Client-to-server authentication with HTTPS client certificates` then you need to use additional envs such as `MINIO_ETCD_CLIENT_CERT` pointing to path to `etcd-client.crt` and `MINIO_ETCD_CLIENT_CERT_KEY` path to `etcd-client.key` .

### 4. Test with MinIO STS API

import jcifs.internal.smb2.ServerMessageBlock2Response;
import jcifs.internal.util.SMBUtil;
import jcifs.smb.NtStatus;

/**
 * SMB2 Session Setup response message. This response contains the server's authentication
 * challenge or confirms successful session establishment.
 *
 * @author mbechler
 *
 */
public class Smb2SessionSetupResponse extends ServerMessageBlock2Response {

    /**

        super();
    }

    /**
     * Behavior class for web configuration operations.
     */
    @Resource
    protected WebConfigBhv webConfigBhv;

    /**
     * Behavior class for web authentication operations.
     */
    @Resource
    protected WebAuthenticationBhv webAuthenticationBhv;

    /**
     * Behavior class for request header operations.
     */
    @Resource

import org.bouncycastle.asn1.DERBitString;

import jcifs.pac.ASN1Util;
import jcifs.pac.PACDecodingException;

/**
 * Represents a Kerberos AP-REQ (Application Request) message.
 * This class parses and contains the authentication request sent from a client to a server.
 */
public class KerberosApRequest {

    private byte apOptions;
    private KerberosTicket ticket;

    /**
     * Creates a Kerberos AP request from a token.

import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;

/**
 * Test suite for jcifs.smb1.https.Handler class.
 * Tests HTTPS URL stream handler functionality with NTLM authentication support.
 */
@DisplayName("SMB1 HTTPS Handler Tests")
class HandlerTest {

    private Handler handler;

    @BeforeEach
    void setUp() {
        handler = new Handler();
    }

    @Nested

            | NtlmFlags.NTLMSSP_NEGOTIATE_NTLM | NtlmFlags.NTLMSSP_NEGOTIATE_ALWAYS_SIGN | NtlmFlags.NTLMSSP_REQUEST_TARGET;

    /** The CIFS context for NTLM authentication. */
    protected BaseContext cifsContext;

    /**
     * Constructs a JcifsEngine with the specified properties.
     *
     * @param props the properties for configuring the CIFS context

	if debugPrint {
		fmt.Printf("handler: Got Connect Req %+v\n", cReq)
	}
	writeErr(remote.handleIncoming(ctx, conn, cReq))
}

// AuthFn should provide an authentication string for the given aud.
type AuthFn func() string

// ValidateAuthFn should check authentication for the given aud.
type ValidateAuthFn func(auth string) string

// Connection will return the connection for the specified host.