final String[] arr = new String[4];
        final long expiration = System.currentTimeMillis() + Dfs.TTL * 1000;

        int di = 0;
        for (;;) {
            /* NTLM HTTP Authentication must be re-negotiated
             * with challenge from 'server' to access DFS vol. */
            dr.resolveHashes = auth.hashesExternal;
            dr.ttl = resp.referrals[di].ttl;

     */
    public static ThumbnailManager getThumbnailManager() {
        return getComponent(THUMBNAIL_MANAGER);
    }

    /**
     * Gets the authentication manager component.
     * @return The authentication manager.
     */
    public static AuthenticationManager getAuthenticationManager() {
        return getComponent(AUTHENTICATION_MANAGER);
    }

    /**

   *
   * * It may be transformed by the user's interceptors. For example, an application interceptor
   *   may add headers like `User-Agent`.
   * * It may be the request generated in response to an HTTP redirect or authentication
   *   challenge. In this case the request URL may be different than the initial request URL.
   *
   * Use the `request` of the [networkResponse] field to get the wire-level request that was

	filippo.io/edwards25519 v1.1.0 // indirect
	github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 // indirect
	github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect
	github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2 // indirect
	github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.27.0 // indirect
	github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.51.0 // indirect

 *  **HttpResponseCache has been renamed to Cache.** Install it with
    `OkHttpClient.setCache(...)` instead of `OkHttpClient.setResponseCache(...)`.

 *  **OkAuthenticator has been replaced with Authenticator.** This new
    authenticator has access to the full incoming response and can respond with
    whichever followup request is appropriate. The `Challenge` class is now a

        byte[] encrypted = storage.encryptCredentials(plaintext);

        // Tamper with the encrypted data
        encrypted[encrypted.length - 1] ^= 0xFF;

        // Should throw exception due to authentication tag failure
        assertThrows(GeneralSecurityException.class, () -> {
            storage.decryptCredentials(encrypted);
        }, "Should throw GeneralSecurityException when decrypting tampered data");

     *
     * @return the selectedCipher
     */
    public int getSelectedCipher() {
        return this.selectedCipher;
    }

    /**
     * Gets the pre-authentication integrity hash algorithm selected for SMB 3.1.1.
     *
     * @return the selectedPreauthHash
     */
    public int getSelectedPreauthHash() {
        return this.selectedPreauthHash;
    }

    /**

## Changelog since v1.5.5

### Other notable changes

  - Promoted the `ServiceAccountTokenPodNodeInfo` feature to GA, which adds the node name and uid as claims into service account tokens mounted into running pods, and embeds that information as `authentication.kubernetes.io/node-name` and `authentication.kubernetes.io/node-uid` user extra info when the token is used

        }
    }

    public void test_throwAndCatchAsFessSystemException() {
        // Test catching as parent exception type
        String type = "BasicAuth";
        String message = "Authentication failed";

        try {
            throw new InvalidAccessTokenException(type, message);
        } catch (FessSystemException e) {
            assertTrue(e instanceof InvalidAccessTokenException);