- Promoted the `ServiceAccountTokenPodNodeInfo` feature to GA, which adds the node name and uid as claims into service account tokens mounted into running pods, and embeds that information as `authentication.kubernetes.io/node-name` and `authentication.kubernetes.io/node-uid` user extra info when the token is used

   *
   *  * For redirects (301: Moved Permanently, 302: Temporary Redirect, etc.)
   *  * For auth challenges (401: Unauthorized, 407: Proxy Authentication Required.)
   *  * For client timeouts (408: Request Time-Out.)
   *  * For server failures (503: Service Unavailable.)
   *
   * Response header values like `Location` and `Retry-After` are also considered.
   *

import java.io.IOException;
import java.util.Date;

import jcifs.smb.SID;

/**
 * Contains user logon information from a PAC (Privilege Attribute Certificate).
 * This class parses and provides access to user authentication and authorization
 * data from Kerberos tickets, including user identity, group memberships, and
 * logon metadata.
 */
public class PacLogonInfo {

    private Date logonTime;
    private Date logoffTime;

          <name>servers</name>
          <version>1.0.0+</version>
          <description>
            Configuration of server-specific settings, mainly authentication
            method. This allows configuration of authentication on a per-server
            basis.
          </description>
          <association>
            <type>Server</type>
            <multiplicity>*</multiplicity>

## Changelog since v1.5.5

### Other notable changes

    public void tearDown() {
        if (rateLimiter != null) {
            rateLimiter.close();
        }
    }

    @Test
    public void testNormalAuthentication() throws Exception {
        // Normal authentication should be allowed
        assertTrue(rateLimiter.checkAttempt("user1", "192.168.1.1"), "First attempt should be allowed");

        // Record success
        rateLimiter.recordSuccess("user1", "192.168.1.1");

        Integer port = sambaContainer.getMappedPort(SMB_PORT);
        baseUrl = "smb://" + host + ":" + port + "/";

        log.info("Samba container started - Base URL: {}", baseUrl);

        // Create authentication context - try guest auth first for broader compatibility
        try {
            NtlmPasswordAuthentication auth = new NtlmPasswordAuthentication(SingletonContext.getInstance(), WORKGROUP, USERNAME, PASSWORD);

### API Change

- '`kube-apiserver`: adds `--authentication-config` flag for reading `AuthenticationConfiguration`
  files. `--authentication-config` flag is mutually exclusive with the existing `--oidc-*`
  flags.' ([#119142](https://github.com/kubernetes/kubernetes/pull/119142), [@aramase](https://github.com/aramase))

			},
			{
				Description: MetricDescription{
					Namespace: nodeMetricNamespace,
					Subsystem: iamSubsystem,
					Name:      "plugin_authn_service_last_succ_seconds",
					Help:      "When plugin authentication is configured, returns time (in seconds) since the last successful request to the service",
					Type:      gaugeMetric,
				},
				Value: pluginAuthNMetrics.LastReachableSecs,
			},
			{

        assertEquals(300L, config.getDfsTtl());
        assertFalse(config.isDfsConvertToFQDN());
        assertNull(config.getLogonShare());
    }

    @Test
    @DisplayName("Test authentication configuration getters")
    void testAuthenticationConfigurationGetters() {
        assertNull(config.getDefaultDomain());
        assertNull(config.getDefaultUsername());
        assertNull(config.getDefaultPassword());