import jakarta.servlet.ServletContext;

/**
 * Base action class for admin pages in Fess.
 * <p>
 * This abstract class provides common functionality for all admin actions,
 * including authentication, authorization, and HTML data setup.
 * </p>
 *
 */
public abstract class FessAdminAction extends FessBaseAction {

    /** Constant suffix for view names. */
    public static final String VIEW = "-view";

     * however the username can be {@code null} indication anonymous
     * credentials were used (e.g. some IPC$ services).
     */

    /**
     * Returns the principal used for authentication
     *
     * @return the authentication principal
     */
    public Principal getPrincipal() {
        return auth;
    }

    /**
     * Returns the last component of the target URL. This will

     *
     * @param sessionKey
     *            the session key for signing
     * @param dialect
     *            the SMB2 dialect version
     * @param preauthIntegrityHash
     *            the pre-authentication integrity hash (for SMB 3.1.1)
     * @throws GeneralSecurityException
     *             if the signing algorithm cannot be initialized
     *
     */

import jcifs.Address;
import jcifs.CIFSContext;
import jcifs.Configuration;
import jcifs.DialectVersion;
import jcifs.internal.smb2.nego.Smb2NegotiateResponse;

/**
 * Test Pre-Authentication Integrity improvements
 */
@ExtendWith(MockitoExtension.class)
@MockitoSettings(strictness = Strictness.LENIENT)
public class PreauthIntegrityTest {

    @Mock
    private CIFSContext context;

    @Mock

        authenticator.setResponseForType(SsoResponseType.METADATA, metadataResponse);

        String logoutUrl = "https://sso.example.com/logout";
        authenticator.setLogoutUrl(logoutUrl);

        // Execute authentication flow
        LoginCredential loginResult = authenticator.getLoginCredential();
        assertNotNull(loginResult);

	// Settings specific to this transport.
	tr.ResponseHeaderTimeout = timeout
	return tr
}

// NewHTTPTransportWithClientCerts returns a new http configuration used for
// communicating with client cert authentication.
func (s ConnSettings) NewHTTPTransportWithClientCerts(ctx context.Context, clientCert, clientKey string) (*http.Transport, error) {
	transport := s.NewHTTPTransportWithTimeout(1 * time.Minute)

     *
     * @return the selectedCipher
     */
    public int getSelectedCipher() {
        return this.selectedCipher;
    }

    /**
     * Gets the pre-authentication integrity hash algorithm selected for SMB 3.1.1.
     *
     * @return the selectedPreauthHash
     */
    public int getSelectedPreauthHash() {
        return this.selectedPreauthHash;
    }

    /**

                // Reset hash on error to maintain integrity
                resetPreauthHash();
                throw new CIFSException("Pre-authentication integrity hash update failed", e);
            }
        }
    }

    /**
     * Reset the pre-authentication integrity hash to initial state.
     * This should be called on negotiation failures or security errors.
     */

var errSessionPolicyTooLarge = errors.New("Session policy should not exceed 2048 characters")

// error returned in SFTP when user used public key without certificate
var errSftpPublicKeyWithoutCert = errors.New("public key authentication without certificate is not accepted")

// error returned in SFTP when user used certificate which does not contain principal(s)

	ExecObjectLayerAPITest(ExecObjectLayerAPITestArgs{t: t, objAPITest: testBucketLifecycleHandlersWrongCredentials, endpoints: []string{"GetBucketLifecycle", "PutBucketLifecycle", "DeleteBucketLifecycle"}})
}

// Test for authentication
func testBucketLifecycleHandlersWrongCredentials(obj ObjectLayer, instanceType, bucketName string, apiRouter http.Handler,
	credentials auth.Credentials, t *testing.T,
) {
	// test cases with sample input and expected output.