}
    ```

 *  New: `MediaType.parameter()` gets a parameter like `boundary` from a media type like
    `multipart/mixed; boundary="abc"`.

 *  New: `Authenticator.JAVA_NET_AUTHENTICATOR` forwards authentication requests to
    `java.net.Authenticator`. This obsoletes `JavaNetAuthenticator` in the `okhttp-urlconnection`
    module.

 *  New: `CertificatePinner` now offers an API for inspecting the configured pins.

     * @param targetHost the target host
     * @param root the DFS root
     * @param path the DFS path
     * @return the DFS referral data or null if not found
     * @throws SmbAuthException if authentication fails
     */
    protected DfsReferralDataInternal getReferral(final CIFSContext tf, final SmbTransportInternal trans, final String target,

  - `--address`
  The insecure port flags `--port` may only be set to 0 now.
  
  In addtion, please be careful that:
  - controller-manager MUST start with `--authorization-kubeconfig` and `--authentication-kubeconfig` correctly set to get authentication/authorization working.
  - liveness/readiness probes to controller-manager MUST use HTTPS now, and the default port has been changed to 10257.

- `system:kube-controller-manager` and `system:kube-scheduler` users are now permitted to perform delegated authentication/authorization checks by default RBAC policy ([#72491](https://github.com/kubernetes/kubernetes/pull/72491), [@liggitt](https://github.com/liggitt))

import jcifs.CIFSContext;
import jcifs.Configuration;
import jcifs.NameServiceClient;
import jcifs.NetbiosAddress;
import jcifs.util.Hexdump;

/**
 * Comprehensive test suite for Type2Message NTLM authentication message.
 * Tests all constructors, parsing, and serialization functionality.
 */
@DisplayName("Type2Message Comprehensive Tests")
class Type2MessageTest {

* A very powerful and easy to use **<dfn title="also known as components, resources, providers, services, injectables">Dependency Injection</dfn>** system.
* Security and authentication, including support for **OAuth2** with **JWT tokens** and **HTTP Basic** auth.
* More advanced (but equally easy) techniques for declaring **deeply nested JSON models** (thanks to Pydantic).

* A very powerful and easy to use **<dfn title="also known as components, resources, providers, services, injectables">Dependency Injection</dfn>** system.
* Security and authentication, including support for **OAuth2** with **JWT tokens** and **HTTP Basic** auth.
* More advanced (but equally easy) techniques for declaring **deeply nested JSON models** (thanks to Pydantic).

        if (e instanceof SmbException) {
            SmbException se = (SmbException) e;
            int status = se.getNtStatus();
            // Retry on network-related errors but not on authentication or access errors
            return status == NtStatus.NT_STATUS_CONNECTION_REFUSED || status == NtStatus.NT_STATUS_NETWORK_NAME_DELETED
                    || status == NtStatus.NT_STATUS_BAD_NETWORK_NAME;
        }

* PodSecurityPolicies can now specify a whitelist of allowed paths for host volumes. ([#50212](https://github.com/kubernetes/kubernetes/pull/50212), [@jhorwit2](https://github.com/jhorwit2))

* API server authentication now caches successful bearer token authentication results for a few seconds. ([#50258](https://github.com/kubernetes/kubernetes/pull/50258), [@liggitt](https://github.com/liggitt))

### API Change

- '`kube-apiserver`: adds `--authentication-config` flag for reading `AuthenticationConfiguration`
  files. `--authentication-config` flag is mutually exclusive with the existing `--oidc-*`
  flags.' ([#119142](https://github.com/kubernetes/kubernetes/pull/119142), [@aramase](https://github.com/aramase))