if (StringUtil.isBlank(s) || Constants.NTLM.equals(s)) {
            s = AuthScope.ANY_SCHEME;
        }

        return new AuthScope(getHostname(), p, r, s);
    }

    private Credentials getCredentials() {
        if (StringUtil.isEmpty(getUsername())) {
            throw new CrawlerSystemException("username is empty.");
        }

        if (Constants.NTLM.equals(getProtocolScheme())) {

                buf.append(':');
                buf.append(port);
            }
            buf.append('/');
        }
        return buf.toString();
    }

    /**
     * Returns the NTLM password authentication.
     * @return The NTLM password authentication.
     */
    public NtlmPasswordAuthentication getAuthentication() {
        return new NtlmPasswordAuthentication(domain == null ? "" : domain, username, password);
    }

     * potential NTLM fallback (if the server does not support kerberos).
     *
     * @param subject
     *            represents the user who perform Kerberos authentication. Should at least contain a TGT for the user.
     * @param domain
     *            domain for NTLM fallback
     * @param username
     *            user for NTLM fallback
     * @param password

                if (currentAuthMethod.startsWith("NTLM")) {
                    if (currentAuthMethod.length() == 4) {
                        this.authMethod = "NTLM";
                        break;
                    }
                    if (currentAuthMethod.indexOf(' ') != 4) {
                        continue;
                    }
                    this.authMethod = "NTLM";

import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;

/**
 * Test suite for jcifs.https.Handler class.
 * Tests HTTPS URL stream handler functionality with NTLM authentication support.
 */
@DisplayName("HTTPS Handler Tests")
class HandlerTest {

    private Handler handler;

    @BeforeEach
    void setUp() {
        handler = new Handler(null);
    }

     * The NTLMSSP "preamble".
     */
    protected static final byte[] NTLMSSP_SIGNATURE =
            { (byte) 'N', (byte) 'T', (byte) 'L', (byte) 'M', (byte) 'S', (byte) 'S', (byte) 'P', (byte) 0 };

    /**
     * NTLM version
     */
    protected static final byte[] NTLMSSP_VERSION = { 6, 1, 0, 0, 0, 0, 0, 15 };

    /**
     * NTLMSSP Type 1 message identifier.
     */
    protected static final int NTLMSSP_TYPE1 = 0x1;

        }
        return new NtlmChallenge(trans.server.encryptionKey, dc);
    }

    /**
     * Retrieves an NTLM challenge from a domain controller for the configured domain.
     *
     * @return the NTLM challenge from the domain controller
     * @throws SmbException if an SMB error occurs
     * @throws UnknownHostException if the domain controller cannot be resolved
     */

        verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        verify(response).setHeader("WWW-Authenticate", "NTLM");
        verify(response).flushBuffer();
    }

    /**
     * Test doGet with NTLM authentication for directory listing
     * This test verifies the authentication flow without actual network operations
     */
    @Test

import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;

/**
 * Test suite for jcifs.smb1.https.Handler class.
 * Tests HTTPS URL stream handler functionality with NTLM authentication support.
 */
@DisplayName("SMB1 HTTPS Handler Tests")
class HandlerTest {

    private Handler handler;

    @BeforeEach
    void setUp() {
        handler = new Handler();
    }

- **Secure Key Management**: Proper key derivation and nonce generation

### Core Features
- **Per-context configuration**: No global state, each context encapsulates configuration
- **Authentication**: NTLM, Kerberos, SPNEGO unified subsystem
- **SLF4J Logging**: Comprehensive logging throughout the codebase
- **Resource Management**: AutoCloseable patterns for file handles and connections