/**
     * Return the comment header.
     *
     * @return the comment header
     */
    public List<String> getHeader() {
        return header;
    }

    /**
     * Set the comment header.
     *
     * @param header the header to use
     */
    public void setHeader(List<String> header) {
        this.header = header;
    }

    /**
     * Return the comment footer.
     *

            throw new UnsupportedOperationException();
        }

        @Override
        public String getHeader(String name) {
            throw new UnsupportedOperationException();
        }

        @Override
        public java.util.Enumeration<String> getHeaders(String name) {
            throw new UnsupportedOperationException();
        }

        @Override

        @Override
        public long getDateHeader(String name) {
            return 0;
        }

        @Override
        public String getHeader(String name) {
            return null;
        }

        @Override
        public java.util.Enumeration<String> getHeaders(String name) {
            return java.util.Collections.emptyEnumeration();
        }

        @Override

        when(request.getHeader("Authorization")).thenReturn(null);
        when(httpSession.getAttribute("NtlmHttpAuth")).thenReturn(null);

        filter.doFilter(request, response, filterChain);

        verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        verify(response).setHeader("WWW-Authenticate", "NTLM");

        ntlmServlet.init(servletConfig);
        when(request.getHeader("Authorization")).thenReturn(null);
        when(request.getSession(false)).thenReturn(null);
        lenient().when(request.isSecure()).thenReturn(true);

        ntlmServlet.service(request, response);

        verify(response).setHeader("WWW-Authenticate", "NTLM");

        // Setup: No "Authorization" header
        when(mockRequest.getHeader("Authorization")).thenReturn(null);

        // Execute
        NtlmPasswordAuthentication result = NtlmSsp.authenticate(mockCifsContext, mockRequest, mockResponse, challenge);

        // Verify
        assertNull(result, "Authentication result should be null");
        verify(mockResponse).setHeader("WWW-Authenticate", "NTLM");

        return LaRequestUtil.getOptionalRequest().map(req -> {
            for (final Tuple3<String, String, String> host : vHosts) {
                final String headerValue = req.getHeader(host.getValue1());
                if (host.getValue2().equalsIgnoreCase(headerValue)) {
                    return func.apply(host.getValue3());
                }
            }
            return defaultValue;

    public static NtlmPasswordAuthentication authenticate(final CIFSContext tc, final HttpServletRequest req,
            final HttpServletResponse resp, final byte[] challenge) throws IOException {
        String msg = req.getHeader("Authorization");
        if (msg != null && msg.startsWith("NTLM ")) {
            final byte[] src = Base64.decode(msg.substring(5));
            if (src[8] == 1) {

        // Only trust proxy headers if the request comes from a trusted proxy
        if (isTrustedProxy(remoteAddr)) {
            final String xForwardedFor = request.getHeader("X-Forwarded-For");
            if (StringUtil.isNotBlank(xForwardedFor)) {
                final String clientIp = xForwardedFor.split(",")[0].trim();
                if (logger.isDebugEnabled()) {

            throws IOException, ServletException {
        final HttpServletRequest httpRequest = (HttpServletRequest) request;
        final String origin = httpRequest.getHeader("Origin");
        if (StringUtil.isNotBlank(origin)) {
            if (logger.isDebugEnabled()) {
                logger.debug("HTTP Request: method={}", httpRequest.getMethod());
            }