import jcifs.internal.smb2.ServerMessageBlock2Response;
import jcifs.internal.util.SMBUtil;
import jcifs.smb.NtStatus;

/**
 * SMB2 Session Setup response message. This response contains the server's authentication
 * challenge or confirms successful session establishment.
 *
 * @author mbechler
 *
 */
public class Smb2SessionSetupResponse extends ServerMessageBlock2Response {

    /**

        if (StringUtil.isEmpty(getUsername())) {
            throw new CrawlerSystemException(
                    "Username is empty in WebAuthentication configuration. A valid username must be provided for authentication.");
        }

        final WebAuthenticationConfig config = new WebAuthenticationConfig();

        // host/port/realm: only set if not blank (null means "any" - AuthScope.ANY equivalent)

     *            the client capabilities
     * @param previousSessionid
     *            the previous session ID for reconnection (or 0 for new session)
     * @param token
     *            the security token for authentication
     */
    public Smb2SessionSetupRequest(final CIFSContext context, final int securityMode, final int capabilities, final long previousSessionid,
            final byte[] token) {

	if debugPrint {
		fmt.Printf("handler: Got Connect Req %+v\n", cReq)
	}
	writeErr(remote.handleIncoming(ctx, conn, cReq))
}

// AuthFn should provide an authentication string for the given aud.
type AuthFn func() string

// ValidateAuthFn should check authentication for the given aud.
type ValidateAuthFn func(auth string) string

// Connection will return the connection for the specified host.

    ones that are no longer necessary.

 *  **OkHttp no longer uses the global `java.net.Authenticator` by default.**
    We've changed our `Authenticator` interface to authenticate web and proxy
    authentication failures through a single method. An adapter for the old
    authenticator is available in the `okhttp-urlconnection` module.

Use `Response.challenges()` to get the schemes and realms of any authentication challenges. When fulfilling a `Basic` challenge, use `Credentials.basic(username, password)` to encode the request header.

=== ":material-language-kotlin: Kotlin"
    ```kotlin
      private val client = OkHttpClient.Builder()
          .authenticator(object : Authenticator {
            @Throws(IOException::class)

        super();
    }

    /**
     * Behavior class for web configuration operations.
     */
    @Resource
    protected WebConfigBhv webConfigBhv;

    /**
     * Behavior class for web authentication operations.
     */
    @Resource
    protected WebAuthenticationBhv webAuthenticationBhv;

    /**
     * Behavior class for request header operations.
     */
    @Resource

			CipherSuites:             crypto.TLSCiphersBackwardCompatible(),
			CurvePreferences:         crypto.TLSCurveIDs(),
		}
		// This is only to support client side certificate authentication
		// https://coreos.com/etcd/docs/latest/op-guide/security.html
		etcdClientCertFile := env.Get(EnvEtcdClientCert, kvs.Get(ClientCert))
		etcdClientCertKey := env.Get(EnvEtcdClientCertKey, kvs.Get(ClientCertKey))

        resp.received = true;

        session.transport(); // initialise transport

        // Mock the sessionSetup behavior to avoid actual network calls
        // The sessionSetup method would normally send authentication messages
        // Only mark the sessionSetup response as received, not the actual request/response
        doAnswer(invocation -> {
            ServerMessageBlock request = invocation.getArgument(0);

     * @return a child context using using the given credentials
     */
    CIFSContext withCredentials(Credentials creds);

    /**
     * Attempt to renew credentials after authentication failure
     *
     * @param locationHint URL or location hint for credential renewal
     * @param error the error that triggered renewal
     * @return whether new credentials are obtained
     */