assertFalse(config.isDisableSpnegoIntegrity());
        assertTrue(config.isEnforceSpnegoIntegrity());
        assertTrue(config.isSendNTLMTargetName());
        assertEquals("GUEST", config.getGuestUsername());
        assertEquals("", config.getGuestPassword());
        assertFalse(config.isAllowGuestFallback());
    }

    @Test
    @DisplayName("Test NetBIOS configuration getters")

            // MID checking not required here as we only read responses for which we're waiting
            // We only read what we were waiting for, so first guess would be no.
            final boolean verify = dgst.verify(buffer, i, size, 0, this);
            this.verifyFailed = verify;
            return !verify;
        }
        return true;
    }

### Timing Attacks { #timing-attacks }

But what's a "timing attack"?

Let's imagine some attackers are trying to guess the username and password.

And they send a request with a username `johndoe` and a password `love123`.

Then the Python code in your application would be equivalent to something like:

```Python

										class="fa fa-exclamation-triangle text-warning"
									></a></li>
							</c:if>
							<c:choose>
								<c:when test="${!empty username && username != 'guest'}">
									<li class="nav-item">
										<div class="dropdown">
											<a id="userMenu" class="nav-link dropdown-toggle" data-bs-toggle="dropdown"

                                "shared;/share/shared;no;no;no;all;" + USERNAME + ";all;all", "-g", "log level = 1", "-g",
                                "security = user", "-g", "map to guest = bad user")
                        .withLogConsumer(new Slf4jLogConsumer(LoggerFactory.getLogger(SmbFileIntegrationTest.class)))

 plugin parameters and anything else.

 We once had a document that Vincent and I agreed upon and I was about to
 implement it and then I disappeared for 8 months so it never came to pass.

 So I guess it's important to figure out what people are using properties
 files for and see if we can't incorporate it all into the POM. Or if we do
 have properties file (something I would like to avoid) say they don't

### 2. Configure WSO2

Once WSO2 is up and running, configure WSO2 to generate Self contained id_tokens. In OAuth 2.0 specification there are primarily two ways to provide id_tokens

1. The id_token is an identifier that is hard to guess. For example, a randomly generated string of sufficient length, that the server handling the protected resource can use to lookup the associated authorization information.

         * layer of fallback before consulting the system property, we could try
         * com.sun.security.auth.module.NTSystem.
         *
         * But for now, we use the value from the system property as our best guess.
         */
        return fromSystemProperty;
      } catch (InvocationTargetException e) {
        throwIfUnchecked(e.getCause()); // in case it's an Error or something

    // TODO(cpovirk): Consider using Object[] anyway.
    @SuppressWarnings("unchecked")
    E[] array = (E[]) elements.toArray();
    /*
     * For a Set, we guess that it contains no duplicates. That's just a guess for purpose of
     * sizing; if the Set uses different equality semantics, it might contain duplicates according
     * to equals(), and we will deduplicate those properly, albeit at some cost in allocations.

			return "", "", err
		}

		host = addr

		switch scheme {
		case "https":
			port = "443"
		case "http":
			port = "80"
		default:
			return "", "", errors.New("unable to guess port from scheme")
		}
	}

	return host, port, nil
}

// isLocalHost - checks if the given parameter
// correspond to one of the local IP of the
// current machine