when(httpSession.getAttribute("NtlmHttpAuth")).thenReturn(null);

        filter.doFilter(request, response, filterChain);

        verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        verify(response).setHeader("WWW-Authenticate", "NTLM");
        verify(response).addHeader("WWW-Authenticate", "Basic realm=\"TestRealm\"");

        void testVerifySignatureSuccess() throws Exception {
            byte[] buffer = new byte[1024];
            echoResponse.setDigest(mockDigest);
            setStatus(echoResponse, NtStatus.NT_STATUS_SUCCESS);

            when(mockConfig.isRequireSecureNegotiate()).thenReturn(true);
            when(mockDigest.verify(buffer, 0, 100, 0, echoResponse)).thenReturn(false);

        // Verify
        assertNull(result, "Authentication result should be null");
        verify(mockResponse).setHeader("WWW-Authenticate", "NTLM");
        verify(mockResponse).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        verify(mockResponse).setContentLength(0);
        verify(mockResponse).flushBuffer();
    }

    /**

                // Mark response as received and set status = NT_STATUS_NO_SUCH_FILE
                setStatus(qr, NtStatus.NT_STATUS_NO_SUCH_FILE);
                qr.received();
                q.setResponse(qr);
                // Now emulate error thrown by transport for create chain

     * @param response the HTTP response
     * @throws IOException if an I/O error occurs
     */
    protected void sendBlockedResponse(final HttpServletResponse response) throws IOException {
        response.setStatus(HttpServletResponse.SC_FORBIDDEN);
        response.setContentType("application/json;charset=UTF-8");
        response.getWriter().write("{\"error\":\"ip_blocked\",\"message\":\"Access denied.\"}");
    }

    /**

        setStatus(response, NtStatus.NT_STATUS_NOTIFY_ENUM_DIR);
        assertFalse(response.isErrorResponseStatus());

        // Test with success status
        setStatus(response, NtStatus.NT_STATUS_SUCCESS);
        assertFalse(response.isErrorResponseStatus());

        // Test with error status
        setStatus(response, NtStatus.NT_STATUS_ACCESS_DENIED);

            }
        } else {
            resp.setHeader("WWW-Authenticate", "NTLM");
        }
        resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        resp.setContentLength(0);
        resp.flushBuffer();
        return null;
    }

                    response.addHeader("WWW-Authenticate", "Basic realm=\"" + realm + "\"");
                }
                response.setHeader("Connection", "close");
                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
                response.flushBuffer();
                return;
            }
            final HttpSession ssn = request.getSession();

                    response.addHeader("WWW-Authenticate", "Basic realm=\"" + this.realm + "\"");
                }
                response.setHeader("Connection", "close");
                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
                response.flushBuffer();
                return;
            }
            final HttpSession ssn = request.getSession();

                resp.setHeader("WWW-Authenticate", "NTLM");
                if (offerBasic) {
                    resp.addHeader("WWW-Authenticate", "Basic realm=\"" + realm + "\"");
                }
                resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
                resp.setContentLength(0); /* Marcel Feb-15-2005 */
                resp.flushBuffer();
                return null;
            }