/**
 * @author shinsuke
 *
 */
public class SmbAuthenticationHolder {
    private final Map<String, SmbAuthentication> authMap = new HashMap<>();

    public void add(final SmbAuthentication auth) {
        authMap.put(auth.getPathPrefix(), auth);
    }

    public SmbAuthentication get(final String path) {
        if (path == null) {
            return null;
        }

import java.security.Key;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;

import javax.security.auth.Subject;
import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KeyTab;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;


@SuppressWarnings ( "javadoc" )
public class KerberosCredentials {

    private Subject subject;

* delegated authn/z: optionally opt-out of mandatory authn/authz kubeconfig ([#67545](https://github.com/kubernetes/kubernetes/pull/67545), [@sttts](https://github.com/sttts))

                auth.getUserSessionKey(transport.server.encryptionKey, macSigningKey, 0);
                System.arraycopy(auth.getUnicodeHash(transport.server.encryptionKey),
                            0, macSigningKey, 16, 24);
                break;
            case 3:
            case 4:
            case 5:
                macSigningKey = new byte[16];

        if( session.transport.server.security == SECURITY_SHARE &&
                        ( session.auth.hashesExternal ||
                        session.auth.password.length() > 0 )) {

            if( session.transport.server.encryptedPasswords ) {
                // encrypted
                password = session.auth.getAnsiHash( session.transport.server.encryptionKey );
                passwordLength = password.length;

 * governing permissions and limitations under the License.
 */
package org.codelibs.fess.crawler.client.http.impl;

import org.apache.http.auth.AuthScheme;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.Credentials;
import org.codelibs.fess.crawler.client.http.Authentication;

/**
 * @author shinsuke
 *
 */
public class AuthenticationImpl implements Authentication {

        props.put("jcifs.smb.client.password", "my-default-password");

        CIFSContext auth = new BaseContext(new PropertyConfiguration(props));
        assertTrue(auth.hasDefaultCredentials());
        assertTrue( auth.getCredentials() instanceof NtlmPasswordAuthenticator);

        NtlmPasswordAuthenticator pa = (NtlmPasswordAuthenticator) auth.getCredentials();

        assertEquals("my-domain", pa.getUserDomain());

//     - http://docs.aws.amazon.com/AmazonS3/latest/dev/auth-request-sig-v2.html
// returns true if matches, false otherwise. if error is not nil then it is always false

func validateV2AuthHeader(r *http.Request) (auth.Credentials, APIErrorCode) {
	var cred auth.Credentials
	v2Auth := r.Header.Get(xhttp.Authorization)
	if v2Auth == "" {
		return cred, ErrAuthHeaderEmpty
	}

}

type metricsV3Server struct {
	registry *prometheus.Registry
	opts     promhttp.HandlerOpts
	auth     func(http.Handler) http.Handler

	metricsData *metricsV3Collection
}

var (
	globalMetricsV3CollectorPaths []collectorPath
	globalMetricsV3Once           sync.Once
)

func newMetricsV3Server(auth func(h http.Handler) http.Handler) *metricsV3Server {
	registry := prometheus.NewRegistry()

	}
}

// ConnectWS returns a function that dials a websocket connection to the given address.
// Route and auth are added to the connection.
func ConnectWS(dial ContextDialer, auth AuthFn, tls *tls.Config) func(ctx context.Context, remote string) (net.Conn, error) {
	return ConnectWSWithRoutePath(dial, auth, tls, RoutePath)
}

// ValidateTokenFn must validate the token and return an error if it is invalid.