if (session.transport.server.security == SECURITY_SHARE && (session.auth.hashesExternal || session.auth.password.length() > 0)) {

            if (session.transport.server.encryptedPasswords) {
                // encrypted
                password = session.auth.getAnsiHash(session.transport.server.encryptionKey);
                passwordLength = password.length;

    void matchesBehavior() {
        // Two distinct auth instances
        NtlmPasswordAuthentication a1 = new NtlmPasswordAuthentication("DOM", "user", "pwd");
        NtlmPasswordAuthentication a2 = new NtlmPasswordAuthentication("DOM", "user", "pwd");
        SmbSession s1 = new SmbSession(addr, 445, inet, 0, a1);
        SmbSession s2 = new SmbSession(addr, 445, inet, 0, a2);
        // same auth instance => matches
        assertTrue(s1.matches(a1));

        DcerpcHandle handle = null;
        LsaPolicyHandle policyHandle = null;

        synchronized (sid_cache) {
            try {
                handle = DcerpcHandle.getHandle("ncacn_np:" + authorityServerName + "[\\PIPE\\lsarpc]", auth);
                String server = authorityServerName;

//     - http://docs.aws.amazon.com/AmazonS3/latest/dev/auth-request-sig-v2.html
// returns true if matches, false otherwise. if error is not nil then it is always false

func validateV2AuthHeader(r *http.Request) (auth.Credentials, APIErrorCode) {
	var cred auth.Credentials
	v2Auth := r.Header.Get(xhttp.Authorization)
	if v2Auth == "" {
		return cred, ErrAuthHeaderEmpty
	}

import requests
from botocore.client import Config
from flask import Flask, request

boto3.set_stream_logger('boto3.resources', logging.DEBUG)

authorize_url = "http://localhost:8080/auth/realms/minio/protocol/openid-connect/auth"
token_url = "http://localhost:8080/auth/realms/minio/protocol/openid-connect/token"

# callback url specified when the application was defined
callback_uri = "http://localhost:8000/oauth2/callback"

# keycloak id and secret

		authFields := strings.Split(strings.TrimSpace(v4Auth), ",")
		if len(authFields) != 3 {
			return auth.Credentials{}, false, ErrMissingFields
		}
		ch, s3Err = parseCredentialHeader(authFields[0], region, stype)
		if s3Err != ErrNone {
			return auth.Credentials{}, false, s3Err
		}
	}
	return checkKeyValid(r, ch.accessKey)
}

// parse credentialHeader string into its structured form.

        CIFSContext context = new BaseContext(new PropertyConfiguration(props));
        NtlmPasswordAuthentication auth = new NtlmPasswordAuthentication(context, "TEST_DOMAIN", "user", "pass");

        when(httpSession.getAttribute("NtlmHttpAuth")).thenReturn(auth);

        filter.doFilter(request, response, filterChain);

        verify(filterChain).doFilter(any(NtlmHttpServletRequest.class), eq(response));

        super();
    }

    /**
     * Adds an SMB authentication configuration to the holder.
     *
     * @param auth the SMB authentication configuration to add
     */
    public void add(final SmbAuthentication auth) {
        authMap.put(auth.getPathPrefix(), auth);
    }

    /**
        * Retrieves the SmbAuthentication associated with the given path.
        *
        * <p>

                this.creds = renewed;
                return true;
            }
        }
        final NtlmAuthenticator auth = NtlmAuthenticator.getDefault();
        if (auth != null) {
            final NtlmPasswordAuthenticator newAuth =
                    NtlmAuthenticator.requestNtlmPasswordAuthentication(auth, locationHint, error instanceof SmbAuthException s ? s : null);
            if (newAuth != null) {
                this.creds = newAuth;

     * @param pipeType the type of the pipe
     * @param auth the authentication credentials to use
     * @throws MalformedURLException if the URL is not properly formatted
     * @throws UnknownHostException if the host cannot be resolved
     */
    public SmbNamedPipe(final String url, final int pipeType, final NtlmPasswordAuthentication auth)
            throws MalformedURLException, UnknownHostException {