/** Configuration key for allowing unsecure basic authentication. */
    protected static final String SPNEGO_ALLOW_UNSECURE_BASIC = "spnego.allow.unsecure.basic";

    /** Configuration key for allowing basic authentication. */
    protected static final String SPNEGO_ALLOW_BASIC = "spnego.allow.basic";

    /** Configuration key for pre-authentication password. */

    val request = response.request
    val url = request.url
    val proxyAuthorization = response.code == 407
    val proxy = route?.proxy ?: Proxy.NO_PROXY

    for (challenge in challenges) {
      if (!"Basic".equals(challenge.scheme, ignoreCase = true)) {
        continue
      }

      val dns = route?.address?.dns ?: defaultDns
      val auth =
        if (proxyAuthorization) {

    private String domainController;

    /** Flag to enable load balancing across domain controllers */
    private boolean loadBalance;

    /** Flag to enable basic authentication */
    private boolean enableBasic;

    /** Flag to allow insecure basic authentication */
    private boolean insecureBasic;

    /** The authentication realm */
    private String realm;

    /** The CIFS context for transport operations */

     */
    private byte[] createLargeBufferForContexts() {
        byte[] buffer = new byte[1024]; // Large enough for contexts

        // Copy basic structure
        byte[] basic = createBasicNegotiateResponseBuffer();
        System.arraycopy(basic, 0, buffer, 0, basic.length);

        return buffer;
    }

    /**
     * Creates a completely valid negotiate response buffer for positive testing.
     */

    url = server.url("/api/login?user=test_user&authentication=basic&password=confidential_password")
    val networkInterceptor =
      HttpLoggingInterceptor(networkLogs).setLevel(
        Level.BASIC,
      )
    networkInterceptor.redactQueryParams("user", "passWord")

    val applicationInterceptor =
      HttpLoggingInterceptor(applicationLogs).setLevel(
        Level.BASIC,
      )

    client_id: optional string. OAuth2 recommends sending the client_id and client_secret (if any)
        using HTTP Basic auth, as: client_id:client_secret
    client_secret: optional string. OAuth2 recommends sending the client_id and client_secret (if any)
        using HTTP Basic auth, as: client_id:client_secret
    """

    def __init__(
        self,
        grant_type: Annotated[
            str,

    }

    @Test
    void testGetScore() {
        NetworkInterfaceInfo basic = new NetworkInterfaceInfo(testAddress, 1000);
        assertEquals(1000, basic.getScore()); // Base score is link speed

        NetworkInterfaceInfo fast = new NetworkInterfaceInfo(testAddress, 10000);
        assertTrue(fast.getScore() > basic.getScore());
    }

    @Test
    void testCapabilitySettings() {

        filter.doFilter(request, response, filterChain);

        // Should only offer NTLM, not Basic auth
        verify(response).setHeader("WWW-Authenticate", "NTLM");
        verify(response, never()).addHeader(eq("WWW-Authenticate"), eq("Basic realm=\"TestRealm\""));
    }

    @Test
    void testDoFilter_ntlmType1Message() throws Exception {

            verify(session, never()).setAttribute(anyString(), any());
        }
    }

    /**
     * Test the service method with a valid Basic Authorization header.
     * Simulates a successful Basic authentication.
     * @throws ServletException
     * @throws IOException
     * @throws CIFSException
     */
    @Test
    void testService_BasicAuth_Success() throws Exception {

     * Default implementation delegates to the basic process method.
     *
     * @param target the document data to process
     * @param params the data store parameters
     * @return the processed document data
     */
    public Map<String, Object> process(final Map<String, Object> target, final DataStoreParams params) {
        return process(target);
    }

    /**