resp.setContentType("text/html");
            }
        };

        networkExplorer.init(servletConfig);

        // Setup authentication
        NtlmPasswordAuthentication auth = new NtlmPasswordAuthentication(SingletonContext.getInstance(), "DOMAIN", "user", "pass");
        when(session.getAttribute("npa-workgroup")).thenReturn(auth);
        when(request.getPathInfo()).thenReturn("/workgroup/server/share/");

        Properties props = new Properties();
        props.setProperty("jcifs.smb.client.domain", "TEST_DOMAIN");
        CIFSContext context = new BaseContext(new PropertyConfiguration(props));
        NtlmPasswordAuthentication auth = new NtlmPasswordAuthentication(context, "TEST_DOMAIN", "user", "pass");

        when(httpSession.getAttribute("NtlmHttpAuth")).thenReturn(auth);

        filter.doFilter(request, response, filterChain);

        capabilities = session.transport.capabilities;

        if (session.transport.server.security == SECURITY_USER) {
            if (cred instanceof final NtlmPasswordAuthentication auth) {
                if (auth == NtlmPasswordAuthentication.ANONYMOUS) {
                    lmHash = new byte[0];
                    ntHash = new byte[0];
                    capabilities &= ~SmbConstants.CAP_EXTENDED_SECURITY;

            }
            final SID[] sids = new SID[rpc.sids.num_sids];

            final String origin_server = handle.getServer();
            final NtlmPasswordAuthentication origin_auth = (NtlmPasswordAuthentication) handle.getPrincipal();

            for (int i = 0; i < sids.length; i++) {
                sids[i] = new SID(rpc.sids.sids[i].sid, 0, null, null, false);

     * @param url the URL that requires authentication
     * @param sae the authentication exception that was thrown
     * @return credentials returned by prompt or null if none available
     */

    public static NtlmPasswordAuthentication requestNtlmPasswordAuthentication(final String url, final SmbAuthException sae) {
        if (auth == null) {
            return null;
        }
        synchronized (auth) {
            auth.url = url;

     * @throws ServletException if a servlet error occurs
     */
    protected NtlmPasswordAuthentication negotiate(final HttpServletRequest req, final HttpServletResponse resp,
            final boolean skipAuthentication) throws IOException, ServletException {
        Address dc;
        String msg;
        NtlmPasswordAuthentication ntlm = null;
        msg = req.getHeader("Authorization");

                // NTLMv1 w/ NTLM2 session sec and key exch all been verified with a debug build of smbclient

                final byte[] responseKeyNT = NtlmPasswordAuthentication.nTOWFv1(password);
                final byte[] ntlm2Response =
                        NtlmPasswordAuthentication.getNTLM2Response(responseKeyNT, type2.getChallenge(), clientChallenge);

                setLMResponse(clientChallenge);

     * @return a map of trusted domain names to domain controllers
     * @throws SmbAuthException if authentication fails
     */
    public HashMap getTrustedDomains(final NtlmPasswordAuthentication auth) throws SmbAuthException {
        if (DISABLED || auth.domain == "?") {
            return null;
        }

        if (_domains != null && System.currentTimeMillis() > _domains.expiration) {

        when(mockConnection.getURL()).thenReturn(mockUrl);
        when(mockConnection.getRequestProperties()).thenReturn(new HashMap<>());

        // Mock CIFSContext behavior
        NtlmPasswordAuthentication creds = new NtlmPasswordAuthentication(
                new BaseContext(new PropertyConfiguration(System.getProperties())), "domain", "user", "password");
        when(mockCifsContext.getCredentials()).thenReturn(creds);

import jcifs.CIFSContext;
import jcifs.CIFSException;
import jcifs.Config;
import jcifs.config.PropertyConfiguration;
import jcifs.context.BaseContext;
import jcifs.netbios.UniAddress;
import jcifs.smb.NtlmPasswordAuthentication;
import jcifs.smb.SmbAuthException;

/**
 * This servlet may be used with pre-2.3 servlet containers
 * to protect content with NTLM HTTP Authentication. Servlets that