}

    /**
     * Create username/password credentials with specified domain using secure char array
     *
     * @param domain the domain for authentication
     * @param username the username for authentication
     * @param password the password for authentication (secure char array)
     */
    public NtlmPasswordAuthenticator(String domain, String username, char[] password) {

        // We can't directly test if password is wiped since auth is out of scope,
        // but the close() method should have been called
    }

    /**
     * Test secure memory clearing in close()
     */
    @Test
    @DisplayName("Test secure memory clearing on close")
    public void testCloseSecurelyClearsMemory() {
        char[] testPassword = "CloseTestPass123!".toCharArray();

    }

    /**
     * Determines whether the user identification cookie should be marked as secure.
     * Checks the configured secure setting or examines request headers to detect HTTPS.
     *
     * @return true if the cookie should be secure, false otherwise
     */
    protected boolean isSecureCookie() {
        if (cookieSecure != null) {
            return cookieSecure;

            log.debug("Secure negotiation does not apply");
            return;
        }

        final Smb2NegotiateResponse nego = (Smb2NegotiateResponse) trans.getNegotiateResponse();
        if (nego.getSelectedDialect().atLeast(DialectVersion.SMB311)) {
            // have preauth integrity instead
            log.debug("Secure negotiation does not apply, is SMB3.1");
            return;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * Secure credential storage with encryption at rest.
 *
 * Provides secure storage of passwords and other sensitive credentials
 * using AES-GCM encryption with PBKDF2 key derivation.
 *
 * Features:
 * - Encrypts credentials at rest using AES-256-GCM
 * - Uses PBKDF2 for key derivation from master password
 * - Secure wiping of sensitive data
 * - Thread-safe operations

#                                                     Tomcat
#                                                     ------
tomcat.URIEncoding = UTF-8
tomcat.useBodyEncodingForURI = true
#tomcat.secure=false
#tomcat.scheme=http
#tomcat.bindAddress=127.0.0.1
#tomcat.proxyPort=

     * Determines if the search parameter cookie should be secure based on configuration and request.
     *
     * @param request The HTTP request
     * @return true if the cookie should have the secure flag set
     */
    protected boolean isSearchParameterCookieSecure(final HttpServletRequest request) {
        final FessConfig fessConfig = ComponentUtil.getFessConfig();
        final String secure = fessConfig.getCookieSearchParameterSecure();

     */
    public static final String ISO_DATETIME_FORMAT = "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'";

    /**
     * The feature for secure processing in XML.
     */
    public static final String FEATURE_SECURE_PROCESSING = "http://javax.xml.XMLConstants/feature/secure-processing";

    /**
     * The feature for external general entities in XML.
     */

import javax.security.auth.Destroyable;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * Secure key management for SMB encryption.
 * Provides centralized management of encryption keys with secure storage and cleanup.
 *
 * Features:
 * - Secure key storage with optional KeyStore integration
 * - Automatic key cleanup on close
 * - Thread-safe key management
 * - Key derivation utilities

        this(new SecureRandom(), DEFAULT_HASH_ALGORITHM, true);
    }

    /**
     * Constructs a PreauthIntegrityService with specified configuration.
     *
     * @param secureRandom the secure random generator
     * @param hashAlgorithm the hash algorithm to use
     * @param enforceIntegrity whether to enforce integrity checks
     */