@Test
 public void testNoChallengeGET() throws IOException, ServletException {
   SimpleHttpRequest request = new SimpleHttpRequest();
   request.setMethod("GET");
   SimpleHttpResponse response = new SimpleHttpResponse();
   SimpleFilterChain chain = new SimpleFilterChain();
   this.filter.doFilter(request, response, chain);
   // unlike servlet filters, it's a passthrough
   assertEquals(500, response.getStatus());
 }
 @Test
 public void testUnsupportedSecurityPackagePassthrough() throws IOException, ServletException {
   SimpleFilterChain filterChain = new SimpleFilterChain();
   SimpleHttpRequest request = new SimpleHttpRequest();
   request.addHeader("Authorization", "Unsupported challenge");
   SimpleHttpResponse response = new SimpleHttpResponse();
   this.filter.doFilter(request, response, filterChain);
   // the filter should ignore authorization for an unsupported security package, ie. not return a
   // 401
   assertEquals(500, response.getStatus());
 }
  @Test
  public void testGuestIsDisabled() throws IOException, ServletException {
    String securityPackage = "Negotiate";
    SimpleFilterChain filterChain = new SimpleFilterChain();
    SimpleHttpRequest request = new SimpleHttpRequest();

    String clientToken = BaseEncoding.base64().encode("Guest".getBytes());
    request.addHeader("Authorization", securityPackage + " " + clientToken);

    SimpleHttpResponse response = new SimpleHttpResponse();
    this.filter.doFilter(request, response, filterChain);

    assertEquals(401, response.getStatus());
    assertNull(SecurityContextHolder.getContext().getAuthentication());
  }
 /**
  * Test challenge get.
  *
  * @throws IOException Signals that an I/O exception has occurred.
  * @throws ServletException the servlet exception
  */
 @Test
 public void testChallengeGET() throws IOException, ServletException {
   final SimpleHttpRequest request = new SimpleHttpRequest();
   request.setMethod("GET");
   final SimpleHttpResponse response = new SimpleHttpResponse();
   this.entryPoint.commence(request, response, null);
   final String[] wwwAuthenticates = response.getHeaderValues("WWW-Authenticate");
   Assert.assertEquals(3, wwwAuthenticates.length);
   Assert.assertEquals("NTLM", wwwAuthenticates[0]);
   Assert.assertEquals("Negotiate", wwwAuthenticates[1]);
   Assert.assertTrue(wwwAuthenticates[2].equals("Basic realm=\"TestRealm\""));
   Assert.assertEquals(2, response.getHeaderNamesSize());
   Assert.assertEquals("keep-alive", response.getHeader("Connection"));
   Assert.assertEquals(401, response.getStatus());
 }