- Role-based query filtering via `RoleQueryHelper`
- Authentication: Local (UserService), LDAP, OIDC, SAML, SPNEGO, Entra ID
- Security features: AES encryption, SHA256 digest, LDAP injection prevention, password policy, rate limiting

## Naming Conventions

| Element | Convention | Example |
|---------|------------|---------|
| Classes | PascalCase | `UserService`, `FessBaseAction` |

    #   o user: (Required)
    #   o password: password plainly or path to password file (with default password)
    #       e.g. foo or df:dfprop/system-password.txt|foo
    #       (NotRequired - Default '')
    #   o isSkipIfNotFoundPasswordFileAndDefault: Does it skip the user SQL statement
    #       when using password file but not found it and also default password?
    #       (NotRequired - Default false)
    #

        assertTrue(testLdapManager.changePasswordCalled);
    }

    @Test
    public void test_changePassword_withNullPassword() {
        // Test password change with null password
        testLdapManager.changePasswordResult = false;
        testFessConfig.ldapAdminSyncPassword = false;

        boolean result = ldapChain.changePassword("testuser", null);

    }

    @Test
    public void test_createForm_setPassword() {
        final CreateForm form = new CreateForm();
        form.password = "testpassword";
        form.confirmPassword = "testpassword";
        assertEquals("testpassword", form.password);
        assertEquals("testpassword", form.confirmPassword);
    }

    @Test
    public void test_createForm_setRolesAndGroups() {

        }

        params {
            password("env.ORG_GRADLE_PROJECT_gradleS3AccessKey", "%gradleS3AccessKey%")
            password("env.ORG_GRADLE_PROJECT_gradleS3SecretKey", "%gradleS3SecretKey%")
            password("env.ORG_GRADLE_PROJECT_artifactoryUserPassword", "%gradle.internal.repository.build-tool.publish.password%")
            password("env.DOTCOM_DEV_DOCS_AWS_ACCESS_KEY", "%dotcomDevDocsAwsAccessKey%")

        }
        return redirect(getClass());
    }

    /**
     * Handles password change for the current user.
     *
     * @param form the password form containing new password and confirmation
     * @return the HTML response after password change attempt
     */
    @Execute
    public HtmlResponse changePassword(final PasswordForm form) {

     */
    void delete(User user);

    /**
     * Changes the password for the specified user.
     * @param username The username for which to change the password.
     * @param password The new password.
     * @return True if the password was successfully changed, false otherwise.
     */
    boolean changePassword(String username, String password);

    /**
     * Loads user information from the authentication chain.

        final Map<String, Object> requestBody = new HashMap<>();
        final String keyProp = NAME_PREFIX + id;
        requestBody.put(KEY_PROPERTY, keyProp);
        requestBody.put("password", "password" + id);
        requestBody.put("confirm_password", "password" + id);
        return requestBody;
    }

    @Override
    protected Map<String, Object> getUpdateMap() {
        final Map<String, Object> updateMap = new HashMap<>();

        this.parameters = value;
    }

    public String getPassword() {
        checkSpecifiedProperty("password");
        return convertEmptyToNull(password);
    }

    public void setPassword(String value) {
        registerModifiedProperty("password");
        this.password = value;
    }

    public Integer getPort() {
        checkSpecifiedProperty("port");
        return port;
    }

        this.parameters = value;
    }

    public String getPassword() {
        checkSpecifiedProperty("password");
        return convertEmptyToNull(password);
    }

    public void setPassword(String value) {
        registerModifiedProperty("password");
        this.password = value;
    }

    public Integer getPort() {
        checkSpecifiedProperty("port");
        return port;
    }