@Test
    @DisplayName("reauthenticate throws CIFSException when underlying call fails")
    void reauthenticate_throws() throws CIFSException {
        doThrow(new CIFSException("reauth failed")).when(session).reauthenticate();
        CIFSException ex = assertThrows(CIFSException.class, () -> session.reauthenticate());
        assertTrue(ex.getMessage().contains("failed"));

		"Count of offline nodes in the cluster")
	healthNodesOnlineCountMD = NewGaugeMD(healthNodesOnlineCount,
		"Count of online nodes in the cluster")
)

// loadClusterHealthNodeMetrics - `MetricsLoaderFn` for cluster health node
// metrics.
func loadClusterHealthNodeMetrics(ctx context.Context, m MetricValues,
	c *metricsCache,
) error {
	nodesUpDown, _ := c.nodesUpDown.Get()

	m.Set(healthNodesOfflineCount, float64(nodesUpDown.Offline))

# HTTP Basic Auth { #http-basic-auth }

For the simplest cases, you can use HTTP Basic Auth.

In HTTP Basic Auth, the application expects a header that contains a username and a password.

If it doesn't receive it, it returns an HTTP 401 "Unauthorized" error.

And returns a header `WWW-Authenticate` with a value of `Basic`, and an optional `realm` parameter.

That tells the browser to show the integrated prompt for a username and password.

    private int[] hashAlgos;
    private byte[] salt;

    /**
     * Constructs a preauth integrity negotiate context with the specified parameters.
     *
     * @param config the SMB configuration
     * @param hashAlgos the supported hash algorithms
     * @param salt the salt value for preauth integrity
     */

## Liveness probe

This probe always responds with '200 OK'. Only fails if 'etcd' is configured and unreachable. When liveness probe fails, Kubernetes like platforms restart the container.

```
livenessProbe:
  httpGet:
    path: /minio/health/live
    port: 9000
    scheme: HTTP
  initialDelaySeconds: 120

	// to make parsing easier.
	v4Auth = strings.ReplaceAll(v4Auth, " ", "")
	if v4Auth == "" {
		return sv, ErrAuthHeaderEmpty
	}

	// Verify if the header algorithm is supported or not.
	if !strings.HasPrefix(v4Auth, signV4Algorithm) {
		return sv, ErrSignatureVersionNotSupported
	}

	// Strip off the Algorithm prefix.
	v4Auth = strings.TrimPrefix(v4Auth, signV4Algorithm)

		return errors.New("the account name is required")
	case conf.AccountKey != "" && (conf.SPAuth.TenantID != "" || conf.SPAuth.ClientID != "" || conf.SPAuth.ClientSecret != ""):
		return errors.New("multiple authentication mechanisms are provided")
	case conf.AccountKey == "" && (conf.SPAuth.TenantID == "" || conf.SPAuth.ClientID == "" || conf.SPAuth.ClientSecret == ""):
		return errors.New("no authentication mechanism was provided")
	}

          ETCD_ADVERTISE_CLIENT_URLS: "http://0.0.0.0:2379"
        ports:
          - "2379:2379"
        options: >-
          --health-cmd "etcdctl endpoint health"
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
      openid:
        image: quay.io/minio/dex
        ports:
          - "5556:5556"
        env:
          DEX_LDAP_SERVER: "openldap:389"

 * either express or implied. See the License for the specific language
 * governing permissions and limitations under the License.
 */
package org.codelibs.fess.app.web.api.admin.webauth;

import static org.codelibs.fess.app.web.admin.webauth.AdminWebauthAction.getWebAuthentication;

import java.util.List;
import java.util.stream.Collectors;

import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

		ACB_NOT_DELEGATED          = 0x00004000, /* 1 = Not delegated */
		ACB_USE_DES_KEY_ONLY       = 0x00008000, /* 1 = Use DES key only */
		ACB_DONT_REQUIRE_PREAUTH   = 0x00010000  /* 1 = Preauth not required */
	} SamrAcctFlags;

	[op(0x01)]
	int SamrCloseHandle([in] policy_handle *handle);

	[op(0x39)]
	int SamrConnect2([in,string,unique] wchar_t *system_name,
			[in] uint32_t access_mask,