return globalAuthZPlugin
}

func setGlobalAuthNPlugin(authn *idplugin.AuthNPlugin) {
	globalAuthPluginMutex.Lock()
	globalAuthNPlugin = authn
	globalAuthPluginMutex.Unlock()
}

func setGlobalAuthZPlugin(authz *polplugin.AuthZPlugin) {
	globalAuthPluginMutex.Lock()
	globalAuthZPlugin = authz
	globalAuthPluginMutex.Unlock()
}

	"github.com/minio/minio/internal/logger"
	"github.com/minio/pkg/v3/env"
	xnet "github.com/minio/pkg/v3/net"
)

func authNLogIf(ctx context.Context, err error) {
	logger.LogIf(ctx, "authN", err)
}

// Authentication Plugin config and env variables
const (
	URL        = "url"
	AuthToken  = "auth_token"
	RolePolicy = "role_policy"
	RoleID     = "role_id"

		return ErrSTSAccessDenied
	}
}

func checkAssumeRoleAuth(ctx context.Context, r *http.Request) (auth.Credentials, APIErrorCode) {
	if !isRequestSignatureV4(r) {
		return auth.Credentials{}, ErrAccessDenied
	}

	s3Err := isReqAuthenticated(ctx, r, globalSite.Region(), serviceSTS)
	if s3Err != ErrNone {
		return auth.Credentials{}, s3Err
	}

	user, _, s3Err := getReqAccessKeyV4(r, globalSite.Region(), serviceSTS)

                    session.removeAttribute(SAML_STATE);
                    try {
                        final Auth auth = new Auth(getSettings(), request, response);
                        auth.processResponse();

                        if (!auth.isAuthenticated()) {
                            if (logger.isDebugEnabled()) {
                                logger.debug("Authentication failed.");

        NtlmPasswordAuthenticator auth1 =
                new NtlmPasswordAuthenticator("DOMAIN", "user", password1, NtlmPasswordAuthenticator.AuthenticationType.USER);

        assertEquals("DOMAIN", auth1.getUserDomain());
        assertEquals("user", auth1.getUsername());
        assertEquals("TypedPass123!", auth1.getPassword());
        assertFalse(auth1.isGuest());
        assertFalse(auth1.isAnonymous());

                auth1.equals(auth3);
                auth2.equals(auth3);
            }
            long totalTime = System.nanoTime() - startTime;

            // Should complete in reasonable time (< 10ms for 3000 operations)
            assertTrue(totalTime < 10_000_000L, "Null/empty password comparisons taking too long: " + totalTime + " ns");
        } finally {
            auth1.close();

				Body:   nopCloser,
			},
			authT: authTypePostPolicy,
		},
	}

	// .. Tests all request auth type.
	for i, testc := range testCases {
		authT := getRequestAuthType(testc.req)
		if authT != testc.authT {
			t.Errorf("Test %d: Expected %d, got %d", i+1, testc.authT, authT)
		}
	}
}

// Test all s3 supported auth types.
func TestS3SupportedAuthType(t *testing.T) {

		return authTypeAnonymous
	}
	return authTypeUnknown
}

func validateAdminSignature(ctx context.Context, r *http.Request, region string) (auth.Credentials, bool, APIErrorCode) {
	var cred auth.Credentials
	var owner bool
	s3Err := ErrAccessDenied
	if _, ok := r.Header[xhttp.AmzContentSha256]; ok &&
		getRequestAuthType(r) == authTypeSigned {

        Map<String, Object> params = new HashMap<>();
        SmbAuthentication auth1 = new SmbAuthentication();
        auth1.setUsername("testuser1");
        auth1.setPassword("test123");
        SmbAuthentication[] auths = new SmbAuthentication[] { auth1 };
        params.put("smb1Authentications", auths);
        smbClient.setInitParameterMap(params);
        smbClient.init();

        Map<String, Object> params = new HashMap<>();
        SmbAuthentication auth1 = new SmbAuthentication();
        auth1.setUsername("testuser1");
        auth1.setPassword("test123");
        SmbAuthentication[] auths = new SmbAuthentication[] { auth1 };
        params.put("smbAuthentications", auths);
        smbClient.setInitParameterMap(params);
        smbClient.init();