}

    @ParameterizedTest
    @DisplayName("Test valid usernames")
    @ValueSource(strings = { "user", "user123", "user.name", "user-name", "user_name", "******@****.***" })
    void testValidUsernames(String username) {
        assertDoesNotThrow(() -> InputValidator.validateUsername(username));
    }

    @ParameterizedTest
    @DisplayName("Test invalid usernames")
    @ValueSource(strings = { "user name", // space

    }

    /**
     * Record successful authentication
     *
     * @param username the username
     * @param sourceIp the source IP
     */
    public void recordSuccess(String username, String sourceIp) {
        if (username != null) {
            AccountAttempts account = accountAttempts.get(username);
            if (account != null) {
                account.reset();
            }
        }

## Get the `username` and `password` { #get-the-username-and-password }

We are going to use **FastAPI** security utilities to get the `username` and `password`.

OAuth2 specifies that when using the "password flow" (that we are using) the client/user must send a `username` and `password` fields as form data.

                username = username.substring(0, ci);
            } else {
                ci = username.indexOf('\\');
                if (ci > 0) {
                    domain = username.substring(0, ci);
                    username = username.substring(ci + 1);
                }
            }
        }

        this.domain = domain != null ? domain : "";
        this.username = username != null ? username : "";

        String username = "resetuser";
        String ip = "192.168.1.5";

        // Two failures
        assertTrue(rateLimiter.checkAttempt(username, ip));
        rateLimiter.recordFailure(username, ip);

        assertTrue(rateLimiter.checkAttempt(username, ip));
        rateLimiter.recordFailure(username, ip);

        // Success should reset counter
        assertTrue(rateLimiter.checkAttempt(username, ip));

            this.domain = domain;
            this.authType = authType;
            this.timestamp = System.currentTimeMillis();
            this.clientAddress = clientAddress;
            this.serverAddress = serverAddress;
        }

        public String getUsername() {
            return username;
        }

        public String getDomain() {
            return domain;
        }

        assertNotNull(exception);
        assertEquals("User is not found: " + username, exception.getMessage());
        assertNull(exception.getCause());
    }

    public void test_constructor_withUnicodeCharacters() {
        // Test with username containing Unicode characters
        String username = "ユーザー名";
        FessUserNotFoundException exception = new FessUserNotFoundException(username);

     * @param username the username to authenticate with
     * @param password the password to authenticate with
     */
    public NtlmPasswordAuthentication(String domain, String username, final String password) {
        int ci;

        if (username != null) {
            ci = username.indexOf('@');
            if (ci > 0) {
                domain = username.substring(ci + 1);
                username = username.substring(0, ci);

    * It contains the `username` and `password` sent.

{* ../../docs_src/security/tutorial006_an_py39.py hl[4,8,12] *}

When you try to open the URL for the first time (or click the "Execute" button in the docs) the browser will ask you for your username and password:

<img src="/img/tutorial/security/image12.png">

## Check the username { #check-the-username }

Here's a more complete example.

export MINIO_IDENTITY_LDAP_TLS_SKIP_VERIFY=on
```

### Variable substitution in configuration strings

In the configuration variables, `%s` is substituted with the _username_ from the STS request and `%d` is substituted with the _distinguished username (user DN)_ of the LDAP user. Please see the following table for which configuration variables support these substitution variables: