| `minio_s3_requests_rejected_auth_total`       | Total number S3 requests rejected for auth failure.      |
| `minio_s3_requests_rejected_header_total`     | Total number S3 requests rejected for invalid header.    |
| `minio_s3_requests_rejected_invalid_total`    | Total number S3 invalid requests.                        |
| `minio_s3_requests_rejected_timestamp_total`  | Total number S3 requests rejected for invalid timestamp. |

        this.client = client;
        this.request = request;
    }

    /**
     * Executes the request.
     * @return A Promise that will be resolved with the response or rejected with an error.
     */
    public Deferred<Res>.Promise execute() {
        return request.execute(client);
    }

     * @param docPerReq The number of documents to process per request.
     * @param requestInterval The interval between requests.
     * @return A Promise that will be resolved with the SuggestIndexResponse or rejected with an error.
     */
    public Deferred<SuggestIndexResponse>.Promise indexFromQueryLog(final QueryLogReader queryLogReader, final int docPerReq,
            final long requestInterval) {

     */
    public Request() {
        // nothing
    }

    /**
     * Executes the request.
     * @param client The OpenSearch client.
     * @return A Promise that will be resolved with the response or rejected with an error.
     */
    public Deferred<T>.Promise execute(final Client client) {
        final String error = getValidationError();
        if (!Strings.isNullOrEmpty(error)) {

| `minio_api_requests_rejected_header_total`     | Total number of requests rejected for invalid header. <br><br>Type: counter    | `type`, `pool_index`, `server`               |

			// Verify if date headers are set, if not reject the request
			amzDate, errCode := parseAmzDateHeader(r)
			if errCode != ErrNone {
				if ok {
					tc.FuncName = "handler.Auth"
					tc.ResponseRecorder.LogErrBody = true
				}

				// All our internal APIs are sensitive towards Date
				// header, for all requests where Date header is not
				// present we will reject such clients.

		Help:      "Total number of S3 requests rejected for auth failure",
		Type:      counterMetric,
	}
}

func getS3RejectedHeaderRequestsTotalMD() MetricDescription {
	return MetricDescription{
		Namespace: s3MetricNamespace,
		Subsystem: requestsRejectedSubsystem,
		Name:      headerTotal,
		Help:      "Total number of S3 requests rejected for invalid header",
		Type:      counterMetric,
	}

	"sync/atomic"
	"time"

	"github.com/minio/minio/internal/dsync"
)

// Reject new lock requests immediately when this many are queued
// for the local lock mutex.
// We do not block unlocking or maintenance, but they add to the count.
// The limit is set to allow for bursty behavior,
// but prevent requests to overload the server completely.
// Rejected clients are expected to retry.
const lockMutexWaitLimit = 1000

### SSE-C Encryption

MinIO does not support SSE-C encrypted objects on replicated buckets, any application uploading SSE-C encrypted objects will be rejected with an error on replicated buckets.

#### Rationale

		// Any client can create a certificate with arbitrary key usage settings.
		//
		// However, this check ensures that a certificate with an invalid key usage
		// gets rejected even when we skip certificate verification. This helps
		// clients detect malformed certificates during testing instead of e.g.
		// a self-signed certificate that works while a comparable certificate