}
        return redirect(getClass());
    }

    /**
     * Reloads the document index by closing and reopening it.
     *
     * @param form the action form (validated but not used for configuration)
     * @return HTML response redirecting to the maintenance page
     */
    @Execute
    @Secured({ ROLE })
    public HtmlResponse reloadDocIndex(final ActionForm form) {

     * Only configured label values are accepted to prevent query injection.
     *
     * @param request the HTTP request
     * @return a map of field names to their validated filter values
     */
    protected Map<String, String[]> parseFieldFilters(final HttpServletRequest request) {
        final Map<String, String[]> fields = new HashMap<>();

        // Validate all groups
        violations = validator.validate(bean);
        assertEquals(1, violations.size()); // Only default group is validated
    }

    // Test custom message
    @Test
    public void test_customMessage() {
        CustomMessageBean bean = new CustomMessageBean();
        bean.setCronWithCustomMessage("invalid");

            }

            // SECURITY WARNING: JWT signature validation is not implemented.
            // This is a critical security vulnerability. The ID token should be validated
            // to ensure it was issued by the expected OpenID Connect provider and has not been tampered with.
            // TODO: Implement JWT signature validation using the provider's public key

    }

    /**
     * Validates the OAuth2 state parameter.
     * @param session The HTTP session containing stored state data.
     * @param state The state parameter to validate.
     * @return The validated state data.
     */
    protected StateData validateState(final HttpSession session, final String state) {
        if (StringUtils.isNotEmpty(state)) {