/**
         * Check if lease has read caching
         *
         * @return true if read caching is enabled
         */
        public boolean hasReadCache() {
            return Smb2LeaseState.hasReadCaching(leaseState);
        }

        /**
         * Check if lease has write caching
         *
         * @return true if write caching is enabled
         */

     */
    boolean isAllowCompound(String command);

    /**
     * Machine identifier
     *
     * ClientGuid, ... are derived from this value.
     *
     * Normally this should be randomly assigned for each client instance/configuration.
     *
     * @return machine identifier (32 byte)
     */
    byte[] getMachineId();

    /**
     *
     *

    protected String preferredCiphers = "AES_128_GCM,AES_128_CCM,AES_256_GCM,AES_256_CCM";
    /** Whether AES-256 encryption is enabled */
    protected boolean aes256Enabled = true;
    /** Whether to use SMB2/SMB3 leases for caching */
    protected boolean useLease = true;
    /** Lease timeout in milliseconds */
    protected int leaseTimeout = 30000;
    /** Maximum number of concurrent leases */
    protected int maxLeases = 1000;

                /*
                 * The SMB_COM_NT_CREATE_ANDX response wordCount is wrong. There's an
                 * extra 16 bytes for some "Offline Files (CSC or Client Side Caching)"
                 * junk. We need to bump up the wordCount here so that this method returns
                 * the correct number of bytes for signing purposes. Otherwise we get a
                 * signing verification failure.

### Performance Optimizations
- **Caching** - Bean descriptors and reflection metadata are cached for improved performance
- **Lazy initialization** - Resources and expensive operations are initialized only when needed  
- **Memory efficient** - Specialized collections like `LruHashMap` and `ArrayMap` for memory-conscious applications
- **Java 21 features** - Switch expressions and pattern matching for reduced overhead

## Server Machine and Server Program { #server-machine-and-server-program }

There's a small detail about names to keep in mind. 💡

The word "**server**" is commonly used to refer to both the remote/cloud computer (the physical or virtual machine) and also the program that is running on that machine (e.g. Uvicorn).

Let's put that data in the Pydantic `UserInDB` model first.

You should never save plaintext passwords, so, we'll use the (fake) password hashing system.

If the passwords don't match, we return the same error.

#### Password hashing { #password-hashing }

"Hashing" means: converting some content (a password in this case) into a sequence of bytes (just a string) that looks like gibberish.

///

## Password hashing { #password-hashing }

"Hashing" means converting some content (a password in this case) into a sequence of bytes (just a string) that looks like gibberish.

Whenever you pass exactly the same content (exactly the same password) you get exactly the same gibberish.

But you cannot convert from the gibberish back to the password.

### Why use password hashing { #why-use-password-hashing }

# OAuth2 mit Password (und Hashing), Bearer mit JWT-Tokens

Da wir nun über den gesamten Sicherheitsablauf verfügen, machen wir die Anwendung tatsächlich sicher, indem wir <abbr title="JSON Web Tokens">JWT</abbr>-Tokens und sicheres Passwort-Hashing verwenden.

Diesen Code können Sie tatsächlich in Ihrer Anwendung verwenden, die Passwort-Hashes in Ihrer Datenbank speichern, usw.

Wir bauen auf dem vorherigen Kapitel auf.

## Über JWT

# OAuth2 con Password (y hashing), Bearer con tokens JWT

Ahora que tenemos todo el flujo de seguridad, hagamos que la aplicación sea realmente segura, usando tokens <abbr title="JSON Web Tokens">JWT</abbr> y hashing de contraseñas seguras.

Este código es algo que puedes usar realmente en tu aplicación, guardar los hashes de las contraseñas en tu base de datos, etc.

Vamos a empezar desde donde lo dejamos en el capítulo anterior e incrementarlo.

## Acerca de JWT