import org.dbflute.optional.OptionalEntity;

import jakarta.annotation.Resource;

/**
 * Service class for managing web authentication configurations.
 * Provides CRUD operations for web authentication settings including
 * listing, retrieving, storing, and deleting authentication configurations.
 */
public class WebAuthenticationService {

    /**
     * Default constructor.
     */

 *     .build();
 * ```
 *
 * The proxy authenticator may implement preemptive authentication, reactive authentication, or
 * both.
 *
 * Applications may configure OkHttp with an authenticator for origin servers, or proxy servers,
 * or both.
 *
 * ## Authentication Retries
 *
 * If your authentication may be flaky and requires retries you should apply some policy

import org.lastaflute.web.login.credential.LoginCredential;

/**
 * SPNEGO authentication credential implementation.
 *
 * This class represents login credentials obtained through SPNEGO (Security Provider
 * Negotiation Protocol) authentication. It contains the username extracted from the
 * SPNEGO authentication process, typically from a Kerberos ticket.
 */

/**
 * Interface for authentication chain operations.
 * Provides methods for user management and authentication operations.
 */
public interface AuthenticationChain {

    /**
     * Updates an existing user in the authentication chain.
     * @param user The user to update.
     */
    void update(User user);

    /**
     * Deletes a user from the authentication chain.
     * @param user The user to delete.

     */
    @Min(0)
    @Max(100000)
    @ValidateTypeFailure
    public Integer purgeSuggestSearchLogDay;

    /**
     * LDAP server URL for authentication.
     * Used when LDAP authentication is enabled.
     */
    @Size(max = 1000)
    public String ldapProviderUrl;

    /**
     * LDAP security principal for binding to the LDAP server.

 *
 * ### Server Authentication
 *
 * This is the most common form of TLS authentication: clients verify that servers are trusted and
 * that they own the hostnames that they represent. Server authentication is required.
 *
 * To perform server authentication:
 *
 *  * The server's handshake certificates must have a [held certificate][HeldCertificate] (a

import org.codelibs.fess.app.web.admin.webauth.EditForm;

/**
 * Request body class for web authentication edit operations in the admin REST API.
 * This class extends EditForm to inherit the necessary form validation and binding capabilities
 * for web authentication management operations.
 */
public class EditBody extends EditForm {

    /**
     * Default constructor.
     */

import org.lastaflute.web.response.JsonResponse;

import jakarta.annotation.Resource;

/**
 * API action for admin file authentication management.
 * Provides RESTful API endpoints for managing file authentication settings in the Fess search engine.
 * File authentication settings define access credentials and permissions for file-based crawling.
 *
 */
public class ApiAdminFileauthAction extends FessApiAdminAction {

 *
 * This class provides Single Sign-On (SSO) authentication using the SPNEGO protocol,
 * which is commonly used for Kerberos-based authentication in Windows environments.
 * It handles the negotiation between client and server to establish a secure
 * authentication context without requiring users to explicitly enter credentials.
 *

import jakarta.validation.constraints.Size;

/**
 * Form class for editing file authentication configurations in the admin interface.
 * This form extends CreateForm to include fields necessary for updating existing file authentication entries,
 * including tracking information for optimistic locking and audit trails.
 * File authentication configurations define access control for file system crawling operations.
 *
 */