protected static final String ACCESS_CONTROL_ALLOW_ORIGIN = "Access-Control-Allow-Origin";

    protected static final String ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers";

    protected static final String ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods";

    protected static final String ACCESS_CONTROL_ALLOW_PRIVATE_NETWORK = "Access-Control-Allow-Private-Network";

    /**
     * 
     */
    public static final int SMB2_SHAREFLAG_FORCE_SHARED_DELETE = 0x200;
    /**
     * 
     */
    public static final int SMB2_SHAREFLAG_ALLOW_NAMESPACE_CACHING = 0x400;
    /**
     * 
     */
    public static final int SMB2_SHAREFLAG_ACCESS_BASED_DIRECTORY_ENUM = 0x800;
    /**
     * 
     */

    /** The key of the configuration. e.g. * */
    String API_CORS_ALLOW_ORIGIN = "api.cors.allow.origin";

    /** The key of the configuration. e.g. GET, POST, OPTIONS, DELETE, PUT */
    String API_CORS_ALLOW_METHODS = "api.cors.allow.methods";

    /** The key of the configuration. e.g. 3600 */
    String API_CORS_MAX_AGE = "api.cors.max.age";

    protected static final String SPNEGO_ALLOW_DELEGATION = "spnego.allow.delegation";
    protected static final String SPNEGO_ALLOW_LOCALHOST = "spnego.allow.localhost";
    protected static final String SPNEGO_PROMPT_NTLM = "spnego.prompt.ntlm";
    protected static final String SPNEGO_ALLOW_UNSECURE_BASIC = "spnego.allow.unsecure.basic";
    protected static final String SPNEGO_ALLOW_BASIC = "spnego.allow.basic";

     */
    int size ();


    /**
     * @return create cancel request
     */
    CommonServerMessageBlockRequest createCancel ();


    /**
     * @param next
     * @return whether to allow chaining
     */
    boolean allowChain ( CommonServerMessageBlockRequest next );


    /**
     * @param t
     */
    void setTid ( int t );


    /**
     * 

 * WINS for example. Natrually it is not practical for every NbtAddress
 * to be populated will all state requiring a Node Status on every host
 * encountered. The below methods allow state to be populated when requested
 * in a lazy fashon.
 */ 

    void checkData() throws UnknownHostException {
        if( hostName == UNKNOWN_NAME ) {
            getAllByAddress( this );
        }

 * with desired access bits <tt>0x00000003</tt> (<tt>FILE_READ_DATA |
 * FILE_WRITE_DATA</tt>) and the target file has the following security
 * descriptor ACEs:
 * 
 * <pre>
 * Allow WNET\alice     0x001200A9  Direct
 * Allow Administrators 0x001F01FF  Inherited
 * Allow SYSTEM         0x001F01FF  Inherited
 * </pre>
 * 
 * the access check would fail because the direct ACE has an access mask
 * of <tt>0x001200A9</tt> which doesn't have the

        httpResponse.addHeader(ACCESS_CONTROL_ALLOW_ORIGIN, origin);
        httpResponse.addHeader(ACCESS_CONTROL_ALLOW_METHODS, fessConfig.getApiCorsAllowMethods());
        httpResponse.addHeader(ACCESS_CONTROL_ALLOW_HEADERS, fessConfig.getApiCorsAllowHeaders());
        httpResponse.addHeader(ACCESS_CONTROL_MAX_AGE, fessConfig.getApiCorsMaxAge());
        httpResponse.addHeader(ACCESS_CONTROL_ALLOW_CREDENTIALS, fessConfig.getApiCorsAllowCredentials());

    protected String rolePrefix = "{role}";

    protected String groupPrefix = "{group}";

    protected String userPrefix = "{user}";

    protected String allowPrefix = "(allow)";

    protected String denyPrefix = "(deny)";

    @Resource
    protected SystemHelper systemHelper;

    public String encode(final String value) {
        if (StringUtil.isBlank(value)) {

         */


        Path krbConfig = Files.createTempFile("krb5", ".conf");
        Files.write(krbConfig,Arrays.asList("[libdefaults]", "allow_weak_crypto=true"));
        System.setProperty("java.security.krb5.conf", krbConfig.toString());